Autorenewal not working.

[dewzor]

Thanks for this awesome script!

Only one problem, and its a big one. Autorenewal is not working as it should. I use this script on 5 sites and ive found three of them unable to auto renew. So when i visit the site i suddenly get SSL warning etc. This is absolutely terrible for the sites rankings.

I would be very grateful if you could fix this as this is an awesome script, simple to use. When i manually run rwssl, it renews without any issue at all.

[oadslug]

I’m experiencing the same issue. I suspect the problem might have something to do with the cron task not being run from the correct environment, perhaps. For example, I notice that if I run the same command manually while logged in as root, it renews correctly. But when run from cron (saved in the root cron file), I get the following error (via email).

/bin/sh: 1: sudo service nginx-sp stop && yes | letsencrypt --standalone renew &>/dev/null && service nginx-sp start && service nginx-sp reload: not found

Unfortuanately, I don’t know exactly how to resolve this, as my understanding of shell environments is pretty limited. Any help would be much appreciated.

And btw, thank you for the script! Other than this issue, it’s a life saver. I suspect the answer is probably quite simple.

[wikrie]

If somebody found an answer could you please update:
https://askubuntu.com/questions/1033316/letsencrypt-auto-renew-cronjob-failing

[oadslug]

After some testing, I've made some progress:

1. The crontab should be run using 'bash' (not the default 'sh'), because:
   • &>/dev/null is bash syntax ('sh' would be >/dev/null 2>&1)
   • sh does not recognize commands in quotation marks (produces 'not found' error).
2. The crontab should define the default PATH variables.
3. If the crontab is run under root, then don't need to use 'sudo' (although probably doesn't hurt).

To edit the root crontask, use sudo crontab -e -u root

My final crontab file looks like this:

SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
  
@monthly service nginx-sp stop && yes | letsencrypt --standalone renew &>/dev/null && service nginx-sp start && service nginx-sp reload
#

I'll test this more and see if it's a full fix, and report back.

Note: In terms of fixing the original script, might want to wrap the command in a bash subshell to make sure it gets run in bash (from Ubunto SE):

bash -c "bashcommand"

[rehmatworks]

Thanks for the input from all. I've upgraded the script and now it should be working fine as well as it is much more user-friendly now. Please reclone the script and you will be able to do much more with great ease.

[alexcroox]

If I'm on an older version (not sure how to check which) from earlier this year. How do I update and install the required cron job fixes? (Mine fails to auto renew currently)

[rehmatworks]

Hi Alex, The script has a bug and I'll be spending time this weekend to fix it. And then you can install the latest version of rwssl that will add the CRON job for you. If you need to add the CRON job manually, I'll send you the instructions.

…

On Sat, Oct 3, 2020 at 2:31 AM Alex ***@***.***> wrote: If I'm on an older version (not sure how to check which) from earlier this year. How do I update and install the required cron job fixes? (Mine fails to auto renew currently) — You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub <#8 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AFTWRC75FLWJQPML4Y3KSLTSIZBDDANCNFSM4E5RZTOQ> .