Let’s EncryptでSSL化

通常パターン

# certbot certonly --webroot -w /var/www/linuxexpert.ne.jp/html -d linuxexpert.ne.jp

サーバの移行中など、上の通常パターンで certbot に 嫌がられエラーになる場合、Certbot を tandaloneモードで実行します。

# systemctl stop httpd
# certbot certonly --standalone -t
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Please enter the domain name(s) you would like on your certificate (comma and/or
space separated) (Enter 'c' to cancel): linuxexpert.ne.jp
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/linuxexpert.ne.jp/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/linuxexpert.ne.jp/privkey.pem
# systemctl start httpd
# certbot certonly --webroot -w /var/www/linuxexpert.ne.jp/html -d linuxexpert.ne.jp --agree-tos --force-renewal -n
# systemctl restart httpd
# systemctl status  httpd