From Let's Encrypt on one server to Certbot on another
Recently I had a task to transfer a few sites secured by Let's Encrypt certificates from one Ubuntu server to another. In this post, I'll share my experience in transferring SSL certificates - or better to say - reobtaining them.
So, I had a few certificates obtained through Let's Encrypt console tool on Ubuntu. To move them to another server, I copied /etc/letsencrypt directory from the first server to the second one preserving the path.
Since Let's Encrypt renamed their tool to Certbot, I then installed the latest Certbot on the second server.
sudo apt-get update sudo apt-get install software-properties-common sudo add-apt-repository ppa:certbot/certbot sudo apt-get update sudo apt-get install certbot
After that, I switched my domains to the new IP through DNS manager on my registrar.
Then I tried to run Certbot in test mode to make sure that it works:
sudo certbot renew -dry-run
Received some error messages that said that configuration files are in a different format.
I didn't want to waste time for debugging the issue, so I backed up /etc/letsencrypt and removed everything from the following folders:
/etc/letsencrypt/archive /etc/letsencrypt/live /etc/letsencrypt/renewal
Finally, I managed to request new certificates the following way:
sudo certbot certonly --standalone -d komelin.com -d www.komelin.com
and it worked just fine.
Note that if you use the standalone (manual) method of installing certificates to your web server, the server needs to be shut down before obtaining certificates.
Hope this trivial post will save you some time.