Newbie qestions: certbot wants access to /etc/letsencrypt

m.e · June 15, 2016, 3:21pm

Several newbie issues:

when I try running certbot, I get an error OSError: [Errno 13] Permission denied: '/etc/letsencrypt'. This file does not exist. What do I need to do to fix this. Why does it need access to this file?
I’m confused: which box do I run certbot on? The web server? Any PC? What does certbox do? Create the certificate in a file somewhere?

I’m running certbot as newly installed from the Fedora repository (version 0.6.0)

schoen · June 15, 2016, 5:30pm

@m.e, certbot wants to save the key, certificate, and chain (among other things) into files underneath the directory /etc/letsencrypt. In order to do this, it needs to be run as root, normally with sudo. There are options for running certbot without root access, but you won’t get the automatic renewal features.

Normally you should run certbot on the web server, and it will save all of these things in files within /etc/letsencrypt. If you’re using Apache, it can also change your Apache configuration to configure it to use the new key, certificate, and chain.

m.e · June 16, 2016, 1:53am

Seth,

Thanks for that. I am actually using nginx but I think I can upload the config as long as I have the right files.

Perhaps someone could add your comments to the newbie documentation as I think there isn’t anything in there at the moment that covers these points.