![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
CONTENTS
Lastmodified 2023-09-04 (月) 17:52:43
Let's Encrypt certificate expiration notice for domain "FQDN"
というメールが来たので、・・・
したら、・・・
Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - No renewals were attempted. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
え”!?
/var/log/letsencrypt/letsencrypt.log
2018-12-11 06:35:50,075:DEBUG:certbot.main:certbot version: 0.29.1 2018-12-11 06:35:50,076:DEBUG:certbot.main:Arguments: [] 2018-12-11 06:35:50,076:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2018-12-11 06:35:50,162:DEBUG:certbot.log:Root logging level set at 20 2018-12-11 06:35:50,163:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2018-12-11 06:35:50,224:DEBUG:certbot.renewal:no renewal failures
Saving debug log to /var/log/letsencrypt/letsencrypt.log Certbot doesn't know how to automatically configure the web server on this system. However, it can still get a certificate for you. Please run "certbot certonly" to do so. You'll need to manually configure your web server to use the resulting certificate.
450 11:25 cd /usr/ports/security/py-certbot 451 11:25 ll 452 11:25 make deinstall 453 11:25 portinstall security/py-certbot
# certbot renew Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /etc/letsencrypt/renewal/blackcube.smb.net.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Cert not yet due for renewal - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /etc/letsencrypt/renewal/www.smb.net.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Cert not yet due for renewal - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The following certs are not due for renewal yet: /etc/letsencrypt/live/blackcube.smb.net/fullchain.pem expires on 2019-03-10 (skipped) /etc/letsencrypt/live/www.smb.net/fullchain.pem expires on 2019-03-10 (skipped) No renewals were attempted. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ありゃ!? .pem の位置が変わっとるではないかっ!
結局、ports のインストール場所がかわっていて、certbot renew の結果が反映されていなかった、という落ち orz
/usr/local/etc/letsencrypt ⇒ /etc/letsencrypt/
もう・・・・
/usr/local/etc/letsencrypt以下のキーなどを移動しても、シンボリックリンクなどの動作がささくれるので、一から再作成するほうがクリーンかも。
ということで、Apacheをいったん止めてから作成。
pemの在処を "/etc/letsencrypt/live/www.smb.net/fullchain.pem" へと変更(/user/localを消去)。
<VirtualHost _default_:443>
: :
SSLCertificateFile "/etc/letsencrypt/live/www.smb.net/fullchain.pem"
SSLCertificateKeyFile "/etc/letsencrypt/live/www.smb.net/privkey.pem"
: :
</VirtualHost>
【参考URL】
https://freebsd.sing.ne.jp/daily/13/03.html
https://qiita.com/ma7ma7pipipi/items/679c555b66de99e01e58
Total access 1051:本日 1:昨日 1
