SSL Certificate Renewal

My bad. :slightly_smiling_face:

I made a mistake.

2 Likes

i have executed all above commands

2 Likes

sudo rm /etc/letsencrypt/archive/mail.farbintl.org/.chain10.pem.swp

sudo rm /etc/letsencrypt/renewal/mail.farbintl.org-0001.conf

sudo cp /etc/letsencrypt/renewal/mail.farbintl.org.conf /etc/letsencrypt/renewal/mail.farbintl.org-0001.conf

sudo certbot delete --cert-name mail.farbintl.org

sudo rm /etc/letsencrypt/csr/*

sudo rm /etc/letsencrypt/keys/*

2 Likes

I fixed the problem in the command list above. Please proceed with the fixed version of the command that gave the error.

3 Likes

root@mail:~# mv /etc/letsencrypt/renewal/mail.farbintl.org-0001.conf /etc/letsencrypt/renewal/mail.farbintl.org.conf
mv: cannot stat '/etc/letsencrypt/renewal/mail.farbintl.org-0001.conf': No such file or directory

2 Likes

What's the current output of:

sudo ls -lRa /etc/letsencrypt
2 Likes

root@mail:~# ls -lRa /etc/letsencrypt
/etc/letsencrypt:
total 40
drwxr-xr-x 9 root root 4096 Jul 2 23:54 .
drwxr-xr-x 106 root root 4096 Jul 2 15:48 ..
drwx------ 3 root root 4096 Oct 7 2020 accounts
drwx------ 3 root root 4096 Jul 2 23:48 archive
-rw-r--r-- 1 root root 121 Feb 11 2019 cli.ini
drwxr-xr-x 2 root root 4096 Jul 2 23:36 csr
drwx------ 2 root root 4096 Jul 2 23:36 keys
drwx------ 3 root root 4096 Jul 2 23:48 live
drwxr-xr-x 2 root root 4096 Jul 2 23:52 renewal
drwxr-xr-x 5 root root 4096 Oct 7 2020 renewal-hooks

/etc/letsencrypt/accounts:
total 12
drwx------ 3 root root 4096 Oct 7 2020 .
drwxr-xr-x 9 root root 4096 Jul 2 23:54 ..
drwx------ 3 root root 4096 Oct 7 2020 acme-v02.api.letsencrypt.org

/etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org:
total 12
drwx------ 3 root root 4096 Oct 7 2020 .
drwx------ 3 root root 4096 Oct 7 2020 ..
drwx------ 3 root root 4096 Oct 7 2020 directory

/etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory:
total 12
drwx------ 3 root root 4096 Oct 7 2020 .
drwx------ 3 root root 4096 Oct 7 2020 ..
drwx------ 2 root root 4096 Oct 7 2020 2cf5ab571387cb0ba492c3a2ce115a5c

/etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/2cf5ab571387cb0ba492c3a2ce115a5c:
total 20
drwx------ 2 root root 4096 Oct 7 2020 .
drwx------ 3 root root 4096 Oct 7 2020 ..
-rw-r--r-- 1 root root 77 Oct 7 2020 meta.json
-r-------- 1 root root 1632 Oct 7 2020 private_key.json
-rw-r--r-- 1 root root 78 Oct 7 2020 regr.json

/etc/letsencrypt/archive:
total 12
drwx------ 3 root root 4096 Jul 2 23:48 .
drwxr-xr-x 9 root root 4096 Jul 2 23:54 ..
drwxr-xr-x 2 root root 4096 Jul 2 19:49 mail.farbintl.org

