# Email von Let' encript



## vikozo (8. Dez. 2017)

guten Tag
ich bekomme Emails das mein certifikat ".... will expire in 9 days (on 17 Dec 17 20:21 +0000). Please make sure to renew your certificate before then, ....)
geh ich richtig in der annahme das ISPConfig den renew automatisch startet?
gruss
vinc


----------



## robotto7831a (8. Dez. 2017)

Normalerweise schon. Ist dein Certbot Client aktuell?


----------



## vikozo (8. Dez. 2017)

ich denke schon, apt update und upgrade sind aktuell und auch die ISPCofing ist aktuell.


----------



## robotto7831a (8. Dez. 2017)

Der Certbot läuft nicht unbedingt über apt. Den muss man selber updaten. Schau doch mal ins Logfile von dem Bot unter /var/log/letsencrypt was da so steht. Dort steht bestimmt Version zu alt oder so.


----------



## vikozo (8. Dez. 2017)

***letsencrypt.log***
2017-12-08 02:02:59,902EBUGarsedatetime:return
2017-12-08 02:02:59,902:INFO:certbot.renewal:Cert not yet due for renewal
2017-12-08 02:02:59,932:INFO:certbot.hooks:Running post-hook command: echo '1' > /usr/local/ispconfig/server/le.restart
2017-12-08 02:02:59,937EBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/letsencrypt", line 11, in <module>
    load_entry_point('certbot==0.10.2', 'console_scripts', 'certbot')()
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 849, in main
    return config.func(config, plugins)
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 655, in renew
    renewal.handle_renewal_request(config)
  File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 430, in handle_renewal_request
    len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 1 parse failure(s)


----------



## robotto7831a (8. Dez. 2017)

Und was steht davor im Logfile?


----------



## vikozo (11. Dez. 2017)

ein multitail /var/log/letsencrypt/letsencrypt.log


Spoiler: letsencrypt.log



2017-12-11 02:03:26,094EBUGarsedatetimearse (top of loop): [30 days][]
2017-12-11 02:03:26,094EBUGarsedatetime:CRE_UNITS matched
2017-12-11 02:03:26,094EBUGarsedatetimearse (bottom) [][30 days][][]
2017-12-11 02:03:26,094EBUGarsedatetime:weekday False, dateStd False, dateStr False, time False, timeStr False, meri
dian False
2017-12-11 02:03:26,094EBUGarsedatetime:dayStr False, modifier False, modifier2 False, units True, qunits False
2017-12-11 02:03:26,094EBUGarsedatetime:_evalString(30 days, time.struct_time(tm_year=2017, tm_mon=12, tm_mday=11, t
m_hour=2, tm_min=3, tm_sec=26, tm_wday=0, tm_yday=345, tm_isdst=0))
2017-12-11 02:03:26,094EBUGarsedatetime:_buildTime: [30 ][][days]
2017-12-11 02:03:26,094EBUGarsedatetime:units days --> realunit days
2017-12-11 02:03:26,094EBUGarsedatetime:return
2017-12-11 02:03:26,094:INFO:certbot.renewal:Cert not yet due for renewal
2017-12-11 02:03:26,110EBUGarsedatetimearse (top of loop): [30 days][]
2017-12-11 02:03:26,110EBUGarsedatetime:CRE_UNITS matched
2017-12-11 02:03:26,110EBUGarsedatetimearse (bottom) [][30 days][][]
2017-12-11 02:03:26,111EBUGarsedatetime:weekday False, dateStd False, dateStr False, time False, timeStr False, meri
dian False
2017-12-11 02:03:26,111EBUGarsedatetime:dayStr False, modifier False, modifier2 False, units True, qunits False
2017-12-11 02:03:26,111EBUGarsedatetime:_evalString(30 days, time.struct_time(tm_year=2017, tm_mon=12, tm_mday=11, t
m_hour=2, tm_min=3, tm_sec=26, tm_wday=0, tm_yday=345, tm_isdst=0))
2017-12-11 02:03:26,111EBUGarsedatetime:_buildTime: [30 ][][days]
2017-12-11 02:03:26,111EBUGarsedatetime:units days --> realunit days
2017-12-11 02:03:26,111EBUGarsedatetime:return
2017-12-11 02:03:26,111:INFO:certbot.renewal:Cert not yet due for renewal
2017-12-11 02:03:26,111:INFO:certbot.hooks:Running post-hook command: echo '1' > /usr/local/ispconfig/server/le.restart
2017-12-11 02:03:26,116EBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/letsencrypt", line 11, in <module>
    load_entry_point('certbot==0.10.2', 'console_scripts', 'certbot')()
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 849, in main
    return config.func(config, plugins)
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 655, in renew
    renewal.handle_renewal_request(config)
  File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 430, in handle_renewal_request
    len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 1 parse failure(s)


