Let's Encyrpt auto renewal keeps failing


#1

I would like to get auto renew working again but in case it is relevant, when I try to do a manual renewal, I get

“Connection unexpectedly closed”.

I then have to remove LE and then re-add it to get it working again but that doesn’t fix the auto-renewal issue even though it says “Creating Cron Job for cert auto-renewal”.

Crontab returns the followng:

`0 0 * * 0 ee site update --le=renew --all 2> /dev/null # Renew all letsencrypt SSL cert. Set by EasyEngine`

Any ideas?


#2

hi @jaroo if this happens again, try running the letsencrypt manually. using

/opt/letsencrypt/certbot-auto certonly --webroot --webroot-path=/var/www/example.in/htdocs -d example.com

So that we can trace the issues more easily.


#3

What should happen after I do that?


#4

it will get the certificates from let’s encrypt server, incase if it fails you can see the exact error, why it failed. Also have a look into LE logs /var/log/letsencrypt/letsencrypt.log


#5

I ran this and it ran successfully, at least it said it did. However, when I go to the domain, it is showing as insecure.

If I run it again, it says the cert is valid etc. If I try to do ee site update domain.com --le=renew it says “More than 30 days left for certificate Expiry. Not renewing now.”

I had a look at the LE log and didn’t see any errors for this domain.


#6

Just an update - may have just been caching as site is showing as secure now. Still don’t understand why the renewal isn’t happening automatically :confused:


#7

@jaroo most probably beause you have not pointed “www.domain.com” to server IP address in the DNS. point “www” to same IP. Else you may use steps mentioned here Let’s Encrypt manual vs ee install


#8

www is pointed to the name IP address in DNS. When I run the command you indicate, I get SSl is already configured for given site


#9