読者です 読者をやめる 読者になる 読者になる

なんとな~くしあわせ?の日記

ClojureとかAWSの設定とかをメモする技術ブログ

Let's Encryptを手動更新

プログラミング


blog.apar.jp

だいたいここの指示にしたがえばよし

こんなエラーが出た。

Cleaning up challenges
Attempting to renew cert from /etc/letsencrypt/renewal/freestylewiki.xyz.conf produced an unexpected error: At least one of the required ports is already taken.. Skipping.

httpdを一回停止させればOK

# systemctl stop httpd

成功時のログ

* Pythonスクリプトがいろいろやってる(秘密鍵更新+CSR作成+証明書作成(中間証明書も))

[root@freestylewiki letsencrypt]# ./certbot-auto renew --force-renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/freestylewiki.xyz.conf
-------------------------------------------------------------------------------
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
tls-sni-01 challenge for freestylewiki.xyz
Waiting for verification...
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/0001_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0001_csr-certbot.pem

-------------------------------------------------------------------------------
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/freestylewiki.xyz/fullchain.pem
-------------------------------------------------------------------------------

Congratulations, all renewals succeeded. The following certs have been renewed:
  /etc/letsencrypt/live/freestylewiki.xyz/fullchain.pem (success)