[ec2-user@ip-172-31-31-171 letsencrypt]$ sudo certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/kgf-api.kgf.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Could not choose appropriate plugin: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.',)
Attempting to renew cert (kgf-api.kgf.com) from /etc/letsencrypt/renewal/kgf-api.kgf.com.conf produced an unexpected error: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.',). Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/kgf-api.kgf.com/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/kgf-api.kgf.com/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
[ec2-user@ip-172-31-31-171 letsencrypt]$
Now executing the below line gave the cert renewed, but for authentication, had to configure the server to return the
[ec2-user@ip-172-31-31-171 renewal]$ sudo certbot certonly --manual -d kgf-api.kgf.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Cert is due for renewal, auto-renewing...
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for kgf-api.kgf.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NOTE: The IP of this machine will be publicly logged as having requested this
certificate. If you're running certbot in manual mode on a machine that is not
your server, please ensure you're okay with that.
Are you OK with your IP being logged?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Create a file containing just this data:
XQwR7HJ00JL7mFwOnmfkvLBGdDUMqlL5wsCdAId2SPg.Yie0huA1hMl-2udhDAN4lC6B-Gb-x_x5qGnMAeIVIaY
And make it available on your web server at this URL:
http://kgf-api.kgf.com/.well-known/acme-challenge/XQwR7HJ00JL7mFwOnmfkvLBGdDUMqlL5wsCdAId2SPg
/.well-known/acme-challenge/XQwR7HJ00JL7mFwOnmfkvLBGdDUMqlL5wsCdAId2SPg
location /.well-known/acme-challenge/XQwR7HJ00JL7mFwOnmfkvLBGdDUMqlL5wsCdAId2SPg {
root /usr/local/var/www;
}
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue
references:
No comments:
Post a Comment