当我尝试登录我的邮件客户端时,收到以下信息:
This certificate belongs to:
mail.ssk.pm
This certificate was issued by:
R3
Let's Encrypt
US
This certificate is valid
from Thu, 21 Mar 2024 18:03:06 UTC
to Wed, 19 Jun 2024 18:03:05 UTC
SHA1 Fingerprint: 2BAC DF4D 2E6A BC4B BDBB 9746 6A39 D523 9306 DE4A
SHA256 Fingerprint: 2BAC DF4D 2E6A BC4B BDBB 9746 6A39 D523
9306 DE4A87A9 CAC5 AAD1 6E8A 8796 9232 D4B6 4EAB 97EF ECEF 437D 1BFC 4369 96AE 6FF4 C503
WARNING: Server certificate has expired
但是当我执行 certbox --nginx renew 时我得到了这个:
certbot --nginx renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/mail.ssk.pm.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Certificate not yet due for renewal
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/ssk.pm.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Certificate not yet due for renewal
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The following certificates are not due for renewal yet:
/etc/letsencrypt/live/mail.ssk.pm/fullchain.pem expires on 2024-08-19 (skipped)
/etc/letsencrypt/live/ssk.pm/fullchain.pem expires on 2024-08-18 (skipped)
No renewals were attempted.
我这里遗漏了什么吗?
当更新的证书未正确部署或邮件服务器未正确配置以使用更新的证书时,就会发生这种情况。
验证证书路径:
手动检查证书过期时间:
然后重新启动使用该证书的服务。如果仍然不起作用,则应该记录在日志中。
Certbot 维护自己的日志文件,这些文件通常位于 /var/log/letsencrypt/ 目录中。您可以检查这些日志以查看 certbot renew 命令的输出。
如果在运行 cron 作业时出现任何问题,例如语法错误或权限问题,这些问题通常会记录在系统的 cron 日志中。在许多系统中,cron 日志可以在 /var/log/syslog 或 /var/log/cron.log 中找到。
或者
默认情况下,cron 会将其运行的作业的输出(包括任何错误)发送到安排 cron 作业的用户的本地电子邮件。您可以通过阅读用户的本地邮件来检查这一点:
祝你好运!