LetsEncrypt SSL 証明書の更新(2025/8/13 実施)
Wednesday, August 13th, 2025LetsEncrypt SSLの有効期限が2日後に迫ってきたので、いつもどおり更新作業をした。
以下、更新時のLog を転記:
[root@Server01 ~]# certbot certonly --manual Saving debug log to /var/log/letsencrypt/letsencrypt.log Please enter the domain name(s) you would like on your certificate (comma and/or space separated) (Enter 'c' to cancel): *.yamasnet.com Renewing an existing certificate for *.yamasnet.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please deploy a DNS TXT record under the name: _acme-challenge.yamasnet.com. with the following value: t7WukSNQiZLhdtNk368IJLkVzrwcFE_juhlZlo3clHE Before continuing, verify the TXT record has been deployed. Depending on the DNS provider, this may take some time, from a few seconds to multiple minutes. You can check if it has finished deploying with aid of online tools, such as the Google Admin Toolbox: https://toolbox.googleapps.com/apps/dig/#TXT/_acme-challenge.yamasnet.com. Look for one or more bolded line(s) below the line ';ANSWER'. It should show the value(s) you've just added. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Press Enter to Continue Successfully received certificate. Certificate is saved at: /etc/letsencrypt/live/yamasnet.com/fullchain.pem Key is saved at: /etc/letsencrypt/live/yamasnet.com/privkey.pem This certificate expires on 2025-11-10. These files will be updated when the certificate renews. NEXT STEPS: - This certificate will not be renewed automatically. Autorenewal of --manual certificates requires the use of an authentication hook script (--manual-auth-hook) but one was not provided. To renew this certificate, repeat this same certbot command before the certificate's expiry date. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - If you like Certbot, please consider supporting our work by: * Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate * Donating to EFF: https://eff.org/donate-le - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [root@Server01 ~]# systemctl restart httpd [root@Server01 ~]# certbot certificates Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Found the following certs: Certificate Name: yamasnet.com Serial Number: 5d93eeebba884f79aa4000ceffc9e0e13a6 Key Type: ECDSA Domains: *.yamasnet.com Expiry Date: 2025-11-10 23:17:16+00:00 (VALID: 89 days) Certificate Path: /etc/letsencrypt/live/yamasnet.com/fullchain.pem Private Key Path: /etc/letsencrypt/live/yamasnet.com/privkey.pem - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
httpd を更新し、証明書を反映:
[root@Server01 ~]# systemctl restart httpd
更新後の証明書の確認:
[root@Server01 ~]# certbot certificates Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Found the following certs: Certificate Name: yamasnet.com Serial Number: 5d93eeebba884f79aa4000ceffc9e0e13a6 Key Type: ECDSA Domains: *.yamasnet.com Expiry Date: 2025-11-10 23:17:16+00:00 (VALID: 89 days) Certificate Path: /etc/letsencrypt/live/yamasnet.com/fullchain.pem Private Key Path: /etc/letsencrypt/live/yamasnet.com/privkey.pem - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -