Linux CentOS 7 apache Let's Encrypt
Let's Encrypt must be updated once every three months. Therefore, I am using a batch to perform automatic updates, but I received an email notifying me that the update failed.
Actually enter CentOS and execute the following command
certbot renew --dry-run
Below, the result
Congratulations, all renewals succeeded.
That's why I decided to remove the dry-run and try it.
certbot renew
Below, the result
Attempting to renew cert (***********.com) from /etc/letsencrypt/renewal/************.com.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
It succeeds during dry-run and fails during production. ..
Looking at the content of the error, port 80 could not be used. It's like that.
Go to /etc/letsencrypt/renewal/********.com.conf
Pay attention to the following description
authenticator = standalone
It is in standalone mode. .. .. !! Since standalone mode uses port 80, apache must be stopped once when renewing the certificate.
It's a problem, so change to the webroot pattern! !!
[renewalparams]
#authenticator = standalone
#account = 98155b431f2d9036dcaae14606620c3f
#server = https://acme-v02.api.letsencrypt.org/directory
#installer = apache
authenticator = webroot
account = 56f88f044b7c750ee8b687a024c4ece1
server = https://acme-v02.api.letsencrypt.org/directory
post_hook = /usr/bin/systemctl reload httpd.service
[[webroot_map]]
*****.com = /var/www/html/****
www.*****.com = /var/www/html/****
After completing the settings, update letsencrypt again and you're done. .. .. !!
Recommended Posts