New cert with webroot fails with error about missing cert

When I first tried to create a cert for my domain, I used the --apache switch, but it failed with conf parser errors, yet configtest shows success. So, I switched to using --webroot instead, but I keep getting the error about a missing renewal config file for Let’s Encrypt. I’m trying to create a new cert, not renew. Any help is appreciated.

My domain is:

I ran this command:
certbot certonly --webroot --cert-name axiomforge -w /var/www/axiomforge/site -d

It produced this output:
No certificate found with name axiomforge (expected /etc/letsencrypt/renewal/axiomforge.conf).

My operating system is (include version):
Ubuntu 16.04.2 LTS

My web server is (include version):
Apache 2.4.18

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

Hi @ventaur,

I think the error you’re seeing is because you’re specifying --cert-name. Historically, it wasn’t possible to choose a --cert-name when creating a new certificate. It should be possible in the newest versions of Certbot, but not in slightly older ones. Which version of Certbot are you running?

Hello and thanks for the reply!

I am running version 0.11.1 as acquired via apt-get via the PPA specified in the docs for Debian systems with Apache here:

After running the client with the --apache switch and getting some ambiguity with my special configuration, I switched to preferring the --webroot switch. I imagine I didn’t have to install the Apache-specific edition now, but that’s what I’m using when I receive the error. Do you recommend I switch to something else?

If you just want to get rid of the specific error and you don’t mind not being able to choose the cert name, you could just leave out --cert-name. I think that will take care of the error you’re currently seeing.

Thanks again, @schoen. I tried the same command without the --cert-name option and it worked just fine.

Is there anyway (now or in the near future) that I can rename my cert in order to support my minor OCD? Thanks!

If you can eventually upgrade to a later version, there will be a rename command. Or you can manually rename every reference in /etc/letsencrypt/{live,archive,renewal}, but be careful not to miss anything (including both file names and file contents).

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.