Home Explore Help
Register Sign In
iNDivia.net
/
otcerts
7
0
Fork 0
Files Issues 1 Pull Requests 0 Wiki
Labels Milestones
New Issue

#2 renew fallisce se un singolo nome fallisce (es, dominio scaduto)

Open
opened 2 years ago by jigen · 1 comments
jigen commented 2 years ago

Per esempio in questo caso totallynot.science e' scaduto e non rinnovato. Il fallimento comporta il non rinnovo del certificato che pero' riguarda tutti i domani.

mail01:/etc/letsencrypt/live# cd /usr/local/ortiche/otcerts/ && /usr/bin/python3 OTcerts.py --mbox --renew
INFO:root:Renewing certificates                                              
Your system is not supported by certbot-auto anymore.                          
certbot-auto and its Certbot installation will no longer receive updates.                                                                             
You will not receive any bug fixes including those fixing server compatibility           
or security problems.                                                                   
Please visit https://certbot.eff.org/ to check for other alternatives.                          
Challenge failed for domain smtp.totallynot.science                                                         
Attempting to renew cert (mail.indivia.net) from /etc/letsencrypt/renewal/mail.indivia.net.conf produced an unexpected error: Some challenges have fai
led.. Skipping.                                                                                                  
Challenge failed for domain imap.totallynot.science                                    
Challenge failed for domain pop3.totallynot.science                                
Attempting to renew cert (mbox.indivia.net) from /etc/letsencrypt/renewal/mbox.indivia.net.conf produced an unexpected error: Some challenges have fai
led.. Skipping.                                                                                          
All renewal attempts failed. The following certs could not be renewed:         
  /etc/letsencrypt/live/mail.indivia.net/fullchain.pem (failure)                                                 
  /etc/letsencrypt/live/mbox.indivia.net/fullchain.pem (failure)                                                                                      
2 renew failure(s), 0 parse failure(s)                                                                                                                
INFO:root:Done renew
Per esempio in questo caso totallynot.science e' scaduto e non rinnovato. Il fallimento comporta il non rinnovo del certificato che pero' riguarda tutti i domani. ``` mail01:/etc/letsencrypt/live# cd /usr/local/ortiche/otcerts/ && /usr/bin/python3 OTcerts.py --mbox --renew INFO:root:Renewing certificates Your system is not supported by certbot-auto anymore. certbot-auto and its Certbot installation will no longer receive updates. You will not receive any bug fixes including those fixing server compatibility or security problems. Please visit https://certbot.eff.org/ to check for other alternatives. Challenge failed for domain smtp.totallynot.science Attempting to renew cert (mail.indivia.net) from /etc/letsencrypt/renewal/mail.indivia.net.conf produced an unexpected error: Some challenges have fai led.. Skipping. Challenge failed for domain imap.totallynot.science Challenge failed for domain pop3.totallynot.science Attempting to renew cert (mbox.indivia.net) from /etc/letsencrypt/renewal/mbox.indivia.net.conf produced an unexpected error: Some challenges have fai led.. Skipping. All renewal attempts failed. The following certs could not be renewed: /etc/letsencrypt/live/mail.indivia.net/fullchain.pem (failure) /etc/letsencrypt/live/mbox.indivia.net/fullchain.pem (failure) 2 renew failure(s), 0 parse failure(s) INFO:root:Done renew ```
jigen commented 2 years ago
Owner

Il problema si puo' risolvere trovando il posto giusto in cui inserire l'opzione --allow-subset-of-names di renew

--allow-subset-of-names
When performing domain validation, do not consider it failure if
authorizations can not be obtained for a strict subset of the requested 
domains. This may be useful for allowing renewals for multiple domains 
to succeed even if some domains no longer point at this system
Il problema si puo' risolvere trovando il posto giusto in cui inserire l'opzione `--allow-subset-of-names` di renew ``` --allow-subset-of-names When performing domain validation, do not consider it failure if authorizations can not be obtained for a strict subset of the requested domains. This may be useful for allowing renewals for multiple domains to succeed even if some domains no longer point at this system ```
Sign in to join this conversation.
Labels
Clear labels
No Label
Milestone
Clear milestone
No Milestone
Assignee
Clear assignee
No assignee
1 Participants
Write Preview
Loading...
Cancel
Save
There is no content yet.