----------



## wotan2005 (11. Dez. 2017)

okay, du siehst aber schon selber, das der Kollege dich gefragt hat, nach Logeinträgen VOR! DEM! 08-12-2017 und NICHT NACH DEM 08-12-2017!!!!


----------



## vikozo (11. Dez. 2017)

nochmals, aber mehr ist nicht im file vorhanden, wobei ich noch weitere Dateien habe mit letsencrypt.log.1 bis ca.  .300


Spoiler: letsencrypt.log



2017-12-11 11:18:17,480:WARNING:certbot.renewal:Renewal configuration file /etc/letsencrypt/renewal/imkerei-kocher.ch.co
nf is broken. Skipping.
2017-12-11 11:18:17,501EBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 59, in _reconstitute
    renewal_candidate = storage.RenewableCert(full_path, config)
  File "/usr/lib/python2.7/dist-packages/certbot/storage.py", line 373, in __init__
    "file reference".format(self.configfile))
CertStorageError: renewal config file {} is missing a required file reference

2017-12-11 11:18:17,511EBUGarsedatetimearse (top of loop): [30 days][]
2017-12-11 11:18:17,512EBUGarsedatetime:CRE_UNITS matched
2017-12-11 11:18:17,512EBUGarsedatetimearse (bottom) [][30 days][][]
2017-12-11 11:18:17,512EBUGarsedatetime:weekday False, dateStd False, dateStr False, time False, timeStr False, meri
dian False
2017-12-11 11:18:17,512EBUGarsedatetime:dayStr False, modifier False, modifier2 False, units True, qunits False
2017-12-11 11:18:17,512EBUGarsedatetime:_evalString(30 days, time.struct_time(tm_year=2017, tm_mon=12, tm_mday=11, t
m_hour=11, tm_min=18, tm_sec=17, tm_wday=0, tm_yday=345, tm_isdst=0))
2017-12-11 11:18:17,512EBUGarsedatetime:_buildTime: [30 ][][days]
2017-12-11 11:18:17,512EBUGarsedatetime:units days --> realunit days
2017-12-11 11:18:17,512EBUGarsedatetime:return
2017-12-11 11:18:17,512:INFO:certbot.renewal:Cert not yet due for renewal
2017-12-11 11:18:17,528EBUGarsedatetimearse (top of loop): [30 days][]
2017-12-11 11:18:17,528EBUGarsedatetime:CRE_UNITS matched
2017-12-11 11:18:17,528EBUGarsedatetimearse (bottom) [][30 days][][]
2017-12-11 11:18:17,528EBUGarsedatetime:weekday False, dateStd False, dateStr False, time False, timeStr False, meri
dian False
2017-12-11 11:18:17,528EBUGarsedatetime:dayStr False, modifier False, modifier2 False, units True, qunits False
2017-12-11 11:18:17,529EBUGarsedatetime:_evalString(30 days, time.struct_time(tm_year=2017, tm_mon=12, tm_mday=11, t
m_hour=11, tm_min=18, tm_sec=17, tm_wday=0, tm_yday=345, tm_isdst=0))
2017-12-11 11:18:17,529EBUGarsedatetime:_buildTime: [30 ][][days]
2017-12-11 11:18:17,529EBUGarsedatetime:units days --> realunit days
2017-12-11 11:18:17,529EBUGarsedatetime:return
2017-12-11 11:18:17,529:INFO:certbot.renewal:Cert not yet due for renewal
2017-12-11 11:18:17,529EBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/certbot", line 11, in <module>
    load_entry_point('certbot==0.10.2', 'console_scripts', 'certbot')()
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 849, in main
    return config.func(config, plugins)
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 655, in renew
    renewal.handle_renewal_request(config)
  File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 430, in handle_renewal_request
    len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 1 parse failure(s)




