1. qmail.tokyo

DNS認証により、ワイルドカード証明書を入手する。

成功 -- ToshinoriMaeno 2023-02-13 02:13:00

# certbot certonly --manual --preferred-challenges dns-01 -d *.qmail.tokyo --manual-auth-hook /home/tmaeno/dnsdata/txt.sh

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for *.qmail.tokyo
Hook '--manual-auth-hook' for qmail.tokyo ran with output:
 cat qmailjp qmailjp.cn1 qmailjp.cn2 qmailjp.cn3 txt.z txt tokyo > /service/tinydns/root/qmailjp
 (cd /service/tinydns/root; make)
 make[1]: Entering directory '/home/dns/tinydns/root'
 /usr/local/bin/tinydns-data
 make[1]: Leaving directory '/home/dns/tinydns/root'

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/qmail.tokyo/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/qmail.tokyo/privkey.pem
This certificate expires on 2023-05-14.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

DNS cf delegated

s
root@tokyo:/etc/letsencrypt# certbot certonly --manual --preferred-challenges dns-01 -d *.qmail.tokyo --manual-auth-hook /home/tmaeno/dnsdata/txt.sh
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for *.qmail.tokyo
Hook '--manual-auth-hook' for qmail.tokyo ran with output:
 cat qmailjp qmailjp.cn1 qmailjp.cn2 qmailjp.cn3 txt.z txt tokyo > /service/tinydns/root/qmailjp
 (cd /service/tinydns/root; make)
 make[1]: Entering directory '/home/dns/tinydns/root'
 /usr/local/bin/tinydns-data
 make[1]: Leaving directory '/home/dns/tinydns/root'

Certbot failed to authenticate some domains (authenticator: manual). The Certificate Authority reported these problems:
  Domain: qmail.tokyo
  Type:   unauthorized
  Detail: Incorrect TXT record "cIhOluinpGAwsyi-tyVWWXCIIbqcAaqQRCXHGdYxkAI" (and 3 more) found at _acme-challenge.qmail.tokyo

Hint: The Certificate Authority failed to verify the DNS TXT records created by the --manual-auth-hook. Ensure that this hook is functioning correctly and that it waits a sufficient duration of time for DNS propagation. Refer to "certbot --help manual" and the Certbot User Guide.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

2. history


CategoryDns CategoryWatch CategoryTemplate

MoinQ: Letsencrypt/certbot/qmail.tokyo (last edited 2023-02-13 02:16:49 by ToshinoriMaeno)