I was just accepted to the beta program and tried to install the certifcates using the client. I’m quite a noob in the ssl world and server configuration, and like all noobs I think I messed it up a bit.
Here is what I did:
I ran the client as described in the e-mail I received about the beta test:
./letsencrypt-auto --agree-dev-preview --server \ https://acme-v01.api.letsencrypt.org/directory certonly
Then, I requested a certificate for the domains notworking.mydomain.nl and working.mydomain.nl. The gitlab.mydomain.nl domain worked ‘out-of-the-box’. However, for notworking.mydomain.nl the old ‘happy hacker’ face certificate, that I generated by the client before, remained active.
Then I performed the ‘stupid’ action of manually removing
/etc/letsencrypt/live/notworking.mydomain.nl/ folder in an attempt to make sure that my old certificate was removed. But doing this, I was no longer able to run the Apache Web Sever option of the client, since Apache was misconfigured (because it couldn’t find the files that were specified in the apache .conf file. I resolved this by replacing the
/etc/live/notworking.mydomain.nl/ folder with the folder from the
/letsencrypt/archive/. This removed the ‘misconfigured’ message, but results in the following error:
OSError: [Errno 22] Invalid argument: '/etc/letsencrypt/live/notworking.mydomain.nl/cert.pem'
I have the following questions:
- How can it be that my initial attempt didn’t replace the old certificate with the new validated certificate?
- How can I ‘fix’ the Errno 22?