How can I renew a certificate on a server that doesn't have certbot installed?

I believe I originally set up a cert bot on a different server machine and then transferred the certificates to a new machine without installing certbot until now. So I'm running into some issues when I'm trying to renew my certs. What should I do?

My domain is:
net.skullborn.net

user@skullborn-core-server:~$ sudo certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log


No renewals were attempted.


user@skullborn-core-server:~$ sudo certbot certonly -d net.skullborn.net
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?


1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)


Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Plugins selected: Authenticator standalone, Installer None
Enter email address (used for urgent renewal and security notices)
(Enter 'c' to cancel): email@gmail.com


Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server. Do you agree?


(Y)es/(N)o: y


Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.


(Y)es/(N)o: n
Account registered.
Requesting a certificate for net.skullborn.net
Performing the following challenges:
http-01 challenge for net.skullborn.net
Waiting for verification...
Cleaning up challenges
live directory exists for net.skullborn.net

user@skullborn-core-server:~$ sudo certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log


Processing /etc/letsencrypt/renewal/net.skullborn.net.conf


Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 71, in _reconstitute
renewal_candidate = storage.RenewableCert(full_path, config)
File "/usr/lib/python3/dist-packages/certbot/_internal/storage.py", line 450, in init
raise errors.CertStorageError(
certbot.errors.CertStorageError: renewal config file {} is missing a required file reference
Renewal configuration file /etc/letsencrypt/renewal/net.skullborn.net.conf is broken. Skipping.


No renewals were attempted.

Additionally, the following renewal configurations were invalid:
/etc/letsencrypt/renewal/net.skullborn.net.conf (parsefail)


0 renew failure(s), 1 parse failure(s)

The operating system my web server runs on is (include version): Debian 11

My hosting provider, if applicable, is: GCP

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is: 1.12.0

Hi @jacklaplante, and welcome to the LE community forum :slight_smile:

hmm...
Do you still have access to the old system?
If so, copy the entire /etc/letsencrypt/ folder [with all the symlinks].
If not, then show:
certbot certificates
ls -lr /etc/letsencrypt/

4 Likes

Thanks for the response! I do have access to the original machine. So are you saying I should copy the /etc/letsencrypt/ folder from the original machine and put it in the new machine?

1 Like

Yes, but ensure to get the symlinks as they are.

5 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.