/etc/letsencrypt/archive/mail.farbintl.org:
total 168
drwxr-xr-x 2 root root 4096 Jul 2 19:49 .
drwx------ 3 root root 4096 Jul 2 23:48 ..
-rw-r--r-- 1 root root 1850 Jun 6 13:22 cert1.pem
-rw-r--r-- 1 root root 1850 Jun 6 13:25 cert2.pem
-rw-r--r-- 1 root root 1850 Jun 18 22:29 cert3.pem
-rw-r--r-- 1 root root 1850 Jul 1 16:10 cert4.pem
-rw-r--r-- 1 root root 1846 Jul 1 16:41 cert5.pem
-rw-r--r-- 1 root root 1850 Jul 1 16:42 cert6.pem
-rw-r--r-- 1 root root 1850 Jul 1 23:58 cert7.pem
-rw-r--r-- 1 root root 1850 Jul 2 19:49 cert8.pem
-rw-r--r-- 1 root root 3749 Jun 6 13:22 chain1.pem
-rw-r--r-- 1 root root 3749 Jun 6 13:25 chain2.pem
-rw-r--r-- 1 root root 3749 Jun 18 22:29 chain3.pem
-rw-r--r-- 1 root root 3749 Jul 1 16:10 chain4.pem
-rw-r--r-- 1 root root 3749 Jul 1 16:41 chain5.pem
-rw-r--r-- 1 root root 3749 Jul 1 16:42 chain6.pem
-rw-r--r-- 1 root root 3749 Jul 1 23:58 chain7.pem
-rw-r--r-- 1 root root 3749 Jul 2 19:49 chain8.pem
-rw-r--r-- 1 root root 5599 Jun 6 13:22 fullchain1.pem
-rw-r--r-- 1 root root 5599 Jun 6 13:25 fullchain2.pem
-rw-r--r-- 1 root root 5599 Jun 18 22:29 fullchain3.pem
-rw-r--r-- 1 root root 5599 Jul 1 16:10 fullchain4.pem
-rw-r--r-- 1 root root 5595 Jul 1 16:41 fullchain5.pem
-rw-r--r-- 1 root root 5599 Jul 1 16:42 fullchain6.pem
-rw-r--r-- 1 root root 5599 Jul 1 23:58 fullchain7.pem
-rw-r--r-- 1 root root 5599 Jul 2 19:49 fullchain8.pem
-rw------- 1 root root 1704 Jun 6 13:22 privkey1.pem
-rw------- 1 root root 1704 Jun 6 13:25 privkey2.pem
-rw------- 1 root root 1704 Jun 18 22:29 privkey3.pem
-rw------- 1 root root 1704 Jul 1 16:10 privkey4.pem
-rw------- 1 root root 1704 Jul 1 16:41 privkey5.pem
-rw------- 1 root root 1704 Jul 1 16:42 privkey6.pem
-rw------- 1 root root 1704 Jul 1 23:58 privkey7.pem
-rw------- 1 root root 1704 Jul 2 19:49 privkey8.pem

/etc/letsencrypt/csr:
total 8
drwxr-xr-x 2 root root 4096 Jul 2 23:36 .
drwxr-xr-x 9 root root 4096 Jul 2 23:54 ..

/etc/letsencrypt/keys:
total 8
drwx------ 2 root root 4096 Jul 2 23:36 .
drwxr-xr-x 9 root root 4096 Jul 2 23:54 ..

/etc/letsencrypt/live:
total 16
drwx------ 3 root root 4096 Jul 2 23:48 .
drwxr-xr-x 9 root root 4096 Jul 2 23:54 ..
drwxr-xr-x 3 root root 4096 Jul 2 23:54 mail.farbintl.org
-rw-r--r-- 1 root root 740 Oct 7 2020 README

/etc/letsencrypt/live/mail.farbintl.org:
total 16
drwxr-xr-x 3 root root 4096 Jul 2 23:54 .
drwx------ 3 root root 4096 Jul 2 23:48 ..
lrwxrwxrwx 1 root root 41 Jul 2 23:53 cert.pem -> ../../archive/mail.farbintl.org/cert8.pem
lrwxrwxrwx 1 root root 42 Jul 2 23:53 chain.pem -> ../../archive/mail.farbintl.org/chain8.pem
lrwxrwxrwx 1 root root 46 Jul 2 23:54 fullchain.pem -> ../../archive/mail.farbintl.org/fullchain8.pem
drwxr-xr-x 2 root root 4096 Jul 2 22:44 mail.farbintl.org-0001
lrwxrwxrwx 1 root root 44 Jul 2 23:54 privkey.pem -> ../../archive/mail.farbintl.org/privkey8.pem
-rw-r--r-- 1 root root 692 Oct 7 2020 README

