Lets Encrypt problems again, can't renew certificate

Discussion in 'General' started by toffie, Mar 20, 2018.

  1. toffie

    toffie New Member

    Hey everyone,
    Another Lets Encrypt problem I discovered today when the certificate went invalid, this problem apparently occured already on the 8th of February, but haven't come to my attention until now.

    It seems that there is a file error?
    "CertStorageError: expected /etc/letsencrypt/live/sub.topdomain.com/cert.pem to be a symlink"

    I'm running ISPConfig 3.1.11 and in the config for the subdomain, here called "sub.topdomain.com", both SSL and Lets Encrypt is ticked.

    What is wrong and what can I do? What other files do you need to see?

    Hope you can help me! :)
    Many thanks in advance!

    Oh, and this has happened for all my domains, luckily though its only one domain that expired today, next is in April.

    The log from /var/log/letsencrypt/letsencrypt.log
    Code:
    2018-02-08 07:50:24,096:DEBUG:certbot.main:certbot version: 0.21.1
    2018-02-08 07:50:24,098:DEBUG:certbot.main:Arguments: ['-n', '--post-hook', "echo '1' > /usr/local/ispconfig/server/le.restart"]
    2018-02-08 07:50:24,098:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
    2018-02-08 07:50:24,121:WARNING:certbot.cli:You are running with an old copy of letsencrypt-auto that does not receive updates, and is less reliable than more recent versions. We recommend upgrading to the latest certbot-auto script, or using native OS packages.
    2018-02-08 07:50:24,121:DEBUG:certbot.cli:Deprecation warning circumstances: /opt/eff.org/certbot/venv/bin/certbot / {'LANG': 'sv_SE.UTF-8', 'SHELL': '/bin/sh', 'SHLVL': '3', 'PWD': '/usr/local/ispconfig/server', 'LOGNAME': 'root', 'HOME': '/root', 'PATH': '/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/X11R6/bin', '_': '/opt/eff.org/certbot/venv/bin/certbot'}
    2018-02-08 07:50:24,163:DEBUG:certbot.log:Root logging level set at 20
    2018-02-08 07:50:24,164:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
    
    2018-02-08 07:50:24,212:WARNING:certbot.renewal:expected /etc/letsencrypt/live/sub.topdomain.com/cert.pem to be a symlink
    2018-02-08 07:50:24,212:WARNING:certbot.renewal:Renewal configuration file /etc/letsencrypt/renewal/sub.topdomain.com.conf is broken. Skipping.
    2018-02-08 07:50:24,213:DEBUG:certbot.renewal:Traceback was:
    Traceback (most recent call last):
      File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/renewal.py", line 60, in _reconstitute
        renewal_candidate = storage.RenewableCert(full_path, config)
      File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/storage.py", line 434, in __init__
        self._check_symlinks()
      File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/storage.py", line 493, in _check_symlinks
        "expected {0} to be a symlink".format(link))
    CertStorageError: expected /etc/letsencrypt/live/sub.topdomain.com/cert.pem to be a symlink
    
    2018-02-08 07:50:24,245:DEBUG:certbot.log:Exiting abnormally:
    Traceback (most recent call last):
      File "/opt/eff.org/certbot/venv/bin/certbot", line 11, in <module>
        sys.exit(main())
      File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 1240, in main
        return config.func(config, plugins)
      File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 1142, in renew
        renewal.handle_renewal_request(config)
      File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/renewal.py", line 443, in handle_renewal_request
        len(renew_failures), len(parse_failures)))
    Error: 0 renew failure(s), 6 parse failure(s)
    
     
  2. Taleman

    Taleman Active Member HowtoForge Supporter

  3. toffie

    toffie New Member

    Debian 8 Jessie, ISPConfig 3.1.11, Apache/2.4.10, PHP5

    - Check that you have Let’s Encrypt installed.
    Obviously, yes.

    - When your server is behind a NAT router so that the server itself can not reach the hosted domains, then enable the option "Skip Letsencrypt check" under System > Server config > web.
    Sits behind a nat, "Skip Lets Encrypt check" is ticked

    - Check that all domain names (icl auto subdomain www etc), subdomains and aliasdomains really point to the right website and are working. Open one after another in your browser and test that.
    All the sites work and has been for over a month - no changes done and all the sites work - except one which obviously the certificate has expired on - hence the reason I created this thread.

