"LetsEncrypt request successful" but contains error message for non-success
Last Modified: Jun 13, 2019, 5:28 pm
We had a few reports where Debian systems were returning a success message for LetsEncrypt calls, while the message itself contained errors, eg:
Subject: LetsEncrypt request successful
Requesting new certificate order...
Processing authorization for fakedomain.com...
Error: http://fakedomain.com/.well-known/acme-challenge/letsencrypt_1560468322 is not reachable. Aborting the script.
dig output for fakedomain.com:
Please make sure /.well-known alias is setup in WWW server.
The message itself isn't relevant, as the domains in question does not exist.
The issue was that the subject was reporting success, when the letsencrypt.sh script was returning an error code.
Debugging the issue found that /bin/dash (the Debian shell) to be the cause, in that it was returning code 0, when the script it was calling was returning code 1.
Simple solution: Use bash.
Install bash on your system, if it's not present:
apt-get install bash
and confirm the binary exists at:
ls -la /bin/bash
/bin/bash is present, change /bin/sh to use it:
ln -sf bash /bin/sh
which changes the old "/bin/sh -> dash" link to point to the properly behaving bash binary.