{"id":52,"date":"2021-02-21T08:30:27","date_gmt":"2021-02-20T23:30:27","guid":{"rendered":"https:\/\/auto.meto4d.pgw.jp\/blog\/?p=52"},"modified":"2021-12-21T21:11:31","modified_gmt":"2021-12-21T12:11:31","slug":"lets-encrypt-%e3%81%a7ssl%e3%83%af%e3%82%a4%e3%83%ab%e3%83%89%e3%82%ab%e3%83%bc%e3%83%89%e8%a8%bc%e6%98%8e%e6%9b%b8%e3%82%92%e5%b0%8e%e5%85%a5%e3%81%99%e3%82%8b","status":"publish","type":"post","link":"https:\/\/auto.meto4d.pgw.jp\/blog\/?p=52","title":{"rendered":"Let&#8217;s Encrypt \u3067SSL\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u8a3c\u660e\u66f8\u3092\u5c0e\u5165\u3059\u308b"},"content":{"rendered":"\n<p>Archlinux\u304c\u52d5\u3044\u3066\u3044\u308bRaspberryPi\u541b\u306b\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u8a3c\u660e\u66f8\u3092\u5c0e\u5165\u3059\u308b\u3002<br>\u7279\u6bb5\u3001\u96e3\u3057\u3044\u3053\u3068\u306f\u306a\u304f\u3001Qiita\u7b49\u3005\u3067\u66f8\u304b\u308c\u3066\u3044\u305f\u3053\u3068\u3092\u30c8\u30ec\u30fc\u30b9\u3057\u305f\u3060\u3051\u3060\u3063\u305f<\/p>\n\n\n\n<!--more-->\n\n\n\n<h2>\u524d\u63d0<\/h2>\n\n\n\n<p>\u5165\u3063\u3066\u308b\u3082\u306e<br>\u30fb<a href=\"https:\/\/www.mydns.jp\/\">MyDNS<\/a><br>\u30fbRaspberryPi\u9bd6<\/p>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre class=\"CodeMirror\" data-setting=\"{&quot;showPanel&quot;:true,&quot;languageLabel&quot;:&quot;language&quot;,&quot;fullScreenButton&quot;:false,&quot;copyButton&quot;:true,&quot;mode&quot;:&quot;shell&quot;,&quot;mime&quot;:&quot;text\/x-sh&quot;,&quot;theme&quot;:&quot;material&quot;,&quot;lineNumbers&quot;:true,&quot;styleActiveLine&quot;:false,&quot;lineWrapping&quot;:true,&quot;readOnly&quot;:true,&quot;fileName&quot;:&quot;&quot;,&quot;language&quot;:&quot;Shell&quot;,&quot;maxHeight&quot;:&quot;400px&quot;,&quot;modeName&quot;:&quot;shell&quot;}\"># cat \/etc\/os-release \nNAME=&quot;Arch Linux ARM&quot;\nPRETTY_NAME=&quot;Arch Linux ARM&quot;\n(\u4e2d\u7565)\n# certbot --version\ncertbot 1.12.0\n# date +%Y%m%d_%H%M\n20210221_0503<\/pre><\/div>\n\n\n\n<p>\u4eca\u3042\u3089\u305f\u3081\u3066\u6c17\u3065\u3044\u305f\u3093\u3060\u3051\u3069\u3001Archlinux\u3063\u3066arch-release\u3063\u3066\u4f55\u3082\u66f8\u3044\u3066\u306a\u3044\u3093\u3060\u306d<br>CentOS\u3067\u4f5c\u696d\u3059\u308b\u3068\u304d\u306eversion\u756a\u53f7\u78ba\u8a8d\u4f5c\u696d\u304c\u305f\u307e\u306b\u3042\u308b\u3093\u3060\u304c\u3001\u305d\u306e\u3068\u304d\u306fredhat-release\u3092\u53c2\u7167\u3057\u3066version\u756a\u53f7\u78ba\u8a8d\u3092\u3057\u3066\u3044\u308b\u3002<br>\u5c11\u306a\u304f\u3068\u3082CentOS8\u306fredhat-release\u306f\/etc\/centos-release\u306e\u30b7\u30f3\u30dc\u30ea\u30c3\u30af\u30ea\u30f3\u30af\u3067\u3001\u4eca\u3069\u304d\u306a\u4eba\u306e\u4e2d\u3067CentOS\u4f7f\u3063\u305f\u3053\u3068\u306a\u3044\u4eba\u3082\u8003\u3048\u308b\u3068\u3001redhat-release\u3092\u53c2\u7167\u3059\u308b\u3068\u3044\u3046\u624b\u9806\u306f\u96e3\u3057\u3044\u3093\u3058\u3083\u306a\u3044\u304b\u306a\uff1f\u3068\u601d\u3063\u305f\u308a<br>\u8a71\u304c\u3059\u3050\u9038\u308c\u308b<\/p>\n\n\n\n<h2>\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u8a3c\u660e\u66f8\u3092\u767a\u884c\u3059\u308b<\/h2>\n\n\n\n<p>Let&#8217;s Encrypt\u3067\u3082\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u8a3c\u660e\u66f8\u306f\u5bfe\u5fdc\u3057\u3066\u3044\u308b<br>\u304c\u3001v2 API\u306eURL\u3092\u6307\u5b9a\u3059\u308b\u5fc5\u8981\u304c\u3042\u308b\u3002<\/p>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre class=\"CodeMirror\" data-setting=\"{&quot;showPanel&quot;:true,&quot;languageLabel&quot;:&quot;language&quot;,&quot;fullScreenButton&quot;:false,&quot;copyButton&quot;:true,&quot;mode&quot;:&quot;shell&quot;,&quot;mime&quot;:&quot;text\/x-sh&quot;,&quot;theme&quot;:&quot;material&quot;,&quot;lineNumbers&quot;:true,&quot;styleActiveLine&quot;:false,&quot;lineWrapping&quot;:true,&quot;readOnly&quot;:true,&quot;fileName&quot;:&quot;&quot;,&quot;language&quot;:&quot;Shell&quot;,&quot;maxHeight&quot;:&quot;400px&quot;,&quot;modeName&quot;:&quot;shell&quot;}\">certbot certonly --manual \\\n    --preferred-challenges dns \\\n    --server https:\/\/acme-v02.api.letsencrypt.org\/directory \\\n    -m hoge@unko.com \\\n    -d *.meto4d.pgw.jp<\/pre><\/div>\n\n\n\n<p>\u5b9f\u884c\u3059\u308b\u3068\u3001\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u8868\u793a\u304c\u51fa\u308b<\/p>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre class=\"CodeMirror\" data-setting=\"{&quot;showPanel&quot;:true,&quot;languageLabel&quot;:&quot;language&quot;,&quot;fullScreenButton&quot;:false,&quot;copyButton&quot;:true,&quot;mode&quot;:&quot;textile&quot;,&quot;mime&quot;:&quot;text\/x-textile&quot;,&quot;theme&quot;:&quot;material&quot;,&quot;lineNumbers&quot;:true,&quot;styleActiveLine&quot;:false,&quot;lineWrapping&quot;:true,&quot;readOnly&quot;:true,&quot;fileName&quot;:&quot;&quot;,&quot;language&quot;:&quot;Textile&quot;,&quot;maxHeight&quot;:&quot;400px&quot;,&quot;modeName&quot;:&quot;textile&quot;}\">Saving debug log to \/var\/log\/letsencrypt\/letsencrypt.log\nPlugins selected: Authenticator manual, Installer None\nRequesting a certificate for *.meto4d.pgw.jp\nPerforming the following challenges:\ndns-01 challenge for meto4d.pgw.jp\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nPlease deploy a DNS TXT record under the name\n_acme-challenge.meto4d.pgw.jp with the following value:\n\nxxxxxxx(\u30e9\u30f3\u30c0\u30e0\u306a\u6587\u5b57\u5217)\n\nBefore continuing, verify the record is deployed.\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nPress Enter to Continue<\/pre><\/div>\n\n\n\n<p>Enter\u5165\u529b\u5f85\u306b\u306a\u308b\u304c\u3001DNS\u30ec\u30b3\u30fc\u30c9\u304c\u5fc5\u8981\u306a\u306e\u3067(MyDNS\u7528\u306b)\u30d6\u30e9\u30a6\u30b6\u3067\u4f5c\u696d<br>\u9014\u4e2d\u306e<code>xxxxxxx(\u30e9\u30f3\u30c0\u30e0\u306a\u6587\u5b57\u5217)<\/code> \u306f\u30e1\u30e2\u3063\u3066MyDNS\u3078<\/p>\n\n\n\n<p>MyDNS\u306bTXT\u30ec\u30b3\u30fc\u30c9\u3067_acme-challenge.meto4d.pgw.jp\u3092\u767b\u9332\u3059\u308b<br><code> _acme-challenge.meto4d.pgw.jp \u3000 TXT \u3000  xxxxxxx <\/code><br>MyDNS\u306f\u53cd\u6620\u304c\u65e9\u3044\u3068\u306f\u3044\u3048\u30011\u5206\u3050\u3089\u3044\u5f85\u3063\u305f\u307b\u3046\u304c\u61f8\u547d\u3060\u308d\u3046\u3002<br>\u53cd\u6620\u3057\u305f\u304bdig\u30b3\u30de\u30f3\u30c9\u3067\u78ba\u8a8d\u3059\u308b<\/p>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre class=\"CodeMirror\" data-setting=\"{&quot;showPanel&quot;:true,&quot;languageLabel&quot;:&quot;language&quot;,&quot;fullScreenButton&quot;:false,&quot;copyButton&quot;:true,&quot;mode&quot;:&quot;shell&quot;,&quot;mime&quot;:&quot;text\/x-sh&quot;,&quot;theme&quot;:&quot;material&quot;,&quot;lineNumbers&quot;:true,&quot;styleActiveLine&quot;:false,&quot;lineWrapping&quot;:true,&quot;readOnly&quot;:true,&quot;fileName&quot;:&quot;&quot;,&quot;language&quot;:&quot;Shell&quot;,&quot;maxHeight&quot;:&quot;400px&quot;,&quot;modeName&quot;:&quot;shell&quot;}\">% dig @ns0.mydns.jp _acme-challenge.meto4d.pgw.jp -t TXT\n\n; &lt;&lt;&gt;&gt; DiG 9.16.10 &lt;&lt;&gt;&gt; @ns0.mydns.jp _acme-challenge.meto4d.pgw.jp -t TXT\n(\u4e2d\u7565)\n;; ANSWER SECTION:\n_acme-challenge.meto4d.pgw.jp. 300 IN   TXT     &quot;xxxxxxx&quot;\n\n\u2192\u4e00\u5fdcGoogle\u3067\u3082\u78ba\u8a8d\n% dig @8.8.8.8 _acme-challenge.meto4d.pgw.jp -t TXT\n\n; &lt;&lt;&gt;&gt; DiG 9.16.10 &lt;&lt;&gt;&gt; @8.8.8.8 _acme-challenge.meto4d.pgw.jp -t TXT\n(\u4e2d\u7565)\n;; ANSWER