I recently had to renew the HTTPS certificates for my server, and ran into trouble.
The errors that the command
sudo letsencrypt renew was spewing out were these:
Processing /etc/letsencrypt/renewal/bitfalls.com.conf 2017-02-06 07:43:08,126:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/bitfalls.com.conf produced an unexpected error: 'server'. Skipping. Processing /etc/letsencrypt/renewal/test.bitfalls.com.conf 2017-02-06 07:43:08,408:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/test.bitfalls.com.conf produced an unexpected error: 'server'. Skipping.
To save you some googling and experimentation, the error is caused by a missing
server configuration entry in the renewal configuration files. To fix this, you can start over completely (i.e. remove the
/etc/letsencrypt folder and regenerate everything), or manually insert the missing config entry. Here’s how you do the latter.
Updating LetsEncrypt’s Configuration Files
If you go into
/etc/letsencrypt/renewal, you’ll see your current server’s cert renewal files:
Most of you will only have one in there, unless you have subdomains defined, in which case you should see one cert for each subdomain you’re serving via HTTPS. Copy the following string to the clipboard:
server = https://acme-v01.api.letsencrypt.org/directory
This mock server entry value needs to go into each of the files in
/etc/letsencrypt/renewal, but before the
[[webroot_map]] entry (if it exists – otherwise, put at the end).
Here’s a shortcut script you can just paste in the
renewal folder, and it will automatically insert this string into every file at the correct location:
sed -i "/[[webroot_map]]/i server = https://acme-v01.api.letsencrypt.org/directory" *.conf
Once you edit the files and save them, running the renewal command should work:
sudo letsencrypt renew
Remember, if you’re on an old, manually installed version of LetsEncrypt, install the apt version with:
sudo apt-get install letsencrypt
Hopefully this saved you some trouble!