/etc/letsencrypt/live/mail.farbintl.org/mail.farbintl.org-0001:
total 32
drwxr-xr-x 2 root root 4096 Jul 2 22:44 .
drwxr-xr-x 3 root root 4096 Jul 2 23:54 ..
-rw-r--r-- 1 root root 1850 Jul 2 19:49 cert.pem
-rw-r--r-- 1 root root 3749 Jul 2 19:49 chain.pem
-rw-r--r-- 1 root root 5599 Jul 2 19:49 fullchain.pem
-rw-r--r-- 1 root root 1704 Jul 2 19:49 privkey.pem
-rw-r--r-- 1 root root 692 Jun 6 13:22 README

/etc/letsencrypt/renewal:
total 12
drwxr-xr-x 2 root root 4096 Jul 2 23:52 .
drwxr-xr-x 9 root root 4096 Jul 2 23:54 ..
-rw-r--r-- 1 root root 548 Jul 2 23:52 mail.farbintl.org.conf

/etc/letsencrypt/renewal-hooks:
total 20
drwxr-xr-x 5 root root 4096 Oct 7 2020 .
drwxr-xr-x 9 root root 4096 Jul 2 23:54 ..
drwxr-xr-x 2 root root 4096 Oct 7 2020 deploy
drwxr-xr-x 2 root root 4096 Oct 7 2020 post
drwxr-xr-x 2 root root 4096 Oct 7 2020 pre

/etc/letsencrypt/renewal-hooks/deploy:
total 8
drwxr-xr-x 2 root root 4096 Oct 7 2020 .
drwxr-xr-x 5 root root 4096 Oct 7 2020 ..

/etc/letsencrypt/renewal-hooks/post:
total 8
drwxr-xr-x 2 root root 4096 Oct 7 2020 .
drwxr-xr-x 5 root root 4096 Oct 7 2020 ..

/etc/letsencrypt/renewal-hooks/pre:
total 8
drwxr-xr-x 2 root root 4096 Oct 7 2020 .
drwxr-xr-x 5 root root 4096 Oct 7 2020 ..

2 Likes

executed all commands still same error on last command

root@mail:~# certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Renewal configuration file /etc/letsencrypt/renewal/mail.farbintl.org.conf produced an unexpected error: error parsing /etc/letsencry pt/renewal/mail.farbintl.org.conf. Skipping.


The following renewal configurations were invalid:
/etc/letsencrypt/renewal/mail.farbintl.org.conf


2 Likes

Firstly:

sudo rm -rf /etc/letsencrypt/live/mail.farbintl.org/mail.farbintl.org-0001
3 Likes

What's the output of:

sudo cat /etc/letsencrypt/renewal/mail.farbintl.org.conf
3 Likes

cat /etc/letsencrypt/renewal/mail.farbintl.org.conf
renew_before_expiry = 30 days
version = 1.9.0
archive_dir = /etc/letsencrypt/archive/mail.farbintl.org-0001
cert = /etc/letsencrypt/live/mail.farbintl.org-0001/cert.pem
privkey = /etc/letsencrypt/live/mail.farbintl.org-0001/privkey.pem
chain = /etc/letsencrypt/live/mail.farbintl.org-0001/chain.pem
fullchain = /etc/letsencrypt/live/mail.farbintl.org-0001/fullchain.pem

Options used in the renewal process
[renewalparams]
authenticator = standalone
account = 2cf5ab571387cb0ba492c3a2ce115a5c

