Migrating a website to a new server and questions about it

Choppy · February 20, 2020, 10:47am

Hello,
i’m planning a server migration for our website soon. I have some questions about the migration of the certificates to the new server.

I’m using this tutorial to do a “correct” migration : https://ivanderevianko.com/2019/03/migrate-letsencrypt-certificates-certbot-to-new-server Is this the correct way to do ? Or would you suggest copying the complete /etc/letsencrypt folder to the new server ?
With the actual server i have to restart nginx manually with sudo because the certificates have for user root:root. Can i change the file owner to another user so that i can set a cron restarting nginx automatically ? (Here is the ls -l command on the archive folder: -rw-r–r-- 1 root root 1704 Dec 25 07:03 privkey23.pem)
If we have a problem during the server migration(or after migration has been done). Is it ok for us to rollback to the current server ? If whatever error happens with the certificate migration, i’m concerned about how to manage this
I’m going to do a new installation on the new server, so i’ll probably have the latest version of letsencrypt (ubuntu 18.04). Is there any compatibility problem to move from the old version (certbot 0.26.1) to a new one ?

Thanks a lot for your time!

My domain is: homunity.com

My web server is (include version): nginx/1.14.0

The operating system my web server runs on is (include version): Ubuntu 18.04

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Actual server : certbot 0.26.1
New server : Not installed yet, but i will be installing the latest one from the package manager

Choppy · February 20, 2020, 3:11pm

No one have an idea about my questions ?

stevenzhu · February 20, 2020, 3:21pm

It might be better to directly copy the whole folder to the other server. (Please don't do cut and paste lol)

When you are using certbot, certbot will run only with root permission. It's better not to change any permission inside the directory folder to avoid damage.

I'm not quite understand this part. Do you mean "if anything failed during the migration, can we point DNS records back to the old server?" If so, you definitely can. Please just don't delete any information/files on your old server... (Just in case)

I don't think there'll be much difference between the old client (or any newer client). However it's still suggested to copy the folders first before install the new client. (certbot should be able to read your old configuration and make changes accordingly)

P.S. I believe the vast majority of people on this forum are using U.S. timezones... and it might be a little bit early for them to get productive😁

Choppy · February 20, 2020, 4:00pm

Thanks a lot!!

It might be better to directly copy the whole folder to the other server. (Please don’t do cut and paste lol)

If i install certbot then copy/paste the /etc/letsencrypt/* folder to the new one, there is not problem of overwriting files that shouldn't be overwritten for the new letsencrypt version ?

If so, you definitely can. Please just don’t delete any information/files on your old server… (Just in case)

Yes this is what i was wondering. Actually for the server itself i'm not worring because it will be running for some time. But i was wondering it this might not be a problem for the certificate to be back on the past server if i roll back the dns records ?

Awesome all over answers were precise enough for me Thank you very much!

P.S. haha, i was just a bit worried of not getting an answer! Thanks a lot for answering!

system · March 21, 2020, 4:11pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.