ยง2023-07-02
renew
sudo certbot certonly --nginx
A nonprofit Certificate Authority providing TLS certificates to 300 million websites.
- Install Cerbot
-
ubuntu 22.04
sudo apt -y install certbot- get-let-encrypt-certificate.sh
#!/bin/bash domain="h2jammy.yushei.net" certbot certonly --agree-tos --email alexlai@munetaka.me --webroot -w /path/to/your/webroot -d $domain -
this one failed
$ sudo ./get_ssl_certificate.sh
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for j2jammy.yushei.net
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: j2jammy.yushei.net
Type: dns
Detail: DNS problem: NXDOMAIN looking up A for j2jammy.yushei.net - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for j2jammy.yushei.net - check that a DNS record exists for this domain
Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
- this one worked!!
sudo certbot certonly --standalone -d h2jammy.yushei.net --email alexlai@munetaka.me
$ sudo certbot certonly --standalone -d h2jammy.yushei.net
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for h2jammy.yushei.net
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/h2jammy.yushei.net/fullchain.pem
Key is saved at: /etc/letsencrypt/live/h2jammy.yushei.net/privkey.pem
This certificate expires on 2023-09-30.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
$ sudo certbot certonly --standalone -d h2jammy.yushei.net --email alexlai@munetaka.me
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Certificate not yet due for renewal
You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/h2jammy.yushei.net.conf)
What would you like to do?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Keep the existing certificate for now
2: Renew & replace the certificate (may be subject to CA rate limits)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Renewing an existing certificate for h2jammy.yushei.net
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/h2jammy.yushei.net/fullchain.pem
Key is saved at: /etc/letsencrypt/live/h2jammy.yushei.net/privkey.pem
This certificate expires on 2023-09-30.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -