Troubleshoot When Let's Encrypt Renewal Is Not Working

January 21, 2019

Check renewal configuration at /etc/letsencrypt/renewal/.

Content of www.mydomain.com.

# renew_before_expiry = 30 days
version = 0.22.2
archive_dir = /etc/letsencrypt/archive/www.mydomain.com
cert = /etc/letsencrypt/live/www.mydomain.com/cert.pem
privkey = /etc/letsencrypt/live/www.mydomain.com/privkey.pem
chain = /etc/letsencrypt/live/www.mydomain.com/chain.pem
fullchain = /etc/letsencrypt/live/www.mydomain.com/fullchain.pem

# Options used in the renewal process
[renewalparams]
authenticator = webroot
installer = nginx
account = bf2a***

Test renewal.

certbot renew --cert-name www.mydomain.com --dry-run

My original renewal through webroot authenticator is failing because of missing /.well-known/acme-challenge directory.

I switch to nginx authentication to solve the issue.

certbot renew --cert-name www.mydomain.com --nginx

List all certbox certificates.

certbot certificates
This work is licensed under a
Creative Commons Attribution-NonCommercial 4.0 International License.