From Let's Encrypt on one server to Certbot on another

Recently I had a task to transfer a few sites secured by Let's Encrypt certificates from one Ubuntu server to another. In this post, I'll share my experience in transferring SSL certificates - or better to say - reobtaining them.

So, I had a few certificates obtained through Let's Encrypt console tool on Ubuntu. To move them to another server, I copied /etc/letsencrypt directory from the first server to the second one preserving the path.

Since Let's Encrypt renamed their tool to Certbot, I then installed the latest Certbot on the second server.

sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install certbot

After that, I switched my domains to the new IP through DNS manager on my registrar.

Then I tried to run Certbot in test mode to make sure that it works:

sudo certbot renew -dry-run

Received some error messages that said that configuration files are in a different format.

I didn't want to waste time for debugging the issue, so I backed up /etc/letsencrypt and removed everything from the following folders:

 /etc/letsencrypt/archive
 /etc/letsencrypt/live
 /etc/letsencrypt/renewal

Finally, I managed to request new certificates the following way:

sudo certbot certonly --standalone -d komelin.com -d www.komelin.com

and it worked just fine.

Note that if you use the standalone (manual) method of installing certificates to your web server, the server needs to be shut down before obtaining certificates.

Hope this trivial post will save you some time.