How do I debug Certbot Exit 1?

0

Issue

I am trying to launch a containerized version of my website using Nginx according to these directions

https://www.digitalocean.com/community/tutorials/how-to-secure-a-containerized-node-js-application-with-nginx-let-s-encrypt-and-docker-compose

This includes a Certbot plugin to provide the certificates.
There are no errors, but when I run

docker-compose ps

I see this

certbot     certbot certonly --webroot ...   Exit 1

The problem may be related to the fact that the first time I ran the code, I got a notice that my domain had a certificate already assigned to it. Do I want to 1) reissue a certificate or 2) do nothing. This makes sense since I had been using a non-containerized version of my website before and had a Certbot certificate. The deployment in these instructions, however, is automated, so I did not even have a chance to answer the question. Also, I cannot regenerate the error message, so the wording is from memory and not exact.

I am new to this type of deployment so I do not know where to start debugging this issue. Also, if the problem is related to the above Certbot question, how do I fix it?

Thank you!!

Solution

So you can get more information on the problem using

docker-compose logs

Also, more information on rate limits for Let’s Encrypt can be found here

https://letsencrypt.org/docs/rate-limits

In my case, the exact error was:

cannot load certificate "/etc/letsencrypt/live/example.com/fullchain.pem": BIO_new_file() failed 

The solution is described here:

https://community.letsencrypt.org/t/nginx-emerg-bio-new-file-etc-letsencrypt-live-domain-com-fullchain-pem-failed-ssl-errorsystem-libraryno-such-file-or-directory-fopen-etc-letsencrypt-live-domain-com-fullchain-pem-r/106597/2

Answered By – user3877654

This Answer collected from stackoverflow, is licensed under cc by-sa 2.5 , cc by-sa 3.0 and cc by-sa 4.0

Leave A Reply

Your email address will not be published.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More