How to recreate /etc/letsencrypt/ directory?

lukavec · January 21, 2021, 11:50am

Hi there,
I accidentally removed /etc/letsencrypt directory and now when I am trying to use certbot, it is giving this error:

Error while running nginx -c /etc/nginx/nginx.conf -t.

nginx: [emerg] open() "/etc/letsencrypt/options-ssl-nginx.conf" failed (2: No such file or directory) in /etc/nginx/sites-enabled/default:147
nginx: configuration file /etc/nginx/nginx.conf test failed

I tried reinstalling certbot, but it didn't help.
How can I solve it?

danb35 · January 21, 2021, 1:21pm

Restore from backup. If you don't have a backup, you'll need to modify your nginx configuration to no longer expect files that aren't there any more.

sahsanu · January 21, 2021, 1:44pm

You can get the files from here:

https://github.com/certbot/certbot/tree/master/certbot-nginx/certbot_nginx/_internal/tls_configs

Just take a look because I don't know whether you were using the conf in file options-ssl-nginx.conf or options-ssl-nginx-old.conf

danb35 · January 21, 2021, 1:46pm

...but that won't give the cert files OP is undoubtedly also missing.

sahsanu · January 21, 2021, 1:48pm

Of course, op needs to issue again the certs, I'm just telling were to get the nginx conf files.

rg305 · January 21, 2021, 2:26pm

The topic title is: How to recreate /etc/letsencrypt/ directory?
And without a backup, there is no way to recreate it exactly the same.
That leaves only create a new one with all that is needed and use that one instead.

And yet we're now talking about files that are also missing elsewhere...
Things that may seem obvious to us, might not be so obvious to the OP.

My constructive "2 cents" here are:
You might do well by temporarily disabling all HTTPS sites until you have reissued them all new certs.
Then bring them back up as you verify that they are using the new certs and expected files correctly.

Osiris · January 21, 2021, 6:56pm

OP can't get new certs as long as the paths to the certs are missing, as nginx currently requires them and OP uses the nginx plugin. Getting nginx conf files doesn't change that. Once nginx is working again and OP can get new certs, it will also acquire the now-missing nginx conf files automatically. Thus, manually downloading those nginx conf files from the git repository isn't useful

griffin · January 21, 2021, 7:21pm

Sorry @sahsanu, but I am inclined to agree with @rg305 and @Osiris here. After setting up an unsecure, working nginx configuration, Martin should be in the same situation as any new certbot user when it comes to acquiring and installing a certificate. Without the certificates, I see the situation as basically a "start over fresh" scenario.

Now, if Martin needs the basic configuration files for nginx, he could download those. I feel like he'd probably be better off just creating a new instance then either copying its configuration or using it entirely.

griffin · January 21, 2021, 7:22pm

Welcome to the Let's Encrypt Community, Martin

system · February 20, 2021, 7:22pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.