Open quacos opened 8 years ago
Can you double check on this? From what I can tell, the -xxxx directories get created when the list of domains on the certificate changes from the previous certificate (i.e. you requested the cert for www.abc.com and abc.com the first time but then added xyz.abc.com to the list when you renewed). However, from what I can tell, the old certificate gets moved to the -xxxx directory and the new one is placed in the non-xxxx directory.
You can test this with the following commands:
cd /etc/letsencrypt/live
openssl x509 -in abc.com/cert.pem -text
openssl x509 -in abc.com-0001/cert.pem -text
In the output of the openssl commands you should find something like this:
Validity
Not Before: Jun 20 04:56:00 2016 GMT
Not After : Sep 18 04:56:00 2016 GMT
If your system is behaving the same as mine, the abc.com-0001 cert should show the older validity dates and the one without it should show the more recent.
Probably it was a mistake of mine.
Well, it happened again.
drwxr-xr-x 2 root root 4,0K 6 may 14:32 domain.it
drwxr-xr-x 2 root root 4,0K 1 aug 17:48 domain.it-0001
try remove (or rename)
On row 249 we have
Copy the Let's Encrypt Certs into it, using Vesta naming conventions
cp /etc/letsencrypt/live/$MAINDOMAIN/cert.pem $TMPLOC/$DOMAIN.crt cp /etc/letsencrypt/live/$MAINDOMAIN/privkey.pem $TMPLOC/$DOMAIN.key cp /etc/letsencrypt/live/$MAINDOMAIN/chain.pem $TMPLOC/$DOMAIN.ca
But "fresh" certificate is put by letsencrypt in a different directory, something like $MAINDOMAIN-0001, so the script copies the old one.
As a quick and dirty fix, I just clean /etc/letsencrypt/ before renew.