LetsEncryptの更新がうまく行かなかった(certbot-auto renew –force-renew)
きちんと自動更新してなかったのもあり、証明書の期限を切らしてしまった。ちゃっと終わらそうと以下を叩くとエラー時のめも。
# certbot-auto renew --force-renew
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/yama-lab.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for yama-lab.com
Waiting for verification...
Challenge failed for domain yama-lab.com
http-01 challenge for yama-lab.com
Cleaning up challenges
Attempting to renew cert (yama-lab.com) from /etc/letsencrypt/renewal/yama-lab.com.conf produced an unexpected error: Some challenges have failed.. Skipping.
The following certs could not be renewed:
/etc/letsencrypt/live/yama-lab.com/fullchain.pem (failure)
とエラーが出るの以下を実行
# certbot-auto certonly -d yama-lab.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
How would you like to authenticate with the ACME CA?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Apache Web Server plugin (apache)
2: Nginx Web Server plugin (nginx)
3: Spin up a temporary webserver (standalone)
4: Place files in webroot directory (webroot)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-4] then [enter] (press 'c' to cancel): 2 // 2を入力Enter
Plugins selected: Authenticator nginx, Installer None
Cert is due for renewal, auto-renewing...
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for yama-lab.com
Waiting for verification...
Cleaning up challenges
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/yama-lab.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/yama-lab.com/privkey.pem
Your cert will expire on 2019-06-10. To obtain a new or tweaked
version of this certificate in the future, simply run certbot-auto
again. To non-interactively renew *all* of your certificates, run
"certbot-auto renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
で解決
コメントを残す