Certbot Docker not saving certificate to volume

luckspt · May 18, 2023, 10:45am

My domain is: lucks.hivetown.pt,www.lucks.hivetown.pt

I ran this command:

docker run --rm -it \
    --name certbot \
    -p 8888:80 \
    --volume ./data/certbot-etc:/etc/letsencrypt \
    certbot/certbot \
        certonly \
            --force-renew \
            --test-cert --non-interactive --standalone \
            --agree-tos --no-eff-email \
            -d $CERTBOT_DOMAINS --email $CERTBOT_EMAIL

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Renewing an existing certificate for lucks.hivetown.pt and www.lucks.hivetown.pt

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/lucks.hivetown.pt/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/lucks.hivetown.pt/privkey.pem
This certificate expires on 2023-08-16.
These files will be updated when the certificate renews.

NEXT STEPS:
- The certificate will need to be renewed before it expires. Certbot can automatically renew the certificate in the background, but you may need to take steps to enable that functionality. See https://certbot.org/renewal-setup for instructions.

My web server is (include version):
haproxy-alpine:2.6.10, but my issue happens before that

The operating system my web server runs on is (include version):
Docker 23.0.4 on Manjaro Linux 6.1.26-1-MANJARO

I can login to a root shell on my machine (yes or no, or I don't know): yes, i am working locally

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.6.0 from dockerhub certbot/cerbot

Further description:
Certbot is saving renewal/lucks.hivetown.pt.conf, but it says it's saving the certificates but they do not appear on my host machine under live directory

Osiris · May 18, 2023, 10:49am

Where exactly are you looking for the certificates on your host machine?

luckspt · May 18, 2023, 10:52am

On data/certbot-etc/live of the current directory I am at. In data/certbot-etc/renewal I am able to view the lucks.hivetown.pt.conf file with data inside it

Also, I have tried removing --test-cert but with not success.

Osiris · May 18, 2023, 10:53am

Please keep using --test-cert (or --staging) for testing purposes, as using the production environment for testing will lead you to running into rate limits.

That's weird. Could you perhaps do a tree ./data/certbot-etc/?

luckspt · May 18, 2023, 10:54am

I have found my mistake... I was checking the dir through VSCode which did not have permissions, so it did not list anything.

Sorry but thank you!!

Osiris · May 18, 2023, 10:55am

Glad you found the issue

Please also note that you should only use --force-renewal on the staging environment (with --test-cert or --staging) and NOT on the production environment, unless you absolutely know for what purpose you're actually using it. Hint: most users don't know the meaning of the option and use it incorrectly.

system · June 17, 2023, 10:56am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.