You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
when renewing the domain certificates, a new directory is created in ./config/letsencrypt/ named -0001 (and further: -0002 etc) instead of reusing the old certificate. This way renewals do not work really.
There seems to be a related bug in letsencrypt: certbot/certbot#2328 - but I don't know how to workaround this yet.
Any help welcome.
The text was updated successfully, but these errors were encountered:
The real issue seems to be certbot/certbot#2071.
I added a few workaround code lines to prevent adding the old certificate again to the uberspace server config when a new one was created in a 0001 directory. But this does not seem to play nicely - I still have to check.
Another option (just to remember it) would be, like @dwtcommented: delete ~/.config/letsencrypt/{archive,live,renewal} directories in case of renewing the cert (if another directory would be created), and do the process again.
We will get more mails then from Let's Encrypt, but that is better than having a non-working cert.
I now created a new algorithm to check the current online cert, and compare it with the old certificate in the path, using sha256 fingerprints. If they match (meaning, the website is using the original path without the -0001 etc.), the update begins, else the script stops.
If in meantime a domain was deleted, and a -0001 folder is created, the letsencrypt-renew script does not find the certificate and complains too. But this is intended - you should interfere manually.
The script only updates the certs if there was no domain change.
when renewing the domain certificates, a new directory is created in ./config/letsencrypt/ named -0001 (and further: -0002 etc) instead of reusing the old certificate. This way renewals do not work really.
There seems to be a related bug in letsencrypt: certbot/certbot#2328 - but I don't know how to workaround this yet.
Any help welcome.
The text was updated successfully, but these errors were encountered: