Learn about Centmin Mod LEMP Stack today
Register Now

Letsencrypt Best way to transfer domain with Let's encrypt to a new server?

Discussion in 'Domains, DNS, Email & SSL Certificates' started by pamamolf, Jun 19, 2017.

  1. pamamolf

    pamamolf Premium Member Premium Member

    4,084
    428
    83
    May 31, 2014
    Ratings:
    +834
    Local Time:
    8:41 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    Hello :)


    I have a domain that i was enable Let's encrypt for it and now i want to move it to a new server and i want to ask what's the best way to do it?

    Can i just create the domain from Centminmod and then copy over the working vhost file for https and just copy some files for the https?

    Or i can just re issue again the certificate?

    Thank you
     
  2. eva2000

    eva2000 Administrator Staff Member

    54,647
    12,230
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,799
    Local Time:
    4:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    If you copy them from /usr/local/nginx/conf/ssl/yourdomain.com directory along with nginx vhost files (/usr/local/nginx/conf/conf.d/yourdomain.com.conf and /usr/local/nginx/conf/conf.d/yourdomain.com.ssl.conf), they will work. One thing is with letsencrypt they need auto renewal as they have 90 day expiry, so you need to setup addons/acmetool.sh via acmeinstall command on new server
    Code (Text):
    ./acmetool.sh acmeinstall

    and then copy over the /root/.acme.sh/yourdomain.com directory too which contains the details acme.sh client needs for auto renew cronjobs.
     
  3. pamamolf

    pamamolf Premium Member Premium Member

    4,084
    428
    83
    May 31, 2014
    Ratings:
    +834
    Local Time:
    8:41 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    Is there a way just to re create the certificates and all related config files to avoid copy of them?
     
  4. eva2000

    eva2000 Administrator Staff Member

    54,647
    12,230
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,799
    Local Time:
    4:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Yeah you can just create that again if you want but DNS update would have to happen before hand for letsencrypt domain validation. Which could be problematic if your site is HTTPS only as there would be a period of time between letsencrypt new issuance and when you update DNS for domain where you wouldn't have a valid HTTPS letsencrypt ssl connection to the site on new server without copying the above mentioned files first.

    Just copy the files over with rsync would be easiest - example https://community.centminmod.com/threads/centmin-mod-site-data-migration-guide.10382/
     
  5. pamamolf

    pamamolf Premium Member Premium Member

    4,084
    428
    83
    May 31, 2014
    Ratings:
    +834
    Local Time:
    8:41 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    Great thanks :)

    But that folder doesn't exist or i can't find it :(

    I try also to use cd in any case but:

    Code:
    cd /root/.acme.sh/
    /root/.acme.sh/: No such file or directory
     
  6. eva2000

    eva2000 Administrator Staff Member

    54,647
    12,230
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,799
    Local Time:
    4:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    /root/.acme.sh is only created after acmeinstall command is ran
     
  7. pamamolf

    pamamolf Premium Member Premium Member

    4,084
    428
    83
    May 31, 2014
    Ratings:
    +834
    Local Time:
    8:41 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    As i am using Let's encrypt a few months now the path should exist i think.....but it doesn't :(

    I was use the acme menu to enable it....
     
    Last edited: Jun 19, 2017
  8. pamamolf

    pamamolf Premium Member Premium Member

    4,084
    428
    83
    May 31, 2014
    Ratings:
    +834
    Local Time:
    8:41 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    sssss.png
     
  9. eva2000

    eva2000 Administrator Staff Member

    54,647
    12,230
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,799
    Local Time:
    4:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    strange then you wouldn't be able to auto renew without acme.sh at /root/.acme.sh what is output for

    Code (Text):
    cd /usr/local/src/centminmod/addons
    ./acmetool.sh checkdates
    
     
  10. pamamolf

    pamamolf Premium Member Premium Member

    4,084
    428
    83
    May 31, 2014
    Ratings:
    +834
    Local Time:
    8:41 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    My mistake sorry :(

    That one was a self signed certificate using Cloudflare SSL in front :)

    I found the path on another server so i can test it :)

    Thank you