GNU bug report logs - #62491
[berlin] certbot renewal appears to be broken

Previous Next

Full log

View this message in rfc822 format

From: Giovanni Biscuolo <g <at> xelera.eu>
To: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
Cc: "62491 <at> debbugs.gnu.org" <62491 <at> debbugs.gnu.org>, Ludovic Courtès <ludovic.courtes <at> inria.fr>
Subject: bug#62491: [berlin] certbot renewal appears to be broken
Date: Thu, 23 Nov 2023 08:42:31 +0100

[Message part 1 (text/plain, inline)]

Hi Maxim,

thank you for your feedback.

Maxim Cournoyer <maxim.cournoyer <at> gmail.com> writes:

[...]

>> AFAIU actually #56678 is (was?) caused by a duplicate certbot account:

[...]

>> The problem on berlin (#62491) is (was) due to a failed challenge:

I'm almost sure those are different bugs and I'm almost sure the bugs
are caused by _state_ (/etc/letsencrypt/[accounts|renewal])

[...]

> I don't think it was truly resolved.  The problem keeps coming and
> someone (usually Ludovic) has to manually run some commands get it to
> cooperate (IIUC).

Bugs like this are very difficult to reproduce and to investigate if we
wait the certs expiration and are forced to find a quick "workaround";
we should force a renewal (via CLI) before the expiration date and share
the logs to see what's happening.

I'd like to help but I'm not a sysadmin on bayfront nor on berlin.

I think this kind "statefulness issues" are affecting other users.

Happy hacking! Gio'

[...]

-- 
Giovanni Biscuolo

Xelera IT Infrastructures

[signature.asc (application/pgp-signature, inline)]

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.