Certificate renewing attempt for lesmegeresdelhumus.fr failed!

Mon serveur YunoHost

**Matériel : Brique Internet sans VPN, A20 Olinuxino Lime2, Armbian 23.8.1 Bullseye with Linux 6.1.53-current-sunxi
**Version de YunoHost : ** 11.2.5
J’ai accès à mon serveur : En SSH
Êtes-vous dans un contexte particulier ou avez-vous effectué des modifications particulières sur votre instance ? : non
**Mes applications ** : Dotclear2, Bludit, My_WebApp (x2), Nextcloud, Sogo, PhpmyAdmin, Converse, Webtrees
**Mes domaines ** : sante9naturel.fr, lesmegeresdelhumus.fr, fievrebleue.fr, webmail.lesmegeresdelhumus.fr
**Mes certs ** : Lets Encrypt

Bonjour,

Malgré la solution proposée par rungeard, je continue de recevoir des messages d’erreurs générés par CRON concernant la certification du domaine ‘lesmegeresdelhumus.fr’.

Que se passe-t-il à votre avis ?

Bien à vous,

Q

Premier message :

An attempt for renewing the certificate for domain lesmegeresdelhumus.fr failed with the following
error :

Certificate renewing for lesmegeresdelhumus.fr failed!
Could not sign the new certificate
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/yunohost/vendor/acme_tiny/acme_tiny.py", line 214, in get_crt
    assert disable_check or _do_request(wellknown_url)[0] == keyauthorization
  File "/usr/lib/python3/dist-packages/yunohost/vendor/acme_tiny/acme_tiny.py", line 76, in _do_request
    raise ValueError(
ValueError: Error:
Url: http://muc.lesmegeresdelhumus.fr/.well-known/acme-challenge/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo
Data: None
Response Code: None
Response: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123)>

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/yunohost/certificate.py", line 502, in _fetch_and_enable_new_certificate
    signed_certificate = sign_certificate(
  File "/usr/lib/python3/dist-packages/yunohost/vendor/acme_tiny/acme_tiny.py", line 216, in get_crt
    raise ValueError(
ValueError: Wrote file to /var/www/.well-known/acme-challenge-public/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo, but couldn't download http://muc.lesmegeresdelhumus.fr/.well-known/acme-challenge/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo: Error:
Url: http://muc.lesmegeresdelhumus.fr/.well-known/acme-challenge/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo
Data: None
Response Code: None
Response: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123)>

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/yunohost/certificate.py", line 390, in certificate_renew
    _fetch_and_enable_new_certificate(domain, no_checks=no_checks)
  File "/usr/lib/python3/dist-packages/yunohost/certificate.py", line 515, in _fetch_and_enable_new_certificate
    raise YunohostError("certmanager_cert_signing_failed")
yunohost.utils.error.YunohostError: Could not sign the new certificate


Here's the tail of /var/log/yunohost/yunohost-cli.log, which might help to
investigate :

2023-11-11 06:25:26,329 INFO     yunohost.certmanager (unknown function) - [28572.1] Directory found!
2023-11-11 06:25:26,330 INFO     yunohost.certmanager (unknown function) - [28572.1] Registering account...
2023-11-11 06:25:27,413 INFO     yunohost.certmanager (unknown function) - [28572.1] Already registered!
2023-11-11 06:25:27,415 INFO     yunohost.certmanager (unknown function) - [28572.1] Creating new order...
2023-11-11 06:25:28,664 INFO     yunohost.certmanager (unknown function) - [28572.1] Order created!
2023-11-11 06:25:29,700 INFO     yunohost.certmanager (unknown function) - [28572.1] Verifying lesmegeresdelhumus.fr...
2023-11-11 06:25:31,760 INFO     yunohost.certmanager (unknown function) - [28572.1] lesmegeresdelhumus.fr verified!
2023-11-11 06:25:32,849 INFO     yunohost.certmanager (unknown function) - [28572.1] Verifying muc.lesmegeresdelhumus.fr...
2023-11-11 06:25:32,936 ERROR    yunohost.certmanager (unknown function) - [28572.1] Wrote file to /var/www/.well-known/acme-challenge-public/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo, but couldn't download http://muc.lesmegeresdelhumus.fr/.well-known/acme-challenge/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo: Error:
Url: http://muc.lesmegeresdelhumus.fr/.well-known/acme-challenge/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo
Data: None
Response Code: None
Response: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123)>
2023-11-11 06:25:32,945 ERROR    yunohost.certmanager (unknown function) - [28572.1] Certificate renewing for lesmegeresdelhumus.fr failed!
2023-11-11 06:25:32,948 INFO     yunohost.log (unknown function) - [28572.1] The operation 'Renew 'lesmegeresdelhumus.fr' Let's Encrypt certificate' could not be completed. Please share the full log of this operation using the command 'yunohost log share 20231111-062507-letsencrypt_cert_renew-lesmegeresdelhumus.fr' to get help
2023-11-11 06:25:33,006 ERROR    yunohost.certmanager (unknown function) - [28572.1] Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/yunohost/vendor/acme_tiny/acme_tiny.py", line 214, in get_crt
    assert disable_check or _do_request(wellknown_url)[0] == keyauthorization
  File "/usr/lib/python3/dist-packages/yunohost/vendor/acme_tiny/acme_tiny.py", line 76, in _do_request
    raise ValueError(
ValueError: Error:
Url: http://muc.lesmegeresdelhumus.fr/.well-known/acme-challenge/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo
Data: None
Response Code: None
Response: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123)>

