Certbot续订:nginx:[error] open()"/ run/nginx.pid"失败(2:没有这样的文件或目录)
Ros*_*tha 7 nginx renewal certbot
Certbot和nginx版本:
使用certbot.eff.org安装指南安装certbot.
- Certbot版本:0.22.2
- Nginx版本:1.10.3
获得ssl证书工作正常:
certbot --nginx
但是,在更新cerbot认证
certbot renew --dry-run
nginx无法启动导致:
nginx: [error] open() "/run/nginx.pid" failed (2: No such file or directory)
我试过更改后挂钩和预挂钩 /etc/letsencrypt/renewal/*com.conf/
- 评论
installer=nginx - 将身份验证器更改为nginx和独立
添加post和pre hooks /etc/letsencrypt/renewal-hooks/pre/以及/etc/lestencrypt/renewal-hooks/post/停止和启动nginx服务.
似乎nginx无法正常启动或未正常停止.续订完成后nginx失败(代码=退出,状态= 1/FAILURE)
Nginx错误日志显示:
certbot续订时出错:
hot*_*nov 11
Try to execute:
sudo service nginx restart
Then test your nginx configuration file(s) (until you see "nginx: configuration file /etc/nginx/nginx.conf test is successful")
sudo nginx -s reload -t
Pay attention on paths to certificates, and other stuff
and then reload configuration without -t option:
sudo nginx -s reload
It's not recommended to modify configuration files in /etc/letsencrypt/ but creating (if it doesn't exist) and modifying cli.ini file here is working for me. You can specify post-hook in this file once and it will work for all your certificates, see my current file:
# /etc/letsencrypt/cli.ini
max-log-backups = 0
authenticator = webroot
webroot-path = /var/www/html
post-hook = service nginx reload
text = True
I hope this will help future readers. Solution source is here (however the article is in Russian)
您可以在运行 reload nginx 之前运行此命令行。
sudo nginx -c /etc/nginx/nginx.conf
或者
sudo nginx -c /usr/local/etc/nginx/nginx.conf
然后就可以正常启动nginx了
sudo nginx -s reload
祝你好运。
我在 Ubuntu 16.04 上遇到了同样的问题
我刚刚删除了 post 和 pre 挂钩/etc/letsencrypt/renewal/*.conf,并将验证器更改为nginx- 我在两个条目中standalone。
现在工作正常。
编辑:
更新续订配置的推荐方法是使用以下命令重新颁发新证书:
certbot -i nginx -d example.com -d www.example.com certonly
| 归档时间: |
|
| 查看次数: |
6291 次 |
| 最近记录: |