CertBot says success but Live folder is empty

rnb · August 1, 2023, 6:53pm

Hi, my goal is to get ssl working on a wordpress site, it's my first time with SSL/certbot.

I have the domain with dns hosted at Hostgator, website hosting is at LiquidWeb Cloudsites. I'm following this article to install the certificate but am stuck after the creation of the local pem files.

https://help.liquidweb.com/s/article/Installingt-s-Encrypt-SSL-in-Cloud-Sites

Certbot says success in the terminal, but there are no files in /etc/letsencrypt/live/... nor is there a log file.

letsencrypt % sudo ls -l /etc/letsencrypt/{live,archive}/goldenridgeresources.com
ls: /etc/letsencrypt/archive/goldenridgeresources.com: No such file or directory
ls: /etc/letsencrypt/live/goldenridgeresources.com: No such file or directory

In the letsencrypt directory on my mac there are 5 folders: accounts/archive/live/renewal and renwal hooks. The first 3 are zero bytes.

Any idea appreciated.

https://help.liquidweb.com/s/article/Installingt-s-Encrypt-SSL-in-Cloud-Sites

My domain is:
goldenridgeresources.com

I ran this command:
sudo -H certbot certonly --manual --preferred-challenges http -d www.goldenridgeresources.com -d goldenridgeresources.com

It produced this output:
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/www.goldenridgeresources.com/fullchain.pem
Key is saved at: /etc/letsencrypt/live/www.goldenridgeresources.com/privkey.pem
This certificate expires on 2023-10-30.

My web server is (include version):
linux/apache/php8

The operating system my web server runs on is (include version):
linux

My hosting provider, if applicable, is:
liquidweb cloudsites

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
certbot on Mac os via terminal

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 2.6.0

petercooperjr · August 1, 2023, 6:56pm

These are two different paths (one has www. in it and the other doesn't), so I'm not quite following what you're trying and what you're expecting. What is in your /etc/letsencrypt/live directory, and what does certbot certificates give you?

petercooperjr · August 1, 2023, 7:02pm

This looks like a terrible tutorial that's having you use a manual authentication; why are you trying to get a certificate on your local system instead of on the server itself? It's highly likely that you're going about everything in the most convoluted method possible. Any sort of reasonable shared hosting would just automatically get and configure a certificate for you. If your hosting isn't reasonable, you might be able to find a Wordpress plugin that will do things for you, or maybe try CertSage. (Though with CertSage you'd still need to manually renew things every couple months, but it can be slightly less painful for some use cases.)

rnb · August 1, 2023, 8:41pm

The command was supposed to include www, sorry man.....

sudo ls -l /etc/letsencrypt/{live,archive}/www.goldenridgeresources.com

This is the result....

/etc/letsencrypt/archive/www.goldenridgeresources.com:
total 40
-rw-r--r-- 1 root wheel 1562 1 Aug 11:19 cert1.pem
-rw-r--r-- 1 root wheel 3749 1 Aug 11:19 chain1.pem
-rw-r--r-- 1 root wheel 5311 1 Aug 11:19 fullchain1.pem
-rw------- 1 root wheel 241 1 Aug 11:19 privkey1.pem

/etc/letsencrypt/live/www.goldenridgeresources.com:
total 8
-rw-r--r-- 1 root wheel 692 1 Aug 11:19 README
lrwxr-xr-x 1 root wheel 52 1 Aug 11:19 cert.pem -> ../../archive/www.goldenridgeresources.com/cert1.pem
lrwxr-xr-x 1 root wheel 53 1 Aug 11:19 chain.pem -> ../../archive/www.goldenridgeresources.com/chain1.pem
lrwxr-xr-x 1 root wheel 57 1 Aug 11:19 fullchain.pem -> ../../archive/www.goldenridgeresources.com/fullchain1.pem
lrwxr-xr-x 1 root wheel 55 1 Aug 11:19 privkey.pem -> ../../archive/www.goldenridgeresources.com/privkey1.pem

The certbot certificates command shows....

Found the following certs:
Certificate Name: www.goldenridgeresources.com
Serial Number: 45296e26**************46e2ccb92
Key Type: ECDSA
Domains: www.goldenridgeresources.com goldenridgeresources.com
Expiry Date: 2023-10-30 17:19:49+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/www.goldenridgeresources.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.goldenridgeresources.com/privkey.pem

Osiris · August 1, 2023, 8:53pm

Looks quite alright to me

system · August 31, 2023, 8:53pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.