这次当我使用 certbot 时,它为“www.$website”而不是 $website 创建了证书。这不是我需要的。
这里是:
$ website="my_website123.com"
$ sudo certbot certonly --standalone -d $website -d www.$website --email admin@$website
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Cert not yet due for renewal
You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/www.my_website123.com.conf)
What would you like to do?
-------------------------------------------------------------------------------
1: Keep the existing certificate for now
2: Renew & replace the cert (limit ~5 per 7 days)
-------------------------------------------------------------------------------
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for my_website123.com
http-01 challenge for www.my_website123.com
Waiting for verification...
Cleaning up challenges
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/www.my_website123.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/www.my_website123.com/privkey.pem
Your cert will expire on 2018-10-18. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew *all* of your certificates, run
"certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
为什么它为“www”创建一个域名,而不是裸域名?
在我自己的所有服务器上,这个命令始终会创建一个不带“www”的证书 - 这正是我需要的。我昨天甚至在另一台服务器上尝试过 - 没有“wwww”。
我怎样才能让它创建一个没有“www”的证书?
答案1
如果您尝试获取不带 www 子域名的证书,请-d www.$website从命令中删除。
命令的该部分要求提供 www 子域名。
如果您尝试设置生成的证书文件的名称,请使用--cert-name $website,但保留两个-ds。