SECTION:\n_acme-challenge.meto4d.pgw.jp. 299 IN   TXT     &quot;xxxxxxx&quot;<\/pre><\/div>\n\n\n\n<p>\u53cd\u6620\u3055\u308c\u3066\u3044\u305f\u306e\u3067\u3001certbot\u306b\u623b\u3063\u3066Enter<\/p>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre class=\"CodeMirror\" data-setting=\"{&quot;showPanel&quot;:true,&quot;languageLabel&quot;:&quot;language&quot;,&quot;fullScreenButton&quot;:false,&quot;copyButton&quot;:true,&quot;mode&quot;:&quot;textile&quot;,&quot;mime&quot;:&quot;text\/x-textile&quot;,&quot;theme&quot;:&quot;material&quot;,&quot;lineNumbers&quot;:true,&quot;styleActiveLine&quot;:false,&quot;lineWrapping&quot;:true,&quot;readOnly&quot;:true,&quot;fileName&quot;:&quot;&quot;,&quot;language&quot;:&quot;Textile&quot;,&quot;maxHeight&quot;:&quot;400px&quot;,&quot;modeName&quot;:&quot;textile&quot;}\">....(\u4e0a\u306ecertbot\u4f5c\u696d\u306e\u7d9a\u304d)\nPress Enter to Continue [[Enter]]\nWaiting for verification...\nCleaning up challenges\n\nIMPORTANT NOTES:\n - Congratulations! Your certificate and chain have been saved at:\n   \/etc\/letsencrypt\/live\/meto4d.pgw.jp-0001\/fullchain.pem\n   Your key file has been saved at:\n   \/etc\/letsencrypt\/live\/meto4d.pgw.jp-0001\/privkey.pem\n   Your certificate will expire on 2021-05-21. To obtain a new or\n   tweaked version of this certificate in the future, simply run\n   certbot again. To non-interactively renew *all* of your\n   certificates, run &quot;certbot renew&quot;\n - If you like Certbot, please consider supporting our work by:\n\n   Donating to ISRG \/ Let's Encrypt:   https:\/\/letsencrypt.org\/donate\n   Donating to EFF:                    https:\/\/eff.org\/donate-le<\/pre><\/div>\n\n\n\n<p>\u8a8d\u8a3c\u304c\u51fa\u6765\u3066\u3044\u305f<\/p>\n\n\n\n<h2>\u3061\u3087\u3063\u3068\u5f85\u3066<\/h2>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre class=\"CodeMirror\" data-setting=\"{&quot;showPanel&quot;:true,&quot;languageLabel&quot;:&quot;language&quot;,&quot;fullScreenButton&quot;:false,&quot;copyButton&quot;:true,&quot;mode&quot;:&quot;textile&quot;,&quot;mime&quot;:&quot;text\/x-textile&quot;,&quot;theme&quot;:&quot;material&quot;,&quot;lineNumbers&quot;:true,&quot;styleActiveLine&quot;:false,&quot;lineWrapping&quot;:true,&quot;readOnly&quot;:true,&quot;fileName&quot;:&quot;&quot;,&quot;language&quot;:&quot;Textile&quot;,&quot;maxHeight&quot;:&quot;400px&quot;,&quot;modeName&quot;:&quot;textile&quot;}\">  Your key file has been saved at:\n   \/etc\/letsencrypt\/live\/meto4d.pgw.jp-0001\/privkey.pem<\/pre><\/div>\n\n\n\n<p>meto4d.pgw.jp\u306e\u8a3c\u660e\u66f8\u306f\u3042\u308b<br>*.meto4d.pgw.jp\u306e\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u8a3c\u660e\u66f8\u304c<code>meto4d.pgw.jp-0001<\/code>\u306b\uff1f<br>\u6c17\u6301\u3061\u60aa\u3044\u306e\u3067<code>meto4d.pgw.jp-wild<\/code>\u306b\u3067\u3082\u79fb\u52d5\u3057\u3066\u3082\u3089\u3046<\/p>\n\n\n\n<p> lets encrypt\u914d\u4e0b\u306earchive, live\u5185\u306e <code>meto4d.pgw.jp-0001 <\/code>\u3092\u79fb\u52d5\u3057\u3001renewal\/\u306econf\u5185\u3092\u5909\u66f4\u3057\u3066\u3044\u304f<\/p>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre class=\"CodeMirror\" data-setting=\"{&quot;showPanel&quot;:true,&quot;languageLabel&quot;:&quot;language&quot;,&quot;fullScreenButton&quot;:false,&quot;copyButton&quot;:true,&quot;mode&quot;:&quot;shell&quot;,&quot;mime&quot;:&quot;text\/x-sh&quot;,&quot;theme&quot;:&quot;material&quot;,&quot;lineNumbers&quot;:true,&quot;styleActiveLine&quot;:false,&quot;lineWrapping&quot;:true,&quot;readOnly&quot;:true,&quot;fileName&quot;:&quot;&quot;,&quot;language&quot;:&quot;Shell&quot;,&quot;maxHeight&quot;:&quot;400px&quot;,&quot;modeName&quot;:&quot;shell&quot;}\">(\u306a\u3093\u304b\u5c11\u3057\u6016\u304b\u3063\u305f\u306e\u3067\u3001sudo su - \u3057\u305fshell\u4ee5\u5916\u3067\u3084\u3063\u305f)\n% cd \/etc\/letsencrypt\n\n\u2192\u8a3c\u660e\u66f8\u306e\u4e2d\u8eab\u3092\u79fb\u52d5\n% cd archive\n% sudo mv -r  meto4d.pgw.jp-0001 meto4d.pgw.jp-wild\n% cp ..