I recently had to renew the HTTPS certificates for my server, and ran into trouble.
最近,我不得不为服务器续订HTTPS证书 ,并遇到了麻烦。
The errors that the command sudo letsencrypt renew was spewing out were these:
sudo letsencrypt renew命令sudo letsencrypt renew的错误是:
Processing /etc/letsencrypt/renewal/bitfalls.com.conf 2017-02-06 07:43:08,126:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/bitfalls.com.conf produced an unexpected error: 'server'. Skipping. Processing /etc/letsencrypt/renewal/test.bitfalls.com.conf 2017-02-06 07:43:08,408:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/test.bitfalls.com.conf produced an unexpected error: 'server'. Skipping.To save you some googling and experimentation, the error is caused by a missing server configuration entry in the renewal configuration files. To fix this, you can start over completely (i.e. remove the /etc/letsencrypt folder and regenerate everything), or manually insert the missing config entry. Here’s how you do the latter.
为了节省您的搜索和实验时间,该错误是由续订配置文件中缺少server配置条目引起的。 要解决此问题,您可以完全重新开始(即,删除/etc/letsencrypt文件夹并重新生成所有内容),或手动插入缺少的配置条目。 这是您做后者的方法。
If you go into /etc/letsencrypt/renewal, you’ll see your current server’s cert renewal files:
如果进入/etc/letsencrypt/renewal ,则会看到当前服务器的证书续订文件:
ls /etc/letsencrypt/renewalMost of you will only have one in there, unless you have subdomains defined, in which case you should see one cert for each subdomain you’re serving via HTTPS. Copy the following string to the clipboard:
除非定义了子域,否则大多数人只会在其中一个,在这种情况下,您应该为通过HTTPS服务的每个子域看到一个证书。 将以下字符串复制到剪贴板:
server = https://acme-v01.api.letsencrypt.org/directoryThis mock server entry value needs to go into each of the files in /etc/letsencrypt/renewal, but before the [[webroot_map]] entry (if it exists – otherwise, put at the end).
这种模拟服务器条目值需要进入每一个文件/etc/letsencrypt/renewal ,但前 [[webroot_map]]条目(如果存在的话-否则,放在最后)。
Here’s a shortcut script you can just paste in the renewal folder, and it will automatically insert this string into every file at the correct location:
这是一个快捷脚本,您可以将其粘贴到renewal文件夹中,它将自动将此字符串插入每个文件中的正确位置:
sed -i "/[[webroot_map]]/i server = https://acme-v01.api.letsencrypt.org/directory" *.confOnce you edit the files and save them, running the renewal command should work:
一旦您编辑了文件并保存了它们,运行更新命令就可以了:
sudo letsencrypt renewRemember, if you’re on an old, manually installed version of LetsEncrypt, install the apt version with:
请记住,如果您使用的是旧的手动安装的LetsEncrypt版本,请使用以下命令安装apt版本:
sudo apt-get install letsencryptHopefully this saved you some trouble!
希望这可以为您节省一些麻烦!
翻译自: https://www.sitepoint.com/quick-tip-letsencrypt-server-error-fix-on-ubuntu-16-04/
