[Ubuntu] Lets Encrpyt 인증서 갱신시 오류날때 nginx 도 가동이 안될때
sudo certbot renew 해서 인증서 갱신을 시도하기 오류가 나고 갱신이 되지 않았다.
certbot -v 로 인증서 갱신 성공하였다.
갱신하기전에 nginx 를 잠시 종료하자.
systemctl stop nginx
root@lee-ubuntu:~# certbot -v
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: bbarksen.com
2: http://www.bbarksen.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): enter키 클릭
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
You have an existing certificate that contains a portion of the domains you
requested (ref: /etc/letsencrypt/renewal/bbarksen.com.conf)
It contains these names: bbarksen.com
You requested these names for the new certificate: bbarksen.com,
http://www.bbarksen.com.
Do you want to expand and replace this existing certificate with the new
certificate?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(E)xpand/(C)ancel: e
Renewing an existing certificate for bbarksen.com and http://www.bbarksen.com
Performing the following challenges:
http-01 challenge for bbarksen.com
http-01 challenge for http://www.bbarksen.com
Waiting for verification...
Cleaning up challenges
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/bbarksen.com/fullchain.pem
Key is saved at: /etc/letsencrypt/live/bbarksen.com/privkey.pem
This certificate expires on 2024-06-12.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
Deploying certificate
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/bbarksen
Successfully deployed certificate for bbarksen.com to /etc/nginx/sites-enabled/bbarksen
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/bbarksen
Successfully deployed certificate for http://www.bbarksen.com to /etc/nginx/sites-enabled/bbarksen
Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/bbarksen
Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/bbarksen
Your existing certificate has been successfully renewed, and the new certificate has been installed.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
이제 다시 nginx 를 가동해보자
systemctl start nginx
그런데 또 만약에 아래처럼 nginx가 가동이 안된다면,
root@lee-ubuntu:~# systemctl start nginx
Job for nginx.service failed because the control process exited with error code.
See "systemctl status nginx.service" and "journalctl -xe" for details.
root@lee-ubuntu:~# fuser -k 443/tcp
443/tcp: 2503264 2503270 2503271 2503272 2503273
하고 다시 systemctl start nginx 하면 성공