Renewing LetsEncrypt SSL certificates. Cannot decrypt the private key file

Malcolm · June 7, 2023, 10:08am

Server Version 19.5.4.400

I've been using LetsEncrypt to provide SSL certificates. Today as I ran the renewal process I got the error "Cannot decrypt the private key file XXXXX with the password. Please make sure the key file and password are correct.
Error: 20408 (File read error)"

This is odd as the certbot command ran successfully, generating a fullchain.pem and privkey.pem files. The privkey.pem should not be encrypted, and I haven't needed to decrypt them before.

Has anyone else bumped into problems like this?

Malcolm · June 7, 2023, 10:22am

Normally the process is run via launchd, and it has root privileges.

Running the command from the command line manually, it needs elevated privileges. In other words:

sudo fmsadmin certificate import "fullchain" --keyfile "privkey" -y

Topic		Replies	Views
Updating LetsEncrypt Certs in FMS Questions	2	326	October 9, 2020
Use of $free LetsEncrypt SSL certificates with FMS	7	2480	June 4, 2020
Deploying FileMaker Server on Ubuntu Linux with Let's Encrypt SSL Resources security , server , filemaker-server	7	304	February 22, 2023
Admin console (v16) won't open encryption password dialog Questions admin-console	6	378	July 27, 2020
Fmsgetpasskey Questions filemaker-server	0	373	January 6, 2022

Renewing LetsEncrypt SSL certificates. Cannot decrypt the private key file

Related topics