Problem

When we renew letencrypt certificates like this:

letsencrypt-auto renew --no-self-upgrade

we get this error:

Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/certbot/ocsp.py", line 188, in _check_ocsp_cryptography
    timeout=timeout)
  File "/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/requests/api.py", line 119, in post
    return request('post', url, data=data, json=json, **kwargs)
  File "/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/requests/api.py", line 61, in request
    return session.request(method=method, url=url, **kwargs)
  File "/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/requests/sessions.py", line 530, in request
    resp = self.send(prep, **send_kwargs)
  File "/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/requests/sessions.py", line 643, in send
    r = adapter.send(request, **kwargs)
  File "/opt/eff.org/certbot/venv/lib64/python3.6/site-packages/requests/adapters.py", line 504, in send
    raise ConnectTimeout(e, request=request)
requests.exceptions.ConnectTimeout: HTTPConnectionPool(host='ocsp.int-x3.letsencrypt.org', port=80): Max retries exceeded with url: / (Caused by ConnectTimeoutError(<urllib3.connection.HTTPConnection object at 0x7fb70561e908>, 'Connection to ocsp.int-x3.letsencrypt.org timed out. (connect timeout=10)'))
Cert not yet due for renewal

.

Solution

You can just ignore this error , just do as follows:

service nginx restart

Start a web browser , navigate to your website, check your certificate. Everything should be ok now.