目次
環境
nginx
Let’s Encrypt
エラー発生
Let’s Encryptの証明書の有効期限が切れている状態で、以下のコマンドを実行する。
/usr/bin/certbot renew
本来なら証明書が更新されるが、「エラー内容
」が発生する。
エラー内容
Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /etc/letsencrypt/renewal/example.com.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Cert is due for renewal, auto-renewing... Plugins selected: Authenticator apache, Installer apache Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org Renewing an existing certificate Performing the following challenges: http-01 challenge for example.com Error while running apachectl graceful. Job for httpd.service invalid. Unable to restart apache using ['apachectl', 'graceful'] Error while running apachectl restart. Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details. Cleaning up challenges Error while running apachectl graceful. Job for httpd.service invalid. Unable to restart apache using ['apachectl', 'graceful'] Error while running apachectl restart. Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details. Encountered exception during recovery: Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/certbot/_internal/error_handler.py", line 125, in _call_registered self.funcs[-1]() File "/usr/lib/python2.7/site-packages/certbot/_internal/auth_handler.py", line 243, in _cleanup_challenges self.auth.cleanup(achalls) File "/usr/lib/python2.7/site-packages/certbot_apache/_internal/configurator.py", line 2540, in cleanup self.restart() File "/usr/lib/python2.7/site-packages/certbot_apache/_internal/configurator.py", line 2410, in restart self._reload() File "/usr/lib/python2.7/site-packages/certbot_apache/_internal/configurator.py", line 2437, in _reload raise errors.MisconfigurationError(error) MisconfigurationError: Error while running apachectl restart. Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details. Attempting to renew cert (example.com) from /etc/letsencrypt/renewal/example.com.conf produced an unexpected error: Error while running apachectl restart. Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details. . Skipping. All renewal attempts failed. The following certs could not be renewed: /etc/letsencrypt/live/example.com/fullchain.pem (failure) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - All renewal attempts failed. The following certs could not be renewed: /etc/letsencrypt/live/example.com/fullchain.pem (failure) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1 renew failure(s), 0 parse failure(s)
対応方法
nginxを停止します。
systemctl stop nginx
証明書を更新します。
/usr/bin/certbot renew
Apatchを停止します。
systemctl stop httpd
nginxを再起動します。
systemctl start nginx
これで、証明書の更新が正常に完了です。