certbot の更新

certbot を最新バージョンに更新

sudo apt-get install certbot


certbot challenge

sudo certbot certonly --manual --preferred-challenges dns -d *.(domain) --server https://acme-v02.api.letsencrypt.org/directory

-------------------------------------------------------------------------------

Please deploy a DNS TXT record under the name

_acme-challenge.(domain) with the following value:

HoC6h92xL-byVENTKaE2z_F0FyOB8ObyBfksUnPL3RU

Before continuing, verify the record is deployed.

-------------------------------------------------------------------------------

Press Enter to Continue


DNS の反映確認

https://www.cman.jp/network/support/nslookup.html

ここに _acme-challenge.(domain) を入力して確認


Press Enter

IMPORTANT NOTES:

- Congratulations! Your certificate and chain have been saved at:

/etc/letsencrypt/live/(domain)/fullchain.pem

Your key file has been saved at:

/etc/letsencrypt/live/(domain)/privkey.pem

Your cert will expire on 2018-10-03. To obtain a new or tweaked

version of this certificate in the future, simply run certbot

again. To non-interactively renew *all* of your certificates, run

"certbot renew"

- If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate

Donating to EFF: https://eff.org/donate-le


nginx 設定変更

/etc/nginx/sites-available/(domain)


nginx & apache 再起動

sudo service nginx reload

sudo service apache2 reload