I was getting odd SMTP errors this morning and discovered that my ssl cert attached to postfix was length 0! in /etc/postfix: lrwxrwxrwx 1 root root 54 Jun 23 2019 smtpd.cert -> /etc/letsencrypt/live/ns9.cdbsystems.com/fullchain.pem -rw-r--r-- 1 root root 2163 May 13 2018 smtpd.cert-180519192132.bak lrwxrwxrwx 1 root root 52 Jun 23 2019 smtpd.key -> /etc/letsencrypt/live/ns9.cdbsystems.com/privkey.pem in /etc/letsencrypt/live/ns9.cdbsystems.com: lrwxrwxrwx 1 root root 43 Sep 1 14:35 cert.pem -> ../../archive/ns9.cdbsystems.com/cert15.pem lrwxrwxrwx 1 root root 44 Sep 1 14:35 chain.pem -> ../../archive/ns9.cdbsystems.com/chain15.pem lrwxrwxrwx 1 root root 48 Sep 1 14:35 fullchain.pem -> ../../archive/ns9.cdbsystems.com/fullchain15.pem lrwxrwxrwx 1 root root 46 Sep 1 14:35 privkey.pem -> ../../archive/ns9.cdbsystems.com/privkey15.pem and the privkey and fullchain files were ZERO length. (they are not above because they are now the same as the xxxx14.pem keys) I manually copied *14.pem to *15.pem. so put cert14.pem on cert15.pem, privekey14.pem on privkey15.pem etc. now TLS sessions were validated, but cert was expired (according to test site I had run check). I thought to myself 'lets be clever' and ran /opt/certbot/certbot-auto (no parameters). I told it c to cancel out rather than give any numbers for domains, but thought it would update the ns9 key since it should appear old???. was there some parameter I should have passed??? or was this a really stupid thing to do? (probably the latter with my luck these days). then I went to ispconfig3 and unchecked the SSL/Letsencrypt boxes for ns9.cdbystems.com (vhost). waited for red circle to go away. then checked them again thinking it would recreate the certs for ns9. but it has not... so I still get TLS sessions that are encrypted, but with an expired key. and I'm still using the old pems that I copied from sept 1. how do I recreate JUST the ns9.cdbsystems.com key if the above does not work??? thanks. and would running certbot-auto have any other bad effect that I have to panic over? thanks again! cdb.