背景

由于我们使用Let’s Encrypt证书进行https部署那么存在一个问题证书有效期是3个月。因此需要定时更新！

但是发现证书并未更新~

报错如下

certbot: error: unrecognized arguments: –renew-hook /usr/bin/openresty -s reload

分析

首先查看对应的文档发现renew-hook被拆分了两个分别是pre-hook和post-hook

/data/certificate/certbot-auto -h renew
 
--pre-hook PRE_HOOK   Command to be run in a shell before obtaining any
                        certificates. Intended primarily for renewal, where it
                        can be used to temporarily shut down a webserver that
                        might conflict with the standalone plugin. This will
                        only be called if a certificate is actually to be
                        obtained/renewed. When renewing several certificates
                        that have identical pre-hooks, only the first will be
                        executed. (default: None)
  --post-hook POST_HOOK
                        Command to be run in a shell after attempting to
                        obtain/renew certificates. Can be used to deploy
                        renewed certificates, or to restart any servers that
                        were stopped by --pre-hook. This is only run if an
                        attempt was made to obtain/renew a certificate. If
                        multiple renewed certificates have identical post-
                        hooks, only one will be run. (default: None)

OK 那就更换一下名称结果仍然报错

/data/certificate/certbot-auto renew -–post-hook="/usr/bin/openresty -s reload"
 
usage:
  certbot-auto [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...
Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
certificate.
certbot: error: unrecognized arguments: -–post-hook /usr/bin/openresty -s reload

这个问题比较麻烦如果真的出现https证书没有续期成功可能导致客户无法访问。

使出Google大法发现如下issue

letsencrypt: error: unrecognized arguments: --renew-hook

I think the problem here is the hyphens before post-hook. Looking at what you posted above, the first hyphen is the "En Dash" Unicode character not found in standard ASCII, while the 2nd hyphen is the conventional one found in ASCII and most UNIX command lines. I expect fixing this so your command becomes:
/opt/letsencrypt/certbot-auto renew  --post-hook='nginx -s reload'

用普通话来说就是

我认为这里的问题是post-hook之前连字符。看你上面贴,第一个字符是“短破折号Unicode字符中没有标准ASCII,而第二个字符是传统的ASCII和大多数UNIX命令行中找到。我希望解决这个所以你的命令是:

因此删除自己的指令重新老老实实一个字一个字输入~

解决

/data/certificate/certbot-auto renew --post-hook='/usr/bin/openresty -s reload'

Saving debug log to /var/log/letsencrypt/letsencrypt.log
-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/if-trial.f6car.com.conf
-------------------------------------------------------------------------------
Cert not yet due for renewal

一切OK

certbot-auto问题之unrecognized arguments: –post-hook=/usr/bin/openresty -s reload

背景

分析

解决

猜你喜欢