Accidentally removed Cert

zzzniczxz · September 19, 2022, 9:11am

I want to remove this domain mwiki.takylstudios.com
but I did it manually.

I ran this command: rm -r /etc/letsencrypt/live/mwiki.taktylstudios.com

can't start the nginx due to this error: systemd[1]: Starting A high performance web server and a reverse proxy server...
nginx[2264]: nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/mwiki.taktylstudios.com>
nginx[2264]: nginx: configuration file /etc/nginx/nginx.conf test failed
systemd[1]: nginx.service: Control process exited, code=exited, status=1/FAILURE
systemd[1]: nginx.service: Failed with result 'exit-code'.
systemd[1]: Failed to start A high performance web server and a reverse proxy s>

My web server is (include version): ubuntu 20.4

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.40.0

I don't need that cert anymore that's why I deleted it but
upon researching it should not be manually deleted

Osiris · September 19, 2022, 12:21pm

The contents of the /live/ directory are symlinks to the most recent files in the corresponding /archive/ directory. You can manually recreate the symbolic links.

zzzniczxz · September 19, 2022, 12:44pm

Hello, there are no files in /etc/letsencrypt/archive.

can you please elaborate on manually recreating the symbolic links?

Osiris · September 19, 2022, 2:43pm

Where did the content of that directory go?

That's of no use if there are no contents in the /archive/ directory. In that case you need to use a backup or, if no backup is available, issue a new certificate.

rg305 · September 19, 2022, 3:26pm

Please don't do anything like that [ever again].
Whatever you are trying to do, there should be an instruction for certbot to do it for you [correctly].

zzzniczxz · September 20, 2022, 12:30am

I mean there's a folder in archive but other domain name not mwiki.takylstudios.com

I also tried to issue a new cert with mwiki.takylstudios.com but still same error I got >.<

zzzniczxz · September 20, 2022, 12:31am

Yes I will take note of that sir in my life, Thanks!

zzzniczxz · September 20, 2022, 1:15am

How bout reinstalling the nginx and certbot?

MikeMcQ · September 20, 2022, 2:16am

Would you show output of this? We can probably fix the damage

ls -l /etc/letsencrypt/{live,archive,renewal}

And, don't just try to reinstall certbot. It won't help. What you have is an nginx config problem because you deleted files it still requires.

zzzniczxz · September 20, 2022, 2:24am

Here sir:

/etc/letsencrypt/archive:
total 4
drwxr-xr-x 2 root root 4096 Sep 10 12:08 staging.taktylstudios.com

/etc/letsencrypt/live:
total 12
-rw-r--r-- 1 root root 740 Feb 8 2022 README
drwxr-xr-x 2 root root 4096 Sep 19 08:12 mwiki.taktylstudios.com
drwxr-xr-x 2 root root 4096 Sep 10 12:08 staging.taktylstudios.com

/etc/letsencrypt/renewal:
total 4
-rw-r--r-- 1 root root 582 Sep 10 12:08 staging.taktylstudios.com.conf

btw I tried to recreate the cert of mwiki.taktylstudios.com

MikeMcQ · September 20, 2022, 2:25am

Ok, now please show:

ls -l /etc/letsencrypt/live/mwiki.taktylstudios.com

EDIT:
And also

ls -l /etc/letsencrypt/live/staging.taktylstudios.com

zzzniczxz · September 20, 2022, 2:26am

ls -l /etc/letsencrypt/live/mwiki.taktylstudios.com
total 0

MikeMcQ · September 20, 2022, 2:27am

Sorry, was too late, also this:

ls -l /etc/letsencrypt/live/staging.taktylstudios.com

zzzniczxz · September 20, 2022, 2:28am

ls -l /etc/letsencrypt/live/staging.taktylstudios.com
total 4
-rw-r--r-- 1 root root 692 Feb 8 2022 README
lrwxrwxrwx 1 root root 49 Sep 10 12:08 cert.pem -> ../../archive/staging.taktylstudios.com/cert4.pem
lrwxrwxrwx 1 root root 50 Sep 10 12:08 chain.pem -> ../../archive/staging.taktylstudios.com/chain4.pem
lrwxrwxrwx 1 root root 54 Sep 10 12:08 fullchain.pem -> ../../archive/staging.taktylstudios.com/fullchain4.pem
lrwxrwxrwx 1 root root 52 Sep 10 12:08 privkey.pem -> ../../archive/staging.taktylstudios.com/privkey4.pem

MikeMcQ · September 20, 2022, 2:31am

OK, just one more but it's long. Then I can give good advice on what to do.

Please show result of sudo nginx -T (skip sudo if you don't need it). Place 3 backticks before and after the output like
```
output of: sudo nginx -T
```

Or, upload the txt file created by doing sudo nginx -T >upload.txt

zzzniczxz · September 20, 2022, 2:35am

sure btw Thanks a lot for your time sir!

nginx: configuration file /etc/nginx/nginx.conf test failed```

[upload.txt|attachment](upload://fprEVGUMf2UMGFJrVQzYCl7p3d.txt) (382 Bytes)

MikeMcQ · September 20, 2022, 2:37am

Oh, right, ack. OK, can you upload the nginx.conf file (might have to copy it to .txt file)

zzzniczxz · September 20, 2022, 2:39am

noted sir

nginx.conf.txt (1.9 KB)

MikeMcQ · September 20, 2022, 2:43am

thanks. Give me a minute

MikeMcQ · September 20, 2022, 2:45am

show

ls -l /etc/nginx/conf.d/*.conf
ls -l /etc/nginx/sites-enabled