Getting error while generating le cert

Discussion in 'General' started by PetrCZE, Apr 22, 2021.

  1. PetrCZE

    PetrCZE New Member

    Hello, I have some troubles while generating LE cert. If I tick a LE generate certificate option in ISPConfig, ISPConfig unsuccessfully tries to generate cert.

    Certbot is installed on the server, and generating certificates fine, if I run "certbot certonly" command. Acme.sh is not installed.

    Do you have please any tips, whats going wrong? Thank you.

    /var/log/letsencrypt/letsencrypt.log
    Code:
    2021-04-22 13:09:18,685:DEBUG:certbot.log:Exiting abnormally:
    Traceback (most recent call last):
      File "/usr/bin/certbot", line 11, in <module>
        load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')()
      File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main
        return config.func(config, plugins)
      File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew
        renewal.handle_renewal_request(config)
      File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request
        raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format(
    certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
    2021-04-22 23:28:27,468:DEBUG:certbot.main:certbot version: 0.40.0
    2021-04-22 23:28:27,468:DEBUG:certbot.main:Arguments: ['-n', '--text', '--agree-tos', '--cert-name', 'xx', '--authenticator', 'webroot', '--server', 'https://acme-v02.api.letsencrypt.org/directory', '--rsa-key-size', '4096', '--email', '[email protected]', '--webroot-map', '{"xx":"\\/usr\\/local\\/ispconfig\\/interface\\/acme"}']
    2021-04-22 23:28:27,469:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
    2021-04-22 23:28:27,473:DEBUG:certbot.log:Root logging level set at 20
    2021-04-22 23:28:27,473:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
    2021-04-22 23:28:27,474:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2021-04-22 23:28:27,474:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
    Description: Place files in webroot directory
    Interfaces: IAuthenticator, IPlugin
    Entry point: webroot = certbot.plugins.webroot:Authenticator
    Initialized: <certbot.plugins.webroot.Authenticator object at 0x7fd28cd438e0>
    Prep: True
    2021-04-22 23:28:27,474:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7fd28cd438e0> and installer None
    2021-04-22 23:28:27,474:INFO:certbot.plugins.selection:Plugins selected: Authenticator webroot, Installer None
    2021-04-22 23:28:27,478:DEBUG:certbot.log:Exiting abnormally:
    Traceback (most recent call last):
      File "/bin/letsencrypt", line 11, in <module>
        load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')()
      File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main
        return config.func(config, plugins)
      File "/usr/lib/python3/dist-packages/certbot/main.py", line 1249, in certonly
        le_client = _init_le_client(config, auth, installer)
      File "/usr/lib/python3/dist-packages/certbot/main.py", line 607, in _init_le_client
        acc, acme = _determine_account(config)
      File "/usr/lib/python3/dist-packages/certbot/main.py", line 515, in _determine_account
        acc = display_ops.choose_account(accounts)
      File "/usr/lib/python3/dist-packages/certbot/display/ops.py", line 84, in choose_account
        code, index = z_util(interfaces.IDisplay).menu(
      File "/usr/lib/python3/dist-packages/certbot/display/util.py", line 503, in menu
        self._interaction_fail(message, cli_flag, "Choices: " + repr(choices))
      File "/usr/lib/python3/dist-packages/certbot/display/util.py", line 466, in _interaction_fail
        raise errors.MissingCommandlineFlag(msg)
    certbot.errors.MissingCommandlineFlag: Missing command line flag or config entry for this setting:
    Please choose an account
    Choices: ['[email protected]:41:34Z (f57b)', '[email protected]:50:07Z (e8ba)']
    2021-04-22 23:28:27,666:DEBUG:certbot.main:certbot version: 0.40.0
    2021-04-22 23:28:27,666:DEBUG:certbot.main:Arguments: ['--domains', 'xx']
    2021-04-22 23:28:27,667:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
    2021-04-22 23:28:27,671:DEBUG:certbot.log:Root logging level set at 20
    2021-04-22 23:28:27,671:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
    
    cron command
    Code:
    [email protected] ~ # /usr/local/ispconfig/server/server.sh
    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator webroot, Installer None
    Missing command line flag or config entry for this setting:
    Please choose an account
    Choices: ['[email protected]:41:34Z (f57b)', '[email protected]:50:07Z (e8ba)']
    PHP Warning:  symlink(): File exists in /usr/local/ispconfig/server/plugins-available/apache2_plugin.inc.php on line 1939
    finished server.php.
    XX is only censorship of real urls/hostnames.
     
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Follow
    https://www.howtoforge.com/community/threads/please-read-before-posting.58408/
    which has also info on failing LE cert creation.
    Note that issuing certbot commands on the command line makes a mess of the certificate setup ISPConfig created, and it stops working until fixed.
    You may have created two (or several) Let's Encrypt accounts, and should remove the extra accounts so only one remains.
     
    Last edited: Apr 23, 2021
    PetrCZE and Th0m like this.
  3. PetrCZE

    PetrCZE New Member

    Hello, yes, thank you, it was caused by duplicate LE account.
     

Share This Page