search

kokoichi206 / til

0 stars 1 forks source link

certbot renew: Permission denied: '/var/log/letsencrypt/.certbot.lock' #13

Open kokoichi206 opened 8 months ago

kokoichi206 commented 8 months ago

前までこれで動いてた気がするんだけどな。

$ certbot renew
The following error was encountered:
[Errno 13] Permission denied: '/var/log/letsencrypt/.certbot.lock'
Either run as root, or set --config-dir, --work-dir, and --logs-dir to writeable paths.

root で動かしてみる。

$ sudo certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/xxx-0001.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not yet due for renewal

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/xxx.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Could not choose appropriate plugin: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.')
Attempting to renew cert (xxx from /etc/letsencrypt/renewal/xxxconf produced an unexpected error: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.'). Skipping.
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/xxx/fullchain.pem (failure)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

The following certs are not due for renewal yet:
  /etc/letsencrypt/live/xxx0001/fullchain.pem expires on 2024-04-22 (skipped)
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/xxx/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
ubuntu@ubuntu:/etc/systemd/system$

そのほか

certbot-auto がいつかのタイミングでなくなった。

kokoichi206 commented 8 months ago

解決方法

やり直すしかないっぽい。。。?

sudo certbot certonly --manual -d xxxxx.mydns.jp

sudo service apache2 restart
kokoichi206 commented 8 months ago

10