No certificates found

Hello,
I have copy the chain.pem and privatekey.pem files in a new installation of nextcloud jail on TrueNas machines.

So I created live folder like "usr/local/etc/letsencrypt/live/domainname/" and it works, nextcloud see my certficates and https it's ok.

But when run "certbot certificates" it can't find my certs

any idea?
thanks

3 Likes

Hello @giuseppe30
In order to provide you with the answers you seek we need more information from you.

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

4 Likes

My domain is: cloud.lemovstudio.com

I ran this command: iocage exec nc_jail certbot certificates

It produced this output: No certificates found.

My web server is (include version): Nextcloud 21.0.0

The operating system my web server runs on is (include version): TrueNAS-12.0-U2.1

I can login to a root shell on my machine (yes or no, or I don’t know): YES

I’m using a control panel to manage my site: no

The version of my client is: certbot 1.13.0

3 Likes

I see the request for certbot certificates, but how did you obtain the certificate originally?
The actual certbot command (including switches) should provide someone here with enough information to answer your question.

4 Likes

I've request cert with certbot in old machine. Now migrate all data in a new machine where I create a live/domain and copy cert file. Nextcloud server with https works but command "certbot certificates" can't find my cert so I won't be able to update the certificate when it expires

3 Likes

Do you still have the old server and is the LetsEncrypt file system in tact? If so you could look at this thread which discusses moving LE configuration to a new server. (and maintains cert inventory and renewals)

https://community.letsencrypt.org/t/server-move-prepare-certificates/145622/4

5 Likes

unfortunately I have copy only of the "live" folder

3 Likes

Welcome to the Let's Encrypt Community, Giuseppe :slightly_smiling_face:

I'll try to assist @Rip with getting you back on track.

I assume that you cleanly installed certbot on the new system before copying the files over...

Keep in mind that the "files" in "live" are just symbolic links. If you didn't copy over the real files in "archive" then your certificates are lost and you will need to acquire new ones.

5 Likes

That is unfortunate looks like you'll most likely be fixing the directory structure and obtaining a new cert... Hi @griffin welcome to the thread!

4 Likes

Thanks @Rip! :slightly_smiling_face:

The other issue I see is that the renewal configuration files have probably been lost too. Not a big deal. They're replaceable. The certificates (and private keys) are not.

3 Likes

yes I have new fresh installation here. Can I ricreate the link?

Now I've modify my bk script for all folders in /letsencrypt !

thanks in advance @griffin and @Rip

5 Likes

What says this?

sudo ls -lRa /usr/local/etc/letsencrypt/

3 Likes

root@nc-jail:~ # ls -lRa /usr/local/etc/letsencrypt/
total 36
drwxr-xr-x 8 root wheel 8 Mar 24 18:26 .
drwxr-xr-x 21 root wheel 35 Mar 24 12:41 ..
drwx------ 4 root wheel 4 Mar 24 13:14 accounts
drwxr-xr-x 2 root wheel 9 Mar 24 13:21 csr
drwx------ 2 root wheel 9 Mar 24 13:21 keys
drwxr-xr-x 3 root wheel 3 Mar 24 15:50 live
drwxr-xr-x 2 root wheel 2 Mar 24 12:42 renewal
drwxr-xr-x 5 root wheel 5 Mar 24 12:41 renewal-hooks

/usr/local/etc/letsencrypt/accounts:
total 10
drwx------ 4 root wheel 4 Mar 24 13:14 .
drwxr-xr-x 8 root wheel 8 Mar 24 18:26 ..
drwx------ 3 root wheel 3 Mar 24 13:14 acme-staging-v02.api.letsencrypt.org
drwx------ 3 root wheel 3 Mar 24 12:41 acme-v02.api.letsencrypt.org

/usr/local/etc/letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org:
total 2
drwx------ 3 root wheel 3 Mar 24 13:14 .
drwx------ 4 root wheel 4 Mar 24 13:14 ..
drwx------ 3 root wheel 3 Mar 24 13:14 directory

/usr/local/etc/letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory:
total 2
drwx------ 3 root wheel 3 Mar 24 13:14 .
drwx------ 3 root wheel 3 Mar 24 13:14 ..
drwx------ 2 root wheel 5 Mar 24 13:14 0498dd1fb0907db28549e4126a34b824

/usr/local/etc/letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory/0498dd1fb0907db28549e4126a34b824:
total 7
drwx------ 2 root wheel 5 Mar 24 13:14 .
drwx------ 3 root wheel 3 Mar 24 13:14 ..
-rw-r--r-- 1 root wheel 67 Mar 24 13:14 meta.json
-r-------- 1 root wheel 1632 Mar 24 13:14 private_key.json
-rw-r--r-- 1 root wheel 86 Mar 24 13:14 regr.json

/usr/local/etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org:
total 2
drwx------ 3 root wheel 3 Mar 24 12:41 .
drwx------ 4 root wheel 4 Mar 24 13:14 ..
drwx------ 3 root wheel 3 Mar 24 12:41 directory

