Let's Encrypt renewal cert and change directory

Discussion in 'ISPConfig 3 Priority Support' started by tritema, Oct 10, 2017.

  1. tritema

    tritema Member HowtoForge Supporter

    Dear,

    we have noticed that sometimes when Let's Encrypt renew the certs, he change the certs directory.
    For example, if the domain is "MYDOMAIN.COM", the certs directory is:
    /etc/letsencrypt/live/MYDOMAIN.COM/*
    then, when renew becomes
    /etc/letsencrypt/live/MYDOMAIN.COM-0001/*
    That's a problem, because for some services (like mail, or ftp) we need to know what is the actual (and renewed) certs, because we link the certificate outside (would say postfix or pureftpd).
    Someone here, know, why happen that directory's change, and why happen only certain times?

    Thank you.
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    That's a common issue with Let's Encrypt, in ISPConfig we had to built functions that search for the cert path for that reason. I don't know the exact reason why LE is renaming certs sometimes.
     
  3. sjau

    sjau Local Meanie Moderator

    It happens when then the domains (or maybe even domain order) changes in certbot. So if you originally had -d domain.tld -d www.domain.tld and then add a new sub: -d domain.tld -d www.domain.tld -d sub.domain.tld then it will create those -xxxx folders.
     

Share This Page