Contents
1. certbot renew
cron 実行のためのテスト
renew期限がまだなので、--force-renewal をつけて実行する。
- 証明書の更新はできた。
nginxのreloadに問題があった。-- ToshinoriMaeno 2022-02-25 02:22:14
# certbot renew --force-renewal
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/qmail.jp.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Plugins selected: Authenticator manual, Installer None
Renewing an existing certificate
Running deploy-hook command: /etc/letsencrypt/renewal-hooks/deploy/nginx
Hook command "/etc/letsencrypt/renewal-hooks/deploy/nginx" returned error code 1
Error output from nginx:
nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/wiki.dnsz.org/fullchain.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/wiki.dnsz.org/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/qmail.jp/fullchain.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/qmail.jp/fullchain.pem (success)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
root@skr:/home/tmaeno/dnsdata# nginx -s reload のエラーは dnsz.org 関連だった。
- 関連設定をすべて削除して、nginx -s reload を実行して、証明書は置換った。
2. history
# nginx -s reload
nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/wiki.dnsz.org/fullchain.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/wiki.dnsz.org/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)