2 Likes

Please run this command:

sudo nano /etc/letsencrypt/renewal/mail.farbintl.org.conf

and edit all 5 of the lines with:

mail.farbintl.org-0001

to be:

mail.farbintl.org

then show the outputs of:

sudo ls -lRa /etc/letsencrypt

sudo cat /etc/letsencrypt/renewal/mail.farbintl.org.conf
2 Likes

root@mail:~# ls -lRa /etc/letsencrypt
/etc/letsencrypt:
total 40
drwxr-xr-x 9 root root 4096 Jul 2 23:54 .
drwxr-xr-x 106 root root 4096 Jul 2 15:48 ..
drwx------ 3 root root 4096 Oct 7 2020 accounts
drwx------ 3 root root 4096 Jul 2 23:48 archive
-rw-r--r-- 1 root root 121 Feb 11 2019 cli.ini
drwxr-xr-x 2 root root 4096 Jul 2 23:36 csr
drwx------ 2 root root 4096 Jul 2 23:36 keys
drwx------ 3 root root 4096 Jul 2 23:48 live
drwxr-xr-x 2 root root 4096 Jul 3 00:25 renewal
drwxr-xr-x 5 root root 4096 Oct 7 2020 renewal-hooks

/etc/letsencrypt/accounts:
total 12
drwx------ 3 root root 4096 Oct 7 2020 .
drwxr-xr-x 9 root root 4096 Jul 2 23:54 ..
drwx------ 3 root root 4096 Oct 7 2020 acme-v02.api.letsencrypt.org

/etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org:
total 12
drwx------ 3 root root 4096 Oct 7 2020 .
drwx------ 3 root root 4096 Oct 7 2020 ..
drwx------ 3 root root 4096 Oct 7 2020 directory

/etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory:
total 12
drwx------ 3 root root 4096 Oct 7 2020 .
drwx------ 3 root root 4096 Oct 7 2020 ..
drwx------ 2 root root 4096 Oct 7 2020 2cf5ab571387cb0ba492c3a2ce115a5c

/etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/2cf5ab571387cb0ba492c3a2ce115a5c:
total 20
drwx------ 2 root root 4096 Oct 7 2020 .
drwx------ 3 root root 4096 Oct 7 2020 ..
-rw-r--r-- 1 root root 77 Oct 7 2020 meta.json
-r-------- 1 root root 1632 Oct 7 2020 private_key.json
-rw-r--r-- 1 root root 78 Oct 7 2020 regr.json

/etc/letsencrypt/archive:
total 12
drwx------ 3 root root 4096 Jul 2 23:48 .
drwxr-xr-x 9 root root 4096 Jul 2 23:54 ..
drwxr-xr-x 2 root root 4096 Jul 2 19:49 mail.farbintl.org

