Let’s Encrypt、certbot-autoが動かない!

Let’s Encrypt証明書発行のツール「certbot-auto」が動かない・・・

2021年から、「certbot-auto」が動作しなくなりました・・・

certbot-autoのエラー

# /root/certbot-auto certonly --webroot -w /home/site/web -d (FQDN) --renew-by-default --email (メールアドレス)
Skipping bootstrap because certbot-auto is deprecated on this system.
Your system is not supported by certbot-auto anymore.
Certbot cannot be installed.
Please visit https://certbot.eff.org/ to check for other alternatives.

↑エラーになります。「あなたのシステムでは、サポートされません」

certbotの削除

# yum remove certbot

↑certbotを削除します。

snapdを入れます

# yum install snapd

# systemctl enable --now snapd.socket
Created symlink from /etc/systemd/system/sockets.target.wants/snapd.socket to /usr/lib/systemd/system/snapd.socket.

↑インストール&起動をさせます

# ln -s /var/lib/snapd/snap /snap

# snap install --classic certbot
2021-XX-XX:XX:XX+09:00 INFO Waiting for automatic snapd restart...
Warning: /var/lib/snapd/snap/bin was not found in your $PATH. If you've not restarted your session
         since you installed snapd, try doing that. Please see https://forum.snapcraft.io/t/9469
         for more details.

certbot 1.15.0 from Certbot Project (certbot-eff?) installed

↑snapによって、certbotをインストール

# snap install --classic certbot
error: cannot install "certbot": classic confinement requires snaps under /snap or symlink from
       /snap to /var/lib/snapd/snap

↑もし、上記のようなエラーがでたら、

# ln -s /var/lib/snapd/snap /snap

↑と、手動で、リンクを張ります。そして、

再度、「snap install –classic certbot」コマンドを実行させます。(2021/06/09)

 

Let’s Encrypt証明書発行

# /var/lib/snapd/snap/bin/certbot certonly --webroot -w /home/site/web -d (FQDN) --renew-by-default --email (メールアドレス)
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Requesting a certificate for (FQDN)
Performing the following challenges:
http-01 challenge for (FQDN)
Using the webroot path /home/site/web for all unmatched domains.
Waiting for verification...
Cleaning up challenges

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/(FQDN)/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/(FQDN)/privkey.pem
   Your certificate will expire on 2021-XX-XX. To obtain a new or
   tweaked version of this certificate in the future, simply run
   certbot again. To non-interactively renew *all* of your
   certificates, run "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

↑ Let’s Encrypt がインストールができました。

タイトルとURLをコピーしました