Accidently deleted the etc/letsencrypt/live/mydomain directory no certbot cant pull a certificate anymore

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: mydomain.duckdns.org

I ran this command: sudo certbot --nginx -d mydomain.duckdns.org

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Error while running nginx -c /etc/nginx/nginx.conf -t.

nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/mydomain.duckdns.org-0001/fullchain.pem": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: configuration file /etc/nginx/nginx.conf test failed

The nginx plugin is not working; there may be problems with your existing configuration.
The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] cannot load certificate "/etc/letsencrypt/live/mydomain.duckdns.org-0001/fullchain.pem": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)\nnginx: configuration file /etc/nginx/nginx.conf test failed\n')

My web server is (include version): im using nginx 1.18.0-6.1+deb11u3

The operating system my web server runs on is (include version): debian 11 arm64

My hosting provider, if applicable, is: selfhosted

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is :certbot 1.12.0

The error happens because i accidently removed this directory /etc/letsencrypt/live/mydomain.duckdns.org-0001/ with all the files in it
im using mydomain for because this is a domain im using to access my selfhosted services

Is there a way to reconfigure certbot with the nginx plugin from the start?

Thank you for your time

1 Like
3

Hi @GiannisDorokidis, and welcome to the LE community forum :slight_smile:

As a very "temporary fix"/"workaround", you can point nginx to the actual cert storage location:
/etc/letsencrypt/archive/...

Once nginx is running, you can then issue a new cert.
Then point nginx to that new /live/ location.

If all that fails, you can stop nginx, and issue a cert using --standalone.

4 Likes
4

i was trying the out the commands it was trying to run like nginx -c /etc/nginx/nginx.conf -t
the nginx config wasnt right because of the deletion of the ssl directories removed the file paths made it so it works with plain http. After that it run and also succesfuly got a new ssl certificate

Im going to setup now the auto renewal system

Edit: Its working well without any noticable problems

3 Likes
5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.