Config file overwritten, reuse-key parameter removed & ignored

My domain is:
countly.onfleet.com

I ran this command:
Added parameter “reuse-key = true” to file /etc/letsencrypt/renewal/countly.onfleet.com.conf for an existing certificate.

It produced this output:
When the existing cert was auto-renewed, the file was overwritten, and a new key generated.

My web server is (include version):
nginx

The operating system my web server runs on is (include version):
Ubuntu 14

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.31.0

I am reading the PR for it now, to figure out what I did wrong.

1 Like

In a renewal configuration file, you have to set “reuse_key = True”, not “reuse-key = true”.

1 Like

Thanks - is there a documentation page for that I missed? I haven’t seen that form anywhere in the forums.

1 Like

I’m not sure. I just know that that’s the usual format for option names and boolean values.

Before writing that post, I grepped the source code to see if reuse_key was probably correct*, and I tested that it worked. I didn’t read the documentation.

* Some options have different internal and public-facing names. For example, --preferred-challenges is pref_challs.

1 Like

This is a feature of the parser that we use in Certbot. Multi-word options are written on the command line with a - (following GNU getopt convention) but in configuration files with a _ (following Python convention).

I will check whether we’ve documented that pattern anywhere—it’s very possible that we’ve totally forgotten to do so.

1 Like

Thank you both, I very much appreciate the explanation.

1 Like