------------------------------------------------------------------------------- NOTE: The IP of this machine will be publicly logged as having requested this certificate. If you're running certbot in manual mode on a machine thatisnot your server, please ensure you're okay withthat.
Are you OK with your IP being logged? ------------------------------------------------------------------------------- (Y)es/(N)o: y
2.3 再敲下y:
1 2 3 4 5 6 7 8
------------------------------------------------------------------------------- Please deploy a DNS TXT record under the name _acme-challenge.m2c.top withthe following value:
W2Z_PT1RQX8usavprZ1ly43Je2ayst3ShIBxpgicdEA
Before continuing, verify the record is deployed.
2.4 在域名解析服务中添加一个泛解析:
2.5 按下回车
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
Waiting for verification... Cleaning up challenges
IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/m2c.top/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/m2c.top/privkey.pem Your cert will expire on 2020-07-16. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
2.6 证书到期了续签
1
certbot renew
certbot会在原来的证书路径重新生成证书
通配符域名证书不能简单的通过执行 certbot renew 来完成续期,必须通过 –manual-auth-hook 参数提供一个身份验证脚本来自动完成 DNS TXT 记录的验证操作,可以使用别人写好的插件 地址
