Page MenuHomeDevCentral

"certbot: error: unrecognized arguments:" when renewing certificates on Docker Engine
Closed, ResolvedPublic

Description

certbot renew has suddenly failed in the previous months with the following output:

usage:
  certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
certificate.
certbot: error: unrecognized arguments:

The command certbot on a Docker engine is a wrapper to run certbot in a container, mounted with the certificates and data volumes: rOPS > https://devcentral.nasqueron.org/source/operations/browse/main/roles/paas-docker/wrappers/files/certbot.sh

The strangest thing is prefixing the line 27 (docker run...) by echo (echo docker run...) outputs an expected command. When this command is run, it works fine:

$ certbot renew
docker run -it --rm -v /srv/letsencrypt/etc:/etc/letsencrypt -v /srv/letsencrypt/var:/var/lib/letsencrypt -v /srv/letsencrypt/log:/var/log/letsencrypt -v /srv/letsencrypt/www:/www certbot/certbot:latest renew

$ docker run -it --rm -v /srv/letsencrypt/etc:/etc/letsencrypt -v /srv/letsencrypt/var:/var/lib/letsencrypt -v /srv/letsencrypt/log:/var/log/letsencrypt -v /srv/letsencrypt/www:/www certbot/certbot:latest renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/acme.nasqueron.org.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
[...]

Event Timeline

dereckson triaged this task as High priority.Wed, Dec 30, 02:07
dereckson created this task.

Regression introduced in rOPSbf659c5728cbfeab65c1fba8772f2037278000b5:

$ sh
$ docker run -it --rm -v /srv/letsencrypt/etc:/etc/letsencrypt -v /srv/letsencrypt/var:/var/lib/letsencrypt -v /srv/letsencrypt/log:/var/log/letsencrypt -v /srv/letsencrypt/www:/www certbot/certbot:latest renew "" ""
...
certbot: error: unrecognized arguments:

The Python script processes as unrecognized empty strings for arguments.

This behavior is common:

$ ls ""
ls: cannot access '': No such file or directory