[certbot] error: unrecognized arguments: --dns-rfc2136-credentials...
# certbot certonly --dns-rfc2136 --dns-rfc2136-credentials /etc/letsencrypt/rfc2136.ini --dns-rfc2136-propagation-seconds 60 -d example-abc.com -d *.example-abc.com
usage:
certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...
Certbot can obtain and install HTTPS/TLS/SSL certificates. By default, it will attempt to use a webserver both for obtaining and installing the certificate.
certbot:
error: unrecognized arguments: --dns-rfc2136-credentials /etc/letsencrypt/rfc2136.ini --dns-rfc2136-propagation-seconds 60
yum 또는 dnf로 certbot을 깔았다면, 와일드카드 도메인 인증서를 받을 때에 인증 방식에 맞는 certbot 플러그인이 필요하다. dns 인증 방식에 얽힌 certbot 요소들을 찾아 본다.
# dnf list *certbot-dns*
Last metadata expiration check: 1 day, 13:33:54 ago on Tue 05 Dec 2023 12:29:30 AM KST.
Available Packages
python2-certbot-dns-cloudflare.noarch 1.11.0-1.el7 epel
python2-certbot-dns-cloudxns.noarch 1.11.0-1.el7 epel
python2-certbot-dns-digitalocean.noarch 1.11.0-1.el7 epel
python2-certbot-dns-dnsimple.noarch 1.11.0-1.el7 epel
python2-certbot-dns-dnsmadeeasy.noarch 1.11.0-1.el7 epel
python2-certbot-dns-gehirn.noarch 1.11.0-1.el7 epel
python2-certbot-dns-google.noarch 1.11.0-1.el7 epel
python2-certbot-dns-linode.noarch 1.11.0-1.el7 epel
python2-certbot-dns-luadns.noarch 1.11.0-1.el7 epel
python2-certbot-dns-nsone.noarch 1.11.0-1.el7 epel
python2-certbot-dns-ovh.noarch 1.11.0-1.el7 epel
python2-certbot-dns-rfc2136.noarch 1.11.0-1.el7 epel
python2-certbot-dns-route53.noarch 1.11.0-1.el7 epel
python2-certbot-dns-sakuracloud.noarch 1.11.0-1.el7 epel
dnf 또는 yum으로 python2-certbot-dns-rfc2136을 깔아 준다.
# dnf install python2-certbot-dns-rfc2136
Last metadata expiration check: 1 day, 13:34:28 ago on Tue 05 Dec 2023 12:29:30 AM KST.
Dependencies resolved.
================================================================================
Package Arch Version Repository
Size
================================================================================
Installing:
python2-certbot-dns-rfc2136 noarch 1.11.0-1.el7 epel 23 k
Installing dependencies:
python-dns noarch 1.12.0-4.20150617git465785f.el7 base 233 k
python2-zope-interface noarch 4.0.5-0.el7 epel 3.0 k
Transaction Summary
================================================================================
Install 3 Packages
Total download size: 259 k
Installed size: 1.1 M
Is this ok [y/N]: y
Downloading Packages:
(1/3): python-dns-1.12.0-4.20150617git465785f.e 231 kB/s | 233 kB 00:01
(2/3): python2-certbot-dns-rfc2136-1.11.0-1.el7 7.0 kB/s | 23 kB 00:03
(3/3): python2-zope-interface-4.0.5-0.el7.noarc 763 B/s | 3.0 kB 00:04
--------------------------------------------------------------------------------
Total 48 kB/s | 259 kB 00:05
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : python2-zope-interface-4.0.5-0.el7.noarch 1/3
Installing : python-dns-1.12.0-4.20150617git465785f.el7.noarch 2/3
Installing : python2-certbot-dns-rfc2136-1.11.0-1.el7.noarch 3/3
Verifying : python-dns-1.12.0-4.20150617git465785f.el7.noarch 1/3
Verifying : python2-certbot-dns-rfc2136-1.11.0-1.el7.noarch 2/3
Verifying : python2-zope-interface-4.0.5-0.el7.noarch 3/3
Installed:
python2-certbot-dns-rfc2136-1.11.0-1.el7.noarch
python-dns-1.12.0-4.20150617git465785f.el7.noarch
python2-zope-interface-4.0.5-0.el7.noarch
Complete!
필요한 정보(계정 정보)를 미리 넣었고 named를 통하여 dns-rfc2136 방식으로 자동으로 인증할 준비를 마쳤다면, 수동 인증 과정을 거치지 않고 와일드카드 도메인 인증서가 바로 발급될 수도 있다.
# certbot certonly --dns-rfc2136 --dns-rfc2136-credentials /etc/letsencrypt/rfc2136.ini --dns-rfc2136-propagation-seconds 60 -d example-abc.com -d *.example-abc.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator dns-rfc2136, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Requesting a certificate for example-abc.com and *.example-abc.com
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/example-abc.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/example-abc.com/privkey.pem
Your certificate will expire on 2024-03-05. To obtain a new or
tweaked version of this certificate in the future, simply run
certbot again. To non-interactively renew *all* of your
certificates, run "certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
덧글을 달아 주세요