2025年4月

以下内容来自DeepSeek

证书最初可能是通过 certbot certonly --manual(手动交互模式)申请的,这种方式需要人工操作(如手动添加DNS记录或HTTP验证文件)。
自动续订时,Certbot 会尝试使用相同的插件(manual),但非交互模式下必须通过 --manual-auth-hook 提供自动化验证脚本,否则会失败。

解决方案
如果不需要手动验证(如DNS验证),改用 webroot 或 standalone 模式重新申请证书:

删除旧证书配置:
bash
sudo certbot delete --cert-name <sitedomain>
重新申请证书(以 webroot 模式为例) :
bash
sudo certbot certonly --webroot -w /var/www/html -d <sitedomain>
-w /var/www/html: 指定网站根目录(根据你的实际路径修改)。
-d <sitedomain>: 你的域名。
后续自动续订:
bash
sudo certbot renew --quiet
webroot 模式无需停止Web服务,适合自动化续订。
☁  ~  sudo certbot delete --cert-name <sitedomain>
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The following certificate(s) are selected for deletion:

  * <sitedomain>

WARNING: Before continuing, ensure that the listed certificates are not being
used by any installed server software (e.g. Apache, nginx, mail servers).
Deleting a certificate that is still being used will cause the server software
to stop working. See https://certbot.org/deleting-certs for information on
deleting certificates safely.

Are you sure you want to delete the above certificate(s)?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: yes
Deleted all files relating to certificate <sitedomain>.
☁  ~  sudo certbot certonly --webroot -w /var/www/html -d <sitedomain>
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for <sitedomain>

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/<sitedomain>/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/<sitedomain>/privkey.pem
This certificate expires on 2025-07-02.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
 * Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
 * Donating to EFF:                    https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
☁  ~  sudo certbot renew --quiet