Wrong path on renew

[quacos]

On row 249 we have

Copy the Let's Encrypt Certs into it, using Vesta naming conventions

cp /etc/letsencrypt/live/$MAINDOMAIN/cert.pem $TMPLOC/$DOMAIN.crt cp /etc/letsencrypt/live/$MAINDOMAIN/privkey.pem $TMPLOC/$DOMAIN.key cp /etc/letsencrypt/live/$MAINDOMAIN/chain.pem $TMPLOC/$DOMAIN.ca

But "fresh" certificate is put by letsencrypt in a different directory, something like $MAINDOMAIN-0001, so the script copies the old one.

As a quick and dirty fix, I just clean /etc/letsencrypt/ before renew.

[jpitoniak]

Can you double check on this? From what I can tell, the -xxxx directories get created when the list of domains on the certificate changes from the previous certificate (i.e. you requested the cert for www.abc.com and abc.com the first time but then added xyz.abc.com to the list when you renewed). However, from what I can tell, the old certificate gets moved to the -xxxx directory and the new one is placed in the non-xxxx directory.

You can test this with the following commands:

    cd /etc/letsencrypt/live
    openssl x509 -in abc.com/cert.pem -text
    openssl x509 -in abc.com-0001/cert.pem -text

In the output of the openssl commands you should find something like this:

    Validity
        Not Before: Jun 20 04:56:00 2016 GMT
        Not After : Sep 18 04:56:00 2016 GMT

If your system is behaving the same as mine, the abc.com-0001 cert should show the older validity dates and the one without it should show the more recent.

[quacos]

Probably it was a mistake of mine.

Well, it happened again.

drwxr-xr-x 2 root root 4,0K  6 may 14:32 domain.it
drwxr-xr-x 2 root root 4,0K  1 aug 17:48 domain.it-0001

[deadsandro]

try remove (or rename) folders from /etc/letsencrypt/archive and /etc/letsencrypt/live.