\/live\n% sudo mv -r  meto4d.pgw.jp-0001 meto4d.pgw.jp-wild\n% cd meto4d.pgw.jp-wild\n% ls -l\n(\u629c\u7c8b)\nlrwxrwxrwx 1 root root  42  2\u6708 21 05:59 cert.pem -&gt; ..\/..\/archive\/meto4d.pgw.jp-0001\/cert1.pem\n\u2192\u30b7\u30f3\u30dc\u30ea\u30c3\u30af\u30ea\u30f3\u30af\u304c\u524d\u306e\u307e\u307e\u306a\u306e\u3067\u3001\u5909\u66f4\n% \/bin\/ls -1 *.pem | xargs -i sh -c &quot;readlink {} | sed 's\/0001\/wild\/g' | xargs -I [] sudo ln -nfs [] {}&quot;\n\u2192\u5b9f\u306fln\u306etarget\u3068link\u5148\u306e\u9806\u756a\u3092\u9593\u9055\u3048\u3066\u4e00\u56de\u6d88\u3057\u3061\u3083\u3063\u305f\uff57\n\u4e0a\u66f8\u304d\u3057\u3066\u3057\u307e\u3063\u305farchive\u306emeto4d.pgw.jp-wild\u3092\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u6bce\u6d88\u3057\u3066\u3001certbot certonly --manual\u3092\u518d\u5b9f\u884c\ndns\u7b49\u3005\u306f\u3057\u3066\u3042\u308b\u306e\u3067\u3001TXT\u306e\u66f8\u304d\u63db\u3048\u3082\u306a\u304f\u5373\u7d42\u4e86\n% ls -l\n(\u629c\u7c8b)\nlrwxrwxrwx 1 root root  42  2\u6708 21 06:42 cert.pem -&gt; ..\/..\/archive\/meto4d.pgw.jp-wild\/cert1.pem\n\n\u2192\u8a2d\u5b9a\u3092\u5909\u66f4\n% cd renewal\n% cat meto4d.pgw.jp-0001.conf\n# renew_before_expiry = 30 days\nversion = 1.12.0\narchive_dir = \/etc\/letsencrypt\/archive\/meto4d.pgw.jp-0001\ncert = \/etc\/letsencrypt\/live\/meto4d.pgw.jp-0001\/cert.pem\nprivkey = \/etc\/letsencrypt\/live\/meto4d.pgw.jp-0001\/privkey.pem\nchain = \/etc\/letsencrypt\/live\/meto4d.pgw.jp-0001\/chain.pem\nfullchain = \/etc\/letsencrypt\/live\/meto4d.pgw.jp-0001\/fullchain.pem\n(\u4e2d\u7565)\n\n% sudo sed -i 's\/meto4d.pgw.jp-0001\/meto4d.pgw.jp-wild\/g' meto4d.pgw.jp-0001.conf\n% sudo mv meto4d.pgw.jp-0001.conf meto4d.pgw.jp-wild.conf\n\n\u2192\u3053\u308c\u3067\u3044\u3044\u306f\u305a\u2026\u2026\n(certbot\u3092\u52d5\u304b\u3057\u3066\u3044\u305fterminal\u306b\u623b\u3063\u3066)\n# certbot renew\n(\u629c\u7c8b)\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nProcessing \/etc\/letsencrypt\/renewal\/meto4d.pgw.jp-wild.conf\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nCert not yet due for renewal\n\n\u2192\u7279\u306b\u30a8\u30e9\u30fc\u306f\u306a\u3044\u306e\u3067\u3001\u3053\u308c\u3067\u5927\u4e08\u592b\u2026\u304b\u306a\uff1f<\/pre><\/div>\n\n\n\n<h2>Nginx\u3067\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u3092\u4f7f\u3063\u3066\u307f\u308b<\/h2>\n\n\n\n<p>nginx\/server.conf\u306b\u307e\u3068\u3081\u3066\u3044\u308b\u306e\u3067\u3001\u305d\u3053\u3067<\/p>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre class=\"CodeMirror\" data-setting=\"{&quot;showPanel&quot;:true,&quot;languageLabel&quot;:&quot;language&quot;,&quot;fullScreenButton&quot;:false,&quot;copyButton&quot;:true,&quot;mode&quot;:&quot;textile&quot;,&quot;mime&quot;:&quot;text\/x-textile&quot;,&quot;theme&quot;:&quot;material&quot;,&quot;lineNumbers&quot;:true,&quot;styleActiveLine&quot;:false,&quot;lineWrapping&quot;:true,&quot;readOnly&quot;:true,&quot;fileName&quot;:&quot;&quot;,&quot;language&quot;:&quot;Textile&quot;,&quot;maxHeight&quot;:&quot;400px&quot;,&quot;modeName&quot;:&quot;textile&quot;}\">\u30ed\u30fc\u30ab\u30eb\u7528\u306e\u30c7\u30d0\u30c3\u30b0\u30dd\u30fc\u30c8\u306b\u8ffd\u8a18\nserver {\n  listen 10080;\n  include conf.d\/default_ssl.conf;\n  ssl_certificate \/etc\/letsencrypt\/live\/meto4d.pgw.jp-wild\/fullchain.pem; # managed by Certbot\n  ssl_certificate_key \/etc\/letsencrypt\/live\/meto4d.pgw.jp-wild\/privkey.pem; # managed by Certbot\n  include