Unable to renew certs as nginx is missing fullchain.pem

command: nginx

output:
nginx: [emerg] BIO_new_file("/etc/letsencrypt/live/wpms.at/fullchain.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/wpms.at/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)

the fullchain.pem was somehow not there anymore. cannot even find it somewhere else. and now i don´t know how to reinstall the cert, as i cannot get nginx running anymore without the cert.

domain: wpms.at
OS: Ubuntu 16.04.4 LTS
webserver: nginx/1.10.0
hoster: linode
root acess: available
control panel: easy engine (which is no real control panel)

problem:
cannot start nginx due to missing cert (file: /etc/letsencrypt/live/wpms.at/fullchain.pem). cannot renew cert due to not running nginx.

Since you can’t restart nginx, you might as well just issue your previous certificate using standalone mode.

For example:

certbot certonly --standalone --cert-name wpms.at \
-d bauspardarlehen.co.at \
-d gas-anbieter.at \
-d immobilien-bewertung.co.at \
-d kredit-vergleich.co.at \
-d online-kredit.co.at \
-d sofort-kredit.co.at \
-d wpms.at \
-d www.bankkonten.at \
-d www.baukreditrechner.net \
-d www.express-kredit.com \
-d www.kredit-sofort.at \
-d www.oesterreich-kreditrechner.at \
-d www.online-kreditvergleich.at \
-d www.ratenkreditrechner.net \
-d www.taxi-linz.at \
-d www.wohnkredit-rechner.at \
-d www.wpms.at

or if your renewal parameters are still intact, you can try the simpler:

certbot renew --cert-name wpms.at -a standalone

thank you very much - worked perfectly.

If you are then going to to restart nginx listening on port 443, you’ll need to change the authentication method before your next renewal, otherwise -a standalone will no longer work due to the conflict with nginx over port 443.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.