Package: certbot
Version: 2.1.0-4
Severity: important
X-Debbugs-Cc: re...@ineedsome.info

Dear Maintainer,

   * What led up to the situation?

I visited my website and I got an SSL security exception in my browser.


   * What exactly did you do (or not do) that was effective (or
     ineffective)?

I had to manually run certbot and request new certificates for my domains.

   * What was the outcome of this action?

My domain names received a certificate.

   * What outcome did you expect instead?

I expected certbot to automatically renew my certificates.


PLease review this cerbot log...


2023-10-29 04:57:25,778:INFO:certbot._internal.auth_handler:Performing the 
following challenges:
2023-10-29 04:57:25,779:INFO:certbot._internal.auth_handler:http-01 challenge 
for ineedsome.info
2023-10-29 04:57:25,779:INFO:certbot._internal.auth_handler:http-01 challenge 
for www.ineedsome.info
2023-10-29 04:57:25,783:DEBUG:certbot._internal.error_handler:Encountered 
exception:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 
86, in handle_authorizations
    resps = self.auth.perform(achalls)
            ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/webroot.py", 
line 109, in perform
    self._set_webroots(achalls)
  File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/webroot.py", 
line 126, in _set_webroots
    new_webroot = self._prompt_for_webroot(achall.domain,
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/webroot.py", 
line 143, in _prompt_for_webroot
    webroot = self._prompt_with_webroot_list(domain, known_webroots)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/webroot.py", 
line 157, in _prompt_with_webroot_list
    code, index = display_util.menu(
                  ^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/display/util.py", line 80, in 
menu
    return obj.get_display().menu(message, choices, default=default, 
cli_flag=cli_flag,
           
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/display/obj.py", line 
470, in menu
    raise self._interaction_fail(message, cli_flag, "Choices: " + repr(choices))
certbot.errors.MissingCommandlineFlag: Missing command line flag or config 
entry for this setting:
Select the webroot for ineedsome.info:
Choices: ['Enter a new webroot', '/var/www/ineedsome']

(You can set this with the --webroot-path flag)



As you can see there, it had the location of my webroot, but it did not use it. 
Instead it wanted the webroot to be entered.

I checked the .conf files for my domains and they include the correct webroot 
for all of my domains. 
For some reason, certbot is not using this info when it tries to renew the 
domains.

I have serveral certbot certificates. Two of my certificates use ecdsa and one 
uses rsa. I did not specify that,
it chose that on its own. It seems that the rsa certificate did auto renew and 
the two ecdsa certificates did not auto renew.

I can give you more logs if you need them.

I got some emails from letsencrypt saying that my domains needed to be renewed. 
I guess this was a sign that something was not
working correctly.


-- System Information:
Debian Release: 12.2
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-13-amd64 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages certbot depends on:
ii  debconf [debconf-2.0]  1.5.82
ii  python3                3.11.2-1+b1
ii  python3-certbot        2.1.0-4

certbot recommends no packages.

Versions of packages certbot suggests:
pn  python-certbot-doc      <none>
pn  python3-certbot-apache  <none>
pn  python3-certbot-nginx   <none>

-- debconf information:
  certbot/remove_live_certs: true

Reply via email to