1. watchA
txt.t3.odns.info RRを削除して、再実行してみる。
certbot certonly --manual --preferred-challenges dns-01 -d *.t3.odns.info --manual-auth-hook /home/tmaeno/dnsdata/txt.sh
出力はこれまで通り。hookの実行はなさそう。txt, txt RRは作られていない。
- 証明書は改訂されている。
これで更新できるとすると、いつまで有効なのかが心配になる。-- ToshinoriMaeno 2022-02-19 02:29:18
- 最初にマニュアルで入手したあと、自動更新されたことの説明もつく。(以前発生していて、不思議だったもの。)
2. history
# certbot certonly --manual --preferred-challenges dns-01 -d *.t3.odns.info --manual-auth-hook /home/tmaeno/dnsdata/txt.sh Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator manual, Installer None Cert not yet due for renewal You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry. (ref: /etc/letsencrypt/renewal/t3.odns.info.conf) What would you like to do? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: Keep the existing certificate for now 2: Renew & replace the cert (limit ~5 per 7 days) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2 Renewing an existing certificate Running deploy-hook command: /etc/letsencrypt/renewal-hooks/deploy/nginx IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/t3.odns.info/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/t3.odns.info/privkey.pem Your cert will expire on 2022-05-20. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le