在Github中断期间,Certbot autorenew失败了

时间:2017-08-01 02:13:45

标签: ssl-certificate lets-encrypt certbot

今天我有一个certbot autorenew失败。续订证书的cron脚本失败,证书已过期。下面是日志,其中包括最后我ssh'ing到框中手动运行certbot-auto renew --standalone --no-self-upgrade命令来解决问题。

我的问题是 - 这是否显示证书续订错误的来源?它与今天的GitHub中断有关,还是另一个问题?我可以做些什么来避免将来出现这种情况?

这是运行续订脚本的cron作业(le-renew.log是以下日志文​​件的名称):

30 2 * * 1 /usr/local/sbin/certbot-auto renew >> /var/log/le-renew.log

LE-renew.log:

...(more duplicate logfile entries above)
Get:21 http://http.debian.net jessie/main Sources [7,054 kB]
Err http://ppa.launchpad.net jessie/main amd64 Packages
  404  Not Found
Ign http://ppa.launchpad.net jessie/main Translation-en_US
Ign http://ppa.launchpad.net jessie/main Translation-en
Get:22 http://http.debian.net jessie/main amd64 Packages [6,789 kB]
Get:23 http://http.debian.net jessie/main Translation-en [4,582 kB]
Fetched 1,083 kB in 9s (113 kB/s)
apt-get update hit problems but continuing anyway...
Reading package lists...
Building dependency tree...
Reading state information...
augeas-lenses is already the newest version.
libaugeas0 is already the newest version.
gcc is already the newest version.
libffi-dev is already the newest version.
libssl-dev is already the newest version.
openssl is already the newest version.
python is already the newest version.
python-dev is already the newest version.
python-virtualenv is already the newest version.
virtualenv is already the newest version.
The following packages will be upgraded:
  ca-certificates
1 upgraded, 0 newly installed, 0 to remove and 83 not upgraded.
Need to get 207 kB of archives.
After this operation, 92.2 kB disk space will be freed.
Do you want to continue? [Y/n] Abort.
Bootstrapping dependencies for Debian-based OSes... (you can skip this with --no-bootstrap)
Ign http://http.debian.net jessie InRelease
Hit https://deb.nodesource.com jessie InRelease
Get:1 http://security.debian.org jessie/updates InRelease [63.1 kB]
Get:2 http://http.debian.net jessie-updates InRelease [145 kB]
Hit http://http.debian.net jessie Release.gpg
Hit http://http.debian.net jessie Release
Get:3 https://deb.nodesource.com jessie/main Sources [762 B]
Get:4 http://http.debian.net jessie-updates/main Sources [15.7 kB]
Get:5 https://deb.nodesource.com jessie/main amd64 Packages [966 B]
Get:6 https://deb.nodesource.com jessie/main Translation-en_US [162 B]
Get:7 https://deb.nodesource.com jessie/main Translation-en [162 B]
Get:8 http://http.debian.net jessie-updates/main amd64 Packages/DiffIndex [8,392 B]
Get:9 http://http.debian.net jessie-updates/main Translation-en/DiffIndex [3,196 B]
Get:10 https://deb.nodesource.com jessie/main Translation-en_US [162 B]
Get:11 https://deb.nodesource.com jessie/main Translation-en [162 B]
Get:12 https://deb.nodesource.com jessie/main Translation-en_US [162 B]
Hit http://security.debian.org jessie/updates/main Sources
Hit http://security.debian.org jessie/updates/main amd64 Packages
Get:13 https://deb.nodesource.com jessie/main Translation-en [162 B]
Get:14 https://deb.nodesource.com jessie/main Translation-en_US [162 B]
Hit http://security.debian.org jessie/updates/main Translation-en
Get:15 https://deb.nodesource.com jessie/main Translation-en [162 B]
Get:16 https://deb.nodesource.com jessie/main Translation-en_US [162 B]
Ign https://deb.nodesource.com jessie/main Translation-en_US
Get:17 https://deb.nodesource.com jessie/main Translation-en [162 B]
Ign https://deb.nodesource.com jessie/main Translation-en
Get:18 http://http.debian.net jessie/main Sources [7,054 kB]
Get:19 http://http.debian.net jessie/main amd64 Packages [6,789 kB]
Get:20 http://http.debian.net jessie/main Translation-en [4,582 kB]
Ign http://ppa.launchpad.net jessie InRelease
Ign http://ppa.launchpad.net jessie Release.gpg
Ign http://ppa.launchpad.net jessie Release
Err http://ppa.launchpad.net jessie/main amd64 Packages
  404  Not Found
Ign http://ppa.launchpad.net jessie/main Translation-en_US
Ign http://ppa.launchpad.net jessie/main Translation-en
Fetched 221 kB in 9s (23.8 kB/s)
apt-get update hit problems but continuing anyway...
Reading package lists...
Building dependency tree...
Reading state information...
augeas-lenses is already the newest version.
libaugeas0 is already the newest version.
gcc is already the newest version.
libffi-dev is already the newest version.
libssl-dev is already the newest version.
openssl is already the newest version.
python is already the newest version.
python-dev is already the newest version.
python-virtualenv is already the newest version.
virtualenv is already the newest version.
The following packages will be upgraded:
  ca-certificates
1 upgraded, 0 newly installed, 0 to remove and 70 not upgraded.
Need to get 207 kB of archives.
After this operation, 92.2 kB disk space will be freed.
Do you want to continue? [Y/n] Abort.
Upgrading certbot-auto 0.13.0 to 0.16.0...
Replacing certbot-auto...
Creating virtual environment...
Installing Python packages...
Installation succeeded.

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/example.com.conf
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/example.com/fullchain.pem
-------------------------------------------------------------------------------

Congratulations, all renewals succeeded. The following certs have been renewed:
  /etc/letsencrypt/live/example.com/fullchain.pem (success)

1 个答案:

答案 0 :(得分:2)

对我来说最大的问题是你在这里遇到了操作问题:

  

今天我有 certbot autorenew失败。更新cron脚本   证书失败,我的证书已过期

为什么要等到最后一天更新?您可以每天运行certbot,它将续订在接下来的30天内到期的任何内容。这应该会给你更多的时间来诊断和应对单次发行失败。

您还应监控 cron作业以查找失败。使用外部服务,或以某种方式通知cron作业失败。也许尝试答案here

相关问题
最新问题