Hi,
My Nextbox is not able to renew the TLS certificates. I had a look at the logs, and there are repeated errors, both in letsencrypt.log and nextbox.log, e.g.
2022-01-27 00:24:48,960:INFO:certbot.hooks:Output from nextbox-desec-hook.sh:
Deleting challenge XXXX ...
e[32mToken deleted. Returning to certbot.e[0m
2022-01-27 00:24:48,961:ERROR:certbot.hooks:Error output from nextbox-desec-hook.sh:
curl: (22) The requested URL returned error: 401
curl: (22) The requested URL returned error: 401
curl: (22) The requested URL returned error: 401
2022-01-27 00:24:48,964:WARNING:certbot.renewal:Attempting to renew cert (AAA.dedyn.io) from /srv/letsencrypt/renewal/AAA.dedyn.io.conf produced an unexpected error: Failed authorization procedure. AAA.dedyn.io (dns-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.AAA.dedyn.io - check that a DNS record exists for this domain. Skipping.
2022-01-27 00:24:48,980:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 465, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1193, in renew_cert
renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 116, in _get_and_save_cert
renewal.renew_cert(config, domains, le_client, lineage)
File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 323, in renew_cert
new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 353, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 389, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
self._respond(aauthzrs, resp, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 168, in _respond
self._poll_challenges(aauthzrs, chall_update, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 239, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. AAA.dedyn.io (dns-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.AAA.dedyn.io - check that a DNS record exists for this domain
2022-01-27 00:24:48,981:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2022-01-27 00:24:48,982:ERROR:certbot.renewal: /srv/letsencrypt/live/AAA.dedyn.io/fullchain.pem (failure)
2022-01-27 00:24:48,983:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 11, in <module>
load_entry_point('certbot==0.31.0', 'console_scripts', 'certbot')()
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1365, in main
return config.func(config, plugins)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1272, in renew
renewal.handle_renewal_request(config)
File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 490, in handle_renewal_request
len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2022-01-27 03:22:32,526:DEBUG:certbot.main:certbot version: 0.31.0
How get it to be renewed?
Thanks for any hints!