2017-12-11 11:18:17,479:WARNING:certbot.renewal:renewal config file {} is missing a required file reference
2017-12-11 11:18:17,480:WARNING:certbot.renewal:Renewal configuration file /etc/letsencrypt/renewal/imkerei-kocher.ch.co
nf is broken. Skipping.
2017-12-11 11:18:17,501EBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 59, in _reconstitute
    renewal_candidate = storage.RenewableCert(full_path, config)
  File "/usr/lib/python2.7/dist-packages/certbot/storage.py", line 373, in __init__
    "file reference".format(self.configfile))
CertStorageError: renewal config file {} is missing a required file reference

2017-12-11 11:18:17,511EBUGarsedatetimearse (top of loop): [30 days][]
2017-12-11 11:18:17,512EBUGarsedatetime:CRE_UNITS matched
2017-12-11 11:18:17,512EBUGarsedatetimearse (bottom) [][30 days][][]
2017-12-11 11:18:17,512EBUGarsedatetime:weekday False, dateStd False, dateStr False, time False, timeStr False, meri
dian False
2017-12-11 11:18:17,512EBUGarsedatetime:dayStr False, modifier False, modifier2 False, units True, qunits False
2017-12-11 11:18:17,512EBUGarsedatetime:_evalString(30 days, time.struct_time(tm_year=2017, tm_mon=12, tm_mday=11, t
m_hour=11, tm_min=18, tm_sec=17, tm_wday=0, tm_yday=345, tm_isdst=0))
2017-12-11 11:18:17,512EBUGarsedatetime:_buildTime: [30 ][][days]
2017-12-11 11:18:17,512EBUGarsedatetime:units days --> realunit days
2017-12-11 11:18:17,512EBUGarsedatetime:return
2017-12-11 11:18:17,512:INFO:certbot.renewal:Cert not yet due for renewal
2017-12-11 11:18:17,528EBUGarsedatetimearse (top of loop): [30 days][]
2017-12-11 11:18:17,528EBUGarsedatetime:CRE_UNITS matched
2017-12-11 11:18:17,528EBUGarsedatetimearse (bottom) [][30 days][][]
2017-12-11 11:18:17,528EBUGarsedatetime:weekday False, dateStd False, dateStr False, time False, timeStr False, meri
dian False
2017-12-11 11:18:17,528EBUGarsedatetime:dayStr False, modifier False, modifier2 False, units True, qunits False
2017-12-11 11:18:17,529EBUGarsedatetime:_evalString(30 days, time.struct_time(tm_year=2017, tm_mon=12, tm_mday=11, t
m_hour=11, tm_min=18, tm_sec=17, tm_wday=0, tm_yday=345, tm_isdst=0))
2017-12-11 11:18:17,529EBUGarsedatetime:_buildTime: [30 ][][days]
2017-12-11 11:18:17,529EBUGarsedatetime:units days --> realunit days
2017-12-11 11:18:17,529EBUGarsedatetime:return
2017-12-11 11:18:17,529:INFO:certbot.renewal:Cert not yet due for renewal
2017-12-11 11:18:17,529EBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/certbot", line 11, in <module>
    load_entry_point('certbot==0.10.2', 'console_scripts', 'certbot')()
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 849, in main
    return config.func(config, plugins)
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 655, in renew
    renewal.handle_renewal_request(config)
  File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 430, in handle_renewal_request
    len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 1 parse failure(s)


----------



## robotto7831a (11. Dez. 2017)

Ohne Sinn und Verstand Logfile zu posten hat nicht den großen Sinn. Es geht geziehlt um Logfileeinträge um das konkrete Datum vom 08.12.2017 und zwar in der Nacht.


