|
共通名 | $(MYNAME1) |
---|---|
代替名 | $(MYNAME1), $(MYNAME2), $(MYNAME3), $(MYNAME4) |
$(MYEMAIL) |
$ sudo certbot certonly --apache --agree-tos -m $(MYEMAIL) -d $(MYNAME1) -d $(MYNAME2) -d $(MYNAME3) -d $(MYNAME4) Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - You have an existing certificate that contains a portion of the domains you requested (ref: /etc/letsencrypt/renewal/$(MYDOMAIN1).conf) It contains these names: $(MYDOMAIN1), $(MYDOMAIN2) You requested these names for the new certificate: $(MYDOMAIN1), $(MYDOMAIN2), $(MYNAME3), $(MYNAME4) Do you want to expand and replace this existing certificate with the new certificate? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (E)xpand/(C)ancel: E Renewing an existing certificate for $(MYDOMAIN1) and 3 more domains Successfully received certificate. Certificate is saved at: /etc/letsencrypt/live/$(MYDOMAIN1)/fullchain.pem Key is saved at: /etc/letsencrypt/live/$(MYDOMAIN1)/privkey.pem This certificate expires on 20xx-xx-xx. These files will be updated when the certificate renews. Certbot has set up a scheduled task to automatically renew this certificate in the background. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - If you like Certbot, please consider supporting our work by: * Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate * Donating to EFF: https://eff.org/donate-le - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
$ sudo systemctl restart apache2
update: 2023/03/06 10:42 | path: /pub/software/ssl
共通名 | $(MYNAME1) |
---|---|
代替名 | $(MYNAME1), $(MYNAME2) |
$(MYEMAIL) |
$ sudo apt install snapd
$ sudo snap install core $ sudo snap refresh core
$ sudo snap install --classic certbot $ sudo ln -s /snap/bin/certbot /usr/bin/certbot
$ sudo certbot certonly --apache -d $(MYNAME1) -d $(MYNAME2) --agree-tos -m $(MYEMAIL) Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing, once your first certificate is successfully issued, to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. 最初の証明書が正常に発行されたら、Let's Encrypt プロジェクトの創設パートナーであり、 Certbot を開発する非営利団体である Electronic Frontier Foundation と電子メール アドレスを共有してもよろしいですか? ウェブを暗号化する取り組み、EFF ニュース、キャンペーン、デジタルの自由をサポートする方法についてメールでお知らせします。 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: N Account registered. Requesting a certificate for $(MYNAME1) and 1 more domains Successfully received certificate. Certificate is saved at: /etc/letsencrypt/live/$(MYNAME1)/fullchain.pem Key is saved at: /etc/letsencrypt/live/$(MYNAME1)/privkey.pem This certificate expires on 20xx-xx-xx. These files will be updated when the certificate renews. Certbot has set up a scheduled task to automatically renew this certificate in the background. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - If you like Certbot, please consider supporting our work by: * Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate * Donating to EFF: https://eff.org/donate-le - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
... SSLCertificateFile /etc/letsencrypt/live/$(MYNAME1)/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/$(MYNAME1)/privkey.pem ...
$ sudo systemctl restart apache2
$ systemctl list-timers | grep certbot Fri 20xx-xx-xx 08:33:00 JST 16h left n/a n/a snap.certbot.renew.timer snap.certbot.renew.servicesystemdのファイルは /etc/systemd/system/snap.certbot.renew.service です。
update: 2023/03/06 10:36 | path: /pub/software/ssl
$ openssl x509 -text -noout -in FILENAME.pem
$ openssl rsa -text -noout -in FILENAME.pem
$ openssl req -text -noout -in FILENAME.pem
update: 2023/03/02 14:57 | path: /pub/software/ssl