Right. So in /etc/letsencrypt/archive
you have an lgms-0001
subdirectory, but no lgms
. In /etc/letsencrypt/live
you have an lgms
subdirectory, but no lgms-0001
. The symbolic links in /etc/letsencrypt/live/lgms
are pointing to the actual files in /etc/letsencrypt/archive/lgms-0001
.
This will confuse certbot. It expects that the subdirectories under /etc/letsencrypt/archive
and /etc/letsencrypt/live
for a given certificate will have the same names.
Since you’re using certonly
and --webroot
, this should be easy to fix - as long as you’re not already at the rate limit! (note to future readers: this method will probably not work if you’re obtaining certificates a different way):
- First back up the entire
/etc/letsencrypt
directory and all its contents just in case; - Delete both
/etc/letsencrypt/live/lgms
and/etc/letsencrypt/archive/lgms-0001
, as well as the two files in/etc/letsencrypt/renewal
- Run your certbot certonly command again to get a new certificate, hopefully with the correct name;
- Then double check your nginx configuration to make sure it’s pointed at the correct location for the certificate files.
- Finally reload nginx to pick up the renewed certificate and verify that everything still works.
If you hit the rate limit, restore your backup and try again later
It’s also possible to fix this without requesting a new certificate, but it’s a bit more complex.