renewal attempt failed for domain no longer listed in /etc/haproxy/haproxy.cfg

[3ruce]

I have moved a domain away from haproxy and it's no longer listed in /etc/haproxy/haproxy.cfg but when I try to renew certificates for domains, this "old" domain keeps popping up and renewals fail as per the message below

I've searched through /home, /etc, /opt and /var to find any trace of mydomain.com but I can't come up with anything, although the domain is listed in the letsencrypt log at /var/log/letsencrypt/letsencrypt.log

Do you guys know how I can update the list of domains automatically generated when I run sudo certbot renew --authenticator certbot-haproxy:haproxy-authenticator --installer certbot-haproxy:haproxy-installer

Thanks!

Domain: mydomain.com
   Type:   unauthorized
   Detail: Invalid response from
   http://mydomain.com/.well-known/acme-challenge/v2IShx02WSeYFd6aRxTEoWiUvdO6nIOkAvX7k6i1Lds
   [192.3.31.98]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
   2.0//EN\">\n<html><head>\n<title>404 Not
   Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p

[mrtndwrd]

Hi 3ruce, sorry for the late reply. I don't think this is a certbot-haproxy thing. The list of domains that gets renewed by Certbot is based on the "renewal" directory of your LE setup. This directory differs depending on your configuration (we have them in /opt/certbots, but I don't think that's the default). Your easiest solution is to run find / -name 'renewal'.

If I'm not mistaken, LE runs renewals for all the .conf files in that directory, so removing files from there probably solves your problem.

[3ruce]

Thank you for the heads up... find / -name 'renewal' didn't turn up anything useful and I've been through /opt/certbots and done a bunch of grepping but to no avail...