Hello Friends,
I'm migrating to a new server & having to redo some things that I haven't touched in a couple of years. The new server is running RockyLinux (yes I know it's still new & not fully supported), but I"m trying to build a config file for certbot to use when I issue new Certs so I don't have to use the same flags every time. I'm on Certbot 1.19.0 & I've built a config file on /etc/letscrypt/cli.ini:
# This is an example of the kind of things you can do in a configuration file.
# All flags used by the client can be configured here. Run Certbot with
# "--help" to learn more about the available options.
#
# Note that these options apply automatically to all use of Certbot for
# obtaining or renewing certificates, so options specific to a single
# certificate on a system with several certificates should not be placed
# here.
# Use ECC for the private key
key-type = ecdsa
# Cloudflare Authentication
dns-cloudflare = True
dns-cloudflare-credentials = /root/.certbot/cloudflare.ini
#File Paths
cert-path = /etc/ssl/certs
key-path = /etc/ssl/certs
chain-path = /etc/ssl/certs
fullchain-path = /etc/ssl/certs
I had to specify the config file for some reason, but it still didn't take my file paths. The PK is ECDSA & it did validation via cloudflare, but the filepaths didn't take:
[root@newserver ~]# certbot certonly --config /etc/letsencrypt/cli.ini -d *.mccrocklin.space -d mccrocklin.space
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for *.mccrocklin.space and mccrocklin.space
Waiting 10 seconds for DNS changes to propagate
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/mccrocklin.space/fullchain.pem
Key is saved at: /etc/letsencrypt/live/mccrocklin.space/privkey.pem