iNDivia.net/otcerts
6
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity

renew fallisce se un singolo nome fallisce (es, dominio scaduto) #2

New issue
Open
opened 2021-11-26 21:59:12 +01:00 by jigen · 1 comment
jigen commented 2021-11-26 21:59:12 +01:00
Owner
Copy link

Per esempio in questo caso totallynot.science e' scaduto e non rinnovato. Il fallimento comporta il non rinnovo del certificato che pero' riguarda tutti i domani.

mail01:/etc/letsencrypt/live# cd /usr/local/ortiche/otcerts/ && /usr/bin/python3 OTcerts.py --mbox --renew
INFO:root:Renewing certificates                                              
Your system is not supported by certbot-auto anymore.                          
certbot-auto and its Certbot installation will no longer receive updates.                                                                             
You will not receive any bug fixes including those fixing server compatibility           
or security problems.                                                                   
Please visit https://certbot.eff.org/ to check for other alternatives.                          
Challenge failed for domain smtp.totallynot.science                                                         
Attempting to renew cert (mail.indivia.net) from /etc/letsencrypt/renewal/mail.indivia.net.conf produced an unexpected error: Some challenges have fai
led.. Skipping.                                                                                                  
Challenge failed for domain imap.totallynot.science                                    
Challenge failed for domain pop3.totallynot.science                                
Attempting to renew cert (mbox.indivia.net) from /etc/letsencrypt/renewal/mbox.indivia.net.conf produced an unexpected error: Some challenges have fai
led.. Skipping.                                                                                          
All renewal attempts failed. The following certs could not be renewed:         
  /etc/letsencrypt/live/mail.indivia.net/fullchain.pem (failure)                                                 
  /etc/letsencrypt/live/mbox.indivia.net/fullchain.pem (failure)                                                                                      
2 renew failure(s), 0 parse failure(s)                                                                                                                
INFO:root:Done renew
Per esempio in questo caso totallynot.science e' scaduto e non rinnovato. Il fallimento comporta il non rinnovo del certificato che pero' riguarda tutti i domani. ``` mail01:/etc/letsencrypt/live# cd /usr/local/ortiche/otcerts/ && /usr/bin/python3 OTcerts.py --mbox --renew INFO:root:Renewing certificates Your system is not supported by certbot-auto anymore. certbot-auto and its Certbot installation will no longer receive updates. You will not receive any bug fixes including those fixing server compatibility or security problems. Please visit https://certbot.eff.org/ to check for other alternatives. Challenge failed for domain smtp.totallynot.science Attempting to renew cert (mail.indivia.net) from /etc/letsencrypt/renewal/mail.indivia.net.conf produced an unexpected error: Some challenges have fai led.. Skipping. Challenge failed for domain imap.totallynot.science Challenge failed for domain pop3.totallynot.science Attempting to renew cert (mbox.indivia.net) from /etc/letsencrypt/renewal/mbox.indivia.net.conf produced an unexpected error: Some challenges have fai led.. Skipping. All renewal attempts failed. The following certs could not be renewed: /etc/letsencrypt/live/mail.indivia.net/fullchain.pem (failure) /etc/letsencrypt/live/mbox.indivia.net/fullchain.pem (failure) 2 renew failure(s), 0 parse failure(s) INFO:root:Done renew ```
jigen commented 2021-11-26 22:01:55 +01:00
Author
Owner
Copy link

Il problema si puo' risolvere trovando il posto giusto in cui inserire l'opzione --allow-subset-of-names di renew

--allow-subset-of-names
When performing domain validation, do not consider it failure if
authorizations can not be obtained for a strict subset of the requested 
domains. This may be useful for allowing renewals for multiple domains 
to succeed even if some domains no longer point at this system
Il problema si puo' risolvere trovando il posto giusto in cui inserire l'opzione `--allow-subset-of-names` di renew ``` --allow-subset-of-names When performing domain validation, do not consider it failure if authorizations can not be obtained for a strict subset of the requested domains. This may be useful for allowing renewals for multiple domains to succeed even if some domains no longer point at this system ```
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
renew_reload
reload_d
fix_wild
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: iNDivia.net/otcerts#2
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?