Letsencrypt: Difference between revisions
From DWIKI
m (→FAQ) |
|||
(4 intermediate revisions by the same user not shown) | |||
Line 9: | Line 9: | ||
*[https://certbot.eff.org/instructions Certbot instructions] | *[https://certbot.eff.org/instructions Certbot instructions] | ||
= | =HOWTO= | ||
==Disable auto renewal== | |||
Rename renewal file' | |||
/etc/letsencrypt/renewal/example.com.conf.disabled | |||
or in '''/etc/letsencrypt/renewal/example.com.conf''' under '''[renewalparams]''' add: | |||
autorenew = False | |||
== Update cert(s) == | == Update cert(s) == | ||
Line 22: | Line 27: | ||
==This website does not supply ownership information.== | ==Allow access to non-root user== | ||
setfacl -R -m u:someuser:rX /etc/letsencrypt/{live,archive}/example.org, and then | |||
setfacl -m u:someuser:rX /etc/letsencrypt/{live,archive} | |||
= FAQ = | |||
==Certbot Error messages== | |||
===This website does not supply ownership information.=== | |||
sod that | sod that | ||
==archive directory exists== | ===archive directory exists=== | ||
Maybe you're using SNI, try | Maybe you're using SNI, try | ||
certbot --apache -d "www.example.com,example" | certbot --apache -d "www.example.com,example" | ||
== | ===Failed to parse: https://acme-v02.api.letsencrypt.org/directory=== | ||
Most likely your system is using an old urllib3, which relies on python3-six. | |||
If Ubuntu: switch to [https://community.letsencrypt.org/t/how-to-upgrade-certbot-installed-using-snap-on-ubuntu-20-04/187515/3 Certbot using snap] |
Latest revision as of 11:48, 14 May 2024
Free SSL certificates
Links
HOWTO
Disable auto renewal
Rename renewal file'
/etc/letsencrypt/renewal/example.com.conf.disabled
or in /etc/letsencrypt/renewal/example.com.conf under [renewalparams] add:
autorenew = False
Update cert(s)
certbot
Remove certs/domain
certbot delete --cert-name www.example.com
With and without www
certbot --apache -d example.com -d www.example.com
Allow access to non-root user
setfacl -R -m u:someuser:rX /etc/letsencrypt/{live,archive}/example.org, and then setfacl -m u:someuser:rX /etc/letsencrypt/{live,archive}
FAQ
Certbot Error messages
This website does not supply ownership information.
sod that
archive directory exists
Maybe you're using SNI, try
certbot --apache -d "www.example.com,example"
Failed to parse: https://acme-v02.api.letsencrypt.org/directory
Most likely your system is using an old urllib3, which relies on python3-six. If Ubuntu: switch to Certbot using snap