My domain is: grepnik.default.grepnik.bv.iomart.io
(Changed by my host without warning from a similar domain with a different suffix)
I ran this command: certbot certonly -d grepnik.default.grepnik.bv.iomart.io
It produced this output: - Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/grepnik.default.grepnik.bv.iomart.io-0001/fullchain.pem.....
(I opted for the standalone option as this will not be used as a webroot)
My web server is (include version): apache
The operating system my web server runs on is (include version): Debian
My hosting provider, if applicable, is: Linux 4.19.0
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): 0.31.0
Now at last, the problem!
I created the domain config based on an old domain with a similar prefix. I changed every ref to the old domain name to the new one.
When I ran certbot certonly it created the dir under live with the suffix -0001. None of my other domains have this suffix.
This is preventing renewal with the error
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 67, in _reconstitute
renewal_candidate = storage.RenewableCert(full_path, config)
File "/usr/lib/python3/dist-packages/certbot/storage.py", line 463, in init
self._check_symlinks()
File "/usr/lib/python3/dist-packages/certbot/storage.py", line 522, in _check_symlinks
"expected {0} to be a symlink".format(link))
certbot.errors.CertStorageError: expected /etc/letsencrypt/live/grepnik.default.grepnik.bv.iomart.io/cert.pem to be a symlink
Renewal configuration file /etc/letsencrypt/renewal/grepnik.default.grepnik.bv.iomart.io.conf is broken. Skipping.
I don't know if I created files rather than symlinks by copying something over, but I don't think I did.
I've tried moving away everything relating to the old and new grepnik* domains and rerunning cerbot certonly as listed above. But I still get the domain dirs created with the suffix -0001.
I'm very unfamiliar with how letsencrypt works and if you want to point me to simple instructions I'm happy to try again and report back.
AHA. I copied the conf file from the old domain and used the old account value and Apache as authenticator!
I think I just need advice on how to remove everything to do with the old grepnik domain and the new misconfigured grepnik domain, and start again. As I say, a clear instruction page may be enough for the cert creation/installation side.