Zombie Let's Encrypt certificate

2021-12-02 18:07:41,659:DEBUG:certbot._internal.main:certbot version: 1.11.0

2021-12-02 18:07:41,659:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot

2021-12-02 18:07:41,659:DEBUG:certbot._internal.main:Arguments: []

2021-12-02 18:07:41,659:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)

2021-12-02 18:07:41,680:DEBUG:certbot._internal.log:Root logging level set at 20

2021-12-02 18:07:41,680:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log

2021-12-02 18:07:41,682:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dargels.de.conf

2021-12-02 18:07:41,690:DEBUG:certbot._internal.plugins.selection:Requested authenticator <certbot._internal.cli.cli_utils._Default object at 0x7f84135e75d0> and installer <certbot._internal.cli.cli_utils._Default object at 0x7f84135e75d0>

2021-12-02 18:07:41,718:DEBUG:certbot.ocsp:Querying OCSP for /etc/letsencrypt/archive/dargels.de/cert10.pem

2021-12-02 18:07:41,718:DEBUG:certbot.ocsp:openssl ocsp -no_nonce -issuer /etc/letsencrypt/archive/dargels.de/chain10.pem -cert /etc/letsencrypt/archive/dargels.de/cert10.pem -CAfile /etc/letsencrypt/archive/dargels.de/chain10.pem -verify_other /etc/letsencrypt/archive/dargels.de/chain10.pem -trust_other -timeout 10 -header Host r3.o.lencr.org -url http://r3.o.lencr.org

2021-12-02 18:07:41,890:INFO:certbot._internal.renewal:Cert not yet due for renewal

2021-12-02 18:07:41,891:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None

2021-12-02 18:07:41,891:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/myancestry.de.conf

2021-12-02 18:07:41,908:DEBUG:certbot.ocsp:Querying OCSP for /etc/letsencrypt/archive/myancestry.de/cert6.pem

2021-12-02 18:07:41,908:DEBUG:certbot.ocsp:openssl ocsp -no_nonce -issuer /etc/letsencrypt/archive/myancestry.de/chain6.pem -cert /etc/letsencrypt/archive/myancestry.de/cert6.pem -CAfile /etc/letsencrypt/archive/myancestry.de/chain6.pem -verify_other /etc/letsencrypt/archive/myancestry.de/chain6.pem -trust_other -timeout 10 -header Host r3.o.lencr.org -url http://r3.o.lencr.org

2021-12-02 18:07:42,083:INFO:certbot._internal.renewal:Cert not yet due for renewal

2021-12-02 18:07:42,083:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None

2021-12-02 18:07:42,083:DEBUG:certbot.display.util:Notifying user:

2021-12-02 18:07:42,084:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet:

2021-12-02 18:07:42,084:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/dargels.de/fullchain.pem expires on 2022-01-19 (skipped)

/etc/letsencrypt/live/myancestry.de/fullchain.pem expires on 2022-02-05 (skipped)

2021-12-02 18:07:42,084:DEBUG:certbot.display.util:Notifying user: No renewals were attempted.

2021-12-02 18:07:42,084:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2021-12-02 18:07:42,084:DEBUG:certbot._internal.renewal:no renewal failures"]
cat /var/log/letsencrypt/letsencrypt.log

2021-12-02 18:07:41,659:DEBUG:certbot._internal.main:certbot version: 1.11.0

2021-12-02 18:07:41,659:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot

2021-12-02 18:07:41,659:DEBUG:certbot._internal.main:Arguments: []

2021-12-02 18:07:41,659:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)

2021-12-02 18:07:41,680:DEBUG:certbot._internal.log:Root logging level set at 20

2021-12-02 18:07:41,680:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log

2021-12-02 18:07:41,682:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dargels.de.conf

2021-12-02 18:07:41,690:DEBUG:certbot._internal.plugins.selection:Requested authenticator <certbot._internal.cli.cli_utils._Default object at 0x7f84135e75d0> and installer <certbot._internal.cli.cli_utils._Default object at 0x7f84135e75d0>

