Nginx
1 前言
一个问题,一篇文章,一出故事。
今天执行如下命令更新证书,
certbot certonly --nginx
可见如下错误输出,
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: configuration file /etc/nginx/nginx.conf test failed
The nginx plugin is not working; there may be problems with your existing configuration.
The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: configuration file /etc/nginx/nginx.conf test failed\n')
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
然后执行如下命令检查nginx配置,
nginx -t
以下信息显示配置文件没有问题,
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
问题分析,
– Certbot在运行nginx -t时报告配置测试失败,但用户手动运行nginx -t却显示成功。
– Certbot是通过Snap安装的,那么它可能在沙盒环境中运行,权限受限,无法访问某些目录或文件。
2 最佳实践
certbot certonly --standalone -d www.cmdschool.org -d www.cmdschool.com -d www.cmdschool.cn
注:以上只是绕开插件获取证书的临时方案,经过实践检验的方案请参阅,
没有评论