Congratulations! Your certificate and chain have been saved

Trouble is, all of the certificate files in certbot/livbe/[domain] are empty. When I ran renew certobt informed me that my new certificates are good until December … but there are not new certificates in the folder.

My domain is: www.libris.ca
I ran this command: certbot certonly
It produced this output:

C:\Windows\system32>certbot certonly
Saving debug log to C:\Certbot\log\letsencrypt.log

How would you like to authenticate with the ACME CA?


1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)


Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 2
Plugins selected: Authenticator webroot, Installer None
Please enter in your domain name(s) (comma and/or space separated) (Enter ‘c’
to cancel): www.libris.ca
Cert not yet due for renewal

You have an existing certificate that has exactly the same domains or certificat
e name you requested and isn’t close to expiry.
(ref: C:\Certbot\renewal\www.libris.ca.conf)

What would you like to do?


1: Keep the existing certificate for now
2: Renew & replace the cert (limit ~5 per 7 days)


Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 2
Renewing an existing certificate
←[1m
IMPORTANT NOTES:
←[0m - Congratulations! Your certificate and chain have been saved at:
C:\Certbot\live\www.libris.ca\fullchain.pem
Your key file has been saved at:
C:\Certbot\live\www.libris.ca\privkey.pem
Your cert will expire on 2020-12-03. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew all of your certificates, run
“certbot renew”

My web server is (include version): Apache 2.2

The operating system my web server runs on is (include version): Windows 7 Prof.

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 1.5.0

1 Like

Do these files exist?:

1 Like

They exist, but have no content (0 bytes)

1 Like

Are there any special permissions set on that folder or file?

1 Like

C:\Certbot\live\ is readonly. I’m not able to change that.

1 Like

I don’t know enough about Windows to talk about this in exactly the right way, but the files in live are symbolic links, and their targets are only readable to an administrator. If you look at them with a non-administrative account, you won’t be able to see the files that they point at. Software running with administrative privileges should nonetheless be able to follow the symbolic links and see the contents.

(Symbolic links are a Unix feature that’s similar to, but I think not identical to, Windows file shortcuts. The Windows version of Certbot uses them this way following the behavior of the original Unix version of Certbot.)

2 Likes

Thanks! A little reading about symbolic links in Windows solved my problem, which wasn’t a problem at all. Certbot was working perfectly; I just didn’t realize it.

1 Like