Cannot renew certificates with certbot renew/Letsencrypt

Question

certbot was used with NGINX to create certificates. There was only one cert created on our server for our production build, staging build and jenkins webserver.

When I run certbot renew everything is fine until it attempts to challenge the jenkins server. I get the following error

Attempting to renew cert (my.domain) from /etc/letsencrypt/renewal/my.domain.conf produced an unexpected error: Missing command line flag or config entry for this setting:
Select the webroot for jenkins.my.domain:
Choices: ['Enter a new webroot']

(You can set this with the --webroot-path flag). Skipping.
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/my.domain/mykey.pem (failure)

I'm not sure where jenkins webroot is located but I don't think it is as simple as adding it to my letsencrypt conf file at the bottom under webroot, or maybe that is it. Either way any help is appreciated! :)

Answer 1

--webroot-path is the path which should be accessible via http using your domain name. This is given when you first procure the certificates at the time of renewal there is no need to supply that explicitly. I think there could be something wrong with the renewal configuration file.

When a certificate is issued, by default Certbot creates a renewal configuration file that tracks the options that were selected when Certbot was run. This allows Certbot to use those same options again when it comes time for renewal.

https://certbot.eff.org/docs/using.html#modifying-the-renewal-configuration-file

I would suggest try generating new certificates instead of renewing. That would correct the renewal configuration file.