2021-12-02 18:07:41,718:DEBUG:certbot.ocsp:Querying OCSP for /etc/letsencrypt/archive/dargels.de/cert10.pem

2021-12-02 18:07:41,718:DEBUG:certbot.ocsp:openssl ocsp -no_nonce -issuer /etc/letsencrypt/archive/dargels.de/chain10.pem -cert /etc/letsencrypt/archive/dargels.de/cert10.pem -CAfile /etc/letsencrypt/archive/dargels.de/chain10.pem -verify_other /etc/letsencrypt/archive/dargels.de/chain10.pem -trust_other -timeout 10 -header Host r3.o.lencr.org -url http://r3.o.lencr.org

2021-12-02 18:07:41,890:INFO:certbot._internal.renewal:Cert not yet due for renewal

2021-12-02 18:07:41,891:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None

2021-12-02 18:07:41,891:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/myancestry.de.conf

2021-12-02 18:07:41,908:DEBUG:certbot.ocsp:Querying OCSP for /etc/letsencrypt/archive/myancestry.de/cert6.pem

2021-12-02 18:07:41,908:DEBUG:certbot.ocsp:openssl ocsp -no_nonce -issuer /etc/letsencrypt/archive/myancestry.de/chain6.pem -cert /etc/letsencrypt/archive/myancestry.de/cert6.pem -CAfile /etc/letsencrypt/archive/myancestry.de/chain6.pem -verify_other /etc/letsencrypt/archive/myancestry.de/chain6.pem -trust_other -timeout 10 -header Host r3.o.lencr.org -url http://r3.o.lencr.org

2021-12-02 18:07:42,083:INFO:certbot._internal.renewal:Cert not yet due for renewal

2021-12-02 18:07:42,083:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None

2021-12-02 18:07:42,083:DEBUG:certbot.display.util:Notifying user:

2021-12-02 18:07:42,084:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet:

2021-12-02 18:07:42,084:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/dargels.de/fullchain.pem expires on 2022-01-19 (skipped)

/etc/letsencrypt/live/myancestry.de/fullchain.pem expires on 2022-02-05 (skipped)

2021-12-02 18:07:42,084:DEBUG:certbot.display.util:Notifying user: No renewals were attempted.

2021-12-02 18:07:42,084:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2021-12-02 18:07:42,084:DEBUG:certbot._internal.renewal:no renewal failures

cat /var/log/letsencrypt/letsencrypt.log.3
2021-12-02 17:56:43,329:DEBUG:certbot._internal.main:certbot version: 1.11.0
2021-12-02 17:56:43,329:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2021-12-02 17:56:43,329:DEBUG:certbot._internal.main:Arguments: []
2021-12-02 17:56:43,329:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2021-12-02 17:56:43,354:DEBUG:certbot._internal.log:Root logging level set at 20
2021-12-02 17:56:43,354:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2021-12-02 17:56:43,356:WARNING:certbot._internal.cert_manager:Renewal configuration file /etc/letsencrypt/renewal/dargels.de-0001.conf produced an unexpected error: expected /etc/letsencrypt/live/dargels.de-0001/cert.pem to be a symlink. Skipping.
2021-12-02 17:56:43,358:DEBUG:certbot._internal.cert_manager:Traceback was:
Traceback (most recent call last):
File “/usr/lib/python2.7/site-packages/certbot/_internal/cert_manager.py”, line 79, in certificates
renewal_candidate = storage.RenewableCert(renewal_file, config)
File “/usr/lib/python2.7/site-packages/certbot/_internal/storage.py”, line 470, in init
self._check_symlinks()
File “/usr/lib/python2.7/site-packages/certbot/_internal/storage.py”, line 537, in _check_symlinks
“expected {0} to be a symlink”.format(link))
CertStorageError: expected /etc/letsencrypt/live/dargels.de-0001/cert.pem to be a symlink