    - If you still use Apache 2.2, then update your ispconfig to git-stable branch with the ispconfig_update.sh script to get an updated vhost template. After you did that, use Tools > resync to apply the new template to all sites or apply it to a single site by altering a value in the site settings and press save, before you try to activate Let’s Encrypt again. This is only necessary on apache 2.2 systems, newer apache 2.4 or nginx systems are not affected.
    Using Apache 2.4.10

    - If you updated to ISPConfig 3.1 and deselected the "reconfigure services" option during update (which is selected by default), then Let’s Encrypt will fail as your server is missing the Let’s Encrypt configuration in the ispconfig apache configuration files. Redo the update and chose to reconfigure services in that case.
    "reconfigure services" was used when updating to ISPConfig 3.1.11


    Downloaded "htf-common-issues.php" and ran it, this is the resulting htf_report.txt file
    Code:
    ##### SERVER #####
    IP-address (as per hostname): ***.***.***.***
    IP-address(es) (as per ifconfig): ***.***.***.***
    [INFO] ISPConfig is installed.
    
    ##### ISPCONFIG #####
    ISPConfig version is 3.1.11
    
    ##### VERSION CHECK #####
    
    [INFO] php (cli) version is 5.6.33-0+deb8u1
    [INFO] php-cgi (used for cgi php in default vhost!) is version 5.6.33-0+deb8u1
    
    ##### PORT CHECK #####
    
    ##### MAIL SERVER CHECK #####
    
    ##### RUNNING SERVER PROCESSES #####
    
    [INFO] I found the following web server(s):
        Apache 2 (PID 5491)
    [INFO] I found the following mail server(s):
        Postfix (PID 14208)
    [INFO] I found the following pop3 server(s):
        Dovecot (PID 14452)
    [INFO] I found the following imap server(s):
        Unknown process (init) (PID 1)
    [INFO] I found the following ftp server(s):
        PureFTP (PID 14600)
    
    ##### LISTENING PORTS #####
    (only        ()
    Local        (Address)
    [anywhere]:995        (14452/dovecot)
    [localhost]:10023        (809/postgrey.pid)
    [anywhere]:57287        (510/rpc.statd)
    [localhost]:10024        (14444/amavisd-new)
    [localhost]:10025        (14208/master)
    [localhost]:10026        (14444/amavisd-new)
    [anywhere]:3306        (13952/mysqld)
    [localhost]:10027        (14208/master)
    [anywhere]:587        (14208/master)
    [localhost]:11211        (527/memcached)
    [anywhere]:110        (14452/dovecot)
    [anywhere]:143        (1/init)
    [anywhere]:111        (501/rpcbind)
    [anywhere]:465        (14208/master)
    ***.***.***.***:53        (11773/named)
    [localhost]:53        (11773/named)
    [anywhere]:21        (14600/pure-ftpd)
    [anywhere]:22        (26354/sshd)
    [localhost]:953        (11773/named)
    [anywhere]:25        (14208/master)
    [anywhere]:993        (1/init)
    *:*:*:*::*:995        (14452/dovecot)
    *:*:*:*::*:10023        (809/postgrey.pid)
    *:*:*:*::*:10024        (14444/amavisd-new)
    *:*:*:*::*:10026        (14444/amavisd-new)
    *:*:*:*::*:587        (14208/master)
    [localhost]10        (14452/dovecot)
    [localhost]43        (1/init)
    [localhost]11        (501/rpcbind)
    *:*:*:*::*:8080        (5491/apache2)
    *:*:*:*::*:80        (5491/apache2)
    *:*:*:*::*:8081        (5491/apache2)
    *:*:*:*::*:465        (14208/master)
    *:*:*:*::*:53        (11773/named)
    *:*:*:*::*:21        (14600/pure-ftpd)
    *:*:*:*::*:22        (26354/sshd)
    *:*:*:*::*:953        (11773/named)
    *:*:*:*::*:25        (14208/master)
    *:*:*:*::*:443        (5491/apache2)
    *:*:*:*::*:35805        (510/rpc.statd)
    *:*:*:*::*:993        (1/init)
    
    ##### IPTABLES #####
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination        
    fail2ban-postfix-sasl  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 25
    fail2ban-dovecot-pop3imap  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 110,995,143,993
    fail2ban-pureftpd  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 21
    fail2ban-ssh  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 22
    
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination        
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination        
    
    Chain fail2ban-dovecot-pop3imap (1 references)
    target     prot opt source               destination        
    RETURN     all  --  [anywhere]/0            [anywhere]/0          
    
    Chain fail2ban-postfix-sasl (1 references)
    target     prot opt source               destination        
    RETURN     all  --  [anywhere]/0            [anywhere]/0          
    
    Chain fail2ban-pureftpd (1 references)
    target     prot opt source               destination        
    RETURN     all  --  [anywhere]/0            [anywhere]/0          
    
    Chain fail2ban-ssh (1 references)
    target     prot opt source               destination        
    RETURN     all  --  [anywhere]/0            [anywhere]/0          
    


    Obviously there is something wrong in the behind the scenes, perhaps some file that was created wrongly by ISPConfig? As seen on this row from log from /var/log/letsencrypt/letsencrypt.log as shown in the first post.
    Code:
    CertStorageError: expected /etc/letsencrypt/live/sub.topdomain.com/cert.pem to be a symlink
    There are errors for every domain, but as I said, only one domain so far has expired - the others still work but will face the same problem if this error isn't fixed.
     
