/renewal /t3-2 /t3-3 |
Contents
1. 新規作成の時の出力
- t2.odn.info ワイルドカード証明書作成 (完全な新規ではなさそう。)
- certbotは既存の証明書を見て、手順を省略しているらしい。
# certbot certonly --manual --preferred-challenges dns-01 -d *.t2.odns.info --manual-auth-hook /home/tmaeno/dnsdata/txt.sh
Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator manual, Installer None Obtaining a new certificate Performing the following challenges: dns-01 challenge for t2.odns.info - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - NOTE: The IP of this machine will be publicly logged as having requested this certificate. If you're running certbot in manual mode on a machine that is not your server, please ensure you're okay with that. Are you OK with your IP being logged? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: y Output from txt.sh: cat odns dnsz qmailjp qmailjp.cn[1-3] txt > /home/tinydns/root/qmailjp (cd /home/tinydns/root; make) make[1]: Entering directory '/etc/tinydns/root' /usr/local/bin/tinydns-data make[1]: Leaving directory '/etc/tinydns/root' Waiting for verification... Cleaning up challenges IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/t2.odns.info/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/t2.odns.info/privkey.pem Your cert will expire on 2022-05-19. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
2. DNS query log
%echo 42856d24 | hex ~ 66.133.109.36 36.109.133.66.in-addr.arpa. 3600 IN CNAME ip36-109-133-66.letsencrypt.org. ip36-109-133-66.letsencrypt.org. 300 IN PTR outbound1.letsencrypt.org.
2022-02-19 07:38:15.889885500 42856d24:2a3b:eb13 + S0101 OdnS.inFO 2022-02-19 07:38:15.892567500 42856d24:80b3:ef12 + S001c b.ns.QmaiL.JP 2022-02-19 07:38:15.892567500 42856d24:8e20:fb56 + S001c a.NS.qmaiL.jP 2022-02-19 07:38:15.986132500 42856d24:7d27:18b3 + S0101 T2.odnS.inFo 2022-02-19 08:34:13.991700500 42856d24:9f80:6403 + S001c MOIN.QmAil.jP 2022-02-19 08:34:13.996607500 42856d24:6b80:d2ae + S0001 MOiN.qMAil.jP 2022-02-19 08:34:14.127507500 42856d24:d178:b106 + S0101 T2.odnS.InfO 2022-02-19 08:34:14.283031500 42856d24:e7eb:7f74 + S0001 mOIn.QmAIl.jp 2022-02-19 08:34:14.415162500 42856d24:8b08:42fe + S0101 oDNS.INFO 2022-02-19 08:51:09.888142500 42856d24:bebf:f786 + S001c b.nS.qmail.Jp 2022-02-19 08:51:09.901355500 42856d24:950c:23d0 + S001c MOiN.QmAIL.jP 2022-02-19 08:51:09.970004500 42856d24:d739:cc57 + S001c MOin.QMAil.jp 2022-02-19 08:51:09.972959500 42856d24:6bd4:086b + S0001 MoiN.QmAil.jp 2022-02-19 08:51:10.014775500 42856d24:e87d:8335 + S0101 T2.odns.INFo 2022-02-19 08:51:10.107458500 42856d24:cb75:9e0c + S0101 OdnS.InFO 2022-02-19 08:51:10.181025500 42856d24:c5c1:0da2 + S0001 B.Ns.qMAIl.jP 2022-02-19 08:51:10.184132500 42856d24:4d9b:0986 + S0001 b.nS.qMAIL.JP