2021-12-02 17:56:43,385:DEBUG:certbot.ocsp:Querying OCSP for /etc/letsencrypt/live/dargels.de/cert.pem
2021-12-02 17:56:43,386:DEBUG:certbot.ocsp:openssl ocsp -no_nonce -issuer /etc/letsencrypt/live/dargels.de/chain.pem -cert /etc/letsencrypt/live/dargels.de/cert.pem -CAfile /etc/letsencrypt/live/dargels.de/chain.pem -verify_other /etc/letsencrypt/live/dargels.de/chain.pem -trust_other -timeout 10 -header Host r3.o.lencr.org -url http://r3.o.lencr.org
2021-12-02 17:56:43,577:DEBUG:certbot.ocsp:Querying OCSP for /etc/letsencrypt/live/myancestry.de/cert.pem
2021-12-02 17:56:43,577:DEBUG:certbot.ocsp:openssl ocsp -no_nonce -issuer /etc/letsencrypt/live/myancestry.de/chain.pem -cert /etc/letsencrypt/live/myancestry.de/cert.pem -CAfile /etc/letsencrypt/live/myancestry.de/chain.pem -verify_other /etc/letsencrypt/live/myancestry.de/chain.pem -trust_other -timeout 10 -header Host r3.o.lencr.org -url http://r3.o.lencr.org
2021-12-02 17:56:43,743:DEBUG:certbot.display.util:Notifying user: Found the following certs:
Certificate Name: dargels.de
Serial Number: 326a84d916e1204915d8bffe07f9e9bddcb
Key Type: RSA
Domains: dargels.de collabora.dargels.de dev.dargels.de imap.dargels.de mail.dargels.de nextcloud.dargels.de ns-srv01.dargels.de smtp.dargels.de status.dargels.de stephdl.dargels.de webtop.dargels.de wp.dargels.de www.dargels.de
Expiry Date: 2022-01-19 01:58:24+00:00 (VALID: 47 days)
Certificate Path: /etc/letsencrypt/live/dargels.de/fullchain.pem
Private Key Path: /etc/letsencrypt/live/dargels.de/privkey.pem
Certificate Name: myancestry.de
Serial Number: 42e828677b2c16c675d69d3e62d89b602ed
Key Type: RSA
Domains: myancestry.de imap.myancestry.de mail.myancestry.de smtp.myancestry.de www.myancestry.de
Expiry Date: 2022-02-05 06:25:12+00:00 (VALID: 64 days)
Certificate Path: /etc/letsencrypt/live/myancestry.de/fullchain.pem
Private Key Path: /etc/letsencrypt/live/myancestry.de/privkey.pem

The following renewal configurations were invalid:
/etc/letsencrypt/renewal/dargels.de-0001.conf

cat /var/log/letsencrypt/letsencrypt.log.4

2021-12-02 04:35:07,410:DEBUG:certbot._internal.main:certbot version: 1.11.0

2021-12-02 04:35:07,410:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot

2021-12-02 04:35:07,410:DEBUG:certbot._internal.main:Arguments: [’–text’, ‘–non-interactive’, ‘–agree-tos’, ‘–email’, ‘marko.dargel@gmail.com’, ‘–preferred-challenges’, ‘http’, ‘–webroot’, ‘–webroot-path’, ‘/var/www/html/’, ‘-d’, ‘dargels.de’, ‘-d’, ‘collabora.dargels.de’, ‘-d’, ‘dev.dargels.de’, ‘-d’, ‘imap.dargels.de’, ‘-d’, ‘imaps.dargels.de’, ‘-d’, ‘isi-dev.dargels.de’, ‘-d’, ‘mail.dargels.de’, ‘-d’, ‘myancestry.de’, ‘-d’, ‘nextcloud.dargels.de’, ‘-d’, ‘smtp.dargels.de’, ‘-d’, ‘smtps.dargels.de’, ‘-d’, ‘stephdl.dargels.de’, ‘-d’, ‘wp.dargels.de’, ‘-d’, ‘www.dargels.de’, ‘-d’, ‘ns-srv01.dargels.de’, ‘–preferred-chain’, ‘ISRG Root X1’, ‘–quiet’]

