Help us understand the problem. What is going on with this article?

Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.

More than 1 year has passed since last update.

概要

Nginx/debian9で立てていたwebサーバーの証明書を更新しようとしたところ発生したエラーについて。

エラー

$ certbot renew 
...省略...
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.

解決策

$ certbot --authenticator standalone --installer nginx -d yourdomain.com --pre-hook "systemctl stop nginx" --post-hook "systemctl start nginx"

また、この時ブラウザで確認した際にERR_TOO_MANY_REDIRECTSと言ったエラーが発生した場合、certbotが改変したnginxのconfigファイルが既存の設定と衝突している場合があるので、確認する。

参考

certbot公式より
https://certbot.eff.org/lets-encrypt/debianstretch-nginx

SSL web server 診断サイト
https://www.ssllabs.com/ssltest/analyze.html

____easy
no pain no gain
Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
Comments
No comments
Sign up for free and join this conversation.
If you already have a Qiita account
Why do not you register as a user and use Qiita more conveniently?
You need to log in to use this function. Qiita can be used more conveniently after logging in.
You seem to be reading articles frequently this month. Qiita can be used more conveniently after logging in.
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
ユーザーは見つかりませんでした