My xenial verification First, reproducing the problem: $ sudo certbot run Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator apache, Installer apache Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): andr...@canonical.com Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org (...)
I stopped there, as today the v1 endpoint is working, but this bug is about changing certbot to use v2, so the above, even though it didn't fail, is enough to confirm it's using v1. So I cancel, and upgrade to the version in proposed: *** 0.27.0-1~ubuntu16.04.1 500 500 http://us.archive.ubuntu.com/ubuntu xenial-proposed/universe amd64 Packages And now it uses v2: $ sudo certbot run Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator apache, Installer apache Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): andr...@canonical.com Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org (...) Testing fake renewal works: $ sudo certbot --dry-run renew Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /etc/letsencrypt/renewal/certbot-test.justgohome.co.uk.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Cert not due for renewal, but simulating renewal for dry run Plugins selected: Authenticator apache, Installer apache Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org Renewing an existing certificate Performing the following challenges: http-01 challenge for certbot-test.justgohome.co.uk Enabled Apache rewrite module Waiting for verification... Cleaning up challenges - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - new certificate deployed with reload of apache server; fullchain is /etc/letsencrypt/live/certbot-test.justgohome.co.uk/fullchain.pem - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ** DRY RUN: simulating 'certbot renew' close to cert expiry ** (The test certificates below have not been saved.) Congratulations, all renewals succeeded. The following certs have been renewed: /etc/letsencrypt/live/certbot-test.justgohome.co.uk/fullchain.pem (success) ** DRY RUN: simulating 'certbot renew' close to cert expiry ** (The test certificates above have not been saved.) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IMPORTANT NOTES: - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. Now let's revoke it (note it also uses the v2 endpoint): $ sudo certbot --cert-path /etc/letsencrypt/live/certbot-test.justgohome.co.uk/fullchain.pem revoke Saving debug log to /var/log/letsencrypt/letsencrypt.log Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you like to delete the cert(s) you just revoked? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es (recommended)/(N)o: y - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Deleted all files relating to certificate certbot-test.justgohome.co.uk. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations! You have successfully revoked the certificate that was located at /etc/letsencrypt/live/certbot-test.justgohome.co.uk/fullchain.pem And the systemd timer is active: $ sudo systemctl list-timers NEXT LEFT LAST PASSED UNIT ACTIVATES Sat 2019-10-26 01:02:54 UTC 4h 12min left Fri 2019-10-25 20:37:10 UTC 13min ago certbot.timer certbot.service xenial verification succeeded. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1837673 Title: Certbot will be unable to create new ACME accounts To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/python-certbot/+bug/1837673/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs