Letsencrypt auf BBB erneuern
Posted by wnf on Wednesday, 20 February 2019
Von Letsencrypt kommen E-Mails mit der Nachricht
You may need to update your client to the latest version in case it is still using the deprecated TLS-SNI-01 validation method. https://community.letsencrypt.org/…upport/74209
$ certbot --version || /path/to/certbot-auto --version certbot 0.28.0 $ sudo sh -c "sed -i.bak -e 's/^\(pref_challs.*\)tls-sni-01\(.*\)/\1http-01\2/g' /etc/letsencrypt/renewal/*; rm -f /etc/letsencrypt/renewal/*.bak" $ sudo certbot renew --dry-run
- Jetzt kommt die Fehlermeldung:
IMPORTANT NOTES: - The following errors were reported by the server: Domain: bone.nfix.de Type: connection Detail: Fetching http://bone.nfix.de/.well-known/acme-challenge/C1ye-gE-z3kMKFE-UQxZ-pkGaLD19E9FA7bHa6malik: Error getting validation data
- Da certbot den http Zugriff auf bone.nfix.de benötigt, muss in der Fritzbox das Port 80 freigegeben sein.
$ sudo certbot renew Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /etc/letsencrypt/renewal/bone.nfix.de.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Cert is due for renewal, auto-renewing... Plugins selected: Authenticator nginx, Installer nginx Renewing an existing certificate Performing the following challenges: http-01 challenge for bone.nfix.de Waiting for verification... Cleaning up challenges - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - new certificate deployed with reload of nginx server; fullchain is /etc/letsencrypt/live/bone.nfix.de/fullchain.pem - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations, all renewals succeeded. The following certs have been renewed: /etc/letsencrypt/live/bone.nfix.de/fullchain.pem (success) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -