No certificates found

root@nc-jail:~ # certbot certificates --config-dir /usr/local/etc/letsencrypt
Saving debug log to /var/log/letsencrypt/letsencrypt.log

No certificates found.

root@nc-jail:~ #

Because that would give incorrect symbolic links? /live/certname/ is two path-lengths, thus two .. in the ../../

I think @Osiris is probably right about the renewal configuration files.

@Osiris

Then why were the symbolic links broken...

you didn't point them at the archive folder.

Ah, yes, the whole renewal file is missing..

That's a #()#()$ to rebuild

Oh, euh, because I focused on the incorrect part and you were right?

Any way, all this trouble for almost nothing: without a renewal file, certbot doesn't recognise the files at all...

You're probably better of running certbot from the top again.. I didn't realise the renewal file was missing completely, I assumed using --config-dir was enough.

so regenerate certificate ?

first I need to clean up the live and archive folders ?

Color me purple...

Osiris, you admitted a mistake. Hellfire shall rain forth. Take cover!

So... once more... with feeling?

sudo certbot certonly --nginx -d "cloud.lemovstudio.com" --dry-run --config-dir /usr/local/etc/letsencrypt

root@nc-jail:~ # certbot certonly --nginx -d "cloud.lemovstudio.com" --dry-run --config-dir /usr/local/etc/letsencrypt
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Could not choose appropriate plugin: The requested nginx plugin does not appear to be installed
The requested nginx plugin does not appear to be installed

@giuseppe30

To be fair, it's very rare that I see @Osiris make a mistake. His track record is certainly better than my own.

Yes, unfortunately that's the best method now, sorry for the inconvenience. Rebuilding a renewal file from scratch is, well.. Not so easy. Although one could try:

cat > /usr/local/etc/letsencrypt/renewal/cloud.lemovstudio.com.conf <<EOF
# renew_before_expiry = 30 days
cert = /usr/local/etc/letsencrypt/live/cloud.lemovstudio.com/cert.pem
privkey = /usr/local/etc/letsencrypt/live/cloud.lemovstudio.com/privkey.pem
chain = /usr/local/etc/letsencrypt/live/cloud.lemovstudio.com/chain.pem
fullchain = /usr/local/etc/letsencrypt/live/cloud.lemovstudio.com/fullchain.pem
version = 1.13.0
archive_dir = /usr/local/etc/letsencrypt/cloud.lemovstudio.com

# Options and defaults used in the renewal process
[renewalparams]
installer = nginx
authenticator = nginx
rsa_key_size = 4096
account = 6136119b947f7ce7cdf61dd3e9da79c9
server = https://acme-v02.api.letsencrypt.org/directory
EOF

Although that's just from the wrist and makes a few assumptions, such as a working nginx plugin.

Uh.. oh. Hmm...

so...

certbot --version

root@nc-jail:~ # certbot --version
certbot 1.13.0

It's from some kind of TrueNAS Nextcloud something..

How did you install certbot @giuseppe30 ? Or was it pre-installed?

usually I use this

root@nc-jail:~ # certbot -d cloud.lemovstudio.com --manual --preferred-challenges dns certonly --dry-run

Hmm, who brought nginx in the play here, did you do that @griffin ?

@giuseppe30 You could repeat those steps. I'll edit my manually crafted renewal configuration file above to reflect this, might you still be interested.

Ouch. Manual DNS validation... Not uncommon with NAS though.

for installation use

pkg install py37-certbot

Yeah. I asked about his webserver before. Should've asked the method being used. My bad.