/etc/letsencrypt/renewal/domainname.com.conf (parsefail)

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

when running certbot renew, I got the following:

Additionally, the following renewal configurations were invalid:
/etc/letsencrypt/renewal/bpinternasional.com.conf (parsefail)
/etc/letsencrypt/renewal/calistasoft.com.conf (parsefail)
/etc/letsencrypt/renewal/helpdesk.primteksolusindo.com.conf (parsefail)
/etc/letsencrypt/renewal/icarenow.co.id.conf (parsefail)
/etc/letsencrypt/renewal/icarenow.id-0001.conf (parsefail)
/etc/letsencrypt/renewal/icarenow.id.conf (parsefail)
/etc/letsencrypt/renewal/insurancegoesmobile.com.conf (parsefail)
/etc/letsencrypt/renewal/malaccatrust.com.conf (parsefail)
/etc/letsencrypt/renewal/papabob.ai.conf (parsefail)
/etc/letsencrypt/renewal/primesign.id.conf (parsefail)
/etc/letsencrypt/renewal/primteksolusindo.com.conf (parsefail)
/etc/letsencrypt/renewal/www.icarenow.co.id.conf (parsefail)
/etc/letsencrypt/renewal/www.icarenow.id.conf (parsefail)
/etc/letsencrypt/renewal/www.insurancegoesmobile.com.conf (parsefail)
/etc/letsencrypt/renewal/www.malaccatrust.com.conf (parsefail)
/etc/letsencrypt/renewal/www.primteksolusindo.com.conf (parsefail)

I did the following for bpinternasional.com.conf just for checking:

cat /etc/letsencrypt/renewal/bpinternasional.com.conf

renew_before_expiry = 30 days

version = 0.36.0
archive_dir = /etc/letsencrypt/archive/bpinternasional.com
cert = /etc/letsencrypt/live/bpinternasional.com/cert.pem
privkey = /etc/letsencrypt/live/bpinternasional.com/privkey.pem
chain = /etc/letsencrypt/live/bpinternasional.com/chain.pem
fullchain = /etc/letsencrypt/live/bpinternasional.com/fullchain.pem

Options used in the renewal process

account = a2572f8e5f8dd117a0135c3bacb80118
server = https://acme-v02.api.letsencrypt.org/directory
authenticator = webroot
bpinternasional.com = /var/www/html/bpinternasional
www.bpinternasional.com = /var/www/html/bpinternasional
[root@primteksolusindo ~]#


[root@primteksolusindo ~]# ls -la /etc/letsencrypt/live/bpinternasional.com/
total 24
drwxr-xr-x 2 root root 93 Sep 20 15:09 .
drwxr-xr-x 27 root root 4096 Sep 20 17:26 …
-rw-r–r-- 1 root root 1956 Aug 6 23:02 cert.pem
-rw-r–r-- 1 root root 1647 Aug 6 23:02 chain.pem
-rw-r–r-- 1 root root 3603 Aug 6 23:02 fullchain.pem
-rw-r–r-- 1 root root 1708 Aug 6 23:02 privkey.pem
-rw-r–r-- 1 root root 682 Oct 10 2018 README

this meant bpinternasiional.com should be OK … CMIIW

My domain is:

I ran this command:

It produced this output:
certbot renew
My web server is (include version):
Server version: Apache/2.4.6 (CentOS)
Server built: Aug 8 2019 11:41:18

The operating system my web server runs on is (include version):
CentOS 7

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
[root@primteksolusindo ~]# certbot --version
certbot 0.37.2

It's not okay -- /etc/letsencrypt/live/bpinternasional.com/ contains files, but it's supposed to contain symlinks to files in ../../archive/bpinternasional.com/.

Do you know how the symlinks got converted into files? Maybe a backup or file transfer program?

1 Like

I copy the whole etc/letsencrypt from the original but OS damaged server to the fresh new OS ones
Now, I did certbot to create a new cert.
any suggestion?

Do you still have the original directory? Can you copy it again, in a way that will preserve symlinks, like with rsync -a or by putting it in a tar file?

unfortunatelly no, I have reformatted the server :frowning:
can I create the symlinks manually ?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.