/etc/letsencrypt/archive/mail.farbintl.org:
total 168
drwxr-xr-x 2 root root 4096 Jul 2 19:49 .
drwx------ 3 root root 4096 Jul 2 23:48 ..
-rw-r--r-- 1 root root 1850 Jun 6 13:22 cert1.pem
-rw-r--r-- 1 root root 1850 Jun 6 13:25 cert2.pem
-rw-r--r-- 1 root root 1850 Jun 18 22:29 cert3.pem
-rw-r--r-- 1 root root 1850 Jul 1 16:10 cert4.pem
-rw-r--r-- 1 root root 1846 Jul 1 16:41 cert5.pem
-rw-r--r-- 1 root root 1850 Jul 1 16:42 cert6.pem
-rw-r--r-- 1 root root 1850 Jul 1 23:58 cert7.pem
-rw-r--r-- 1 root root 1850 Jul 2 19:49 cert8.pem
-rw-r--r-- 1 root root 3749 Jun 6 13:22 chain1.pem
-rw-r--r-- 1 root root 3749 Jun 6 13:25 chain2.pem
-rw-r--r-- 1 root root 3749 Jun 18 22:29 chain3.pem
-rw-r--r-- 1 root root 3749 Jul 1 16:10 chain4.pem
-rw-r--r-- 1 root root 3749 Jul 1 16:41 chain5.pem
-rw-r--r-- 1 root root 3749 Jul 1 16:42 chain6.pem
-rw-r--r-- 1 root root 3749 Jul 1 23:58 chain7.pem
-rw-r--r-- 1 root root 3749 Jul 2 19:49 chain8.pem
-rw-r--r-- 1 root root 5599 Jun 6 13:22 fullchain1.pem
-rw-r--r-- 1 root root 5599 Jun 6 13:25 fullchain2.pem
-rw-r--r-- 1 root root 5599 Jun 18 22:29 fullchain3.pem
-rw-r--r-- 1 root root 5599 Jul 1 16:10 fullchain4.pem
-rw-r--r-- 1 root root 5595 Jul 1 16:41 fullchain5.pem
-rw-r--r-- 1 root root 5599 Jul 1 16:42 fullchain6.pem
-rw-r--r-- 1 root root 5599 Jul 1 23:58 fullchain7.pem
-rw-r--r-- 1 root root 5599 Jul 2 19:49 fullchain8.pem
-rw------- 1 root root 1704 Jun 6 13:22 privkey1.pem
-rw------- 1 root root 1704 Jun 6 13:25 privkey2.pem
-rw------- 1 root root 1704 Jun 18 22:29 privkey3.pem
-rw------- 1 root root 1704 Jul 1 16:10 privkey4.pem
-rw------- 1 root root 1704 Jul 1 16:41 privkey5.pem
-rw------- 1 root root 1704 Jul 1 16:42 privkey6.pem
-rw------- 1 root root 1704 Jul 1 23:58 privkey7.pem
-rw------- 1 root root 1704 Jul 2 19:49 privkey8.pem

/etc/letsencrypt/csr:
total 8
drwxr-xr-x 2 root root 4096 Jul 2 23:36 .
drwxr-xr-x 9 root root 4096 Jul 2 23:54 ..

/etc/letsencrypt/keys:
total 8
drwx------ 2 root root 4096 Jul 2 23:36 .
drwxr-xr-x 9 root root 4096 Jul 2 23:54 ..

/etc/letsencrypt/live:
total 16
drwx------ 3 root root 4096 Jul 2 23:48 .
drwxr-xr-x 9 root root 4096 Jul 2 23:54 ..
drwxr-xr-x 2 root root 4096 Jul 3 00:16 mail.farbintl.org
-rw-r--r-- 1 root root 740 Oct 7 2020 README

/etc/letsencrypt/live/mail.farbintl.org:
total 12
drwxr-xr-x 2 root root 4096 Jul 3 00:16 .
drwx------ 3 root root 4096 Jul 2 23:48 ..
lrwxrwxrwx 1 root root 41 Jul 2 23:53 cert.pem -> ../../archive/mail.farbintl.org/cert8.pem
lrwxrwxrwx 1 root root 42 Jul 2 23:53 chain.pem -> ../../archive/mail.farbintl.org/chain8.pem
lrwxrwxrwx 1 root root 46 Jul 2 23:54 fullchain.pem -> ../../archive/mail.farbintl.org/fullchain8.pem
lrwxrwxrwx 1 root root 44 Jul 2 23:54 privkey.pem -> ../../archive/mail.farbintl.org/privkey8.pem
-rw-r--r-- 1 root root 692 Oct 7 2020 README

/etc/letsencrypt/renewal:
total 12
drwxr-xr-x 2 root root 4096 Jul 3 00:25 .
drwxr-xr-x 9 root root 4096 Jul 2 23:54 ..
-rw-r--r-- 1 root root 524 Jul 3 00:24 mail.farbintl.org.conf

/etc/letsencrypt/renewal-hooks:
total 20
drwxr-xr-x 5 root root 4096 Oct 7 2020 .
drwxr-xr-x 9 root root 4096 Jul 2 23:54 ..
drwxr-xr-x 2 root root 4096 Oct 7 2020 deploy
drwxr-xr-x 2 root root 4096 Oct 7 2020 post
drwxr-xr-x 2 root root 4096 Oct 7 2020 pre

/etc/letsencrypt/renewal-hooks/deploy:
total 8
drwxr-xr-x 2 root root 4096 Oct 7 2020 .
drwxr-xr-x 5 root root 4096 Oct 7 2020 ..

