Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automatic wild-card domain renewal #7

Closed
tb-lund opened this issue Apr 23, 2019 · 2 comments
Closed

Automatic wild-card domain renewal #7

tb-lund opened this issue Apr 23, 2019 · 2 comments

Comments

@tb-lund
Copy link

tb-lund commented Apr 23, 2019
edited

Hi Runfalk,

Thank you for great work with the loopia authenticator. I'm using it for wild-card domains and it is working very well for manual renewal. However, I'm having significant issues getting it working for automatic renewal of wild-card domains.

The manual renewal works well using the following command:

certbot certonly --authenticator certbot-loopia:auth --preferred-challenges=dns-01 --email email@gmail.com --certbot-loopia:auth-credentials /etc/letsencrypt/credentials.ini --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d *.myDOMAIN.se.

However, when I try to set it up automatically using a "/etc/letsencrypt/renewal/myDOMAIN.se.conf configuration file, I run into complications. I cannot get it to identify the "certbot-loopia:auth-credentials" argument. I have tried the different wording in the readme on this from ""certbot_loopia:auth_credentials", "certbot-loopia:credentials" and "certbot_loopia:credentials" but I always get errors looking at journalctl -u certbot-renewal.service

The error is:
Renewal configuration file /etc/letsencrypt/renewal/myDOMAIN.conf (cert: myDOMAIN.se) produced an unexpected error: 'Namespace' object has no attribute 'certbot_loopia:auth_credentials'. Skipping

My myDOMAIN.conf file looks like this:

# renew_before_expiry = 30 days
version = 0.28.0
archive_dir = /etc/letsencrypt/archive/myDOMAIN.se
cert = /etc/letsencrypt/live/myDOMAIN.se/cert.pem
privkey = /etc/letsencrypt/live/myDOMAIN.se/privkey.pem
chain = /etc/letsencrypt/live/myDOMAIN.se/chain.pem
fullchain = /etc/letsencrypt/live/myDOMAIN.se/fullchain.pem

# Options used in the renewal process
[renewalparams]
authenticator = certbot-loopia:auth
certbot-loopia:auth-credentials = /etc/letsencrypt/credentials.ini
account = d98eab539ee4f9765ac7d4b473edad3f
pref_challs = dns-01,
server = https://acme-v02.api.letsencrypt.org/directory

I'm running this in a minimal container running Debian 9 and Nginx.

Thank you for the help and a great tool!
@runfalk
Copy link
Owner

runfalk commented Apr 23, 2019

Hi, glad you like it. It could be that you have installed certbot in multiple ways and one version doesn't have the Loopia plugin. Try to remove all certbot deb packages and only install through pip.

What does your systemd unit file look like?

@tb-lund
Copy link
Author

tb-lund commented Apr 23, 2019

Hi! Thank you for the prompt and helpful reply. This may indeed have been the case. I have now removed the other certbot install. Should do it!

@tb-lund tb-lund closed this as completed Apr 23, 2019
@Lockzi Lockzi mentioned this issue Aug 22, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@runfalk @tb-lund