  4. Taleman

    Taleman Active Member HowtoForge Supporter

    Have you tried the trick of:
    - unselect Let's Encrypt for that website
    - save
    - wait two minutes
    - select Let's Encrypt back for that webisite
    - save
    see logs and check whether it works now

    You got complaint about old certbot version. There is new available in Jessie Backports:
    https://packages.debian.org/jessie-backports/certbot
     
  5. toffie

    toffie New Member

    Alright, I updated certbot with Jessie Backports enabled. So that should be ok now at least.

    I did your trick with unselect, save, wait, select, wait and nope.. still doesn't work. Let's Encrypt is still checked in ISPConfig for that website, so it didn't just fail out at least.

    Here is the logfile;
    Code:
    2018-03-20 15:31:09,898:DEBUG:certbot.main:Root logging level set at 20
    2018-03-20 15:31:09,900:INFO:certbot.main:Saving debug log to /var/log/letsencrypt/letsencrypt.log
    2018-03-20 15:31:09,901:DEBUG:certbot.main:certbot version: 0.10.2
    2018-03-20 15:31:09,901:DEBUG:certbot.main:Arguments: ['-n', '--text', '--agree-tos', '--expand', '--authenticator', 'webroot', '--server', 'https://acme-v01.api.letsencrypt.org/directory', '--rsa-key-size', '4096', '--email', '[email protected]', '--domains', 'sub.topdomain.com', '--webroot-path', '/usr/local/ispconfig/interface/acme']
    2018-03-20 15:31:09,903:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
    2018-03-20 15:31:09,904:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
    2018-03-20 15:31:09,912:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
    Description: Place files in webroot directory
    Interfaces: IAuthenticator, IPlugin
    Entry point: webroot = certbot.plugins.webroot:Authenticator
    Initialized: <certbot.plugins.webroot.Authenticator object at 0x7fd197fa2d50>
    Prep: True
    2018-03-20 15:31:09,914:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7fd197fa2d50> and installer None
    2018-03-20 15:31:10,579:DEBUG:certbot.main:Exiting abnormally:
    Traceback (most recent call last):
      File "/usr/bin/letsencrypt", line 11, in <module>
        load_entry_point('certbot==0.10.2', 'console_scripts', 'certbot')()
      File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 849, in main
        return config.func(config, plugins)
      File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 621, in obtain_cert
        le_client = _init_le_client(config, auth, installer)
      File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 399, in _init_le_client
        acc, acme = _determine_account(config)
      File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 364, in _determine_account
        acc = display_ops.choose_account(accounts)
      File "/usr/lib/python2.7/dist-packages/certbot/display/ops.py", line 83, in choose_account
        "Please choose an account", labels, force_interactive=True)
      File "/usr/lib/python2.7/dist-packages/certbot/display/util.py", line 480, in menu
        self._interaction_fail(message, cli_flag, "Choices: " + repr(choices))
      File "/usr/lib/python2.7/dist-packages/certbot/display/util.py", line 442, in _interaction_fail
        raise errors.MissingCommandlineFlag(msg)
    MissingCommandlineFlag: Missing command line flag or config entry for this setting:
    Please choose an account
    Choices: ['[email protected]:55:35Z (802d)', '[email protected]:26:31Z (a2f5)']
    
    
    I have two accounts also, one for the new "server" and one for the old one that just got back when I reinstalled the server..

    Some weeks ago I accidentally removed files that weren't possible to restore, so I just flushed the server and reinstalled it according to a perfect server guide for Debian Jessie. All great, except Let's Encrypt couldn't get the certificates back for some reason.. till said that I should deactivate the Let's Encrypt check and after that it downloaded the certificates and it worked.. until now, when the certificates can't renew..

    Anyhow, I didn't think about the account when I reinstalled the server, so apparently the "old_account" got downloaded and I got two separate ones now.. maybe this is because it fails to renew the certificates?

    Not sure how to remove an account.. maybe this could solve the problem?
     
