なぜか更新作業をしても有効期限切れになってしまうため、新規発行せざる負えない状況
次のために備忘録としてやり方を記録しておく
ルートユーザに
sudo -i
#前回のフォルダ削除
rm -r /etc/letsencrypt/live/_bk/eng-image-learning.com
#新規の場合は
mkdir /etc/letsencrypt/live/_bk
mv /etc/letsencrypt/live/eng-image-learning.com-0001 /etc/letsencrypt/live/_bk
nginxの停止
systemctl stop ningx
SSL証明書の新規発行
systemctl stop nginx
certbot certonly --standalone -d eng-image-learning.com
下記が出れば成功
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/eng-image-learning.com-0002/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/eng-image-learning.com-0002/privkey.pem
Your cert will expire on 2021-08-10. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew *all* of your certificates, run
"certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF:
cograturationsが出てくるはず。今回はなぜか2回目で出た。
liveフォルダに002として.pemファイルができている
etc/nginx/site-enabledのconfファイルを変更
ssl_certificate /etc/letsencrypt/live/eng-image-learning.com-0002/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/eng-image-learning.com-0002/privkey.pem;
nginx スタート
systemctl start nginx
通常の更新
nginxを止めないと、エラーになる
sudo systemctl stop nginx
sudo certbot renew --dry-run
--30日以上
sudo certbot renew --force-renew
--30日以内
sudo certbot renew
sudo service nginx start
現在コメントはありません