I've tried to restart the renewing process. The certificate was already expired.
In the first try I get the key to insert in the dns txt entry but the challenge afterwards did'nt work
and I became this error:
An unexpected error occurred:
FileExistsError: [Errno 17] File exists: '/etc/letsencrypt/archive/lairdturner.com/privkey6.pem'
After that I tried another time but now I get straight to the error.
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
It produced this output:Renewing an existing certificate
An unexpected error occurred:
FileExistsError: [Errno 17] File exists: '/etc/letsencrypt/archive/lairdturner.com/privkey6.pem'
My web server is (include version):Nginx
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:Netcup
I can login to a root shell on my machine (yes or no, or I don't know):yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):0.40.0
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Renewal configuration file /etc/letsencrypt/renewal/lairdturner.com-0001.conf produced an unexpected error: expected /etc/letsencrypt/live/lairdturner.com-0001/cert.pem to be a symlink. Skipping.
Found the following certs:
Certificate Name: lairdturner.com
Domains: *.lairdturner.com
Expiry Date: 2023-05-05 07:50:29+00:00 (INVALID: EXPIRED)
Certificate Path: /etc/letsencrypt/live/lairdturner.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/lairdturner.com/privkey.pem
The following renewal configurations were invalid:
/etc/letsencrypt/renewal/lairdturner.com-0001.conf
I have now simply with certbot delete --cert-name lairdturner.com deleted the certificate and then created a new one and now it works. What I do not understand in this context now why I had to make nothing new in the DNS txt entry. Can someone explain this to me?
The output of ls -l /etc/letsencrypt/archive/lairdturner.com/ is
-rw-r--r-- 1 root root 1846 May 5 15:25 cert1.pem
-rw-r--r-- 1 root root 3750 May 5 15:25 chain1.pem
-rw-r--r-- 1 root root 5596 May 5 15:25 fullchain1.pem
-rw------- 1 root root 1708 May 5 15:25 privkey1.pem
and the output of ls -l /etc/letsencrypt/live/lairdturner.com/ is
Let's Encrypt caches successful domain name validations for 30 days. You have gotten several certs recently so a successful validation was in the cache.