## page was copied from DnsTemplate ##master-page:HelpTemplate <> <> == certbot renew == cron 実行のためのテスト renew期限がまだなので、--force-renewal をつけて実行する。 証明書の更新はできた。 nginxのreloadに問題があった。-- ToshinoriMaeno <> {{{ # certbot renew --force-renewal Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /etc/letsencrypt/renewal/qmail.jp.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Plugins selected: Authenticator manual, Installer None Renewing an existing certificate Running deploy-hook command: /etc/letsencrypt/renewal-hooks/deploy/nginx Hook command "/etc/letsencrypt/renewal-hooks/deploy/nginx" returned error code 1 Error output from nginx: nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/wiki.dnsz.org/fullchain.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/wiki.dnsz.org/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - new certificate deployed without reload, fullchain is /etc/letsencrypt/live/qmail.jp/fullchain.pem - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations, all renewals succeeded. The following certs have been renewed: /etc/letsencrypt/live/qmail.jp/fullchain.pem (success) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - root@skr:/home/tmaeno/dnsdata# }}} nginx -s reload のエラーは dnsz.org 関連だった。 関連設定をすべて削除して、nginx -s reload を実行して、証明書は置換った。 == history == {{{ # nginx -s reload nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/wiki.dnsz.org/fullchain.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/wiki.dnsz.org/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file) }}} ---- CategoryDns CategoryWatch CategoryTemplate