Fix Lets Encrypt renewal error on Ubuntu 16.04

Currently, there is one problem with cerificate renewal on Ubuntu 16.04 Xenial. Basically, the error will be similar to this,

1
2
3
4
5
6
7
$ sudo letsencrypt renew
Processing /etc/letsencrypt/renewal/example.com.conf
2016-12-18 00:44:29,826:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/example.com.conf produced an unexpected error: 'server'. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/example.com/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)

If you install letscrypt from Ubuntu official PPA, the current version should be 0.4.1, and this is much different from the version on git, 0.6.0.

Since the server is changed recently, so the server key in 0.4.1 is not valid anymore and that makes error. It is fixed in 0.6.0+, and should be fine if you installed letsencrypt from git.

What about the fix for 0.4.0+ then?

You have to add change the server value in the config file under /etc/letsencrypt/renewal/example.com.conf

1
2
3
server = https://acme-v01.api.letsencrypt.org/directory
[[webroot_map]]
...

Note, if there is section [[webroot_map]], then you have to put server above that section.

Finally, issue the renew command again, and it should work!

Share Comments