[solved] Lost Certificate

Hello,

i made a big mistake today.
I created a certificate for my domain www.ritze.at.
Then i wanted to reinstall Python, and for some reason Certbot was also gone, so my Certificate is gone.
Does anyone know how to revoke my Certificate?
Or is it possible to create a new certificate for the same domain?

I hope you can help me.

certbot may be gone, but it might not have taken the cert with it.
have you looked for the cert in the /etc/letsencrypt/live/ folder?
does the /etc/letsencrypt/ folder still exist?

I reinstalled Certbot when i realized it was gone.
The files in /etc/letsencrypt/live are gone…

and
/etc/letsencrypt/accounts/ ?

There is a file called acme-v01.api.letsencrypt.org

that should be a directory
is there anything in
/etc/letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/
?

if so, check for a meta.json file within a folder therein.
what is the “creation_dt” within the meta.json file?
with any luck it is the original account.
If not, there is still good news…

Oh yes it’s a directory, sorry.
Yes, there is another directory inside of it, some random numbers and letters, and in this directory are these files:
meta.json private_key.json regr.json

I just looked it up. inside of the meta.json is: {“creation_host”: “ritze.at”, “creation_dt”: “2017-10-04T19:02:15Z”}

You can create many certificates for the same domain, and they can be valid at the same time. It isn't necessary to revoke the old certificate in order to create a new one.

You also don’t need to use the same account to create a new certificate, though you can if you like.

I tried to do “certbot --apache -d www.ritze.at” but i geht following errors:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for www.ritze.at
Cleaning up challenges
File:

  • Could not be found to be deleted /var/lib/letsencrypt/hmKslqrp3Yy87viCEScX7nmq-rHwrCqFA-PQ8HfbC3k.pem - LE probably shut down unexpectedly
    File:
  • Could not be found to be deleted /var/lib/letsencrypt/hmKslqrp3Yy87viCEScX7nmq-rHwrCqFA-PQ8HfbC3k.crt - LE probably shut down unexpectedly
    An unexpected error occurred:
    AttributeError: ‘module’ object has no attribute 'rand’
    Please see the logfiles in /var/log/letsencrypt for more details.

That is not the original account…

But the good news, as @schoen stated, you don’t need it and you don’t need to revoke a cert that has been deleted.

So you simply start over as you did the first time.
And get a brand new cert and account.
And all at no cost - LOL

Is there anything in
/var/lib/letsencrypt/ ?
/var/lib/letsencrypt/backups ?

@schoen would it make sense to just delete the contents of
/var/lib/letsencrypt/
and start fresh?

No the directory /var/lib/letsencrypt/backups is empty.

I think the reinstall might have come too early.
You may have benefitted from removing all the LetsEncrypt folders before the reinstall.

but that is still an option - you could:
uninstall certbot
remove all letsencrypt folders
reinstall certbot or certbot-auto (preferred)

I tried this.
After the reinstall i typed "certbot --apache"
Output:
Which names would you like to activate HTTPS for?

1: www.ritze.at

i typed in 1 and then i got these errors again:

File:

  • Could not be found to be deleted /var/lib/letsencrypt/CXkC93CULe9tNw-Xf1-8LmDzcI877XiqrOONGwnCpik.pem - LE probably shut down unexpectedly
    File:
  • Could not be found to be deleted /var/lib/letsencrypt/CXkC93CULe9tNw-Xf1-8LmDzcI877XiqrOONGwnCpik.crt - LE probably shut down unexpectedly
    An unexpected error occurred:
    AttributeError: ‘module’ object has no attribute 'rand’
    Please see the logfiles in /var/log/letsencrypt for more details.

Yes, I would suggest deleting everything Certbot-related on the system.

I deleted the directories “/etc/letsencrypt” and "/var/lib/letsencrypt"
are there somewhere else letsencrypt files/directories i should delete before reinstalling?

@bmw, can you think of anywhere else that has to be deleted?

This error is generated from inside the reverter and I’m not sure of the associated circumstances.

I show these files/folders but most won’t have anything to worry about:
/etc/letsencrypt
/opt/eff.org/certbot/venv/lib/python2.7/site-packages/letsencrypt
/opt/eff.org/certbot/venv/bin/letsencrypt
/var/lib/letsencrypt
/var/log/letsencrypt
/usr/bin/letsencrypt