I have no problem when navigating to my website (https works great). Auto renew is working nicely too!
But, today I started up my node.js app that uses the certificates for websocket connections and I get denied access
WebSocket network error: Unacceptable TLS certificate
In my code the letsencrypt file locations are hard coded:
key:require('fs').readFileSync('/etc/letsencrypt/live/digitalgoodsprovider.com/privkey.pem','utf8') , cert:require('fs').readFileSync('/etc/letsencrypt/live/digitalgoodsprovider.com/fullchain.pem','utf8') , ca:require('fs').readFileSync('/etc/letsencrypt/lets-encrypt-x3-cross-signed.pem','utf8')
I went to look in /etc/letsencrypt/live and I see 3 folders
‘digitalgoodsprovider.com’ <----oldest creation date
‘digitalgoodsprovider.com-0002’ <----newest creation date
This naturally will always inevitably break my code because my code will end up pointing to an outdated bunch of certs.
Also I can imagine what would happen If I left my server running over a long period (in production), when the code first boots up It will be pointing to the correct certs but it will always point to the same ones so it will eventually become unaccessible
What is the best practice?