conf.d\/default_proxy.conf;\n  include conf.d\/php_fcgi_location.conf;\n  location \/ {\n    index index.test.php;\n  }\n}\n<\/pre><\/div>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre class=\"CodeMirror\" data-setting=\"{&quot;showPanel&quot;:true,&quot;languageLabel&quot;:&quot;language&quot;,&quot;fullScreenButton&quot;:false,&quot;copyButton&quot;:true,&quot;mode&quot;:&quot;shell&quot;,&quot;mime&quot;:&quot;text\/x-sh&quot;,&quot;theme&quot;:&quot;material&quot;,&quot;lineNumbers&quot;:true,&quot;styleActiveLine&quot;:false,&quot;lineWrapping&quot;:true,&quot;readOnly&quot;:true,&quot;fileName&quot;:&quot;&quot;,&quot;language&quot;:&quot;Shell&quot;,&quot;maxHeight&quot;:&quot;400px&quot;,&quot;modeName&quot;:&quot;shell&quot;}\">% sudo nginx -t\nnginx: the configuration file \/etc\/nginx\/nginx.conf syntax is ok\nnginx: configuration file \/etc\/nginx\/nginx.conf test is successful\n% sudo systemctl reload nginx <\/pre><\/div>\n\n\n\n<p>\u69cb\u6587\u30c1\u30a7\u30c3\u30af\u3057\u308d\u3068\u3088\u304f\u8a00\u308f\u308c\u308b\u3088\u3046\u306b\u306a\u3063\u305f\u306e\u3067\u3001\u6700\u8fd1\u3061\u3083\u3093\u3068nginx -t\u3092\u3057\u3066\u304b\u3089reload\u3059\u308b\u3088\u3046\u306b\u306a\u3063\u305f<br>\u4eca\u307e\u3067\u306e\u3001\u307e\u3042\u5927\u4e08\u592b\u3060\u308d\u3046\u3067restart\u3057\u3066\u9bd6\u3092\u6b62\u3081\u3066\u305f\u6642\u4ee3\u304b\u3089\u306f\u9032\u6b69\u3057\u305f<br>\u78ba\u8a8d\u306f\u7121\u610f\u8b58\u3067\u3067\u304d\u308b\u3088\u3046\u306b\u306a\u3063\u305f\u304c\u3001\u78ba\u8a8d\u3057\u305f\u5f8c\u3001\u9762\u5012\u304f\u3055\u3063\u3066\u8a00\u3063\u3066\u308b\u6c17\u304c\u3059\u308b<\/p>\n\n\n\n<h5>\u30d6\u30e9\u30a6\u30b6\u3067\u30a2\u30af\u30bb\u30b9\u3057\u3066\u307f\u308b<\/h5>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" loading=\"lazy\" width=\"670\" height=\"607\" src=\"https:\/\/auto.meto4d.pgw.jp\/blog\/wp-content\/uploads\/2021\/02\/image.png\" alt=\"\" class=\"wp-image-56\" srcset=\"https:\/\/auto.meto4d.pgw.jp\/blog\/wp-content\/uploads\/2021\/02\/image.png 670w, https:\/\/auto.meto4d.pgw.jp\/blog\/wp-content\/uploads\/2021\/02\/image-300x272.png 300w\" sizes=\"(max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 984px) 61vw, (max-width: 1362px) 45vw, 600px\" \/><\/figure>\n\n\n\n<p class=\"has-medium-font-size\">\u307e\u3058\u304b\u3088\uff01<\/p>\n\n\n\n<p> *.meto4d.pgw.jp\u306f meto4d.pgw.jp\u306b\u4f7f\u3048\u306a\u3044\u3063\u3066\u305d\u3093\u306a\u3053\u3068\u3042\u308b\u306e\u304b<\/p>\n\n\n\n<h2>\u518d\u767a\u884c\u3059\u308b<\/h2>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre class=\"CodeMirror\" data-setting=\"{&quot;showPanel&quot;:true,&quot;languageLabel&quot;:&quot;language&quot;,&quot;fullScreenButton&quot;:false,&quot;copyButton&quot;:true,&quot;mode&quot;:&quot;shell&quot;,&quot;mime&quot;:&quot;text\/x-sh&quot;,&quot;theme&quot;:&quot;material&quot;,&quot;lineNumbers&quot;:true,&quot;styleActiveLine&quot;:false,&quot;lineWrapping&quot;:true,&quot;readOnly&quot;:true,&quot;fileName&quot;:&quot;&quot;,&quot;language&quot;:&quot;Shell&quot;,&quot;maxHeight&quot;:&quot;400px&quot;,&quot;modeName&quot;:&quot;shell&quot;}\">% sudo certbot certonly --manual \\\n    --preferred-challenges dns \\\n    --server https:\/\/acme-v02.api.letsencrypt.org\/directory \\\n    -m hoge@unko.com \\\n    -d *.meto4d.pgw.jp \\\n    -d meto4d.pgw.jp\nSaving debug log to \/var\/log\/letsencrypt\/letsencrypt.log\nPlugins selected: Authenticator manual, Installer None\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nYou have an existing certificate that contains a portion of the domains you\nrequested (ref: \/etc\/letsencrypt\/renewal\/meto4d.pgw.jp.conf)\n\nIt contains these names: meto4d.pgw.jp\n\nYou requested these names for the new certificate: *.meto4d.pgw.jp,\nmeto4d.pgw.jp.