Cách renew Let’s Encrypt (Certbot) khi gặp lỗi “Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.” Ja

Với trường hợp sử dụng certbot trên Linux để tạo let’s Encrypt.

Khi certificate hết hạn. Chạy lệnh sau để renew:

sudo certbot renew

Nếu chạy lệnh trên sinh ra lỗi sau:

Renewing an existing certificate
Performing the following challenges:
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.
Attempting to renew cert (example.com) from /etc/letsencrypt/renewal/example.com.conf produced an unexpected error: Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.. Skipping.
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/example.com/fullchain.pem (failure)

Hãy chạy lệnh sau để renew một certificate:

1. Với Apache:
sudo certbot --authenticator standalone --installer apache -d example.com -d www.example.com --pre-hook "systemctl stop apache2" --post-hook "systemctl start apache2"
2. Với Nginx:
sudo certbot --authenticator standalone --installer nginx -d example.com -d www.example.com --pre-hook "systemctl stop nginx" --post-hook "systemctl start nginx"

Trang tham khảo cách tạo certificate:
– Cerbot linux: https://certbot.eff.org/docs/using.html#apache
– win-acme window: https://github.com/PKISharp/win-acme/wiki/Command-Line-Arguments

Bài viết liên quan