Let's encrypt validity

  • Sure, just send a private message here in forum. I need server root access and panel access. imscp db user would be fine, but not needed atm I think.

  • Ok problem solved. Seems letsencrypt itself had any problems. I removed the old certificates + configs in /etc/live/domain.tld*/ /etc/archive/domain.tld*/ and /etc/renewal/domain.tld* and ran renewal cronjob:
    perl /var/www/imscp/gui/plugins/LetsEncrypt/cronjobs/renew.pl > /dev/null 2>&1

    After that new cert was generated successfully.

    BTW: May it's also because in past you generated a letsencrypt cert for that domain via command line?

  • Yes, I made letsencrypt certs in the past by command line.
    Can you integrate into the plugin, that old certs are deleted in the next version?

    I have deleted the files as you mentionend above for the second wrong domain an rerun the renew.pl again. After that, the cert for the domain oekomatik.ch was created perfectly.

    Thank you very much for your help!

    Edited once, last by oekowalti ().

  • We'll not delete other certs because it may break other things. We're just using certbot as third-party tool, so the folders will stay untouched. But normally this should not happen. Your scenario with self-generated certs should also work fine with our plugin (certbot). I'm little bit curious why that happend. Surely a bug in certbot itself.

    BTW: I had no problems with such scenario in past :)

  • Ok problem found. This is because certbot generates a new folder under /etc/letsencrypt/live/domain.tld-000x/. This is because of your old letsencrypt account. I'm in contact with the certbot (letsencrypt) devs to solve such problem. As workaround you must delete these folders atm. I'll also add a troubleshooting section in documentation.