First-Time LetsEncrypt Certificate Request

I’ve just start using Lets encrypt to implement a solution at home.
The purpose is to publish a website with a certificate, simple as that.
The application is UNMS and uses a LetsEncrypt certificate that we can use our own.

So, after generate a certificate with certbot, with 0 errors. i run the following command
curl -fsSL > /tmp/ && sudo bash /tmp/ --http-port 8091 --https-port 8883 --ssl-cert-dir /etc/letsencrypt/live/ --ssl-cert fullchain.pem --ssl-cert-key privkey.pem

And with that i get the following error:

ERROR: Cert file:
is not placed in the cert directory:
Check --ssl-cert-dir and --ssl-cert arguments for symbolic links. The actual ssl cert file (not just symbolic link) must be within the ssl cert directory or its subdirectories.

So thw ssl cert directory is point to the “live” one like the manual told me to do, and asks about a file that doens’t exist fullchain1.pem, i only have fullchain.pem

Can anyone help me please?


/etc/letsencrypt/live are symlinks, real certs are in /etc/letsencrypt/archive

But this request is really strange.

Using ls -la will show you whatever you need to know.

Yes I’ve check it the are symlinks, the problem is that they point to a different name, so i think that is the error.

On the patch /etc/letsencrypt/archive the have the numer 1 after. And i think thats why is happenning.

I think you should leave that directory alone and use a --deploy-hook to copy the cert and key to a directory where unms will find them, and to do whatever is needed to tell unms it has to use a new cert. (pay attention to permissions when copying the private key)

cp -L should read the symlink and copy the actual file to the destination of your choosing.

But if i choose another directory for unms, when the renew happens i need to make all these steps again. copy the cert to another location right?

If you set the deploy-hook, certbot should remember to do the same next time

Can you help me getting the whole command please.
Thank you

you need to write a script to set up the certificates for unms, and I cannot do that.

then you have certbot run that script as a deploy-hook. Read the docs on how to do that, please:

after you have your script, the command should look like this:

certbot install --deploy-hook /path/to/your/

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.