View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions The renewal file for Certbot is broken
Log in to Ask a Question

The renewal file for Certbot is broken

ssl

Hi!
I was trying to use the command below to test the automatic renewal of Certbot

sudo certbot renew --dry-run.

And this come up

Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 67, in _reconstitute
renewal_candidate = storage.RenewableCert(full_path, config)
File "/usr/lib/python3/dist-packages/certbot/storage.py", line 444, in init
"file reference".format(self.configfile))
certbot.errors.CertStorageError: renewal config file {'renew_hook': 'systemctl reload rabbitmq'} is missing a required file reference
Renewal configuration file /etc/letsencrypt/renewal/example.com.conf is broken. Skipping.

How can I repair the file? Or I mean… What should I do?
I'm totally new at these… Please help, thank you so much!

6 Replies

certbot.errors.CertStorageError: renewal config file {'renew_hook': 'systemctl reload rabbitmq'} is missing a required file reference

Are you really using rabbitmq? From apt-cache search rabbitmq:

librabbitmq4 - AMQP client library written in C

See: https://en.wikipedia.org/wiki/Advanced_Message_Queuing_Protocol for info on AMQP.

If you aren't (and I suspect this is the case), then you need to edit this out of your certbot config file:

/etc/letsencrypt/renewal/example.com.conf

You can read more about certbot here:

https://certbot.eff.org/docs/using.html

-- sw

Hi, thanks for replying!
I use command apt-cache search rabbitmq
It do shows

librabbitmq4 - AMQP client library written in C

Does it means I use rabbitmq?
(but I don't remember I installed it before…)

And would you please tell me the next step?
I tried to delete all the files under renewal files, and uninstall certbot python-certbot-apache. Then install it again.
However, it now shows

sudo certbot --apache -d mydomain.com -d www.mydomain.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Error while running apache2ctl configtest.
Action 'configtest' failed.
The Apache error log may have more information.

apache2: Syntax error on line 225 of /etc/apache2/apache2.conf: Syntax error on line 14 of /etc/apache2/sites-enabled/mydomain.com-le-ssl.conf: Could not open configuration file /etc/letsencrypt/options-ssl-apache.conf: No such file or directory

The apache plugin is not working; there may be problems with your existing configuration.
The error was: MisconfigurationError("Error while running apache2ctl configtest.\nAction 'configtest' failed.\nThe Apache error log may have more information.\n\napache2: Syntax error on line 225 of /etc/apache2/apache2.conf: Syntax error on line 14 of /etc/apache2/sites-enabled/mydomain.com-le-ssl.conf: Could not open configuration file /etc/letsencrypt/options-ssl-apache.conf: No such file or directory\n")

Thanks again and sorry there's a lots of questions.
I'm so confused, also thinking about rebuilding my linode.
Just start everything all over.

@cindywill317 --

You write:

Does it means I use rabbitmq?

No, it means it's available to install if you want it. To see what's installed, use

apt list --installed

You also write:

However, it now shows…

You have a syntax error in this file:

Syntax error on line 14 of /etc/apache2/sites-enabled/mydomain.com-le-ssl.conf

because this file is missing:

Could not open configuration file /etc/letsencrypt/options-ssl-apache.conf: No such file or directory

This is a standard part of the letsencrypt package. Perhaps it's hiding someplace else? Did you install letsencrypt directly from https://letsencrypt.org or did you use apt(8)?

You also write:

I'm so confused, also thinking about rebuilding my linode.
Just start everything all over.

I don't think you have to go that far…maybe just start over with letsencrypt

-- sw

I did use Snapd to install Certbot as they recommended.
Now I try to remove snapd and using

sudo apt purge snapd

It shows

Purging configuration files for snapd (2.37.4-1+b1) …
Final directory cleanup
Discarding preserved snap namespaces
Removing extra snap-confine apparmor rules
Removing snapd cache
rm: cannot remove '/var/cache/snapd/aux': Is a directory
dpkg: error processing package snapd (--purge):
installed snapd package post-removal script subprocess returned error exit status 1
Errors were encountered while processing:
snapd
E: Sub-process /usr/bin/dpkg returned an error code (1)

Looks like I cannot remove it clearly?

And now the command

sudo certbot renew --dry-run

Shows

Saving debug log to /var/log/letsencrypt/letsencrypt.log

** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)

No renewals were attempted.
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)

Thank you so much for your help!
(Since it's not a Linode problem, I think I should go to Certbot or Letsencrypt to ask them for help.)

You’re welcome… I don’t use snapd…it’s an Ubuntu thing. I don’t use Ubuntu.

I suggest you ask Ubuntu how to uninstall a snap.

— sw

Okay! I'll ask them for that. Thanks!

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct