Renewing Let’s Encrypt for Nginx with Flask on Ubuntu 16.04

If you’re running into an issue renewing your SSL certificate with letsencrypt renew, you’ll need to manually renew the cert.

WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/ produced an unexpected error: The requested nginx plugin does not appear to be installed. Skipping.

First, make sure you have a wildcard route set up to serve the verification files that are uploaded when you request a certificate.

You should be able to use the exact code below:

This route will serve anything it finds in the .well-known directory, which you’ll want to add within your templates folder.

You can place a test file in there to make sure it’s working. For example, templates/.well-known/test.html. Go to to verify that it’s working.

Once you’ve pushed this to your server, you’ll simply run the letsencrypt script with the webroot plugin: sudo letsencrypt certonly --webroot -w /path/to/flask/templates -d

You may be prompted to either (1) keep the existing certificate or (2) renew and replace the certificate. Select the second option.

If all goes well, you’ll get a confirmation of the new certificate along with the expiration date. Make sure to set a reminder to run the script again as the expiration date approaches. (Due to rate limiting, you may not be able to set up a cron job to run this script.)

Finally, restart nginx: sudo service nginx restart