Cloudera CDH/CDP 및 Hadoop EcoSystem, Semantic IoT등의 개발/운영 기술을 정리합니다. gooper@gooper.com로 문의 주세요.
아래와 같이 letsencrypt를 사용해도 되고 sudo certbot를 사용해도됨. 그리고 인증서 갱신후 반드시 sudo service apache2 reload를 수행하여 변경사항을 반영시켜주어야함.
1. 인증서 발급하기
letsencrypt certonly --webroot --webroot-path=/home/gooper/www -d gooper.com -d www.gooper.com
letsencrypt certonly --webroot --webroot-path=/home/gdime/www -d gdime.com -d www.gdime.com
2. 인증서 갱신시 이전 버전인 ACMEv1를 사용하는 경우 오류메세지
gooper@gsda4:~/$ sudo certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/gooper.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Attempting to renew cert (gooper.com) from /etc/letsencrypt/renewal/gooper.com.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: ACMEv1 is deprecated and you can no longer get certificates from this endpoint. Please use the ACMEv2 endpoint, you may need to update your ACME client software to do so. Visit https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430/27 for more information.. Skipping.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/gdime.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Attempting to renew cert (gdime.com) from /etc/letsencrypt/renewal/gdime.com.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: ACMEv1 is deprecated and you can no longer get certificates from this endpoint. Please use the ACMEv2 endpoint, you may need to update your ACME client software to do so. Visit https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430/27 for more information.. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/gooper.com/fullchain.pem (failure)
/etc/letsencrypt/live/gdime.com/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/gooper.com/fullchain.pem (failure)
/etc/letsencrypt/live/gdime.com/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 renew failure(s), 0 parse failure(s)
*버전에 따른 오류가 발생하면 아래 파일의 server = https://acme-v01.api.letsencrypt.org/directory부분을 server = https://acme-v02.api.letsencrypt.org/directory로 바꿔준다.
(이전 버전의 renewal정보가 설정된 모습
renewal/gooper.com.conf :server = https://acme-v01.api.letsencrypt.org/directory
renewal/gdime.com.conf :server = https://acme-v01.api.letsencrypt.org/directory
)
3. 1개도메인만 버전 정보를 수정후 다시 renew를 수행한 메세지는 아래와 같음(1개는 정상 1개는 실패)
gooper@gsda4:/etc/letsencrypt$ sudo certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/gooper.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for gooper.com
http-01 challenge for www.gooper.com
Waiting for verification...
Cleaning up challenges
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/gooper.com/fullchain.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/gdime.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Attempting to renew cert (gdime.com) from /etc/letsencrypt/renewal/gdime.com.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: ACMEv1 is deprecated and you can no longer get certificates from this endpoint. Please use the ACMEv2 endpoint, you may need to update your ACME client software to do so. Visit https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430/27 for more information.. Skipping.
The following certs could not be renewed:
/etc/letsencrypt/live/gdime.com/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The following certs were successfully renewed:
/etc/letsencrypt/live/gooper.com/fullchain.pem (success)
The following certs could not be renewed:
/etc/letsencrypt/live/gdime.com/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
댓글 0
번호 | 제목 | 날짜 | 조회 수 |
---|---|---|---|
161 | mongodb에서 큰데이타 sort시 오류발생에 대한 해결방법 | 2015.12.22 | 511 |
160 | console명령과 API비교 | 2015.12.21 | 483 |
159 | java quartz 시간 설정 참고사항 | 2015.12.16 | 300 |
158 | 천문학적, 기후학적, 기상학적, 생물학적, 농사계절 구분 | 2015.12.16 | 191 |
157 | 대표 오픈소스 라이선스, 한 눈에 보기! | 2015.12.10 | 226 |
156 | sparql 문법구조 설명 | 2015.12.09 | 490 |
155 | git설명 한글판 | 2015.12.09 | 440 |
154 | protege 4.3 다운로드 | 2015.12.09 | 227 |
153 | ontology, jena, sparql등 전반에 대한 설명및 예제를 제공하는 사이트 | 2015.12.08 | 490 |
152 | 마이바티스(MyBatis)쿼리로그 출력및 정렬하기 | 2015.12.01 | 1546 |
151 | sparql에서 concat에제 | 2015.11.27 | 238 |
150 | Runtime.getRuntime().exec(cmd) sample 소스 | 2015.11.19 | 359 |
149 | Resource temporarily unavailable(자원이 일시적으로 사용 불가능함) 오류조치 | 2015.11.19 | 7708 |
148 | mybais #과 $의 차이점 | 2015.11.10 | 459 |
147 | Mybatis foreach 문법정리(상황에 따른 사용법) | 2015.11.10 | 1464 |
146 | DB별 JDBC 드라이버 | 2015.10.02 | 466 |
145 | root계정으로 MariaDB설치후 mysql -u root -p로 db에 접근하여 바로 해줘야 하는일..(케릭터셑은 utf8) | 2015.10.02 | 552 |
144 | SQL문장과 Mongo에서 사용하는 명령어를 비교한 것입니다. | 2015.09.30 | 327 |
143 | mongodb 2.6.6 설치(64bit) | 2015.09.30 | 324 |
142 | pom.xml에서 build.gradle로 변환 | 2015.09.14 | 310 |