/etc/letsencrypt/renewal-hooks/post:
total 8
drwxr-xr-x 2 root root 4096 Oct 7 2020 .
drwxr-xr-x 5 root root 4096 Oct 7 2020 ..

/etc/letsencrypt/renewal-hooks/pre:
total 8
drwxr-xr-x 2 root root 4096 Oct 7 2020 .
drwxr-xr-x 5 root root 4096 Oct 7 2020 ..

2 Likes

root@mail:~# cat /etc/letsencrypt/renewal/mail.farbintl.org.conf
renew_before_expiry = 30 days
version = 1.9.0
archive_dir = /etc/letsencrypt/archive/mail.farbintl.org
cert = /etc/letsencrypt/live/mail.farbintl.org/cert.pem
privkey = /etc/letsencrypt/live/mail.farbintl.org/privkey.pem
chain = /etc/letsencrypt/live/mail.farbintl.org/chain.pem
fullchain = /etc/letsencrypt/live/mail.farbintl.org/fullchain.pem

Options used in the renewal process
[renewalparams]
authenticator = standalone
account = 2cf5ab571387cb0ba492c3a2ce115a5c
server = https://acme-v02.api.letsencrypt.org/directory

2 Likes

What's the output of:

sudo certbot certificates
2 Likes

root@mail:~# certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Renewal configuration file /etc/letsencrypt/renewal/mail.farbintl.org.conf produced an unexpected error: error parsing /etc/letsencrypt/renewal/mail.farbintl.org.conf. Skipping.


The following renewal configurations were invalid:
/etc/letsencrypt/renewal/mail.farbintl.org.conf


2 Likes

Please edit the configuration file again and put a # symbol followed by a single space before "renew_before_expiry = 30 days" and "Options used in the renewal process". I have no idea why those would have gotten removed, but they're necessary.

Then show the output of:

sudo cat /etc/letsencrypt/renewal/mail.farbintl.org.conf
1 Like

root@mail:~# cat /etc/letsencrypt/renewal/mail.farbintl.org.conf

# renew_before_expiry = 30 days
version = 1.9.0
archive_dir = /etc/letsencrypt/archive/mail.farbintl.org
cert = /etc/letsencrypt/live/mail.farbintl.org/cert.pem
privkey = /etc/letsencrypt/live/mail.farbintl.org/privkey.pem
chain = /etc/letsencrypt/live/mail.farbintl.org/chain.pem
fullchain = /etc/letsencrypt/live/mail.farbintl.org/fullchain.pem


# Options used in the renewal process
[renewalparams]
authenticator = standalone
account = 2cf5ab571387cb0ba492c3a2ce115a5c
server = https://acme-v02.api.letsencrypt.org/directory
2 Likes

Let's try this again :slightly_smiling_face:

sudo certbot certificates

2 Likes

root@mail:~# certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Attempting to parse the version 1.9.0 renewal configuration file found at /etc/letsencrypt/renewal/mail.farbintl.org.conf with version 0.27.0 of Certbot. This might not work.


Found the following certs:
Certificate Name: mail.farbintl.org
Domains: mail.farbintl.org
Expiry Date: 2021-09-30 13:49:06+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/mail.farbintl.org/fullchain.pem
Private Key Path: /etc/letsencrypt/live/mail.farbintl.org/privkey.pem


2 Likes