KoreaVlog(koreanvlog.com)님을 통해 오라클 무료 클라우드로 블로그를 운영하고 있습니다.
다름이 아니라, 곧 letsencrypt SSL 유효기간이 만료되는데요. 따로 자동 갱신 설정을 하진 않았고, 수동으로 해주고 있습니다. 원래는 [sudo letsencrypt renew] 으로 갱신이 잘 됐는데 아래와 같은 오류를 발생하며 갱신이 안됩니다.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/domain.kr.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for domain.kr
http-01 challenge for www.domain.kr
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (domain.kr) from /etc/letsencrypt/renewal/domain.kr.conf produced an unexpected error: Failed authorization procedure.domain.kr (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://domain.kr/.well-known/acme-challenge/uqJEe8XQkprKuUsj42qQiUHTWxDrLJ8kilZkahW-r4E [132.226.XXX.1]: "<!DOCTYPE html>\n<html lang=\"ko\">\n<head>\n<!-- META -->\n<meta charset=\"utf-8\">\n<meta name=\"generator\" content=\"Rhymix\">\n<meta name", www.domain.kr (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://domain.kr/.well-known/acme-challenge/o4lRnSVIKGQ86uNFsHERQ6Y-wxv6_m8Wt1I9wQAqiU0 [132.226.XXX.1]: "<!DOCTYPE html>\n<html lang=\"ko\">\n<head>\n<!-- META -->\n<meta charset=\"utf-8\">\n<meta name=\"generator\" content=\"Rhymix\">\n<meta name". Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/domain.kr/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/domain.kr/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: domain.kr
Type: unauthorized
Detail: Invalid response from
https://domain.kr/.well-known/acme-challenge/uqJEe8XQkprKuUsj42qQiUHTWxDrLJ8kilZkahW-r4E
[132.226.XXX.1]: "<!DOCTYPE html>\n<html lang=\"ko\">\n<head>\n<!--
META -->\n<meta charset=\"utf-8\">\n<meta name=\"generator\"
content=\"Rhymix\">\n<meta name"
Domain: www.domain.kr
Type: unauthorized
Detail: Invalid response from
https://domain.kr/.well-known/acme-challenge/o4lRnSVIKGQ86uNFsHERQ6Y-wxv6_m8Wt1I9wQAqiU0
[132.226.XXX.1]: "<!DOCTYPE html>\n<html lang=\"ko\">\n<head>\n<!--
META -->\n<meta charset=\"utf-8\">\n<meta name=\"generator\"
content=\"Rhymix\">\n<meta name"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
3달 전에도 수동으로 갱신해주었는데, 이번에 갑자기 안돼서 당황스럽습니다.. 단순 블로그 운영이기에 3달 전과 비교해 따로 건든 것은 없습니다.
일단 도메인 DNS설정과 IP주소, 오라클 클라우드 설정도 다시 확인해봤고, XE타운이나 구글에 검색해봐도 딱히 해결책을 찾지 못했습니다.. 블로그를 통해 아무 지식없이 따라서 만들다 보니 어려움이 많네요..ㅠ
도움주시면 정말 감사하겠습니다!
2. 갱신하고자 하는 도메인의 80포트로 접속시 정상접속이 잘이루어지고 있는지 확인해보세요.
3. 갱신하고자 하는 도메인의 80포트로 접속히 433(ssl https 프로토콜) 포트로 301 리디렉트 시켜주고 있는지 확인해보세요.