Nginx fails to start after delete of certificate

no there is no junk and they have the domain names I want.
for second command:
/etc/letsencrypt/live/domain1.com:
total 12
drwxr-xr-x 2 root root 4096 xx 28 08:34 .
drwx------ 12 root root 4096 xx 28 08:34 ..
-rw-r--r-- 1 root root 682 xx 28 08:34 README
lrwxrwxrwx 1 root root 47 xx 28 08:34 cert.pem -> ../../archive/domain1.com/cert1.pem
lrwxrwxrwx 1 root root 48 xx 28 08:34 chain.pem -> ../../archive/domain1.com/chain1.pem
lrwxrwxrwx 1 root root 52 xx 28 08:34 fullchain.pem -> ../../archive/domain1.com/fullchain1.pem
lrwxrwxrwx 1 root root 50 xx 28 08:34 privkey.pem -> ../../archive/domain1.com/privkey1.pem

That looks good.

Do you have other websites active on this server that you have certificates for?

Did you manually rename or copy any files or folders inside the /etc/letsencrypt folder structure (like .bck)?

yes I have a lot lol.

for the future what is the order of steps I need to do in order to delete a certificate and replace it with a new one?(if the cert auto renew dosnt work)

1 Like

yes I created a backup folder to live folder before I began to delete a certificate.

1 Like

You don't need to delete the old one at all. The renewed certificate files will just be added to the archive folder and the symlinks in the live folder will be updated accordingly.

backing up live is pointless. they're just symlinks

archive contains the real files

really? so if I want to create a new certificate to my domain what should I do?

1 Like

Let's say for example that your certificate name (from certbot certificates) is called mydomain...

Test with this:
sudo certbot renew --cert-name mydomain --dry-run

If that works, run this:
sudo certbot renew --cert-name mydomain


Renewal certificates are just new certificates that match the names on existing certificates.

There's no functional difference between renewing a certificate and acquiring a new certificate.

You only need to "acquire new" if you change the domain names on the certificate.

1 Like

Just be sure to undo the damage you caused by manually manipulating the certbot folders and files because certbot gets confused easily.

1 Like

yes thanks a lot!!!!!!!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.