サブドメイン「www.fya.jp」追加方法
NG例:
# /usr/local/certbot/certbot-auto certonly --webroot \
> -w /home/httpd/html -m info@fya.jp -d fya.jp -d ftp.fya.jp -d mail.fya.jp \
> -w /home/www/public_html -m info@fya.jp -d www.fya.jp \
> --agree-tos
Upgrading certbot-auto 0.22.2 to 0.23.0...
Replacing certbot-auto...
Creating virtual environment...
Installing Python packages...
Installation succeeded.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for fya.jp
http-01 challenge for ftp.fya.jp
http-01 challenge for mail.fya.jp
http-01 challenge for www.fya.jp
Using the webroot path /home/www/public_html for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. www.fya.jp (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.fya.jp/.well-known/acme-challenge/uKhFxCNCND5XF7y1D923uECBY4Qmk-c5XioMlcaVCfU: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: www.fya.jp
Type: unauthorized
Detail: Invalid response from
http://www.fya.jp/.well-known/acme-challenge/uKhFxCNCND5XF7y1D923uECBY4Qmk-c5XioMlcaVCfU:
"<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.OK例:
# /usr/local/certbot/certbot-auto certonly --webroot \
> -w /home/httpd/html -m info@fya.jp -d fya.jp -d ftp.fya.jp -d mail.fya.jp \
> -w /home/www/public_html -m info@fya.jp -d www.fya.jp \
> --agree-tos
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for fya.jp
http-01 challenge for ftp.fya.jp
http-01 challenge for mail.fya.jp
http-01 challenge for www.fya.jp
Using the webroot path /home/www/public_html for all unmatched domains.
Waiting for verification...
Cleaning up challenges
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/fya.jp/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/fya.jp/privkey.pem
Your cert will expire on 2018-07-23. To obtain a new or tweaked
version of this certificate in the future, simply run certbot-auto
again. To non-interactively renew *all* of your certificates, run
"certbot-auto renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-leNG回避&OKにする追加方法
/etc/letsencrypt/renewal こちらは勿論バックアップの意味でもリネームを施工
例: fya.jp.conf_OLD20180425
/etc/letsencrypt/archive から該当ドメインをリネームなどを施工
例: fya.jp_OLD20180425
/etc/letsencrypt/live こちらも一応施工
例: fya.jp_OLD20180425
※ココから以下はリネームなどのバックアップ後で、「サブドメイン追加」後に必要に応じて編集。
(そうしないと、追加時にエラーが出ていた。)
状況(https://サブドメインによる運用するの場合)により
/etc/httpd/conf.d/ssl.confも弄る(追加する[追加編集])。
最終的にApache再起動などで反映させる。
環境:
Apache 2.2系
いつも通り、実施に関しては自己責任!!
- Newer: [愚痴] au 締め日を問い合わせるも「解りません」
- Older: 謹賀新年
Comments:0
Trackbacks:0
- TrackBack URL for this entry
- https://www.fya.jp/cgi-bin/mt/mt-tb.cgi/171
- Listed below are links to weblogs that reference
- Certbot (Let's Encrypt): サブドメイン追加方法メモ from Minase's Blog - FYA