不积跬步,无以至千里;不积小流,无以成江海。

解决letsencrypt证书到期,无法续期的问题

网站建设 康康 607℃ 0评论

由于letsencrypt证书到期,导致博客无法访问,好一通折腾,终于跳出坑!

下载最新的Letsencrypt:

git clone https://github.com/certbot/certbot.git

开始安装证书

./letsencrypt-auto

无奈python冲突报错:

[root@iz2zeeuc8ed3wflgmb7rakz letsencrypt]# ./letsencrypt-auto
Bootstrapping dependencies for RedHat-based OSes… (you can skip this with –no-bootstrap)
yum is /usr/bin/yum
yum is hashed (/usr/bin/yum)
Loaded plugins: fastestmirror
Repository base is listed more than once in the configuration
Repository updates is listed more than once in the configuration
Repository extras is listed more than once in the configuration
Repository epel is listed more than once in the configuration
Loading mirror speeds from cached hostfile
* webtatic: uk.repo.webtatic.com
Package gcc-4.8.5-28.el7_5.1.x86_64 already installed and latest version
Package augeas-libs-1.4.0-5.el7_5.1.x86_64 already installed and latest version
Package 1:openssl-1.0.2k-12.el7.x86_64 already installed and latest version
Package 1:openssl-devel-1.0.2k-12.el7.x86_64 already installed and latest version
Package libffi-devel-3.0.13-18.el7.x86_64 already installed and latest version
Package redhat-rpm-config-9.1.0-80.el7.centos.noarch already installed and latest version
Package ca-certificates-2018.2.22-70.0.el7_5.noarch already installed and latest version
Package python-devel-2.7.5-69.el7_5.x86_64 already installed and latest version
Package python-virtualenv-15.1.0-2.el7.noarch already installed and latest version
Package python-tools-2.7.5-69.el7_5.x86_64 already installed and latest version
Package python2-pip-8.1.2-6.el7.noarch already installed and latest version
Package 1:mod_ssl-2.4.6-80.el7.centos.1.x86_64 already installed and latest version
Nothing to do
Creating virtual environment…
./letsencrypt-auto: line 975: virtualenv: command not found

看了下系统里没找到

[root@iz2zeeuc8ed3wflgmb7rakz letsencrypt]# virt
virtualenv-2 virtualenv-2.7 virtualenv-3 virtualenv-3.4 virt-what virt-what-cpuid-helper

于是编辑 ./letsencrypt-auto: line 975 把 virtualenv 改为 virtualenv-3,重新执行

中途按提示选择需要加证书的配置

How would you like to authenticate and install certificates?(这里我用nginx选择2)
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
1: Apache Web Server plugin – Beta (apache)
2: Nginx Web Server plugin (nginx) [Misconfigured]

 

填写邮件信息,用于接收信息

Enter email address (used for urgent renewal and security notices) (Enter ‘c’ to
cancel): chenwk.top@foxmail.com

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

同意协议

Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
(A)gree/(C)ancel: A

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let’s Encrypt project and the non-profit
organization that develops Certbot? We’d like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
(Y)es/(N)o: Y

选择你要加证书的域名(这里选了之后会自动帮你配置nginx)

Which names would you like to activate HTTPS for?
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
1: aria.92kk.top
2: callname.92kk.top
3: dubbo.92kk.top
4: exam.92kk.top
5: lingdong.92kk.top
6: lovewall.92kk.top
7: mopi.92kk.top
8: opi.92kk.top
9: scms.92kk.top
10: ssm.92kk.top
11: web.92kk.top
12: chenweikang.top
13: cv.chenweikang.top
14: www.chenweikang.top
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel): 14
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for www.chenweikang.top

整个过程可能会报错:

self.configurator.save(“HTTP Challenge”, True)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot_nginx/configurator.py”, line 976, in save
self.parser.filedump(ext=”)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot_nginx/parser.py”, line 243, in filedump
out = nginxparser.dumps(tree)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot_nginx/nginxparser.py”, line 134, in dumps
return str(RawNginxDumper(blocks.spaced))
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot_nginx/nginxparser.py”, line 98, in __str__
return ”.join(self)
UnicodeDecodeError: ‘ascii’ codec can’t decode byte 0xe5 in position 1: ordinal not in range(128)

编辑 /opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot_nginx/nginxparser.py 在文件开始加入

import sys

reload(sys)

sys.setdefaultencoding(‘utf8)

重新执行即可!

小绿锁终于回来啦

 

 

转载请注明:左手代码右手诗 » 解决letsencrypt证书到期,无法续期的问题

喜欢 (2)or分享 (0)
头像
发表我的评论
取消评论

表情

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址
隐藏