我生成了让加密证书失效的证书,该证书将在周日到期。
现在我有2个文件(.key和.crt),但是我没有任何certbot上下文。
我尝试通过以下方式手动续订证书:
docker run -it --rm --name certbot \
-v "$PWD/letsencrypt:/etc/letsencrypt" \
-v "$PWD/lib/letsencrypt:/var/lib/letsencrypt" \
certbot/certbot \
renew --cert-name mydomain.fr --dry-run
在$PWD/letsencrypt中,我有其他域的证书,但没有我要寻找的证书,因此我尝试重新创建配置:
我放置了一个新文件夹$PWD/letsencrypt/archive/mydomain.com
我在这里放了2个文件。
然后,我放置另一个文件夹$PWD/letsencrypt/live/mydomain.com,并放置一个符号链接进行存档。
当我尝试运行certbot更新时,我得到:
No certificate found with name mydomain.com (expected /etc/letsencrypt/renewal/mydomain.com.conf).
所以我选中了/etc/letsencrypt/renewal/another-domain.com.conf
然后我得到:
# renew_before_expiry = 30 days
version = 0.31.0
archive_dir = /etc/letsencrypt/archive/my-other-domain.com
cert = /etc/letsencrypt/live/my-other-domain.com/cert.pem
privkey = /etc/letsencrypt/live/my-other-domain.com/privkey.pem
chain = /etc/letsencrypt/live/my-other-domain.com/chain.pem
fullchain = /etc/letsencrypt/live/my-other-domain.com/fullchain.pem
# Options used in the renewal process
[renewalparams]
authenticator = manual
account = 391464a66cf5315d0761b4a412400000
pref_challs = dns-01,
manual_public_ip_logging_ok = True
server = https://acme-v02.api.letsencrypt.org/directory
我没有的东西:
如何获取现有的让加密证书的account
是否可以重新生成chain和fullchain?