Terminal 如何在Google计算引擎SSH终端上更新Letsencrypt
我需要知道我的证书出现“不安全”问题的确切原因。我不是很懂技术,所以我不确定我需要检查什么。这是我尝试重新运行脚本时收到的消息:Terminal 如何在Google计算引擎SSH终端上更新Letsencrypt,terminal,certbot,Terminal,Certbot,我需要知道我的证书出现“不安全”问题的确切原因。我不是很懂技术,所以我不确定我需要检查什么。这是我尝试重新运行脚本时收到的消息: /certbot-auto certonly --webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d mwosa.com -d www.mwosa.com Requesting to rerun ./certbot-auto with root privileges... ./certbot-auto has insec
/certbot-auto certonly --webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d mwosa.com -d www.mwosa.com
Requesting to rerun ./certbot-auto with root privileges...
./certbot-auto has insecure permissions!
To learn how to fix them, visit https://community.letsencrypt.org/t/certbot-auto-deployment-best-practices/91979/
Upgrading certbot-auto 0.39.0 to 1.2.0...
Replacing certbot-auto...
Creating virtual environment...
Installing Python packages...
Installation succeeded.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Cert is due for renewal, auto-renewing...
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for mwosa.com
http-01 challenge for www.mwosa.com
Using the webroot path /opt/bitnami/apps/wordpress/htdocs for all unmatched domains.
Waiting for verification...
Cleaning up challenges
这看起来像是一条权限信息,可能是letsencrypt文件夹需要写保护,包含certbot auto的目录路径(包括certbot auto绝对路径中访问的每个目录)不允许低权限用户进行写操作。您可以按照说明在中修复此问题 如果必须对/opt进行写访问,则任何人都可以执行以下操作:
mv /opt/letsencrypt /opt/somethingelse
mkdir /opt/letsencrypt
echo 'echo owned >> /root/owned' > /opt/letsencrypt/letsencrypt-auto
chmod -R a+x /opt/letsencrypt