我没有注意到我的 Let's Encrypt 证书已过期。我想续订它。
我输入了下面的命令
certbot renew
但我收到以下错误。
# certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/www.algebra.live.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Attempting to renew cert (www.algebra.live) from /etc/letsencrypt/renewal/www.algebra.live.conf produced an unexpected error: ('Connection aborted.', gaierror(-2, 'Name or service not known')). Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/www.algebra.live/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/www.algebra.live/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
我该如何更新此证书?
答案1
您无法为 DNS 中没有地址记录的主机名续订证书。
Host www.algebra.live not found: 3(NXDOMAIN)
您需要编辑您的 DNS 记录并为该名称添加适当的地址记录。
此外,您的 certbot 版本似乎正在尝试执行 TLS-SNI-01 质询,但该质询已不再被允许。您需要更新 certbot 才能重试。