0 votes
by Talented

The periodic certificate renewal script produces errors when trying to find directories for deleted sites.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/domain.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for domain.com
http-01 challenge for www.domain.com
Cleaning up challenges
Encountered exception during recovery:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 75, in handle_authorizations
    resp = self._solve_challenges(aauthzrs)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 132, in _solve_challenges
    resp = self.auth.perform(all_achalls)
  File "/usr/lib/python3/dist-packages/certbot/plugins/webroot.py", line 83, in perform
  File "/usr/lib/python3/dist-packages/certbot/plugins/webroot.py", line 172, in _create_challenge_dirs
    stat_path = os.stat(path)
FileNotFoundError: [Errno 2] No such file or directory: '/var/www/domain.com/htdocs'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/error_handler.py", line 108, in _call_registered
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 316, in _cleanup_challenges
  File "/usr/lib/python3/dist-packages/certbot/plugins/webroot.py", line 224, in cleanup
FileNotFoundError: [Errno 2] No such file or directory: '/var/www/domain.com/htdocs/.well-known/acme-challenge/kG9voZCMKPfUglO3vWWyMtL7U0okiliteXwbeIQbniXs'
Attempting to renew cert (domain.com) from /etc/letsencrypt/renewal/domain.com.conf produced an unexpected error: [Errno 2] No such file or directory: '/var/www/domain.com/htdocs'. Skipping.
by Expert

In the latest Webinoly update I have included a lot of improvements in the SSL area, especially for "Orphan-SSL Certs".

  • Now you can remove an orphan SSL cert with sudo site domain.com -ssl=off even if that site doesn't even exist.
  • Verify command now detect and alert about orphan-certs, if found.
  • When you remove/delete a site you are asked if you want to revoke the associated SSL cert, if found.

1 Answer

0 votes
by Expert

Yes, you should remove/revoke your certs before deleting a site. That's expected!

  • We don't remove certs automatically because they can be reused if you create your site again.
  • Let's Encrypt have rate limits, so you should not removing/revoking your certs every time you create a site, thinking in the dev process where can be common, start a new site several times.
  • Even if you disable the SSL you must explicitly chose the option to revoke the SSL cert and not just de-activate it temporaly.
I don't know, maybe I should think in a workaround to deal with orphan certs.
Welcome to the Community site for Webinoly.

Our Optimized LEMP Web Server is a powerful set of commands for doing just about anything you could wish.

With Webinoly you can set up your NGINX web server in just one step.

* * * * * * *

If you have a question about Webinoly, please ask in English or Spanish.

To report a bug, please ask a question here with the bug tag.


Webinoly Support Paypal Donations Webinoly Support Bitcoin Donations GitHub Sponsors

Your regular donations is what keep this project moving forward. If you like Webinoly, buy me a coffee or a beer to show support.

Affiliate Links

It is very important that any visitor to the site read the disclaimer, terms of use and privacy and legal statement before start browsing.