証明書の更新ができない。。。。

shikisai_aim@tk2-213-16221:~/sh$ sudo certbot --apache -d umiere.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log

An RSA certificate named umiere.com already exists. Do you want to update its
key type to ECDSA?

(U)pdate key type/(K)eep existing key type: K
Renewing an existing certificate for umiere.com

Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: umiere.com
Type: unauthorized
Detail: 160.16.74.225: Invalid response from http://umiere.com/.well-known/acme-challenge/RJpCn6nWbop6IHQsyCHP0Xdmf3BjqiGjBkhMZCcgkec: 404

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. 自動更新していたが、できなくなっていた

申し訳ありませんが、私は日本語がわかりません。機械翻訳が役立つと幸いです。

I notice that port 80 (HTTP) has a server that identifies itself as nginx. However, port 443 (HTTPS) has a server identifying itself as Apache.

I wonder if you have an nginx server that's listening on both ports, and that's forwarding connections to an Apache server using a directive like proxy_pass. If so, the --apache method in Certbot might not work for this configuration. In this case, you might be able to get the renewal to work using a different authenticator method like --nginx or even --webroot.

Can you describe more about your configuration? Is it correct that this server has both nginx and Apache present? If so, how are their configurations related to each other?

Interestingly the nginx server on port 80 is serving an Apache default page

What show?:
certbot certificates
certbot renew

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.