Cert Creation Fails When Attempting CSR Submission

Dear Forum:

I am attempting to create a certificate using the certonly command. My web host has a control-panel SSL setup, for which they provide a CSR. I am attempting to generate the certificate using Ubuntu 18.04.2 LTS on Windows 10. I am able to log in to my server and have been able to test that it’s connecting using DNS TXT entries. Using the DNS TXT entries and Certbot in Ubuntu, I am able to successfully generate certificates, but my web host, again, requires that I use their CSR to generate the certificate. I am now attempting to do that using the command line given below. The errors I receive are detailed below the command. Please note that while I’m “comfortable” using command line, I don’t find the need to very often, and so I’m not as proficient as I’d like to be.

Please also note that my web host states the following in the control panel page that shows the text of the CSR: “…Ensure that when purchasing an SSL certificate “Apache mod_ssl” is selected…”

My domain is: www.wisconsinitguru.com

I ran this command, where the CSR was saved on my local computer in the directory that certbot generated the CSR files when I ran certbot with the DNS TXT verfication: sudo certbot -d www.wisconsinitguru.com --manual --csr /etc/letsencrypt/csr/csr.pem certonly

It produced this output:
certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] …

Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
certbot: error: argument --csr: No such file or directory

I then copied the csr.pem file to my server in the /etc/letsencrypt/csr/ directory, wondering if that was where certbot was looking for the PEM file. That attempt produced the following result:

  certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
certbot: error: File not found: sr

My web server is (include version): Apache, version unknown

The operating system my web server runs on is (include version): Linux

My hosting provider is: Aplus.Net / Deluxe

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Yes, default control panel, version unknown.

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): Certbot 0.31.0

Here’s the CSR file contents, also included in the directory listed above:

Any help you could provide would be greatly appreciated.



Hi @wiscitguy

looks like a typo - csr.pem is your file name.

Share always the complete command.

Hi @wiscitguy,

I would just like to point out that this is not the way that Let's Encrypt is meant to be used; the intended application of Let's Encrypt is to request a certificate directly from the web server, using automated software. While you're certainly allowed to use Let's Encrypt the way that you're doing, it's probably going to be a lot of extra effort compared to a proper hosting provider integration.

If you'd like to continue down this manual path, I agree with @JuergenAuer that we need to see the exact command that you ran that produced the most recent error message.


Thanks for your replies. That is not a type-o. Please see the attached image for the output from my Ubuntu window.

Also, please note that the first attempt was before I copied the PEM file to my server - the second attempt was after.

[Edit: added extra info.]


There is a typo:

- d

with a space between - and d.

Must be


PS: And there is a second typo:


instead of


So -c is the parameter and sr is the value.

1 Like


You are indeed correct. Thanks for catching that! I tried correcting the command, and I get the same error as in the first attempt, listed above. Here’s a screenshot of the output, as well as images showing that I have the PEM file in both the local folder where I believe it should be, and on my server.


Your directory starts with /public, not with /etc.

Yes, that is because the root on my server is the /public directory. In spite of that, I attempted pre-pending public to the directory string and got the same error.


If you use such a "mixed configuration", use ls and other basic linux commands to find the correct place.


I apologize, but I am not familiar with using ls and other basic linux commands. I’m sure that is part of the reason I’m having the problems and have asked for help.

Can you provide any guidance on how to use the ls command to get the information I need?


Dear Forum Users,

Does anyone else have any input on this matter? I’m still in need of assistance.


If you’re going to administer a Unix system, I would suggest looking for some introductory Unix tutorials and learning a bit more about it. In many cases, you’ll have to do some tasks that can’t simply be done over FTP. (One possibility that I remember is the FLOSS Manuals “Introduction to the Command Line”, which seemed pretty well-done.)

In this case, you might try something like

sudo find / -name csr.pem

in order to figure out where the csr.pem file really ended up on this server.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.