Certbot cannot renew cert due to standalone mode with NGINX running

[ASoTNetworks]

Currently certbot is using standalone when obtaining new SSL certs and the crontab calls certbot without first stopping NGINX resulting in certbot cannot bind to port 80 and cannot validate the server.

A fix is to stop NGINX before calling certbot: 30 2 * * 1 root /usr/bin/systemctl stop nginx ; /usr/bin/certbot renew >> /var/log/letsencrypt/letsencrypt.log ; /usr/bin/systemctl start nginx

Another way is to have certbot use webroot so NGINX can stay running and reloaded after.

[darkdrgn2k]

When issuing certificates i use this command line

certbot certonly --email [email protected] --webroot -w /var/www/html -n --agree-tos --domains $1 $2 $3 $4

I beleave there is a renew version of this as well

[benhylau]

I received this question by email:

I was able to renew the RTMP server because I know what it is running (NGINX), but am working to find what the IPFS Mirror is doing that is stopping port 80 traffic. I figured that the site was working off of port 80 so I stopped it and was able to renew for the RTMP Server side but the IPFS Mirror is getting an error still. Can you help me out with potential quick fix to let the renewal take place?

Maybe @darkdrgn2k @ASoTNetworks knows how to address?

[toplevelnick]

Hey guys. So I found that if you stop NGINX on both RTMP and IPFS Mirror then run , certbot renew. It will renew fine. Just remember to start up the server once it is renewed.