6

我使用以下命令在我的 ubuntu 16.04 机器上安装了letsencrypt。

sudo apt-get install letsencrypt

现在,我想定义一个 cronjob 以使用以下行自动更新我的证书。

certbot renew --pre-hook "service nginx stop" --post-hook "service nginx start"

但我总是得到错误,找不到命令 certbot。

如果我使用letsencrypt而不是certbot,只要我不使用--pre-hookand就一切正常--post-hook

如何安装certbot或有替代命令让letsencrypt定义这样的钩子?

谢谢

4

7 回答 7

5

对我来说,以下命令工作正常。

安装快照

sudo apt update

sudo apt install snapd

安装核心

sudo snap install core

安装 Certbot

sudo snap install --classic certbot

sudo ln -s /snap/bin/certbot /usr/bin/certbot

更新 Certbot

sudo certbot renew --dry-run
于 2021-03-16T07:03:52.043 回答
4

按照官方certbot说明安装

sudo apt install certbot python3-certbot-nginx

或者,在具有 的较新的 Ubuntu 中snap

sudo snap install --classic certbot

之后就可以使用了$PATH

于 2020-07-30T13:41:02.587 回答
3

好的,我找到了解决方案..

git clone git@github.com:certbot/certbot.git

cd certbot

./certbot-auto renew --pre-hook "service nginx stop" --post-hook "service nginx start"

于 2016-10-24T10:02:12.510 回答
0

试试这个 sudo ~/.certbot/bin/certbot certonly --webroot

于 2022-01-24T06:43:11.400 回答
0

你可以试试Let's Certbot

Let's Certbot 是一个基于 Certbot 构建自动化脚本的工具,用于获取、更新、部署 SSL 证书。

它支持 docker 和非 docker 环境。

GitHub:https ://github.com/jinhucheung/letscertbot

于 2020-02-06T03:04:11.607 回答
0

This worked for me. I have to specify full path when running certbot with elevated privileges

sudo /snap/bin/certbot renew --dry-run

TL;DR

Although I have /snap/bin in my $PATH

echo $PATH

/usr/local/bin:/usr/bin:/bin:/usr/games:/snap/bin

But without providing full path it does not work with sudo. It throws the following error

certbot renew --dry-run

The following error was encountered:
[Errno 13] Permission denied: '/var/log/letsencrypt/.certbot.lock'
Either run as root, or set --config-dir, --work-dir, and --logs-dir to writeable paths.

and it also works if I (while having /snap/bin in root's $PATH as well) switch to power user

sudo -i

and then run any certbot command

Kindly note I'm on debian 10 and using snapd as package manager according to the tutorial https://certbot.eff.org/lets-encrypt/snap-nginx.

As explained here https://unix.stackexchange.com/questions/245772/why-running-command-as-sudo-returns-command-not-found this is kinda expected and approved of behaviour:

sudo tries to be safe when executing external commands. the usual workaround is to specify the complete pathname of the program. It's also more secure; it you don't specify the path, it's conceivable that an attacker could create another program that will be run with root permissions.

Going on reading further I can see that my PATHs are different

env | grep ^PATH
sudo env | grep ^PATH

There are several solutions (use custom sudo or change sudo $PATH) provided at the thread Command not found when using sudo so one does not have to specify full path.

于 2020-07-12T09:37:10.613 回答
0

尝试使用 snap 删除
sudo snap remove certbot

然后再次安装 sudo snap install --classic certbot

于 2021-01-07T11:21:52.743 回答