Automatic reneweal by systemd timer always failed. But certbot renew
works fine.
'Namespace' object has no attribute 'dns_duckdns_propagation_seconds'. Skipping.
systemctl start snap.certbot.renew.service
or
snap run certbot.renew
root@HMS:~# systemctl status snap.certbot.renew.service
● snap.certbot.renew.service - Service for snap application certbot.renew
Loaded: loaded (/etc/systemd/system/snap.certbot.renew.service; static; vendor preset: enabled)
Active: failed (Result: exit-code) since Thu 2021-08-19 19:58:11 MSK; 12min ago
TriggeredBy: ● snap.certbot.renew.timer
Process: 171958 ExecStart=/usr/bin/snap run --timer=00:00~24:00/2 certbot.renew (code=exited, status=1/FAILURE)
Main PID: 171958 (code=exited, status=1/FAILURE)
Aug 19 19:58:06 HMS systemd[1]: Starting Service for snap application certbot.renew...
Aug 19 19:58:11 HMS certbot.renew[171958]: Renewal configuration file /etc/letsencrypt/renewal/XXXXXXXXXXXXX.duckdns.org.conf (cert: XXXXXXXXXXXXX.duckdns.org) produced an une>
Aug 19 19:58:11 HMS certbot.renew[171958]: 0 renew failure(s), 1 parse failure(s)
Aug 19 19:58:11 HMS systemd[1]: snap.certbot.renew.service: Main process exited, code=exited, status=1/FAILURE
Aug 19 19:58:11 HMS systemd[1]: snap.certbot.renew.service: Failed with result 'exit-code'.
Aug 19 19:58:11 HMS systemd[1]: Failed to start Service for snap application certbot.renew.
[3]+ Stopped systemctl status snap.certbot.renew.service
root@HMS:~# snap run certbot.renew
Renewal configuration file /etc/letsencrypt/renewal/XXXXXXXXXXXXX.duckdns.org.conf (cert: XXXXXXXXXXXXX.duckdns.org) produced an unexpected error: 'Namespace' object has no attribute 'dns_duckdns_propagation_seconds'. Skipping.
0 renew failure(s), 1 parse failure(s)
root@HMS:~# sudo certbot renew --dry-run
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/XXXXXXXXXXXXX.duckdns.org.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator dns-duckdns, Installer None
Simulating renewal of an existing certificate for XXXXXXXXXXXXX.duckdns.org
Performing the following challenges:
dns-01 challenge for XXXXXXXXXXXXX.duckdns.org
Waiting 60 seconds for DNS changes to propagate
Waiting for verification...
Cleaning up challenges
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/XXXXXXXXXXXXX.duckdns.org/fullchain.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations, all simulated renewals succeeded:
/etc/letsencrypt/live/XXXXXXXXXXXXX.duckdns.org/fullchain.pem (success)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
certbot certonly --non-interactive --agree-tos --email [email protected] --preferred-challenges dns --authenticator dns-duckdns --dns-duckdns-token XXXXXXXXXX --dns-duckdns-propagation-seconds 60 -d "XXXXXXXXXXX.duckdns.org"