FileExistsError: [Errno 17] File exists:

oivvio · April 14, 2022, 4:46am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
schystresande.se

I ran this command:
certbot certonly -d schystresande.se

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?

1: Nginx Web Server plugin (nginx)
2: Spin up a temporary webserver (standalone)
3: Place files in webroot directory (webroot)

Select the appropriate number [1-3] then [enter] (press 'c' to cancel): 2
Plugins selected: Authenticator standalone, Installer None
Certificate is due for renewal, auto-renewing...
Renewing an existing certificate for schystresande.se
An unexpected error occurred:
FileExistsError: [Errno 17] File exists: '/etc/letsencrypt/archive/schystresande.se/privkey2.pem'
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details

My web server is (include version):
nginx 1.18.0-0ubuntu1.2

The operating system my web server runs on is (include version):
ubuntu 20.04

My hosting provider, if applicable, is:
Linode

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.26.0

Output of sudo ls -alR /etc/letsencrypt/

Pasted here: Output of sudo ls -alR /etc/letsencrypt/ · GitHub

Output of sudo certbot certificates

Found the following certs:
Certificate Name: schystresande.se
Serial Number: 4454bb06f70614c1fca793b2e985d1564b1
Key Type: RSA
Domains: schystresande.se
Expiry Date: 2022-05-04 07:28:32+00:00 (VALID: 20 days)
Certificate Path: /etc/letsencrypt/live/schystresande.se/fullchain.pem
Private Key Path: /etc/letsencrypt/live/schystresande.se/privkey.pem

If erasing my entire current configuration would be easier than other options that would be ok. I just don't know how to do it safely.

_az · April 14, 2022, 5:39am

You are prevented from recreating this certificate for the next 7 days, due to rate limits. So it is probably worth salvaging your current configuration, rather than starting from scratch.

Give me a little while to reproduce the same problem in my local environment, and I'll try document the steps you can use to recover things.

rg305 · April 14, 2022, 5:51am

Hi @oivvio, and welcome to the LE community forum

These don't match:

/etc/letsencrypt/live/schystresande.se:
total 12
drwxr-xr-x 2 root root 4096 Feb  3 08:28 .
drwx------ 4 root root 4096 Feb  3 08:29 ..
lrwxrwxrwx 1 root root   45 Feb  3 08:28 cert.pem -> ../../archive/schystresande.se-0002/cert1.pem
lrwxrwxrwx 1 root root   46 Feb  3 08:28 chain.pem -> ../../archive/schystresande.se-0002/chain1.pem
lrwxrwxrwx 1 root root   50 Feb  3 08:28 fullchain.pem -> ../../archive/schystresande.se-0002/fullchain1.pem
lrwxrwxrwx 1 root root   48 Feb  3 08:28 privkey.pem -> ../../archive/schystresande.se-0002/privkey1.pem
-rw-r--r-- 1 root root  692 Feb  3 08:28 README

Certificate Name: schystresande.se
Serial Number: 4454bb06f70614c1fca793b2e985d1564b1
Key Type: RSA
Domains: schystresande.se
Expiry Date: 2022-05-04 07:28:32+00:00 (VALID: 20 days)
Certificate Path: /etc/letsencrypt/live/schystresande.se/fullchain.pem
Private Key Path: /etc/letsencrypt/live/schystresande.se/privkey.pem

At some point, a second cert was created (or attempted) and now both are scrambled:

drwxr-xr-x 2 root root 4096 Nov 24 06:53 schystresande.se
drwxr-xr-x 2 root root 4096 Feb  3 08:28 schystresande.se-0002

_az · April 14, 2022, 6:05am

Could you please post the contents of /etc/letsencrypt/renewal/schystresande.se.conf as well?

oivvio · April 14, 2022, 7:54am

Contents of /etc/letsencrypt/renewal/schystresande.se.conf

renew_before_expiry = 30 days

version = 1.21.0
archive_dir = /etc/letsencrypt/archive/schystresande.se
cert = /etc/letsencrypt/live/schystresande.se/cert.pem
privkey = /etc/letsencrypt/live/schystresande.se/privkey.pem
chain = /etc/letsencrypt/live/schystresande.se/chain.pem
fullchain = /etc/letsencrypt/live/schystresande.se/fullchain.pem

Options used in the renewal process

[renewalparams]
account = caf64a62b031c626d0215e977ec2a3e7
authenticator = standalone
server = https://acme-v02.api.letsencrypt.org/directory

oivvio · April 14, 2022, 7:55am

Or I could just wait 7 days and then start from scratch? If that's easier. I still have a few weeks before the certificate expires.

system · May 14, 2022, 7:55am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
An unexpected error occurred: FileExistsError: [Errno 17] File exists: '/etc/letsencrypt/archive/(domain)/privkey2.pem' Help	7	4522	June 13, 2021
Manual renewal fails with Errno 17 File Exists Help	9	2825	January 26, 2022
Manual renewal fails with Errno 17 File Exists Help	52	1297	December 30, 2022
Challenges failed: check that a dns record exists Help	8	1608	February 9, 2022
Certbot renewal archive privkey file error Help	14	199	November 7, 2024

FileExistsError: [Errno 17] File exists:

renew_before_expiry = 30 days

Options used in the renewal process

Related topics