Renewal fails with error

[metazet]

Hi all,
trying to renewal certificate using command from docs: python revoke_crt.py --public-key user.pub domain.crt, running openssl dgst -sha256 -sign user.key -out revoke_FH38Ag.sig revoke_bhZvsy.json in separated terminal and then pressing Enter, but always get 400 HTTP response. All file paths are correct.

...
{
  "type": "urn:acme:error:malformed",
  "detail": "Unable to parse certificate DER",
  "status": 400
}
Traceback (most recent call last):
  File "revoke_crt.py", line 136, in <module>
    revoke_crt(args.public_key, args.crt_path)
  File "revoke_crt.py", line 97, in revoke_crt
    resp = urllib2.urlopen("{0}/acme/revoke-cert".format(CA), crt_data)
  File "/usr/lib/python2.7/urllib2.py", line 127, in urlopen
    return _opener.open(url, data, timeout)
  File "/usr/lib/python2.7/urllib2.py", line 407, in open
    response = meth(req, response)
  File "/usr/lib/python2.7/urllib2.py", line 520, in http_response
    'http', request, response, code, msg, hdrs)
  File "/usr/lib/python2.7/urllib2.py", line 445, in error
    return self._call_chain(*args)
  File "/usr/lib/python2.7/urllib2.py", line 379, in _call_chain
    result = func(*args)
  File "/usr/lib/python2.7/urllib2.py", line 528, in http_error_default
    raise HTTPError(req.get_full_url(), code, msg, hdrs, fp)
urllib2.HTTPError: HTTP Error 400: Bad Request

[rthille]

Renewal is not revocation. You don't use the revoke_crt.py script to renew.

[diafygi]

@rthille is correct. To renew, just use sign_crt.py again.