How to activate Certbot for a different directory?

gawjrio · May 26, 2021, 5:48pm

I have three sites with which I am trying to setup SSL for.

For one domain, everything is fine along with automatic renewal. I set that up via the standard certbot command.

That gets installed in the default folder, without me making configurations.

However, I have two other domains which I have installed through a different method, via the following command:

certbot certonly --webroot -w ../var/www/DOMAIN_ONE' -d {DOMAIN_ONE} --config-dir /home/ssl/one --work-dir /home/ssl/two --logs-dir /home/ssl/three --email example@example.com --agree-tos --force-renewal

The code above was repeated twice for each of the two domains.

Three custom directories were made for that, as opposed to the default found in /etc/letsencrypt/.

SSL was installed fine but renewals in this custom directory don't work for some reason.

How can I get renewals to work for both locations? /etc/letsencrypt and /home/ssl ...rather than storing them all in /etc/letsencrypt

As a side question, I am able to run sudo certbot renew --dry-run to test if renewals work but that only works for the /etc/letsencrypt directory. Is there a way to test for both?

Thanks!

stevenzhu · May 26, 2021, 7:40pm

Hi @gawjrio,

Can you try to see if the below commands work?
sudo certbot renew --dry-run --config-dir /home/ssl/one --work-dir /home/ssl/two --logs-dir /home/ssl/three

Basically, if you didn't specify the config-dir, certbot will use the default directory which is under /etc/letsencrypt/.
If the above command works, you might also need to replicate the renewal command (found under your crontab or systemd timer) to include the additional flags. (You still need to keep the original line because you have one certificate under that directory)

Thank you

gawjrio · May 26, 2021, 8:29pm

Hi,

Thanks for the response!

That code you sent works fine, I can't find anything in Cron relating to letsencrypt.

I found a certbot.timer in systemd though the file is blank, if I open it with the following command:

sudo systemctl edit certbot.timer

Is this the file I need to edit?

If so, what do I add?

Thanks

stevenzhu · May 27, 2021, 1:06am

If you have a timer, then you should also have a service file under the same name. Try to duplicate both the timer and service file to include the additional "dir" arguments in my previous post.

system · June 26, 2021, 1:06am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.