/usr/local/etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory:
total 2
drwx------ 3 root wheel 3 Mar 24 12:41 .
drwx------ 3 root wheel 3 Mar 24 12:41 ..
drwx------ 2 root wheel 5 Mar 24 12:41 6136119b947f7ce7cdf61dd3e9da79c9

/usr/local/etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/6136119b947f7ce7cdf61dd3e9da79c9:
total 11
drwx------ 2 root wheel 5 Mar 24 12:41 .
drwx------ 3 root wheel 3 Mar 24 12:41 ..
-rw-r--r-- 1 root wheel 111 Mar 24 12:42 meta.json
-r-------- 1 root wheel 1632 Mar 24 12:41 private_key.json
-rw-r--r-- 1 root wheel 79 Mar 24 12:41 regr.json

/usr/local/etc/letsencrypt/csr:
total 49
drwxr-xr-x 2 root wheel 9 Mar 24 13:21 .
drwxr-xr-x 8 root wheel 8 Mar 24 18:26 ..
-rw-r--r-- 1 root wheel 932 Mar 24 12:42 0000_csr-certbot.pem
-rw-r--r-- 1 root wheel 932 Mar 24 12:56 0001_csr-certbot.pem
-rw-r--r-- 1 root wheel 932 Mar 24 12:58 0002_csr-certbot.pem
-rw-r--r-- 1 root wheel 932 Mar 24 13:09 0003_csr-certbot.pem
-rw-r--r-- 1 root wheel 985 Mar 24 13:11 0004_csr-certbot.pem
-rw-r--r-- 1 root wheel 932 Mar 24 13:12 0005_csr-certbot.pem
-rw-r--r-- 1 root wheel 932 Mar 24 13:21 0006_csr-certbot.pem

/usr/local/etc/letsencrypt/keys:
total 49
drwx------ 2 root wheel 9 Mar 24 13:21 .
drwxr-xr-x 8 root wheel 8 Mar 24 18:26 ..
-rw------- 1 root wheel 1704 Mar 24 12:42 0000_key-certbot.pem
-rw------- 1 root wheel 1704 Mar 24 12:56 0001_key-certbot.pem
-rw------- 1 root wheel 1708 Mar 24 12:58 0002_key-certbot.pem
-rw------- 1 root wheel 1704 Mar 24 13:09 0003_key-certbot.pem
-rw------- 1 root wheel 1704 Mar 24 13:11 0004_key-certbot.pem
-rw------- 1 root wheel 1704 Mar 24 13:12 0005_key-certbot.pem
-rw------- 1 root wheel 1704 Mar 24 13:21 0006_key-certbot.pem

/usr/local/etc/letsencrypt/live:
total 10
drwxr-xr-x 3 root wheel 3 Mar 24 15:50 .
drwxr-xr-x 8 root wheel 8 Mar 24 18:26 ..
drwxr-xr-x 2 root wheel 7 Mar 24 15:51 cloud.lemovstudio.com

/usr/local/etc/letsencrypt/live/cloud.lemovstudio.com:
total 24
drwxr-xr-x 2 root wheel 7 Mar 24 15:51 .
drwxr-xr-x 3 root wheel 3 Mar 24 15:50 ..
---------- 1 root wheel 1862 Mar 24 15:51 cert.pem
---------- 1 root wheel 1586 Mar 24 15:51 chain.pem
---------- 1 root wheel 3448 Mar 24 15:51 fullchain.pem
---------- 1 root wheel 1704 Mar 24 15:51 privkey.pem
---------- 1 root wheel 692 Mar 24 15:51 README

/usr/local/etc/letsencrypt/renewal:
total 9
drwxr-xr-x 2 root wheel 2 Mar 24 12:42 .
drwxr-xr-x 8 root wheel 8 Mar 24 18:26 ..

/usr/local/etc/letsencrypt/renewal-hooks:
total 11
drwxr-xr-x 5 root wheel 5 Mar 24 12:41 .
drwxr-xr-x 8 root wheel 8 Mar 24 18:26 ..
drwxr-xr-x 2 root wheel 2 Mar 24 12:41 deploy
drwxr-xr-x 2 root wheel 2 Mar 24 12:41 post
drwxr-xr-x 2 root wheel 2 Mar 24 12:41 pre

/usr/local/etc/letsencrypt/renewal-hooks/deploy:
total 1
drwxr-xr-x 2 root wheel 2 Mar 24 12:41 .
drwxr-xr-x 5 root wheel 5 Mar 24 12:41 ..

/usr/local/etc/letsencrypt/renewal-hooks/post:
total 1
drwxr-xr-x 2 root wheel 2 Mar 24 12:41 .
drwxr-xr-x 5 root wheel 5 Mar 24 12:41 ..

/usr/local/etc/letsencrypt/renewal-hooks/pre:
total 1
drwxr-xr-x 2 root wheel 2 Mar 24 12:41 .
drwxr-xr-x 5 root wheel 5 Mar 24 12:41 ..

