使用Certbot续订SSL证书,无需使用不需要的域

时间:2019-05-08 18:56:52

标签: nginx certbot

当前我的certbot无法更新,因为其中一个子域不再有效:unneededsubdomain.foo.co.ukwww.unneededsubdomain.foo.co.uk

这是因为我已删除域记录,因为不再需要将其链接到此服务器。但是,我仍然想为所有其他子域续订证书,例如:foo.co.uk www.foo.co.ukapi.foo.co.uk

这与我运行certbot renew时的输出类似:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/foo.co.uk-0001.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not yet due for renewal

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/foo.co.uk.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for unneededsubdomain.foo.co.uk
http-01 challenge for www.unneededsubdomain.foo.co.uk
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (foo.co.uk) from /etc/letsencrypt/renewal/foo.co.uk.conf produced an unexpected error: Failed authorization procedure. www.unneededsubdomain.foo.co.uk (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from ... :: The client lacks sufficient authorization :: Invalid response from .... Skipping.
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/foo.co.uk/fullchain.pem (failure)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

The following certs are not due for renewal yet:
  /etc/letsencrypt/live/foo.co.uk-0001/fullchain.pem expires on 2019-07-06 (skipped)
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/foo.co.uk/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: www.unneededsubdomain.foo.co.uk
   Type:   unauthorized
   Detail: Invalid response from
   ...

   Domain: unneededsubdomain.foo.co.uk
   Type:   unauthorized
   Detail: Invalid response from
   ...

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

如您所见,续订失败,因为它尝试续订不再需要的证书。在没有此不需要的子域的情况下,如何成功续订证书?

(注意:foo.co.uk当然不是我的实际网站。我只是将其替换为虚拟名称)

0 个答案:

没有答案