Let's Encrypt error: OSError: [Errno 2] No such file or directory

Created:

2016-12-18 06:51:16 UTC

Modified:

2017-08-08 13:15:11 UTC

1

Was this article helpful?


Have more questions?

Submit a request

Let's Encrypt error: OSError: [Errno 2] No such file or directory

Applicable to:

  • Plesk 12.5 for Linux
  • Plesk Onyx for Linux

Symptoms

Unable to install Let's Encrypt certificate:

Error: Let's Encrypt SSL certificate installation failed: Failed letsencrypt execution: Saving debug log to /usr/local/psa/var/modules/letsencrypt/logs/letsencrypt.log
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Renewal conf file /usr/local/psa/var/modules/letsencrypt/etc/renewal/example.com.conf is broken. Skipping.
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for example.com
Starting new HTTPS connection (1): 127.0.0.1
Waiting for verification...
Cleaning up challenges
Generating key (2048 bits): /usr/local/psa/var/modules/letsencrypt/etc/keys/0003_key-certbot.pem
Creating CSR: /usr/local/psa/var/modules/letsencrypt/etc/csr/0003_csr-certbot.pem
Non-standard path(s), might not work with crontab installed by your operating system package manager
An unexpected error occurred:
OSError: [Errno 2] No such file or directory
Please see the logfiles in /usr/local/psa/var/modules/letsencrypt/logs for more details.

or unable to generate CSR:

Creating CSR: /usr/local/psa/var/modules/letsencrypt/etc/csr/0020_csr-certbot.pem
Non-standard path(s), might not work with crontab installed by your operating system package manager
An unexpected error occurred:
OSError: [Errno 2] No such file or directory
Please see the logfiles in /usr/local/psa/var/modules/letsencrypt/logs for more details.

Issue statuses on Let's Encrypt side at https://letsencrypt.status.io/ are all Operational

Failure during symlink creation:

# sudo -u psaadm strace -f ./venv/bin/python -c "import os; os.symlink('../../archive/example.com-0006/cert1.pem', '/usr/local/psa/var/modules/letsencrypt/etc/live/example.com-0006/cert.pem')"

Cause

User psaadm is prevented to create symlinks after the installation new kernel. Please check CloudLinux Documentation for more details.

Resolution

  1. Add psaadm as a member of linksafe group

    # vi /etc/sysctl.conf
    .....
    # CageFS
    fs.protected_symlinks_allow_gid = id_of_group_linksafe
    .....
  2. Apply the changes:

    # sysctl -p
Have more questions? Submit a request
Please sign in to leave a comment.