For a given virtualhost, when I use Letsencrypt from the
Server Configuration -> SSL Certificate -> Let's Encrypt -> Request Certificate button, the system spins and whirrs and spits out a few files.
This is where’s I’m confused.
The current certificate (CA, Key, Cert) for the virtual server is placed in
ssl.ca, along with a few other variations.
/etc/letsencrypt/live folder is a different story. It contains a myriad of files for each virtual server on my system, like:
Let’s Encrypt documentation expresses that Apache needs the full path to the
/etc/letsencrypt/live/.../fullchain.pem file to satisfy the SSLCertificateKeyFile directive, yet in the virtual server’s apache *.conf file, the directive points to the other folders (/home//domains/…/ssl.cert).
In addition to that, there a) a bunch of folders under
/let/letsencrypt for virtual servers that no longer exist, and b) duplicates of many servers that DO exist with appended sequential numbers after the .com, like .com-0001, .com-0002, etc.
I’d like to clean things up, but I need to understand what’s going on here that Virtualmin is doing that’s proprietary to Virtualmin.