Change from certbot-auto to using certbot

mahomedh · October 1, 2018, 12:15pm

Hi

I have inherited a server running Ubuntu 14.04.4 LTS which is using the certbot-auto script. I would like to upgrade/change it to using the certbot following these installation instructions.

Looking at the contents of the script, this is the version LE_AUTO_VERSION="0.15.0"

$VENV_PATH does not produce any output for my user and for root

I believe therefore that my next commands to run should be:

rm -rf /home/user/.local/share/letsencrypt
rm -rf /root/.local/share/letsencrypt

Then I should follow the installation instructions

Are these steps correct? Have I missed anything? Also do I need to do anything with, or worry about files in these directories?

/var/log/letsencrypt
/var/lib/letsencrypt
/etc/letsencrypt

Thanks in advance for any help and guidance.

JuergenAuer · October 1, 2018, 1:44pm

Hi @mahomedh

are you using a certificate? If yes, this

would be terrible.

Make a backup - then try it. If it doesn't work, you have to fix the problems.

mahomedh · October 1, 2018, 2:11pm

Yes, but we don't mind re-issuing the certificates again. Most of them are expired anyway because the auto-renew is not working.

Thanks for the advice. I've already made a backup. But I would much rather avoid going down the rabbit hole of troubleshooting a broken system when there might be a better way of avoiding a broken system in the first place.

schoen · October 1, 2018, 4:28pm

certbot-auto still stores the certificate data in /etc/letsencrypt. The .local/share/letsencrypt directories are only used to store code, not data.

mnordhoff · October 1, 2018, 9:37pm

Also, keep in mind that the Certbot packages will automatically set up a cron job to run “certbot -q renew”. If you have an existing custom cron job, you can remove it.

mahomedh · October 2, 2018, 8:09am

Thanks. Does this mean that my steps should be fine?

mahomedh · October 2, 2018, 8:12am

It's fine for it to auto-renew. This is one of the end goals anyway. I've already removed the existing cron jobs. Just to be clear I am trying to achieve

Remove the old script without breaking the system or preventing the install of the current certbot
Install the current and recommended certbot
Have it auto-renew all the certificates reliably.

schoen · October 2, 2018, 4:13pm

Yes, different versions of Certbot will happily use each other’s files in /etc/letsencrypt. Note that certbot-auto updates automatically to the latest released version, so when you install an OS package instead, you’ll be using a slightly older version of Certbot.

mahomedh · October 2, 2018, 4:31pm

Great! Thank you. I’ll give it a try and see how it goes.

system · November 1, 2018, 4:31pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Upgrading from letsencrypt-auto to certbot-auto Help	5	7866	July 9, 2016
Should we use certbot-auto or letsencrypt-auto? Help	3	12181	March 22, 2017
Certbot missing after ubuntu upgrade Help	6	1327	May 19, 2020
Error with auto renew Help	3	789	June 29, 2018
Upgrading older letsencrypt to certbot Server	3	8597	January 6, 2018

Change from certbot-auto to using certbot

Related topics