Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: www.optarix.com
I ran this command: certbot install --nginx --cert-name www.optarix.com --fullchain-path /tmp/ssl-certificates/fullchain.pem --key-path /tmp/ssl-certificates/privkey.pem --non-interactive --agree-tos --no-eff-email --email XXXXXXXXXXXXX@gmail.com
It produced this output: Path to certificate or key was not defined. If your certificate is managed by Certbot, please use --cert-name to define which certificate you would like to install.
My web server is (include version): nginx 1.27.0
The operating system my web server runs on is (include version): Debian GNU/Linux 12 (bookworm)
My hosting provider, if applicable, is: container running on AWS EC2 instance
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): 2.1.0
More details:
I have copied all files in /etc/letsencrypt/live/www.optarix.com to a secure location (S3) and then tried two different target directories copying them back:
- /etc/letsencrypt/live/www.optarix.com
- /tmp/ssl-certificates
Then I ran the above command with the respective paths for parameters "--fullchain-path" and "--key-path". No luck. I also tried the set permissions as follows:
chmod 644 /tmp/ssl-certificates/fullchain.pem
chmod 600 /tmp/ssl-certificates/privkey.pem
again, for both options. However, in all cases I got the same error message.
Searching for "certbot install" gives me a gazillion hits on how to install certbot. However, that's not what I'm looking for. I also consulted the user guide. It mentions the "install" command but without details or examples.
One more detail I should mention: I'm using "--staging" when requesting a new certificate as I don't want to switch to production SSL certificates unless everything works.
What I want to achieve is this: Try to get existing certificate from secure, permanent storage (S3), if not successful, get new certificate and configure nginx (this part works). If successfully downloaded existing certificates, install existing certificate (this part doesn't work). In all cases set up cron job to renew automatically.
I also tried Perplexity.ai but it either misunderstands it as trying to install certbot or it gives me a list of broken links. So, not much luck there either. A standard web search doesn't help either (see above). Searching this forum for "certbot install" doesn't suggest useful posts either.
Am I on the wrong path? All pointers welcome!