Certbot.errors.CertStorageError: expected to be a symlink

Posted on January 9, 2020 at 4:29 pm

Example certbot error message:

certbot.errors.CertStorageError: expected /etc/letsencrypt/live/www.website.com/cert.pem to be a symlink
Renewal configuration file /etc/letsencrypt/renewal/www.website.com.conf is broken. Skipping.

Solution is to re-create the symlinks for all .pem files:

rm -f /etc/letsencrypt/live/www.website.com/*.pem
ln -s /etc/letsencrypt/archive/www.website.com/cert1.pem /etc/letsencrypt/live/www.website.com/cert.pem
ln -s /etc/letsencrypt/archive/www.website.com/chain1.pem /etc/letsencrypt/live/www.website.com/chain.pem
ln -s /etc/letsencrypt/archive/www.website.com/fullchain1.pem /etc/letsencrypt/live/www.website.com/fullchain.pem
ln -s /etc/letsencrypt/archive/www.website.com/privkey1.pem /etc/letsencrypt/live/www.website.com/privkey.pem
/usr/bin/certbot renew

Note that when creating the symlink (ln -s) you need to create it for the .pem file that as the higher number, i.e if you have cert1.pem and cert2.pem, you need to use cert2.pem, i.e:

ln -s /etc/letsencrypt/archive/www.website.com/cert2.pem /etc/letsencrypt/live/www.website.com/cert.pem

Receive updates via email

Other Posts

Updated Posts