Ny Mail Afebt says Certificate expired by cerbot says it is good

don’t THINK I did but…here is live

drwxr-xr-x 2 root wheel 512 Jun 10 11:55 kasdivi.com
drwxr-xr-x 2 root wheel 512 Jun 11 13:26 kasdivi.com-0001
drwxr-xr-x 2 root wheel 512 Jun 11 13:27 theoceanwindow.com-0001
drwxr-xr-x 2 root wheel 512 Jun 11 12:56 www.kasdivi.com
drwxr-xr-x 2 root wheel 512 Jun 11 12:57 www.theoceanwindow.com

is the lack an issue?

Well, I thought we were going to try to fix theoceanwindow.com.conf. The configuration files in /etc/letsencrypt/renewal are hard-coded to match up with other files in /etc/letsencrypt/live and /etc/letsencrypt/archive.

I thought that was the intent too.

If the /etc/letsencrypt/live and /etc/letsencrypt/archive files corresponding to that .conf file don’t exist anymore, then I’m afraid there’s no way that we can rescue it and we probably just need to delete it.

Could we see the output of sudo certbot certificates and get a summary of how you would like your certificates to look/be configured now, to the extent you have a specific preference?

here is the output

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Renewal configuration file /usr/local/etc/letsencrypt/renewal/theoceanwindow.com.conf produced an unexpected error: expected /usr/local/etc/letsencrypt/live/theoceanwindow.com/cert.pem to be a symlink. Skipping.


Found the following certs:
Certificate Name: kasdivi.com-0001
Domains: kasdivi.com
Expiry Date: 2020-09-09 16:22:48+00:00 (VALID: 78 days)
Certificate Path: /usr/local/etc/letsencrypt/live/kasdivi.com-0001/fullchain.pem
Private Key Path: /usr/local/etc/letsencrypt/live/kasdivi.com-0001/privkey.pem
Certificate Name: kasdivi.com
Domains: theoceanwindow.com www.theoceanwindow.com www.wandjbrewers.com
Expiry Date: 2020-09-08 14:51:24+00:00 (VALID: 77 days)
Certificate Path: /usr/local/etc/letsencrypt/live/kasdivi.com/fullchain.pem
Private Key Path: /usr/local/etc/letsencrypt/live/kasdivi.com/privkey.pem
Certificate Name: theoceanwindow.com-0001
Domains: theoceanwindow.com
Expiry Date: 2020-09-09 16:23:29+00:00 (VALID: 78 days)
Certificate Path: /usr/local/etc/letsencrypt/live/theoceanwindow.com-0001/fullchain.pem
Private Key Path: /usr/local/etc/letsencrypt/live/theoceanwindow.com-0001/privkey.pem
Certificate Name: www.kasdivi.com
Domains: www.kasdivi.com
Expiry Date: 2020-09-09 15:53:06+00:00 (VALID: 78 days)
Certificate Path: /usr/local/etc/letsencrypt/live/www.kasdivi.com/fullchain.pem
Private Key Path: /usr/local/etc/letsencrypt/live/www.kasdivi.com/privkey.pem
Certificate Name: www.theoceanwindow.com
Domains: www.theoceanwindow.com
Expiry Date: 2020-09-09 15:54:00+00:00 (VALID: 78 days)
Certificate Path: /usr/local/etc/letsencrypt/live/www.theoceanwindow.com/fullchain.pem
Private Key Path: /usr/local/etc/letsencrypt/live/www.theoceanwindow.com/privkey.pem

The following renewal configurations were invalid:
/usr/local/etc/letsencrypt/renewal/theoceanwindow.com.conf

I have three current virtual hosts on my server triggerfish.theoceanwindow.com and want to enable ssl on them and their web pages. kasdivi.com, theoceanwindow.com and wandjbrewers.com

There are two inactive virtual hosts that I Amy deal with later

you said “probably just need to delete it.” what files should I delete??

If you delete /etc/letsencrypt/renewal/theoceanwindow.com.conf, then Certbot will stop trying to renew that certificate (which seems appropriate right now because there is no corresponding certificate in live or archive at all).

shall make the changes … thanks for the help