\n\nDo you want to expand and replace this existing certificate with the new\ncertificate?\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n(E)xpand\/(C)ancel: e\nRenewing an existing certificate for *.meto4d.pgw.jp and meto4d.pgw.jp\nAn unexpected error occurred:\nrequests.exceptions.ReadTimeout: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Read timed out. (read timeout=45)\nPlease see the logfiles in \/var\/log\/letsencrypt for more details.<\/pre><\/div>\n\n\n\n<p>\u3069\u3046\u3082v2 API\u3067\u306fexpand\u51fa\u6765\u306a\u3044\u307f\u305f\u3044\u3060<br>\u3060\u304b\u3089\u3068\u3044\u3063\u3066\u30bf\u30a4\u30e0\u30a2\u30a6\u30c8\u306f\u3069\u3046\u306a\u3093\u3060\u3068\u306f\u601d\u3063\u305f\u304c<br>\u65e2\u5b58\u8a2d\u5b9a\u3092\u524a\u9664\u3059\u308b\u5fc5\u8981\u304c\u3042\u308b<\/p>\n\n\n\n<h3>\u65e2\u5b58\u8a2d\u5b9a\u3092\u524a\u9664<\/h3>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre class=\"CodeMirror\" data-setting=\"{&quot;showPanel&quot;:true,&quot;languageLabel&quot;:&quot;language&quot;,&quot;fullScreenButton&quot;:false,&quot;copyButton&quot;:true,&quot;mode&quot;:&quot;shell&quot;,&quot;mime&quot;:&quot;text\/x-sh&quot;,&quot;theme&quot;:&quot;material&quot;,&quot;lineNumbers&quot;:true,&quot;styleActiveLine&quot;:false,&quot;lineWrapping&quot;:true,&quot;readOnly&quot;:true,&quot;fileName&quot;:&quot;&quot;,&quot;language&quot;:&quot;Shell&quot;,&quot;maxHeight&quot;:&quot;400px&quot;,&quot;modeName&quot;:&quot;shell&quot;}\"># certbot delete\nSaving debug log to \/var\/log\/letsencrypt\/letsencrypt.log\n\nWhich certificate(s) would you like to delete?\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n3: meto4d.pgw.jp-wild\n4: meto4d.pgw.jp<\/pre><\/div>\n\n\n\n<p>\u9069\u5f53\u306b\u629c\u7c8b<br>\u4eca\u3057\u304c\u305f\u4f5c\u3063\u305fmeto4d.pgw.jp-wild\u3068meto4d.pgw.jp\u3092\u524a\u9664<\/p>\n\n\n\n<h3>\u518d\u767a\u884c\uff082\u5ea6\u76ee\uff09<\/h3>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre class=\"CodeMirror\" data-setting=\"{&quot;showPanel&quot;:true,&quot;languageLabel&quot;:&quot;language&quot;,&quot;fullScreenButton&quot;:false,&quot;copyButton&quot;:true,&quot;mode&quot;:&quot;shell&quot;,&quot;mime&quot;:&quot;text\/x-sh&quot;,&quot;theme&quot;:&quot;material&quot;,&quot;lineNumbers&quot;:true,&quot;styleActiveLine&quot;:false,&quot;lineWrapping&quot;:true,&quot;readOnly&quot;:true,&quot;fileName&quot;:&quot;&quot;,&quot;language&quot;:&quot;Shell&quot;,&quot;maxHeight&quot;:&quot;400px&quot;,&quot;modeName&quot;:&quot;shell&quot;}\">\u2192\u6700\u5f8c\u306e -d meto4d.pgw.jp \u3092\u8ffd\u52a0\n% sudo certbot certonly --manual \\\n    --preferred-challenges dns \\\n    --server https:\/\/acme-v02.api.letsencrypt.org\/directory \\\n    -m hoge@unko.com \\\n    -d *.meto4d.pgw.jp \\\n    -d meto4d.pgw.jp\nSaving debug log to \/var\/log\/letsencrypt\/letsencrypt.log\nPlugins selected: Authenticator manual, Installer None\nRequesting a certificate for *.meto4d.pgw.jp and meto4d.pgw.jp\n\nIMPORTANT NOTES:\n - Congratulations! Your certificate and chain have been saved at:\n   \/etc\/letsencrypt\/live\/meto4d.pgw.jp\/fullchain.pem\n   Your key file has been saved at:\n   \/etc\/letsencrypt\/live\/meto4d.pgw.jp\/privkey.pem\n   Your certificate will expire on 2021-05-21. To obtain a new or\n   tweaked version of this certificate in the future, simply run\n   certbot again. To non-interactively renew *all* of your\n   certificates, run &quot;certbot renew&quot;\n - If you like Certbot, please consider supporting our work by:\n\n   Donating to ISRG \/ Let's Encrypt:   https:\/\/letsencrypt.org\/donate\n   Donating to EFF:                    