Certbot

Certbot 使用自動提供的 webroot 更新證書

  • March 10, 2018

我已經使用 certbot 的 –standalone 選項創建了一些證書,但我想更新它們,所以我執行(測試是否會更新):

sudo certbot renew --dry-run

但是對於某些域,我得到了錯誤

Attempting to renew cert from /etc/letsencrypt/renewal/example.org.conf produced an unexpected error: Missing command line flag or config entry for this setting:
Select the webroot for example.org:
Choices: ['Enter a new webroot', '/var/www/ellakcy/']

(You can set this with the --webroot-path flag). Skipping.

因此,我希望在執行時sudo certbot renew能夠自動更新我的證書,而無需提供 webroot 路徑。

我怎麼能這樣做?

這是因為它/etc/letsencrypt/renewal/example.org.conf的證書也適用於其他域,因此您需要為其他域以及/etc/letsencrypt/renewal/example.org.confat指定正確的 webroot [[webroot_map]]

對於ellak.org.cy適用於我指定的其他域的域:

[renewalparams]
authenticator = webroot
installer = None
account=^an_account_hash^
[[webroot_map]]
ellak.org = /var/www/ellak.org/
www.ellak.org=/var/www/ellak.org
ellak.org.cy = /var/www/ellakcy/
www.ellak.org.cy = /var/www/ellakcy/
imap.ellak.org.cy = /var/www/mail_letencrypt/
mail.ellak.org = /var/www/mail_letencrypt/
mail.ellak.org.cy = /var/www/mail_letencrypt/
pop.ellak.org.cy = /var/www/mail_letencrypt/
pop3.ellak.org.cy = /var/www/mail_letencrypt/
smtp.ellak.org.cy = /var/www/mail_letencrypt/
guest8.ellak.gr = /var/www/ellakcy/

所以錯誤已被刪除。

引用自:https://serverfault.com/questions/900960