Certification and renewal 2.9.4

[batmatjojojo]

Hello,

Since the 2.9.4 update, I no longer have new certificates and renew them.

My Nginx proxy manager is under a docker

Attached you will find the error message:

pkg_resources.DistributionNotFound: The 'pyparsing<3,>=2.4.2' distribution was not found and is required by httplib2

at ChildProcess.exithandler (child_process.js:308:12)
at ChildProcess.emit (events.js:314:20)
at maybeClose (internal/child_process.js:1022:16)
at Process.ChildProcess._handle.onexit (internal/child_process.js:287:5)
[7/5/2021] [8:29:03 AM] [SSL ] › ℹ info Renewing Let'sEncrypt certificates for Cert #3: XXXX.XXX.info
[7/5/2021] [8:29:05 AM] [Express ] › ⚠ warning Command failed: certbot renew --non-interactive --config "/etc/letsencrypt.ini" --cert-name "npm-3" --preferred-challenges "dns,http" --disable-hook-validation
An unexpected error occurred:

Thanking you in advance for your help

Best regards

[batmatjojojo]

Hello,

Does anyone have the same problem as me? I have several Nginx proxy manager on several infra, and the problem is the same.

Thanking you in advance for your help.

Best regards

[Haringstad]

I've got similair issue on multiple nginx-proxy-manager systems using ispconfig-dns:

[7/6/2021] [8:27:02 AM] [SSL      ] › ✖  error     Error: Command failed: certbot renew --non-interactive --quiet --config "/etc/letsencrypt.ini" --preferred-challenges "dns,http" --disable-hook-validation  
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.
Failed to renew certificate npm-2 with error: Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.
All renewals failed. The following certificates could not be renewed:
  /etc/letsencrypt/live/npm-2/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
    at ChildProcess.exithandler (node:child_process:326:12)
    at ChildProcess.emit (node:events:369:20)
    at maybeClose (node:internal/child_process:1067:16)
    at Process.ChildProcess._handle.onexit (node:internal/child_process:301:5)

[danner26]

I have this issue on 2.9.4 as well (trying to issue a new SSL cert) running via Docker on Alpine linux. Using Google DNS

Error: Command failed: certbot certonly --non-interactive --cert-name "npm-34" --agree-tos --email REDACTED --domains REDACTED --authenticator dns-google --dns-google-credentials "/etc/letsencrypt/credentials/credentials-34"
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Encountered exception during recovery: json.decoder.JSONDecodeError: Invalid control character at: line 5 column 46 (char 170)
An unexpected error occurred:
json.decoder.JSONDecodeError: Invalid control character at: line 5 column 46 (char 170)
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

    at ChildProcess.exithandler (node:child_process:326:12)
    at ChildProcess.emit (node:events:369:20)
    at maybeClose (node:internal/child_process:1067:16)
    at Process.ChildProcess._handle.onexit (node:internal/child_process:301:5)

[danner26]

So I was able to track down in my instance, the JSON issue is at the \n in the private key
Appears to be related to https://stackoverflow.com/questions/22394235/invalid-control-character-with-python-json-loads
@jc21

[danner26]

For anyone having the same issue as me with a JSONDecodeError, if you escape the newlines yourself (change \n to \\n) will fix the issue
Looks like in the codebase we need to change json.loads to add strict=False

[Sevea]

Same here, no renewal possible (internal error) :/

[borland502]

Jesu Christo that was annoying to track down. Thank you @danner26 for the assist.