https:\/\/eff.org\/donate-le\n<\/pre><\/div>\n\n\n\n<p>\u3059\u3093\u306a\u308a\u3068\u884c\u3063\u305f<\/p>\n\n\n\n<h3>Nginx\u306e\u8a2d\u5b9a\u518d\u5909\u66f4<\/h3>\n\n\n\n<p>\u3055\u3063\u304d\u5909\u66f4\u3057\u305f\u3070\u3063\u304b\u308a\u306e<code>meto4d.pgw.jp-wild<\/code>\u90e8\u5206\u3092\u5143\u306b\uff1f\u623b\u3059<\/p>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre class=\"CodeMirror\" data-setting=\"{&quot;showPanel&quot;:true,&quot;languageLabel&quot;:&quot;language&quot;,&quot;fullScreenButton&quot;:false,&quot;copyButton&quot;:true,&quot;mode&quot;:&quot;textile&quot;,&quot;mime&quot;:&quot;text\/x-textile&quot;,&quot;theme&quot;:&quot;material&quot;,&quot;lineNumbers&quot;:true,&quot;styleActiveLine&quot;:false,&quot;lineWrapping&quot;:true,&quot;readOnly&quot;:true,&quot;fileName&quot;:&quot;&quot;,&quot;language&quot;:&quot;Textile&quot;,&quot;maxHeight&quot;:&quot;400px&quot;,&quot;modeName&quot;:&quot;textile&quot;}\">ssl_certificate \/etc\/letsencrypt\/live\/meto4d.pgw.jp\/fullchain.pem; # managed by Certbot\nssl_certificate_key \/etc\/letsencrypt\/live\/meto4d.pgw.jp\/privkey.pem; # managed by Certbot<\/pre><\/div>\n\n\n\n<p>reload\u306e\u985e\u3044\u3092\u3059\u308b\u3057\u305f<\/p>\n\n\n\n<h5>\u30d6\u30e9\u30a6\u30b6\u3067\u30a2\u30af\u30bb\u30b9<\/h5>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" loading=\"lazy\" width=\"286\" height=\"493\" src=\"https:\/\/auto.meto4d.pgw.jp\/blog\/wp-content\/uploads\/2021\/02\/image-1.png\" alt=\"\" class=\"wp-image-57\" srcset=\"https:\/\/auto.meto4d.pgw.jp\/blog\/wp-content\/uploads\/2021\/02\/image-1.png 286w, https:\/\/auto.meto4d.pgw.jp\/blog\/wp-content\/uploads\/2021\/02\/image-1-174x300.png 174w\" sizes=\"(max-width: 286px) 85vw, 286px\" \/><\/figure>\n\n\n\n<p>\u96d1\u30b9\u30af\u30b7\u30e7\u3060\u304c\u3001\u3061\u3083\u3093\u3068\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u3067\u8a3c\u660e\u66f8\u3092\u51fa\u305b\u3066\u3044\u308b<br>\u3044\u3044\u306d\uff01<\/p>\n\n\n\n<h2>\u5f8c\u306f\u6652\u305b\u306a\u3044Nginx\u306e\u8a2d\u5b9a\u3092\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u306b\u5bfe\u5fdc\u3055\u305b\u3066\u3044\u304f<\/h2>\n\n\n\n<p>nginx\u306e\u4ed5\u69d8\u4e0a\u3001if\u3067\u8a3c\u660e\u66f8\u3092\u5206\u3051\u3066\u3044\u308b\u3068\u305d\u306e\u305f\u3073\u306bssl\u3092\u7d10\u89e3\u304f\u3089\u3057\u304f\u3001\u7d50\u69cb\u9045\u304f\u306a\u308b\u3089\u3057\u3044<br>\u3069\u308c\u3050\u3089\u3044\u9045\u304f\u306a\u308b\u304b\u306f\u8a66\u3057\u3066\u3044\u306a\u3044\u304c\u3001\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u3057\u3066\u3044\u305f<\/p>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre class=\"CodeMirror\" data-setting=\"{&quot;showPanel&quot;:true,&quot;languageLabel&quot;:&quot;language&quot;,&quot;fullScreenButton&quot;:false,&quot;copyButton&quot;:true,&quot;mode&quot;:&quot;textile&quot;,&quot;mime&quot;:&quot;text\/x-textile&quot;,&quot;theme&quot;:&quot;material&quot;,&quot;lineNumbers&quot;:true,&quot;styleActiveLine&quot;:false,&quot;lineWrapping&quot;:true,&quot;readOnly&quot;:true,&quot;fileName&quot;:&quot;&quot;,&quot;language&quot;:&quot;Textile&quot;,&quot;maxHeight&quot;:&quot;400px&quot;,&quot;modeName&quot;:&quot;textile&quot;}\">server {\n  listen 443 ssl;\n  server_name &quot;&quot; _;\n  include conf.d\/localssl.conf;\n  include conf.d\/ip_location.conf;\n}\nserver {\n  listen 443 ssl;\n  server_name meto4d.pgw.jp;\n  ssl_certificate \/meto4d.pgw.jp\/....\n  ssl_certificate_key \/meto4d.pgw.jp\/....\n  include conf.d\/default_location.conf;\n}\nserver {\n  listen 443;\n  server_name auto.meto4d.pgw.jp;\n  ssl_certificate \/auto.meto4d.pgw.jp\/....\n  ssl_certificate_key \/auto.meto4d.pgw.jp\/....