----------



## vikozo (11. Dez. 2017)

@robotto7831a  sorry dies ist der ganze Inhalt des Logilfe betreffend dem konkreten Datum, es ist immer die gleichen Einträge


Spoiler: letsencrypt.log.2 um 02:03 des 11.12.2017



2017-12-11 02:03:26,073:WARNING:certbot.renewal:Renewal configuration file /etc/letsencrypt/renewal/imkerei-kocher.ch.co
nf is broken. Skipping.
2017-12-11 02:03:26,091EBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 59, in _reconstitute
    renewal_candidate = storage.RenewableCert(full_path, config)
  File "/usr/lib/python2.7/dist-packages/certbot/storage.py", line 373, in __init__
    "file reference".format(self.configfile))
CertStorageError: renewal config file {} is missing a required file reference

2017-12-11 02:03:26,094EBUGarsedatetimearse (top of loop): [30 days][]
2017-12-11 02:03:26,094EBUGarsedatetime:CRE_UNITS matched
2017-12-11 02:03:26,094EBUGarsedatetimearse (bottom) [][30 days][][]
2017-12-11 02:03:26,094EBUGarsedatetime:weekday False, dateStd False, dateStr False, time False, timeStr False, meri
dian False
2017-12-11 02:03:26,094EBUGarsedatetime:dayStr False, modifier False, modifier2 False, units True, qunits False
2017-12-11 02:03:26,094EBUGarsedatetime:_evalString(30 days, time.struct_time(tm_year=2017, tm_mon=12, tm_mday=11, t
m_hour=2, tm_min=3, tm_sec=26, tm_wday=0, tm_yday=345, tm_isdst=0))
2017-12-11 02:03:26,094EBUGarsedatetime:_buildTime: [30 ][][days]
2017-12-11 02:03:26,094EBUGarsedatetime:units days --> realunit days
2017-12-11 02:03:26,094EBUGarsedatetime:return
2017-12-11 02:03:26,094:INFO:certbot.renewal:Cert not yet due for renewal
2017-12-11 02:03:26,110EBUGarsedatetimearse (top of loop): [30 days][]
2017-12-11 02:03:26,110EBUGarsedatetime:CRE_UNITS matched
2017-12-11 02:03:26,110EBUGarsedatetimearse (bottom) [][30 days][][]
2017-12-11 02:03:26,111EBUGarsedatetime:weekday False, dateStd False, dateStr False, time False, timeStr False, meri
dian False
2017-12-11 02:03:26,111EBUGarsedatetime:dayStr False, modifier False, modifier2 False, units True, qunits False
2017-12-11 02:03:26,111EBUGarsedatetime:_evalString(30 days, time.struct_time(tm_year=2017, tm_mon=12, tm_mday=11, t
m_hour=2, tm_min=3, tm_sec=26, tm_wday=0, tm_yday=345, tm_isdst=0))
2017-12-11 02:03:26,111EBUGarsedatetime:_buildTime: [30 ][][days]
2017-12-11 02:03:26,111EBUGarsedatetime:units days --> realunit days
2017-12-11 02:03:26,111EBUGarsedatetime:return
2017-12-11 02:03:26,111:INFO:certbot.renewal:Cert not yet due for renewal
2017-12-11 02:03:26,111:INFO:certbot.hooks:Running post-hook command: echo '1' > /usr/local/ispconfig/server/le.restart
2017-12-11 02:03:26,116EBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/letsencrypt", line 11, in <module>
    load_entry_point('certbot==0.10.2', 'console_scripts', 'certbot')()
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 849, in main
    return config.func(config, plugins)
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 655, in renew
    renewal.handle_renewal_request(config)
  File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 430, in handle_renewal_request
    len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 1 parse failure(s)





Spoiler: letsencrypt.log.3 um 23.22 des 10.12.2017



2017-12-10 23:22:30,828:WARNING:certbot.renewal:renewal config file {} is missing a required file reference
2017-12-10 23:22:30,829:WARNING:certbot.renewal:Renewal configuration file /etc/letsencrypt/renewal/imkerei-kocher.ch.co
nf is broken. Skipping.
2017-12-10 23:22:30,847EBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 59, in _reconstitute
    renewal_candidate = storage.RenewableCert(full_path, config)
  File "/usr/lib/python2.7/dist-packages/certbot/storage.py", line 373, in __init__
    "file reference".format(self.configfile))
CertStorageError: renewal config file {} is missing a required file reference

