Letsencrypt recreate faulty nginx config, also i get No such file or directory

willstdueswissen · September 21, 2015, 1:53pm

Hello,
i hope i get help.
After run letsencrypt auth they recreate a nginx config that i have delete.
Is there an cache?
Can i clear it?
If it recreate nginx cant restart.

bmw · September 22, 2015, 8:29pm

Hi @willstdueswissen! Thank you for reporting the problem.

To revert the most recent changes, you can run letsencrypt rollback and it will revert any changes made by the Let’s Encrypt client. Another approach to revert any temporary changes that weren’t cleaned up is actually to run letsencrypt auth again. Do this and once you see the prompt “How would you like to authenticate with the Let’s Encrypt CA?”, exit the program. At that point, the Nginx plugin will have loaded and reverted any temporary state that it was aware of.

If you could provide more information about what happened, both with the bad Nginx config and the “No such file or directory” error, we could probably better help you and get the problem fixed in the client. Regardless, I hope that helped!

willstdueswissen · September 24, 2015, 3:53pm

Okay the no such file or direccotry is not more present.
But the gloabl nginx.conf revert to my old config (server_names_hash_bucket_size 64;).
The error say, ich sould increase ist, so i have added server_names_hash_bucket_size 2048;
But after reloauncher nginx and the server.
And after ./venv/bin/letsencrypt auth the config is replaced by server_names_hash_bucket_size 64;
Letscrypt say, if i try an rollback, it hasnt modified by letscrypt.

willstdueswissen · September 24, 2015, 4:21pm

So i used the standalone version.
But after i added both files to the nginx configuration: (
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/domain.de/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.de/privkey.pem;
)
i get in the browser an autication error.
I have installed the root certicate!

bmw · September 24, 2015, 6:43pm

There is a known issue (mentioned in #395) where if you manually modify your Nginx config files when Let’s Encrypt has a backup of them, those changes will be lost when letsencrypt is run again. You could try deleting the backup which is found by default /var/lib/letsencrypt.

Also, Let’s Encrypt is still in development and the certificate you received is not signed by our root certificate. We are beginning the beta program soon which will be issuing certificates signed by our root. If you’re interested, you can sign up for that program here. After that, generality availability begins the week of November 16th.