I guess you should back up the file and delete it. Certbot probably got confused by the other issue and created it, but I've never seen it happen before. Very strange that that privkey8.pem file exists. Thanks! /etc/letsencrypt/archive/total 60ĭrwxr-xr-x 2 root root 4096 Sep 1 00:04. This is a debian 7.11 machine and it’s using a version of certbot-auto I found here for older operating systems as the newer self-upgrading certbot wants to use a version of pip which doesn’t seem to work right on this box.Īnyways, here’s the output from the letsencrypt etc directorty: OSError: File exists: ‘/etc/letsencrypt/archive/ 10:54:38,026:ERROR:certbot.log:An unexpected error occurred: Os.open(path, os.O_CREAT | os.O_EXCL | os.O_RDWR, *open_args), With util.safe_open(target, “wb”, chmod=BASE_PRIVKEY_MODE) as f:įile “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/util.py”, line 229, in safe_open Lineage.save_successor(prior_version, new_cert, new_key.pem, new_chain, config)įile “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/storage.py”, line 1104, in save_successor Renewal.renew_cert(config, domains, le_client, lineage)įile “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/renewal.py”, line 317, in renew_cert Lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)įile “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py”, line 116, in _get_and_save_cert 10:54:38,022:DEBUG:certbot.log:Exiting abnormally:įile “/opt/eff.org/certbot/venv/bin/letsencrypt”, line 11, inįile “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py”, line 1365, in mainįile “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py”, line 1250, in certonly Strict-Transport-Security: max-age=604800Ĭache-Control: max-age=0, no-cache, no-store 10:54:38,020:DEBUG:acme.client:Received response:Ĭontent-Type: application/pem-certificate-chain 10:54:31,881:DEBUG:nnectionpool:Resetting dropped connection: 10:54:31,880:DEBUG:acme.client:Sending GET request to. 10:54:31,880:DEBUG:acme.client:Retrying request with GET. Content-Type must be “application/jose+json” Urn:ietf:params:acme:error:malformed :: The request message was malformed :: Invalid Content-Type header on POST. 10:54:31,880:DEBUG:acme.client:Error during a POST-as-GET request, your ACME CA may not support it: OSError: File exists: ‘/etc/letsencrypt/archive/Please see the logfiles in /var/log/letsencrypt for more details. Plugins selected: Authenticator webroot, Installer None Saving debug log to /var/log/letsencrypt/letsencrypt.log certbot-auto.1 certonly -webroot -renew-by-default -w /var/www/htdocs -no-bootstrap -no-self-upgrade -domains Sorry for the delay, it’s been a busy week and this domain was lower priority for me. output of certbot -version or certbot-auto -version if you’re using Certbot): I’m using a control panel to manage my site (no, or provide the name and version of the control panel): I can login to a root shell on my machine (yes or no, or I don’t know): The operating system my web server runs on is (include version): ), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help. ![]() Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. Note: you must provide your domain name to get help. Please fill out the fields below so we can help you better. That error probably indicates that something is wrong with /etc/letsencrypt/archive/ or /etc/letsencrypt/live/ – likely that some of the directories have been moved around, and Certbot is unable to make sense of it.Įven if /etc/letsencrypt/ is badly damaged, you can keep your website running with one of the current certificates as long as you have a private key from /etc/letsencrypt/archive/ or /etc/letsencrypt/keys/.Ĭan you post the output of “ sudo ls -alR /etc/letsencrypt/” and “ sudo certbot certificates”? ![]() ![]() ![]() Do you have copies any of the 1 or 2 dozen unexpired certificates that exist? Or at least their private keys?ĭo you really need another certificate immediately?
0 Comments
Leave a Reply. |