2017-12-10 23:22:30,850EBUGarsedatetimearse (top of loop): [30 days][]
2017-12-10 23:22:30,850EBUGarsedatetime:CRE_UNITS matched
2017-12-10 23:22:30,850EBUGarsedatetimearse (bottom) [][30 days][][]
2017-12-10 23:22:30,850EBUGarsedatetime:weekday False, dateStd False, dateStr False, time False, timeStr False, meri
dian False
2017-12-10 23:22:30,850EBUGarsedatetime:dayStr False, modifier False, modifier2 False, units True, qunits False
2017-12-10 23:22:30,850EBUGarsedatetime:_evalString(30 days, time.struct_time(tm_year=2017, tm_mon=12, tm_mday=10, t
m_hour=23, tm_min=22, tm_sec=30, tm_wday=6, tm_yday=344, tm_isdst=0))
2017-12-10 23:22:30,850EBUGarsedatetime:_buildTime: [30 ][][days]
2017-12-10 23:22:30,850EBUGarsedatetime:units days --> realunit days
2017-12-10 23:22:30,851EBUGarsedatetime:return
2017-12-10 23:22:30,851:INFO:certbot.renewal:Cert not yet due for renewal
2017-12-10 23:22:30,881EBUGarsedatetimearse (top of loop): [30 days][]
2017-12-10 23:22:30,882EBUGarsedatetime:CRE_UNITS matched
2017-12-10 23:22:30,882EBUGarsedatetimearse (bottom) [][30 days][][]
2017-12-10 23:22:30,882EBUGarsedatetime:weekday False, dateStd False, dateStr False, time False, timeStr False, meri
dian False
2017-12-10 23:22:30,882EBUGarsedatetime:dayStr False, modifier False, modifier2 False, units True, qunits False
2017-12-10 23:22:30,882EBUGarsedatetime:_evalString(30 days, time.struct_time(tm_year=2017, tm_mon=12, tm_mday=10, t
m_hour=23, tm_min=22, tm_sec=30, tm_wday=6, tm_yday=344, tm_isdst=0))
2017-12-10 23:22:30,882EBUGarsedatetime:_buildTime: [30 ][][days]
2017-12-10 23:22:30,882EBUGarsedatetime:units days --> realunit days
2017-12-10 23:22:30,882EBUGarsedatetime:return
2017-12-10 23:22:30,882:INFO:certbot.renewal:Cert not yet due for renewal
2017-12-10 23:22:30,920EBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/certbot", line 11, in <module>
    load_entry_point('certbot==0.10.2', 'console_scripts', 'certbot')()
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 849, in main
    return config.func(config, plugins)
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 655, in renew
    renewal.handle_renewal_request(config)
  File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 430, in handle_renewal_request
    len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 1 parse failure(s)


----------



## robotto7831a (11. Dez. 2017)

In der zweiten Zeile steht dein Problem. Stand in dem anderen Posting auch, hatte ich überlesen, da ich nach etwas anderem gesucht hatte.

Wie sieht denn die Config aus?


----------



## vikozo (12. Dez. 2017)

@robotto7831a vielen Dank,
unter /etc/letsencrypt/renewal# hab ich die Datei gefunden!
die Datei imkerei-kocher.ch-0001.conf war leer. hab sie gelöscht und ein "certbot renew" durchgeführt.
ich denke da wurden jetzt neu certifikate erstellt, aber es gab auch Infos/Warning


> /usr/lib/python2.7/dist-packages/OpenSSL/rand.py:58: UserWarning: implicit cast from 'char *' to a different pointer type: will be forbidden in the future (check that the types are as you expect; use an explicit ffi.cast() if they are correct)
> result_code = _lib.RAND_bytes(result_buffer, num_bytes)
> 
> Encountered vhost ambiguity but unable to ask for user guidance in non-interactive mode. Currently Certbot needs each vhost to be in its own conf file, and may need vhosts to be explicitly labelled with ServerName or ServerAlias directories.


was mir noch aufgefallen ist es gibt *.conf file wo die Version 0.10.2 ist und eine andere Version 0.18.1 hat
dabei ist auch diese Info auf dem Bildschirm erschienen


> Attempting to parse the version 0.18.1 renewal configuration file found at /etc/letsencrypt/renewal/kozo.ch.conf with version 0.10.2 of Certbot. This might not work.


noch eine frage - mein certbot hat die version: 0.10.2  wie wird es unter Debian aktualisiert?


----------



## robotto7831a (12. Dez. 2017)

Glauben gibt es nicht. Entweder es wurde ein neues Zertifikat ausgestellt oder nicht.


----------

