Hello @bhagert,
this is quite unfortunate. All other folders underneath /etc/univention/ssl are still present, especially ucsCA? If so, you should be able to create a new valid certificate for your UCS Master using the following command:
# Create a backup of the directory:
cp -a /etc/univention/ssl /etc/univention/ssl.backup_$(date --iso)
# Check if your master is really gone:
univention-certificate list
# Create a new certificate:
univention-certificate new -name "$(hostname -f)" -days "$(ucr get ssl/default/days)"
# Restart all services or simply
reboot
I am not aware of any automation that touches this folder that could actually delete it. The file write permissions are restricted to the machine account (e.g. master$) and root. But the machine account is not able to renew its certificate on its own - this has to be done manually, e.g. as soon as the certificates expire (see Renewing the SSL certificates).
I guess you don’t have a backup at hand? The manual has some recommendations regarding which folders to include in your backup (Univention Corporate Server).
As long as the root certificate is still present, you can create new certificates for all hosts using univention-certificate. If you also loose the Root Certificate of the CA (in /etc/univention/ssl/ucsCA/), you will need to re-create the whole chain, see Renewing the complete SSL certificate chain.
Best regards,
Michael Grandjean