\n  include conf.d\/default_location.conf;\n}\n(\u9069\u5f53\u306b\u7aef\u6298)<\/pre><\/div>\n\n\n\n<p>\u516c\u958b\u9bd6\u306e\u90fd\u5408\u4e0a\u3001IP\u76f4\u6253\u3061\u3067\u6765\u308b\u4eba\u3082\u591a\u3044<br>(\u4f8b\u3048\u3070terraria\u9bd6\u3092IP\u3067\u6652\u3057\u3066\u3044\u308b\u3068\u3001\u7d50\u69cbIP\u3092\u30d6\u30e9\u30a6\u30b6\u306b\u7a81\u3063\u8fbc\u3093\u3067\u6765\u308b\u4eba\u304c\u3044\u308b\u3093\u3060)<br>\u305d\u3046\u3044\u3046\u4eba\u306b\u3053\u306e\u9bd6\u306b\u7c21\u5358\u306b\u306f\u305f\u3069\u308a\u7740\u3051\u306a\u3044\u3088\u3046\u306b\u3057\u305f\u3044\u305f\u3081\u3001\u8a2d\u5b9a\u3092\u5909\u3048\u3066\u3044\u308b<br>localssl.conf\u306f\u81ea\u5df1\u7f72\u540d\u8a3c\u660e\u66f8\u3092\u8aad\u307f\u8fbc\u3080\u3084\u3064<\/p>\n\n\n\n<p> server_name meto4d.pgw.jp; \u3068  server_name auto.meto4d.pgw.jp; \u3067\u5197\u9577\u306a\u69cb\u6210\u306b\u306a\u3063\u3066\u3044\u305f<br>\u3053\u3053\u3092\u6574\u7406<br>v6\u3068v4\u3001ds\u306f\u6b8b\u3057\u3066\u304a\u304f<\/p>\n\n\n\n<h2>\u307e\u3068\u3081<\/h2>\n\n\n\n<p>\u5c0e\u5165\u306f\u7c21\u5358\u3060\u3063\u305f\u304c\u3001\u7d50\u5c40replace\u4f5c\u696d\u306b\u306a\u3063\u305f\u306e\u3067\u3061\u3087\u3063\u3068\u9762\u5012\u3060\u3063\u305f<br>\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u306b\u3068\u3046\u3068\u3046\u3084\u3063\u305f\u306e\u3067\u3001\u5c06\u6765VPS\u3068\u304bk8s\u3067\u7ba1\u7406\u3059\u308b\u3068\u304d\u306b\u697d\u306b\u306a\u3063\u305f\u306d<\/p>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p>ref:  <a href=\"https:\/\/www.syaka.co.jp\/2021\/02\/09\/lets-encrypt%E3%81%AE%E3%83%AF%E3%82%A4%E3%83%AB%E3%83%89%E3%82%AB%E3%83%BC%E3%83%89ssl%E8%A8%BC%E6%98%8E%E6%9B%B8%E3%82%92%E5%8F%96%E5%BE%97%E3%81%99%E3%82%8B%E3%80%82\/\">let\u2019s Encrypt\u306e\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9SSL\u8a3c\u660e\u66f8\u3092\u53d6\u5f97\u3059\u308b\u3002 &#8211; nhmasaazu <\/a><br>ref:  <a href=\"https:\/\/community.letsencrypt.org\/t\/acme-v2-production-environment-wildcards\/55578\">ACME v2 Production Environment &amp; Wildcards &#8211; API Announcements &#8211; Let&#8217;s Encrypt Community Support <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Archlinux\u304c\u52d5\u3044\u3066\u3044\u308bRaspberryPi\u541b\u306b\u30ef\u30a4\u30eb\u30c9\u30ab\u30fc\u30c9\u8a3c\u660e\u66f8\u3092\u5c0e\u5165\u3059\u308b\u3002\u7279\u6bb5\u3001\u96e3\u3057\u3044\u3053\u3068\u306f\u306a\u304f\u3001Qiita\u7b49\u3005\u3067\u66f8\u304b\u308c\u3066\u3044\u305f\u3053\u3068\u3092\u30c8\u30ec\u30fc\u30b9\u3057\u305f\u3060\u3051\u3060\u3063\u305f<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[7,6,5],"tags":[],"views":1943,"_links":{"self":[{"href":"https:\/\/auto.meto4d.pgw.jp\/blog\/index.php?rest_route=\/wp\/v2\/posts\/52"}],"collection":[{"href":"https:\/\/auto.meto4d.pgw.jp\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/auto.meto4d.pgw.jp\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/auto.meto4d.pgw.jp\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/auto.meto4d.pgw.jp\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=52"}],"version-history":[{"count":7,"href":"https:\/\/auto.meto4d.pgw.jp\/blog\/index.php?rest_route=\/wp\/v2\/posts\/52\/revisions"}],"predecessor-version":[{"id":249,"href":"https:\/\/auto.meto4d.pgw.jp\/blog\/index.php?rest_route=\/wp\/v2\/posts\/52\/revisions\/249"}],"wp:attachment":[{"href":"https:\/\/auto.meto4d.pgw.jp\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=52"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/auto.meto4d.pgw.jp\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=52"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/auto.meto4d.pgw.jp\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=52"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}