3 Likes

There's no archive folder. :worried:

Sounds of sadness. :pensive:

There may still be hope though...

What says this?

sudo cat /usr/local/etc/letsencrypt/live/cloud.lemovstudio.com/cert.pem

3 Likes

root@nc-jail:~ # cat /usr/local/etc/letsencrypt/live/cloud.lemovstudio.com/cert.pem
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAz74x8xixbRqf08VajkvlP+DMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMTAzMTIxNTM4NTNaFw0yMTA2MTAxNTM4NTNaMCAxHjAcBgNVBAMT
FWNsb3VkLmxlbW92c3R1ZGlvLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAKsaYSQyuo53T49vnsTMoDja9VO6+KrYLhqvkt7ur/9Egw2d6FuGOIc4
e6ShIbnuCmrwHM/siDtB37crNvTen14pVjvNDEqhkkPvtB4rEhOM1QJ3ZoqyeF5+
wS3Ulf5RDMG162uAgNLytzciQhN5HY8+av9CZzJNRxm5smRZ0E1cdNB6eiwFrrBK
K4SIraiDSMlRrzrX97XCz3gUv/4iib+PrHLEcl5IJNG19AUOmEpoJhnBkUHo0W6/
OTfQpmox7KCseWGvuxw8hb04iXAJNdGSOqMqxF81aYqWv9XGmMp7/xv0fxFQWtHx
JitlycsYVIiuBbn9kd4BiOzHCeMNVDMCAwEAAaOCAlEwggJNMA4GA1UdDwEB/wQE
AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw
ADAdBgNVHQ4EFgQUSSaKT/87PLuA/b7Ax4lvEX4BJNQwHwYDVR0jBBgwFoAUFC6z
F7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVo
dHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxl
bmNyLm9yZy8wIAYDVR0RBBkwF4IVY2xvdWQubGVtb3ZzdHVkaW8uY29tMEwGA1Ud
IARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0
dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDx
AHcAlCC8Ho7VjWyIcx+CiyIsDdHaTV5sT5Q9YdtOL1hNosIAAAF4J04cswAABAMA
SDBGAiEA01ti1Ej+dKDH5TieZLjGqXmBttcxz1r7aj4KZDu+VB4CIQDN5VROHpQu
lD2BtaywKW7Vx36Ohw6lZElHo3b/cKvUqQB2APZclC/RdzAiFFQYCDCUVo7jTRMZ
M7/fDC8gC8xO8WTjAAABeCdOHLIAAAQDAEcwRQIgG5xxUTWRVtvufnnhG/gH1H7J
9CaXnwqP2N1AAOnKfdICIQCAomXTgiTH1dc0dMdcoK9ilQzDdfj+dGjWYYmB4Oty
eTANBgkqhkiG9w0BAQsFAAOCAQEAX0FOcUbx94YmpP6XW/7Ocane0KaZ857p7Ti3
7k6q4Cvd45xAFBqoI4pqkvG0DsX5HvhmCqabXVwyXxq7IhZzT3xq82wq9H7d2FND
bm6DRQfN/asEAXpGPgk8UUdrxXMsx2tR6uhwXsK58GODU2Ao6Swfki4sBiOsHJV4
tFBvSLshYY4oWerR2yDgqJ7hxgkmS8U3zqs6gO2fI18HDGU8TtpF+7+wd/ESrQ92
2iDMqjlC/FAFe543E4TUHpDgDt/QZR6tvBvotJ3aqvU2VpQU2E1R4GNtCkD/gPAe
SdcYFRKnq88YnoK3z4qf3FZvWips4jbFiXA69gy6nuTVo7IhgA==
-----END CERTIFICATE-----

3 Likes

Alrighty then... :slightly_smiling_face:

sudo mkdir /usr/local/etc/letsencrypt/archive

sudo mkdir /usr/local/etc/letsencrypt/archive/cloud.lemovstudio.com

sudo mv /usr/local/etc/letsencrypt/live/cloud.lemovstudio.com/*.pem /usr/local/etc/letsencrypt/archive/cloud.lemovstudio.com/

2 Likes

root@nc-jail:~ # mkdir /usr/local/etc/letsencrypt/archive
root@nc-jail:~ # mkdir /usr/local/etc/letsencrypt/archive/cloud.lemovstudio.com
root@nc-jail:~ # mv /usr/local/etc/letsencrypt/live/cloud.lemovstudio.com/*.pem /usr/local/etc/letsencrypt/archive/cloud.lemovstudio.com/
root@nc-jail:~ # certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log


No certificates found.


root@nc-jail:~ #

2 Likes

@griffin Don't forget certbot expects the files in /archive/ to be numbered.

That's to be expected. @griffin is walking you through a few steps one (or in this case, three) step(s) at a time.

4 Likes

sudo certbot update_symlinks

3 Likes

This thread may be useful in this case...
EDIT: for fixing the symlink structure.

4 Likes