letsencrypt stop working - Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
root@ns1:/etc/cron.daily# ./letsencrypt
Saving debug log to /var/log/letsencrypt/letsencrypt.log-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/quebeclabradoodle.com.conf
-------------------------------------------------------------------------------
Cert is due for renewal, auto-renewing...
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Attempting to renew cert from /etc/letsencrypt/renewal/quebeclabradoodle.com.conf produced an unexpected error: HTTPSConnectionPool(host='acme-v01.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError(': Failed to establish a new connection: [Errno -2] Name or service not known',)). Skipping.-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/budgetweb.co.conf
-------------------------------------------------------------------------------
Cert is due for renewal, auto-renewing...
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Attempting to renew cert from /etc/letsencrypt/renewal/budgetweb.co.conf produced an unexpected error: HTTPSConnectionPool(host='acme-v01.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError(': Failed to establish a new connection: [Errno -2] Name or service not known',)). Skipping.All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/quebeclabradoodle.com/fullchain.pem (failure)
/etc/letsencrypt/live/budgetweb.co/fullchain.pem (failure)
2 renew failure(s), 0 parse failure(s)
Saving debug log to /var/log/letsencrypt/letsencrypt.log-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/quebeclabradoodle.com.conf
-------------------------------------------------------------------------------
Cert is due for renewal, auto-renewing...
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Attempting to renew cert from /etc/letsencrypt/renewal/quebeclabradoodle.com.conf produced an unexpected error: HTTPSConnectionPool(host='acme-v01.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError(': Failed to establish a new connection: [Errno -2] Name or service not known',)). Skipping.-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/budgetweb.co.conf
-------------------------------------------------------------------------------
Cert is due for renewal, auto-renewing...
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Attempting to renew cert from /etc/letsencrypt/renewal/budgetweb.co.conf produced an unexpected error: HTTPSConnectionPool(host='acme-v01.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError(': Failed to establish a new connection: [Errno -2] Name or service not known',)). Skipping.All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/quebeclabradoodle.com/fullchain.pem (failure)
/etc/letsencrypt/live/budgetweb.co/fullchain.pem (failure)
2 renew failure(s), 0 parse failure(s)
Solution
The problem is the end of life of ACMEv1
The only solution is to upgrade certbot, in case of Debian 8, you need to upgrade to Debian 9 in order to get a recent enough version of certbot.
$ sudo apt-get install certbot
References
https://community.letsencrypt.org/t/how-can-i-update-from-acmev1-to-acmev2/136578
https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430/18
Recent Comments