  6. toffie

    toffie New Member

    Did a "certbot renew --dry-run" and got the following log;


    Code:
    2018-03-20 15:39:32,539:DEBUG:certbot.main:Root logging level set at 20
    2018-03-20 15:39:32,541:INFO:certbot.main:Saving debug log to /var/log/letsencrypt/letsencrypt.log
    2018-03-20 15:39:32,543:DEBUG:certbot.main:certbot version: 0.10.2
    2018-03-20 15:39:32,543:DEBUG:certbot.main:Arguments: ['--dry-run']
    2018-03-20 15:39:32,544:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
    2018-03-20 15:39:32,567:WARNING:certbot.storage:Attempting to parse the version 0.18.1 renewal configuration file found at /etc/letsencrypt/renewal/registrera.topdomain.com-0001.conf with version 0.10.2 of Certbot. This might not work.
    2018-03-20 15:39:32,569:WARNING:certbot.renewal:expected /etc/letsencrypt/live/registrera.topdomain.com-0001/cert.pem to be a symlink
    2018-03-20 15:39:32,569:WARNING:certbot.renewal:Renewal configuration file /etc/letsencrypt/renewal/registrera.topdomain.com-0001.conf is broken. Skipping.
    2018-03-20 15:39:32,586:DEBUG:certbot.renewal:Traceback was:
    Traceback (most recent call last):
      File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 59, in _reconstitute
        renewal_candidate = storage.RenewableCert(full_path, config)
      File "/usr/lib/python2.7/dist-packages/certbot/storage.py", line 392, in __init__
        self._check_symlinks()
      File "/usr/lib/python2.7/dist-packages/certbot/storage.py", line 431, in _check_symlinks
        "expected {0} to be a symlink".format(link))
    CertStorageError: expected /etc/letsencrypt/live/registrera.topdomain.com-0001/cert.pem to be a symlink
    
    2018-03-20 15:39:32,589:WARNING:certbot.storage:Attempting to parse the version 0.18.1 renewal configuration file found at /etc/letsencrypt/renewal/dev.topdomain.com.conf with version 0.10.2 of Certbot. This might not work.
    2018-03-20 15:39:32,591:WARNING:certbot.renewal:expected /etc/letsencrypt/live/dev.topdomain.com/cert.pem to be a symlink
    2018-03-20 15:39:32,591:WARNING:certbot.renewal:Renewal configuration file /etc/letsencrypt/renewal/dev.topdomain.com.conf is broken. Skipping.
    2018-03-20 15:39:32,591:DEBUG:certbot.renewal:Traceback was:
    Traceback (most recent call last):
      File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 59, in _reconstitute
        renewal_candidate = storage.RenewableCert(full_path, config)
      File "/usr/lib/python2.7/dist-packages/certbot/storage.py", line 392, in __init__
        self._check_symlinks()
      File "/usr/lib/python2.7/dist-packages/certbot/storage.py", line 431, in _check_symlinks
        "expected {0} to be a symlink".format(link))
    CertStorageError: expected /etc/letsencrypt/live/dev.topdomain.com/cert.pem to be a symlink
    
    2018-03-20 15:39:32,594:WARNING:certbot.storage:Attempting to parse the version 0.15.0 renewal configuration file found at /etc/letsencrypt/renewal/topdomain.com.conf with version 0.10.2 of Certbot. This might not work.
    2018-03-20 15:39:32,595:WARNING:certbot.renewal:expected /etc/letsencrypt/live/topdomain.com/cert.pem to be a symlink
    2018-03-20 15:39:32,595:WARNING:certbot.renewal:Renewal configuration file /etc/letsencrypt/renewal/topdomain.com.conf is broken. Skipping.
    2018-03-20 15:39:32,595:DEBUG:certbot.renewal:Traceback was:
    Traceback (most recent call last):
      File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 59, in _reconstitute
        renewal_candidate = storage.RenewableCert(full_path, config)
      File "/usr/lib/python2.7/dist-packages/certbot/storage.py", line 392, in __init__
        self._check_symlinks()
      File "/usr/lib/python2.7/dist-packages/certbot/storage.py", line 431, in _check_symlinks
        "expected {0} to be a symlink".format(link))
    CertStorageError: expected /etc/letsencrypt/live/topdomain.com/cert.pem to be a symlink
    
