I’ve been using Let’s Encrypt for almost a year and it’s fantastic - so well done to all involved.
I recently dockerized everything, and everything appears to be working very well except for a small issue I’m having around using certbot to renew my certificates.
The certbot renewal request went through, but it keeps saving the renewed certificates to a new folder with -0001 appended to my domain : /etc/letsencrypt/live/humankode.com-0001
The command I’m running is in a cron job.
I’m running Ubuntu 16.04 on an Amazon EC2 instance. Everything is dockerized.
The command I used to issue the renewal was:
sudo docker run --rm -it --name certbot \ -v "/docker-volumes/etc/letsencrypt:/etc/letsencrypt" \ -v "/docker-volumes/var/lib/letsencrypt:/var/lib/letsencrypt" \ -v "/docker-volumes/data/letsencrypt:/data/letsencrypt" \ certbot/certbot \ certonly --webroot --webroot-path=/data/letsencrypt \ -d humankode.com -d www.humankode.com \ --renew-by-default \ --force-renewal \ --email email@example.com \ --agree-tos \ --manual-public-ip-logging-ok
The response I got was:
Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator webroot, Installer None Renewing an existing certificate Performing the following challenges: http-01 challenge for humankode.com http-01 challenge for www.humankode.com Using the webroot path /data/letsencrypt for all unmatched domains. Waiting for verification... Cleaning up challenges IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/humankode.com-0001/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/humankode.com-0001/privkey.pem Your cert will expire on 2018-04-05. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
Any suggestions on how to get around this, and why this is happening?