標籤: letsencrypt

使用 acme.sh 來產生 HTTPS CA 憑證

Let's encrypt 的 certbot 常常會遇到更新失敗,然後需要重新產生的流程

使用 acme.sh + api 都可以自己去更新,比較省事~~

閱讀全文〈使用 acme.sh 來產生 HTTPS CA 憑證〉

Certbot 遇到 renew 失敗 需要 manual-auth-hook 的解法

Certbot renew 失敗,出現下述錯誤訊息要怎麼辦呢?

Could not choose appropriate plugin: The manual plugin is not working; there may be problems with your existing configuration. The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.',). Skipping.

閱讀全文〈Certbot 遇到 renew 失敗 需要 manual-auth-hook 的解法〉

Let's encrypt 遇到 'ascii' codec can't decode byte 0xe5 的解法

Let's encrpyt 在更新憑證的時候,遇到下述錯誤訊息:

Attempting to renew cert (example.com) from /etc/letsencrypt/renewal/example.com.conf produced an unexpected error: 'ascii' codec can't decode byte 0xe5 in position 2: ordinal not in range(128). Skipping.

要怎麼解決呢?

閱讀全文〈Let's encrypt 遇到 'ascii' codec can't decode byte 0xe5 的解法〉

crt.sh:查詢 Let's Encrypt 申請紀錄的資訊

Let's Encrypt - Free SSL/TLS Certificates 是免費申請憑證(SSL)的服務,不過還是有申請次數限制(Rate Limits - Let's Encrypt 次數限制),當遇到申請次數過多,要怎麼查詢已經申請幾次等等的紀錄呢?

使用此網站可以查詢申請、註冊憑證的次數、時間等等資訊

Let's Encrypt 預計 2018年1月推出 Wildcard 憑證

Let's Encrypt 預計於 2018年1月推出 Wildcard Certificates,同時 Wildcard Certificates 會需要走 ACME v2 API 來認證。

下述摘錄自此篇:Wildcard Certificates Coming January 2018

Wildcard certificates will be offered free of charge via our upcoming ACME v2 API endpoint. We will initially only support base domain validation via DNS for wildcard certificates, but may explore additional validation options over time.

Wildcard 推出之後,之後會省事不少~