snapd 삭제
apt autoremove --purge snapd
rm -rf /snap
rm -rf /var/snap
rm -rf /var/lib/snapd
snapd 설치
$ sudo apt update
$ sudo apt install snapd
$ sudo snap install hello-world
$ sudo snap install --classic certbot
인증서 발급
$ sudo certbot --nginx
or
$ sudo certbot --nginx -d [적용할 사이트 이름] -d [www.적용할사이트이름]
그런데 certbot이 이미 사용중이란다.
Another instance of Certbot is already running.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/certbot-log-lgu7_172/log or re-run Certbot with -v for more details.
강제로 certbot 모듈을 죽여보자
find / -type f -name ".certbot.lock" -exec rm {} \;
재시도
$ sudo certbot --nginx -d [적용할 사이트 이름] -d [www.적용할사이트이름]
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Could not read file: /etc/nginx/sites-enabled/default due to invalid character. Only UTF-8 encoding is supported.
Requesting a certificate for test.com and www.kkotji.com
Could not read file: /etc/nginx/sites-enabled/default due to invalid character. Only UTF-8 encoding is supported.
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/test.com/fullchain.pem
Key is saved at: /etc/letsencrypt/live/test.com/privkey.pem
This certificate expires on 2023-05-23.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
Deploying certificate
Could not read file: /etc/nginx/sites-enabled/default due to invalid character. Only UTF-8 encoding is supported.
Could not install certificate
NEXT STEPS:
- The certificate was saved, but could not be installed (installer: nginx). After fixing the error shown below, try installing it again by running:
certbot install --cert-name test.com
Could not automatically find a matching server block for test.com. Set the `server_name` directive to use the Nginx installer.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
Successfully로 떠서 되긴 하지만 머냐.. 저것들은... 아마 default의 주석부분 한글 때문인듯 하다.
#바로 재생긴 한번 해보자
sudo certbot renew
#만료정보확인
sudo certbot certificates
Expiry Date: 2023-05-23 05:55:17+00:00 (VALID: 89 days)
#Crontab으로 만료일 갱신하기 renew하기
# sudo su
# crontab -e
1. /bin/nano <---- easiest
2. /usr/bin/vim.basic
3. /usr/bin/vim.tiny
4. /bin/ed
Choose 1-4 [1]: 1
0 3 * * * certbot renew --renew-hook "sudo service nginx restart"
0 4 * * 1 root shutdown now -r 이거는 빼야할것 같다. 임시ip라 재부팅시 ip변경될 가능성 있음
다음으로 변경
0 3 * * * certbot renew --renew-hook "sudo systemctl reload nginx"
분시일월
