可以参考这篇文章。
https://www.jianshu.com/p/b47d862bceeb
https://blog.csdn.net/m0_38025747/article/details/80602651
在配置过程中,续订时报错:
Certbot提供的证书期限为90天,执行此命令可自动续订证书。
第一,遇到的问题
sudo certbot renew –dry-run 报错如下
Attempting to renew cert (mynamedomain.com) from /etc/letsencrypt/renewal/mynamedomain.com.conf produced an unexpected error: Failed authorization procedure. mynamedomain.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://mynamedomain.com/.well-known/acme-challenge/6hsJIxPvl2zX0YiZuYMExyAn_yyOdbDZirx_fk-1AFc: "\n<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n <meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">\n <title>Page not". Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/mynamedomain.com/fullchain.pem (failure)
解决办法:
依次运行:
# service nginx stop
# certbot --force-renewal
# certbot certonly
# certbot renew --dry-run
# service nginx start
第一,遇到的新的问题
在执行# service nginx start 重启时,报错如下:
Active: failed (Result: exit-code) since Fri 2018-10-12 17:46:00 UTC; 16s ago
Failed to start A high performance web server and a reverse proxy server.
解决办法:
将与之相关的端口都关闭,再重启ok
命令:
#sudo certbot --nginx -d mydomain.com
#sudo certbot renew --dry-run
#service nginx stop
#certbot --force-renewal
#certbot renew --dry-run
#sudo fuser -k 80/tcp
#sudo fuser -k 443/tcp
#sudo fuser -k 8000/tcp
#service nginx start 或 systemctl restart nginx.service
#systemctl status nginx.service
最后再启动网站
uwsgi --ini myweb.ini