I’m offering Let’s Encrypt certs on all of the servers I host for my clients. When I build a server I use an automated script to set everything up. Part of this script involves making the /etc/letsencrypt/live/domain.name/ folder so I can drop a dhparams file in it. Installing the certificate has to wait because usually the DNS transfer is the last step, and obviously domain validation wont work without the DNS.
However I discovered today that the lets encrypt installer does not like using pre-existing folders. Can this be fixed with a configuration directive? I had to go thru the folder and rename all the -0001 things and I’m still concerned there might be issues with renewals.
Could you put that dhparams file somewhere other than
live, or perhaps install it after the certificate has been issued?
Yes, I will probably do that anyway, but I dont understand why the install script hates pre-installed folders.
It’s trying to avoid stepping on/overwriting a previously-existing certificate lineage with the same name, although it could certainly be more subtle or careful about that.
thanks, I understand. I’ve changed my deploy script to use the /etc/ssl/ folder instead, which I’m also using to store the configuration for certificates, so it seems a natural location.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.