![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
CONTENTS
Lastmodified 2024-04-19 (金) 10:44:52
バーチャルドメインの一つ www.nosmoke.jp を削除したサーバで、証明書を更新しようとしたところ エラーがでて、
# /root/bin/Certbot_Renew.sh
これは、以下の様なファイル
certbot renew --pre-hook "/usr/local/etc/rc.d/apache24 stop" --post-hook "/usr/local/etc/rc.d/apache24 start"
すると、
Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /usr/local/etc/letsencrypt/renewal/bbb.smb.net.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Hook 'pre-hook' ran with output: Stopping apache24. Waiting for PIDS: 89024. Renewing an existing certificate for bbb.smb.net - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /usr/local/etc/letsencrypt/renewal/www.nnn.or.jp.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Renewing an existing certificate for www.nnn.or.jp - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /usr/local/etc/letsencrypt/renewal/www.nosmoke.jp.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Renewing an existing certificate for www.nosmoke.jp Failed to renew certificate www.nosmoke.jp with error: Could not bind TCP port 80 because it is already in use by another process on this system (such as a web server). Please stop the program in question and then try again. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /usr/local/etc/letsencrypt/renewal/www.smb.net.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Renewing an existing certificate for www.smb.net Failed to renew certificate www.smb.net with error: Could not bind TCP port 80 because it is already in use by another process on this system (s uch as a web server). Please stop the program in question and then try again. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The following renewals succeeded: /usr/local/etc/letsencrypt/live/bbb.smb.net/fullchain.pem (success) /usr/local/etc/letsencrypt/live/www.nnn.or.jp/fullchain.pem (success) The following renewals failed: /usr/local/etc/letsencrypt/live/www.nosmoke.jp/fullchain.pem (failure) /usr/local/etc/letsencrypt/live/www.smb.net/fullchain.pem (failure) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Hook 'post-hook' reported error code 1 Hook 'post-hook' ran with error output: apache24 already running? (pid=89773). 2 renew failure(s), 0 parse failure(s) Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbo t with -v for more details.
削除した www.nosmoke.jp 以後の証明書作成がエラーしている。
【参考URL】 https://sankame.github.io/blog/2018-04-30-letsencrypt_delete_domain/
上記を参考にさせて貰って、
/usr/local/etc/letsencrypt/live/www.nosmoke.jp を www.nosmoke.jp_old へ
/usr/local/etc/letsencrypt/renewal/www.nosmoke.jp.conf を www.nosmoke.jp.conf_old へリネームして
# /root/bin/Certbot_Renew.sh Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /usr/local/etc/letsencrypt/renewal/bbb.smb.net.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Certificate not yet due for renewal - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /usr/local/etc/letsencrypt/renewal/www.nnn.or.jp.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Certificate not yet due for renewal - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /usr/local/etc/letsencrypt/renewal/www.smb.net.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Certificate not yet due for renewal - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The following certificates are not due for renewal yet: /usr/local/etc/letsencrypt/live/bbb.smb.net/fullchain.pem expires on 2024-07-16 (skipped) /usr/local/etc/letsencrypt/live/www.nnn.or.jp/fullchain.pem expires on 2024-07-16 (skipped) /usr/local/etc/letsencrypt/live/www.smb.net/fullchain.pem expires on 2024-07-16 (skipped) No renewals were attempted. No hooks were run. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
とエラー無く終了し、無事 www.smb.net の証明書も更新された。
www.smb.net がリロードで表示されなくなった。コンソールからApacheをリロードすると、エラーが・・・
# apachectl restart Performing sanity check on apache24 configuration: AH00526: Syntax error on line 67 of /usr/local/etc/apache24/extra/httpd-vhosts.conf: SSLCertificateFile: file '/usr/local/etc/letsencrypt/live/www.nosmoke.jp/fullchain.pem' does not exist or is empty
削除するサイトの vhost 設定 も削除(コメントアウト)する。
########################################################################## # Add 2008 12 11 for uen.nosmoke.jp # Mod 2018 12 11 for uen.nosmoke.jp ########################################################################## #<VirtualHost 219.117.246.217:443> #Protocols h2 http/1.1 # DocumentRoot /usr/home/uen/public_html # ServerName www.nosmoke.jp # ErrorLog /var/log/nosmoke-error_log # CustomLog /var/log/nosmoke_log common # SSLEngine on # SSLCertificateFile "/usr/local/etc/letsencrypt/live/www.nosmoke.jp/fullchain.pem" # SSLCertificateKeyFile "/usr/local/etc/letsencrypt/live/www.nosmoke.jp/privkey.pem" # <Directory "/usr/home/uen/public_html"> # Options FollowSymLinks # AllowOverride None # Require all granted # </Directory> #</VirtualHost>
Total access 35:本日 2:昨日 2
