Certificates i got are only aliases with themselfes

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: hornick-vt.com

I ran this command: $ sudo certbot certonly --webroot

It produced this output: cert.pem/chain.pem/fullchein.pem/prikex.pem (all aliases with themselfes…)

My web server is (include version): Mac OS Server 5.2

The operating system my web server runs on is (include version): Mac OSX 10.11.6

My hosting provider, if applicable, is: Selfhosted

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): i dont know. installed it 2 days ago

How can i get real certificates?

Hi @Andre234

you have three certificates created - https://check-your-website.server-daten.de/?q=hornick-vt.com#ct-logs

Issuer not before not after Domain names LE-Duplicate next LE
Let's Encrypt Authority X3 2019-07-06 2019-10-04 hornick-vt.com - 1 entries duplicate nr. 3
Let's Encrypt Authority X3 2019-07-05 2019-10-03 hornick-vt.com - 1 entries duplicate nr. 2
Let's Encrypt Authority X3 2019-07-05 2019-10-03 hornick-vt.com - 1 entries duplicate nr. 1

But your command

doesn't install the certificate, you use certonly.

So install your certificate.

Instead, you use a self signed certificate:

C=DE, CN=hornick-vt.com
expires in 539 days	

And you have A-records with private ip addresses - Letsencrypt ignores these, but it's wrong.

Hi, and thanks for the note about the privat ip.

i would like to replace the self signed cetificate, but i can not install the new certificate, because the files are only aliases.

I tried it 3 times to get other files

can you send me the files by mail?

These are symlinks. Check your directory structure to find the linked files. I don't use Macs, so it's curious that the symlinks aren't resolved.


The files are on your harddisk.


i wish they would be there. Thats my Problem

As you can see in the Screenshot, when i doubleclick the file i get the error message. In the Infowindow you can see that the file is
an alias to itself. you can see, that the Path in Terminal is the same were the Aliases (Links) are

Thanks for your help!

Please read the documentation.

These are simple symlinks.

/etc/letsencrypt/archive and /etc/letsencrypt/keys contain all previous keys and certificates, while /etc/letsencrypt/live symlinks to the latest versions.

Check the files in these directories.

/etc/letsencrypt/live/example.com/fullchain.pem is supposed to be a symlink to ../../archive/example.com/fullchain1.pem or similar.

If the target is itself, there’s a strange bug, or something strange has happened to your data.

1 Like

Thanks so much for your help. I found them in the archive folder like your wrote. Strange, thant the link was wrong.

Have a good day


1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.