I ran this command: certbot certonly -a webroot --expand --webroot-path=/home/kp -d karlaporter.com -d www.karlaporter.com
It produced this output:
Installed certbox
My web server is (include version): Nginx 1.14.1
The operating system my web server runs on is (include version): CentOS 8
My hosting provider, if applicable, is:
Digital Ocean
I can login to a root shell on my machine (yes or no, or I don't know):
Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
NO
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
1.10.1
I love LE and have used it to install certbot in my previous liux box (centos 7). Now we've upgraded to a CentOS 8 box. All our domains have moved over with a simple rsync, including the /etc/letsencrypt folders, and the /etc/security/ where we had generated the SSL stuff.
Question: is this a good enough way to "move" the certs, or will we have to regenerate the certs on this new server all afresh? Whenn I issue certbot -renew it gives me errors. Hence the question.
Welcome Back to the Let's Encrypt Community, Phoenix
In my experience with helping with certbot "migrations", I can say that things can be much messier than one might expect due to the tendrils that certbot creates. I highly recommend running certbot update_symlinks on the target system at the very least.
WARNING: Before doing any change, backup all the files and dirs in /etc/letsencrypt/. Command ln -sf will overwrite any file in live/DOMAIN0.com dir so you should be pretty sure that the last files in archive/DOMAIN0.com dir are the right ones you should be using.
1.- Files in live/domain/ are regular files and the command does nothing. 2.- Files in live/domain/ are symlinks pointing to the before the last files in archive/domain dir and the command does nothing. 3.- I removed the files in live/domain and the command does nothing. 4.- I removed the dir live/domain and the command does nothing.
So, I've no idea what update_symlinks parameter does