I migrated the site to a new server in August and it must’ve happened then. When I copied over the /live/ directory I must not have properly preserved the symlinks. I think there’s a flag you use to do that when decompressing the directory, and I bet what happened is I didn’t use that flag. My best guess anyway.
Is the solution to create new symlinks to the files in archive? What’s the proper way to do that? Would it be:
Got it…thank you. Will give this a try (I have a backup server I can test this on by modifying my .hosts file).
So next time it renews, does it add cert3.pem etc. to /etc/letscenrcrypt/archive/mydomain.com? Just wondering about the sequential numerals added to the file names there…
Got it, thanks. I just created the symlinks on a backup server and tried a renewal dry-run. Other than the DNS not pointing to the right IP because it’s a different server, everything else checked out OK. In the wee hours tonight I’ll do this on the production server and try a renewal, then report back. Should work…I guess the nuclear option would be to just vaporize /etc/letsencrypt/ and run certbot from the top again.