Try ERPNext Buy Support Partners Foundation Foundation Members

Cannot renew SSL certificates

Hi, I run this command as usual:
sudo bench renew-lets-encrypt

And in 2 sites I get:
Problem binding to port 443: Could not bind to IPv4 or IPv6.. Skipping.

Has anyone encountered this issue?

Thanks!

Restart you Nginx will solve it
or
try bench setup nginx inside your frappe-bench directory, let it overwrite your config files.

How to Restart Nginx?

sudo services nginx restart

I had the same issue. nginx was stopped. certbot’s internal webserver could not get the ports.

I even disabled IPv6 in /etc/sysctl.conf, still same message.

:DEBUG:acme.standalone:Successfully bound to :443 using IPv6
:DEBUG:acme.standalone:Certbot wasn't able to bind to :443 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations.

nginx is stopped during /opt/certbot-auto renew, I checked that port 443 is not occupied by anybody else.

I moved LE handling to another proxy server. Any hint is appreciated for the cause.

I’ve found that ‘bench setup nginx’ does not write the SSL config correctly in
/etc/nginx/conf.d/frappe-bench.conf

I’ve always had to manually duplicate the the entire server section - changing ‘listen 80;’ to ‘listen 443 ssl;’
server {
listen 80;
server_name
site1.local
;



}

It may just be that I don’t yet have a solid understanding of ‘bench setup nginx’
Hopefully this will give you a starting point though