2021-12-02 04:35:07,410:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)

2021-12-02 04:35:07,441:DEBUG:certbot._internal.log:Root logging level set at 30

2021-12-02 04:35:07,442:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log

2021-12-02 04:35:07,442:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None

2021-12-02 04:35:07,444:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * webroot

Description: Place files in webroot directory

Interfaces: IAuthenticator, IPlugin

Entry point: webroot = certbot._internal.plugins.webroot:Authenticator

Initialized: <certbot._internal.plugins.webroot.Authenticator object at 0x7f035db35b50>

Prep: True

2021-12-02 04:35:07,444:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.webroot.Authenticator object at 0x7f035db35b50> and installer None

2021-12-02 04:35:07,444:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator webroot, Installer None

2021-12-02 04:35:07,461:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(status=None, terms_of_service_agreed=None, agreement=None, only_return_existing=None, contact=(), key=None, external_account_binding=None), uri=u’https://acme-v02.api.letsencrypt.org/acme/acct/98774805’, new_authzr_uri=None, terms_of_service=None), 4507e00e979072793c396c2a3ee407aa, Meta(creation_host=u’ns-srv01.dargels.de’, register_to_eff=None, creation_dt=datetime.datetime(2020, 10, 8, 22, 54, 4, tzinfo=)))>

2021-12-02 04:35:07,467:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.

2021-12-02 04:35:07,474:INFO:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org

2021-12-02 04:35:08,006:DEBUG:urllib3.connectionpool:“GET /directory HTTP/1.1” 200 658

2021-12-02 04:35:08,007:DEBUG:acme.client:Received response:

HTTP 200

content-length: 658

strict-transport-security: max-age=604800

server: nginx

connection: keep-alive

cache-control: public, max-age=0, no-cache

date: Thu, 02 Dec 2021 03:35:07 GMT

x-frame-options: DENY

content-type: application/json

{

“eIjymvhz558”: “Adding random entries to the directory - API Announcements - Let's Encrypt Community Support”,

“keyChange”: “https://acme-v02.api.letsencrypt.org/acme/key-change”,

“meta”: {

“caaIdentities”: [

“letsencrypt.org”

],

“termsOfService”: “https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf”,

“website”: “https://letsencrypt.org”

},

“newAccount”: “https://acme-v02.api.letsencrypt.org/acme/new-acct”,

“newNonce”: “https://acme-v02.api.letsencrypt.org/acme/new-nonce”,

“newOrder”: “https://acme-v02.api.letsencrypt.org/acme/new-order”,

“revokeCert”: “https://acme-v02.api.letsencrypt.org/acme/revoke-cert”

}

2021-12-02 04:35:08,020:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer <certbot._internal.cli.cli_utils._Default object at 0x7f035d239e10>

2021-12-02 04:35:08,032:DEBUG:certbot.ocsp:Querying OCSP for /etc/letsencrypt/archive/dargels.de-0001/cert1.pem

2021-12-02 04:35:08,032:DEBUG:certbot.ocsp:openssl ocsp -no_nonce -issuer /etc/letsencrypt/archive/dargels.de-0001/chain1.pem -cert /etc/letsencrypt/archive/dargels.de-0001/cert1.pem -CAfile /etc/letsencrypt/archive/dargels.de-0001/chain1.pem -verify_other /etc/letsencrypt/archive/dargels.de-0001/chain1.pem -trust_other -timeout 10 -header Host r3.o.lencr.org -url http://r3.o.lencr.org

2021-12-02 04:35:08,258:INFO:certbot._internal.renewal:Cert not yet due for renewal

2021-12-02 04:35:08,259:INFO:certbot._internal.main:Keeping the existing certificate

2021-12-02 04:35:08,259:DEBUG:certbot.display.util:Notifying user: Certificate not yet due for renewal; no action taken.