Hello,
I fond out that Let’s Encrypt Add-on is no longer working.
It cannot renew the certificate.
I read the log and I found some strange things:
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
cont-init: info: running /etc/cont-init.d/file-structure.sh
cont-init: info: /etc/cont-init.d/file-structure.sh exited 0
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun lets-encrypt (no readiness notification)
s6-rc: info: service legacy-services successfully started
[12:34:09] INFO: Selected DNS Provider: dns-cloudflare
[12:34:09] INFO: Use propagation seconds: 60
[12:34:09] INFO: Use CloudFlare token
[12:34:09] INFO: Detecting existing certificate type for green.soylent.info
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Renewal configuration file /data/letsencrypt/renewal/<mydomain>.conf produced an unexpected error: expected /data/letsencrypt/live/<mydomain>/cert.pem to be a symlink. Skipping.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for <mydomain>
Successfully received certificate.
Certificate is saved at: /data/letsencrypt/live/<mydomain>-0010/fullchain.pem
Key is saved at: /data/letsencrypt/live/<mydomain>-0010/privkey.pem
This certificate expires on 2025-01-21.
These files will be updated when the certificate renews.
NEXT STEPS:
- The certificate will need to be renewed before it expires. Certbot can automatically renew the certificate in the background, but you may need to take steps to enable that functionality. See https://certbot.org/renewal-setup for instructions.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
I cannot find neither the debug log directory mentioned /var/log/letsencrypt nor the log file
My /var/log is empty:
[core-ssh ~]$ ls -la /var/log
total 8
drwxr-xr-x 2 root root 4096 Jul 22 20:19 .
drwxr-xr-x 1 root root 4096 Sep 25 17:38 ..
I cannot find also the directory where the certificate is saved /data/letsencrypt/live/
[core-ssh ~]$ ls -la /data/letsencrypt/live/
ls: /data/letsencrypt/live/: No such file or directory
So I cannot understand what is going wrong.
Reading at the log it looks that the new certificate was downloaded successfully but HA still have the old one.
Could you help me please?
Thanks