nginx-proxy-manager icon indicating copy to clipboard operation
nginx-proxy-manager copied to clipboard

Published 20 hours ago verified publisher icon NginxProxyManager

SSL Certs are not auto-renewing -> log error: "Another instance of Certbot is already running"

Open maltokyo opened this issue 2 years ago • 10 comments

SSL Certs are not auto-renewing (for all of my domains).

So I went into the WebGUI and tried to manually renew the SSL Certificates

Manual renewal worked for one domain, and then from the second domain that had expired, when I choose "renew now" I got the error in a red banner in the webGUI just saying "Internal Error".

So, I checked logs and it contains the following error for all the domains that are not renewed:

"Another instance of Certbot is already running"

Could anyone help, who might have a permanent fix for this?

Full log below:

nginx_proxy_manager    | [5/12/2022] [8:35:50 AM] [SSL      ] › ℹ  info      Renewing Let'sEncrypt certificates for Cert #17: my.domain.com
nginx_proxy_manager    | [5/12/2022] [8:35:50 AM] [SSL      ] › ℹ  info      Command: certbot renew --force-renewal --config "/etc/letsencrypt.ini" --cert-name "npm-17" --preferred-challenges "dns,http" --no-random-sleep-on-renew --disable-hook-validation
nginx_proxy_manager    | [5/12/2022] [8:35:51 AM] [Express  ] › ⚠  warning   Command failed: certbot renew --force-renewal --config "/etc/letsencrypt.ini" --cert-name "npm-17" --preferred-challenges "dns,http" --no-random-sleep-on-renew --disable-hook-validation
nginx_proxy_manager    | Another instance of Certbot is already running.
nginx_proxy_manager    | Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/tmp0k76co9u/log or re-run Certbot with -v for more details.
nginx_proxy_manager    |

maltokyo avatar May 12 '22 08:05 maltokyo

+1

source011 avatar May 14 '22 11:05 source011

Would anyone have any insights?

maltokyo avatar May 19 '22 22:05 maltokyo

Would anyone have any insights?

I ended up doing the DNS challenge as a work around for now.

source011 avatar May 19 '22 23:05 source011

Thank you, will try that. Not sure how to go about it though, will dig around.

maltokyo avatar May 20 '22 07:05 maltokyo

Rolling back from 2.9.18 to 2.9.15 fixes it for me.

mat-m avatar Jun 04 '22 20:06 mat-m

I had the same issue, running these inside the app container in 2.9.18 fixed it for me:

pip uninstall certbot
pip install certbot

flufftronix avatar Jun 10 '22 19:06 flufftronix

I resolved the problem by this post https://community.letsencrypt.org/t/solved-another-instance-of-certbot-is-already-running/44690

Basically just find and remove all lockfile which lock the certbot

daominhsangvn avatar Aug 04 '22 07:08 daominhsangvn

Thanks @daominhsangvn - that did the trick for me! For those having issues with it not renewing when Force SSL is enabled then this PR fixes that too - https://github.com/NginxProxyManager/nginx-proxy-manager/pull/2038

EDIflyer avatar Oct 07 '22 10:10 EDIflyer

Issue is now considered stale. If you want to keep it open, please comment :+1:

github-actions[bot] avatar Feb 17 '24 01:02 github-actions[bot]

Not stale

maltokyo avatar Feb 19 '24 05:02 maltokyo