nginx - 使用 Certbot 续订 SSL 证书,无需使用不需要的域
问题描述
目前我的 certbot 无法续订,因为其中一个子域不再有效:unneededsubdomain.foo.co.uk
和www.unneededsubdomain.foo.co.uk
.
这是因为我已删除域记录,因为我不再需要将它链接到此服务器。但是,我仍然想更新所有其他子域的证书,例如:foo.co.uk
www.foo.co.uk
和api.foo.co.uk
.
这就是我的输出与运行时的相似certbot renew
:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/foo.co.uk-0001.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not yet due for renewal
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/foo.co.uk.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for unneededsubdomain.foo.co.uk
http-01 challenge for www.unneededsubdomain.foo.co.uk
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (foo.co.uk) from /etc/letsencrypt/renewal/foo.co.uk.conf produced an unexpected error: Failed authorization procedure. www.unneededsubdomain.foo.co.uk (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from ... :: The client lacks sufficient authorization :: Invalid response from .... Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/foo.co.uk/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The following certs are not due for renewal yet:
/etc/letsencrypt/live/foo.co.uk-0001/fullchain.pem expires on 2019-07-06 (skipped)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/foo.co.uk/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: www.unneededsubdomain.foo.co.uk
Type: unauthorized
Detail: Invalid response from
...
Domain: unneededsubdomain.foo.co.uk
Type: unauthorized
Detail: Invalid response from
...
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
如您所见,续订失败是因为它尝试续订不再需要的证书。如果没有这个不需要的子域,我如何成功更新我的证书?
(注意:foo.co.uk 当然不是我的实际站点。我只是用一个虚拟名称替换它)
解决方案
推荐阅读
- python - Tensorflow 对象检测中的输入张量与 Python 签名不兼容
- node.js - 缓冲到图像节点js
- python - 如何阻止python字典忽略列表中的输入
- ios - 处理具有多个捆绑 ID 的应用内购买
- python - Ipywidgets (Vbox) 没有出现在 Jupyter 笔记本上
- javascript - 使用 vee-validate 在 vue js 中验证时出错
- c# - 如何使 ac# 程序在后台和启动时运行
- amazon-web-services - 如何通过aws API网关从aws lambda中的简单curl post请求中获取文件名
- jquery - jquery Ajax Post成功消息不起作用
- spring-boot - 创建 Stripe 支付后端 API 是否安全?