Renewing certs on this custom setup (strange old setup)

Help
1

I need to renew LetsEncrypt certificates on a Linux server that was setup years ago. (it’s 16.04 LTS btw)

The problem is that the directories are non-standard.

  • /home/david/letsencrypt is where the accounts archive csr keys live renewal renewal-hooks subdirectories are located.
  • /home/david/nginx_public is where the website public folders for all the websites (example.com, foo.bar.com, etc.) are located.

Given this, how can I run certbot to renew the certs? I suspect it has something to do with the various path arguments, but I’m not sure how.

1 Like
2

BTW, the reason I can’t use the working renewal method anymore (where some old letsencrypt version is buried inside some Docker container) is because it’s now complaining about ACME 1 which they say will become obsolete next month.

On the Ubuntu 16.04, there is certbot 0.31.0 and I hope I can use this directly now to renew.

1 Like
3

If you can, can you try to upgrade the server OS? (like to 18.04 LTS or the latest 20.04 LTS)

Are you sure you are used certbot before?
If so, according to your setup, the command might be similar to this: certbot --config-dir /home/david/letsencrypt --server https://acme-v02.api.letsencrypt.org/directory

Use this instead of regular certbot

A brief explaination:
--config-dir Configuration directory. (default: /etc/letsencrypt)
--server ACME Directory Resource URI. (Force certbot to use ACMEv02)


For example:
Issuing a certificate with nginx:
sudo certbot --config-dir /home/david/letsencrypt --server https://acme-v02.api.letsencrypt.org/directory --nginx -d example2.com
Check existing certificates:
sudo certbot --config-dir /home/david/letsencrypt certificates
Renew:
sudo certbot --config-dir /home/david/letsencrypt --server https://acme-v02.api.letsencrypt.org/directory renew

Hope this helps

P.S. In case this doesn’t work (issue/renew still asks for ACMEv2) and you don’t want to upgrade to latest OS, use certbot-auto instead.

1 Like
4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.