Can't Find Certificate Files


#1

I successfully created the certificates that I need for finishing the SSL but I am unable to find the files. The message says that the file was saved to /etc/letsencrypt/live/www.99buckswebdesign.com/fullchain.pem but when I try looking for it I can’t find it. According to my host at lquidweb.com I need to create the certificates locally because I don’t have shell access for my cloudsites. That is why this is being done locally. I tried asking my host and they said the files are saved locally on my computer, not on the FTP. I tried pasting the path in a browser but it says file not found. I also tried doing a search in the finder for those folders or filenames but I was unsuccessful. Where else could these files be?

Domain: www.99buckswebdesign.com

I ran this command: sudo -H certbot certonly --manual --preferred-challenges http -d www.99buckswebdesign.com -d 99buckswebdesign.com

It produced this output:
IMPORTANT NOTES:

  • Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/www.99buckswebdesign.com/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/www.99buckswebdesign.com/privkey.pem
    Your cert will expire on 2018-09-23. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot
    again. To non-interactively renew all of your certificates, run
    “certbot renew”

The operating system my web server runs on is (include version): MacOS

My hosting provider, if applicable, is: liquidweb.com

I can login to a root shell on my machine (yes or no, or I don’t know): no


#2

Hi,

Can I know where do you execute the command? (Are you execute on your cmd… Or using something like xshell or putty?)

Thank you


#3

I’m executing the command through the terminal application. I installed homebrew and certbot to get to that point


#4

Hi @ststruff,

Using Certbot on your laptop is not usually a very convenient choice. It’s really meant to be run on a server where you have administrative access. For people who don’t have that, Certbot is more complex than some other Let’s Encrypt clients.

Can you run

ls -l /etc/letsencrypt/live/www.99buckswebdesign.com

in your terminal prompt?


#5

Right, like I said, my host said that I don’t have shell access for cloudsites so this was my only option to use LetsEncrypt. I realize setup without root access not ideal. I seem to be at the last stage of the SSL. I just need to find those files haha. So here is what I got with your command:

Staceys-iMac:~ stacey$ ls -l /etc/letsencrypt/live/www.99buckswebdesign.com
ls: /etc/letsencrypt/live/www.99buckswebdesign.com: Permission denied


#6

Well, there are about 100 client options

Some of them work in your browser, which is probably the easiest option if you can’t run software as root on the web server:

(This approximately replicates the experience of a traditional CA, but without requiring payment—although as with all Let’s Encrypt certificates, the certificate is only valid for 90 days.)

How about sudo ls -l /etc/letsencrypt/live/www.99buckswebdesign.com ?


#7

ok, maybe I should look into another option. I just followed the instructions my host gave me to install letsencrypt on cloudsites. From your command I got this:

total 40
-rw-r–r-- 1 root wheel 682 Jun 25 10:00 README
lrwxr-xr-x 1 root wheel 48 Jun 25 10:00 cert.pem -> …/…/archive/www.99buckswebdesign.com/cert1.pem
lrwxr-xr-x 1 root wheel 49 Jun 25 10:00 chain.pem -> …/…/archive/www.99buckswebdesign.com/chain1.pem
lrwxr-xr-x 1 root wheel 53 Jun 25 10:00 fullchain.pem -> …/…/archive/www.99buckswebdesign.com/fullchain1.pem
lrwxr-xr-x 1 root wheel 51 Jun 25 10:00 privkey.pem -> …/…/archive/www.99buckswebdesign.com/privkey1.pem


#8

So, the files are there but you’re probably not finding them in Finder due to file permissions. You’ll need to have root access in order to see them.

You could try this:

sudo cp /etc/letsencrypt/live/www.99buckswebdesign.com/{cert,chain,privkey,fullchain}.pem ~
sudo chown `whoami` ~/*.pem

After that, you should be able to find a usable copy of these four files in your home folder and you should be able to upload them to the host.

After that, you could look into a web-based client like ZeroSSL for future Let’s Encrypt issuance needs (and also maybe consider switching to a host with better Let’s Encrypt support!).


#9

I tried entering those lines but nothing is showing. There is no response from the terminal and I’m still not able to find results when I search those filenames


#10

In Unix tradition, programs that succeed in the task they were asked to perform should usually give no output and output is only displayed when there was a problem:

https://www.google.com/search?q=unix+silence+is+golden

Can you perhaps see them in your home folder in the Finder now? (not your Desktop)


#11

yay! I see the files now in the home folder. thank you for your time!


#12

Great! Please bear in mind that Let’s Encrypt certificates, while always free to renew, are only valid for 90 days. For the future, you may still want to


#13

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.