    2018-03-20 15:39:32,598:WARNING:certbot.storage:Attempting to parse the version 0.18.1 renewal configuration file found at /etc/letsencrypt/renewal/connect.topdomain.com.conf with version 0.10.2 of Certbot. This might not work.
    2018-03-20 15:39:32,599:WARNING:certbot.renewal:expected /etc/letsencrypt/live/connect.topdomain.com/cert.pem to be a symlink
    2018-03-20 15:39:32,599:WARNING:certbot.renewal:Renewal configuration file /etc/letsencrypt/renewal/connect.topdomain.com.conf is broken. Skipping.
    2018-03-20 15:39:32,599:DEBUG:certbot.renewal:Traceback was:
    Traceback (most recent call last):
      File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 59, in _reconstitute
        renewal_candidate = storage.RenewableCert(full_path, config)
      File "/usr/lib/python2.7/dist-packages/certbot/storage.py", line 392, in __init__
        self._check_symlinks()
      File "/usr/lib/python2.7/dist-packages/certbot/storage.py", line 431, in _check_symlinks
        "expected {0} to be a symlink".format(link))
    CertStorageError: expected /etc/letsencrypt/live/connect.topdomain.com/cert.pem to be a symlink
    
    2018-03-20 15:39:32,602:WARNING:certbot.storage:Attempting to parse the version 0.18.1 renewal configuration file found at /etc/letsencrypt/renewal/connect.topdomain.com-0001.conf with version 0.10.2 of Certbot. This might not work.
    2018-03-20 15:39:32,603:WARNING:certbot.renewal:expected /etc/letsencrypt/live/connect.topdomain.com-0001/cert.pem to be a symlink
    2018-03-20 15:39:32,603:WARNING:certbot.renewal:Renewal configuration file /etc/letsencrypt/renewal/connect.topdomain.com-0001.conf is broken. Skipping.
    2018-03-20 15:39:32,603:DEBUG:certbot.renewal:Traceback was:
    Traceback (most recent call last):
      File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 59, in _reconstitute
        renewal_candidate = storage.RenewableCert(full_path, config)
      File "/usr/lib/python2.7/dist-packages/certbot/storage.py", line 392, in __init__
        self._check_symlinks()
      File "/usr/lib/python2.7/dist-packages/certbot/storage.py", line 431, in _check_symlinks
        "expected {0} to be a symlink".format(link))
    CertStorageError: expected /etc/letsencrypt/live/connect.topdomain.com-0001/cert.pem to be a symlink
    
    2018-03-20 15:39:32,606:WARNING:certbot.storage:Attempting to parse the version 0.18.1 renewal configuration file found at /etc/letsencrypt/renewal/registrera.topdomain.com.conf with version 0.10.2 of Certbot. This might not work.
    2018-03-20 15:39:32,607:WARNING:certbot.renewal:expected /etc/letsencrypt/live/registrera.topdomain.com/cert.pem to be a symlink
    2018-03-20 15:39:32,607:WARNING:certbot.renewal:Renewal configuration file /etc/letsencrypt/renewal/registrera.topdomain.com.conf is broken. Skipping.
    2018-03-20 15:39:32,607:DEBUG:certbot.renewal:Traceback was:
    Traceback (most recent call last):
      File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 59, in _reconstitute
        renewal_candidate = storage.RenewableCert(full_path, config)
      File "/usr/lib/python2.7/dist-packages/certbot/storage.py", line 392, in __init__
        self._check_symlinks()
      File "/usr/lib/python2.7/dist-packages/certbot/storage.py", line 431, in _check_symlinks
        "expected {0} to be a symlink".format(link))
    CertStorageError: expected /etc/letsencrypt/live/registrera.topdomain.com/cert.pem to be a symlink
    
    2018-03-20 15:39:32,617:DEBUG:certbot.main:Exiting abnormally:
    Traceback (most recent call last):
      File "/usr/bin/certbot", line 11, in <module>
        load_entry_point('certbot==0.10.2', 'console_scripts', 'certbot')()
      File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 849, in main
        return config.func(config, plugins)
      File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 655, in renew
        renewal.handle_renewal_request(config)
      File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 430, in handle_renewal_request
        len(renew_failures), len(parse_failures)))
    Error: 0 renew failure(s), 6 parse failure(s)
    
    
     
  7. toffie

    toffie New Member

    Slept on the issue.. continued searching now this morning.. even before work starts! wooh! :p

    Anyhow.. found this thread;
    https://community.letsencrypt.org/t...example-com-cert-pem-to-be-a-symlink/46622/14

    The solution, for now at least;
    After that I did a raw "certbot renew" and it worked. I got a new certificate for the domain I needed and it also update two of the others that needed an update.

    I guess that ISPConfig or Certbot, as it is installed by the Howtoforge Perfect server guide, that it continues to update the certificates now as it has been in the past? I guess the symlink problems was just a temporary hickup. If not, its a rather simple fix yourself until someone figures out which program is causing the problems :)

    Thanks Taleman for nudging me in the right directions to find the problem! :)
     
    Taleman likes this.

Share This Page