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/yunohost/certificate.py", line 502, in _fetch_and_enable_new_certificate
    signed_certificate = sign_certificate(
  File "/usr/lib/python3/dist-packages/yunohost/vendor/acme_tiny/acme_tiny.py", line 216, in get_crt
    raise ValueError(
ValueError: Wrote file to /var/www/.well-known/acme-challenge-public/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo, but couldn't download http://muc.lesmegeresdelhumus.fr/.well-known/acme-challenge/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo: Error:
Url: http://muc.lesmegeresdelhumus.fr/.well-known/acme-challenge/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo
Data: None
Response Code: None
Response: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123)>

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/yunohost/certificate.py", line 390, in certificate_renew
    _fetch_and_enable_new_certificate(domain, no_checks=no_checks)
  File "/usr/lib/python3/dist-packages/yunohost/certificate.py", line 515, in _fetch_and_enable_new_certificate
    raise YunohostError("certmanager_cert_signing_failed")
yunohost.utils.error.YunohostError: Could not sign the new certificate

2023-11-11 06:25:33,008 ERROR    yunohost.certmanager (unknown function) - [28572.1] Could not sign the new certificate
2023-11-11 06:25:33,009 ERROR    yunohost.certmanager (unknown function) - [28572.1] Sending email with details to root ...

-- Certificate Manager

Deuxième message, une trentaine de minutes plus tard,

/etc/cron.daily/yunohost-certificate-renew:
Now attempting renewing of certificate for domain lesmegeresdelhumus.fr !
Configuration updated for 'dnsmasq'
Parsing account key...
Parsing CSR...
Found domains: lesmegeresdelhumus.fr, xmpp-upload.lesmegeresdelhumus.fr, muc.lesmegeresdelhumus.fr
Getting directory...
Directory found!
Registering account...
Already registered!
Creating new order...
Order created!
Verifying lesmegeresdelhumus.fr...
lesmegeresdelhumus.fr verified!
Verifying muc.lesmegeresdelhumus.fr...
Wrote file to /var/www/.well-known/acme-challenge-public/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo, but couldn't download http://muc.lesmegeresdelhumus.fr/.well-known/acme-challenge/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo: Error:
Url: http://muc.lesmegeresdelhumus.fr/.well-known/acme-challenge/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo
Data: None
Response Code: None
Response: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123)>
Certificate renewing for lesmegeresdelhumus.fr failed!
The operation 'Renew 'lesmegeresdelhumus.fr' Let's Encrypt certificate' could not be completed. Please share the full log of this operation using the command 'yunohost log share 20231111-062507-letsencrypt_cert_renew-lesmegeresdelhumus.fr' to get help
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/yunohost/vendor/acme_tiny/acme_tiny.py", line 214, in get_crt
    assert disable_check or _do_request(wellknown_url)[0] == keyauthorization
  File "/usr/lib/python3/dist-packages/yunohost/vendor/acme_tiny/acme_tiny.py", line 76, in _do_request
    raise ValueError(
ValueError: Error:
Url: http://muc.lesmegeresdelhumus.fr/.well-known/acme-challenge/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo
Data: None
Response Code: None
Response: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123)>

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/yunohost/certificate.py", line 502, in _fetch_and_enable_new_certificate
    signed_certificate = sign_certificate(
  File "/usr/lib/python3/dist-packages/yunohost/vendor/acme_tiny/acme_tiny.py", line 216, in get_crt
    raise ValueError(
ValueError: Wrote file to /var/www/.well-known/acme-challenge-public/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo, but couldn't download http://muc.lesmegeresdelhumus.fr/.well-known/acme-challenge/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo: Error:
Url: http://muc.lesmegeresdelhumus.fr/.well-known/acme-challenge/1qSEeakLmQjODlMoW1qzZqX2gwg2zHUtyDPTYhQSodo
Data: None
Response Code: None
Response: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123)>

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/yunohost/certificate.py", line 390, in certificate_renew
    _fetch_and_enable_new_certificate(domain, no_checks=no_checks)
  File "/usr/lib/python3/dist-packages/yunohost/certificate.py", line 515, in _fetch_and_enable_new_certificate
    raise YunohostError("certmanager_cert_signing_failed")
yunohost.utils.error.YunohostError: Could not sign the new certificate

Could not sign the new certificate
Sending email with details to root ...
Let's Encrypt certificate renew failed for lesmegeresdelhumus.fr
run-parts: /etc/cron.daily/yunohost-certificate-renew exited with return code 1