{"id":37047,"date":"2023-05-11T14:20:05","date_gmt":"2023-11-21T20:52:32","guid":{"rendered":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8-ubuntu-20-04lts-%e7%9a%84-apache-flask-%e6%9d%a5%e5%88%9b%e5%bb%ba%e5%92%8c%e6%9b%b4%e6%96%b0-lets-encrypt-%e7%9a%84-san-%e8%af%81%e4%b9%a6%e7%9a%84%e6%95%85%e4%ba%8b%ef%bc%88\/"},"modified":"2024-04-30T03:38:11","modified_gmt":"2024-04-29T19:38:11","slug":"%e4%bd%bf%e7%94%a8-ubuntu-20-04lts-%e7%9a%84-apache-flask-%e6%9d%a5%e5%88%9b%e5%bb%ba%e5%92%8c%e6%9b%b4%e6%96%b0-lets-encrypt-%e7%9a%84-san-%e8%af%81%e4%b9%a6%e7%9a%84%e6%95%85%e4%ba%8b%ef%bc%88","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8-ubuntu-20-04lts-%e7%9a%84-apache-flask-%e6%9d%a5%e5%88%9b%e5%bb%ba%e5%92%8c%e6%9b%b4%e6%96%b0-lets-encrypt-%e7%9a%84-san-%e8%af%81%e4%b9%a6%e7%9a%84%e6%95%85%e4%ba%8b%ef%bc%88\/","title":{"rendered":"\u4f7f\u7528 Ubuntu 20.04LTS \u7684 Apache + Flask \u6765\u521b\u5efa\u548c\u66f4\u65b0 Let&#8217;s Encrypt \u7684 SAN \u8bc1\u4e66\u7684\u6545\u4e8b\uff08\u89e3\u51b3\u65e0\u6cd5\u66f4\u65b0\u7684\u95ee\u9898\uff09"},"content":{"rendered":"<h1>\u9996\u5148<\/h1>\n<p>\u7531\u65bc Certbot \u8b49\u66f8\u5373\u5c07\u904e\u671f\uff0c\u5617\u8a66\u9032\u884c\u66f4\u65b0\u4f46\u5931\u6557\u4e86\u3002\u7121\u6cd5\u89e3\u6c7a\u6b64\u554f\u984c\uff0c\u56e0\u6b64\u7d00\u9304\u4e0b\u4f86\u4f5c\u70ba\u500b\u4eba\u7b46\u8a18\u3002\u9664\u4e86 abc.example.com \u4e4b\u5916\uff0c\u4e5f\u8981\u53d6\u5f97 www.abc.example.com \u7684\u8b49\u66f8\u3002\u63a1\u7528 SAN \u8b49\u66f8\u65b9\u6cd5\uff08\u5c07 www.abc.example.com \u5225\u540d\u8a2d\u5b9a\u70ba abc.example.com \u7684\u8b49\u66f8\uff09\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"c\"># certbot certonly --webroot -w \/var\/www\/html\/ -d abc.example.com -d www.abc.example.com --email info@example.com<\/span>\r\n<\/code><\/pre>\n<p>\u5982\u679c\u5728Flask\u4e2d\u4e0d\u4f7f\u7528http:\/\/abc.example.com\/\u7684\/\u76ee\u5f55\uff0c\u5219\u4e0d\u4f1a\u521b\u5efa\u865a\u62df\u7684\u9996\u9875\u9875\u9762\u5e76\u51fa\u73b0403\u9519\u8bef\uff0c\u56e0\u6b64\u6211\u4eec\u9644\u4e0a\u4e86\u521b\u5efa\u9996\u9875\u9875\u9762\u7684\u65b9\u6cd5\u4f5c\u4e3a\u9644\u52a0\u8bf4\u660e\u3002<\/p>\n<h1>\u73af\u5883<\/h1>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">Ubuntu 20.04LTS<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">Apache\/2.4.41 (Ubuntu)<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">abc.example.com \u306e\u30eb\u30fc\u30c8\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306f \/var\/www\/html\/<\/ul>\n<h1>\u9519\u8bef\u75c7\u72b6 (Incorrect symptoms)<\/h1>\n<p>\u51fa\u73b0\u4e86\u4ee5\u4e0b\u9519\u8bef\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"c\"># certbot renew --force-renewal<\/span>\r\nSaving debug log to \/var\/log\/letsencrypt\/letsencrypt.log\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nProcessing \/etc\/letsencrypt\/renewal\/abc.example.com-0001.conf\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nPlugins selected: Authenticator webroot, Installer None\r\nRenewing an existing certificate\r\nPerforming the following challenges:\r\nhttp-01 challenge <span class=\"k\">for <\/span>abc.example.com\r\nUsing the webroot path \/var\/www\/html <span class=\"k\">for <\/span>all unmatched domains.\r\nWaiting <span class=\"k\">for <\/span>verification...\r\nChallenge failed <span class=\"k\">for <\/span>domain abc.example.com\r\nhttp-01 challenge <span class=\"k\">for <\/span>abc.example.com\r\nCleaning up challenges\r\nAttempting to renew cert <span class=\"o\">(<\/span>abc.example.com-0001<span class=\"o\">)<\/span> from \/etc\/letsencrypt\/renewal\/abc.example.com-0001.conf produced an unexpected error: Some challenges have failed.. Skipping.\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nProcessing \/etc\/letsencrypt\/renewal\/abc.example.com.conf\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nPlugins selected: Authenticator apache, Installer apache\r\nRenewing an existing certificate\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nnew certificate deployed with reload of apache server<span class=\"p\">;<\/span> fullchain is\r\n\/etc\/letsencrypt\/live\/abc.example.com\/fullchain.pem\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nThe following certs could not be renewed:\r\n  \/etc\/letsencrypt\/live\/abc.example.com-0001\/fullchain.pem <span class=\"o\">(<\/span>failure<span class=\"o\">)<\/span>\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\nThe following certs were successfully renewed:\r\n  \/etc\/letsencrypt\/live\/abc.example.com\/fullchain.pem <span class=\"o\">(<\/span>success<span class=\"o\">)<\/span>\r\n\r\nThe following certs could not be renewed:\r\n  \/etc\/letsencrypt\/live\/abc.example.com-0001\/fullchain.pem <span class=\"o\">(<\/span>failure<span class=\"o\">)<\/span>\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n1 renew failure<span class=\"o\">(<\/span>s<span class=\"o\">)<\/span>, 0 parse failure<span class=\"o\">(<\/span>s<span class=\"o\">)<\/span>\r\n\r\nIMPORTANT NOTES:\r\n - The following errors were reported by the server:\r\n\r\n   Domain: abc.example.com\r\n   Type:   unauthorized\r\n   Detail: <span class=\"o\">(<\/span>IP ADDRESS<span class=\"o\">)<\/span>: Invalid response from\r\n   https:\/\/abc.example.com\/.well-known\/acme-challenge\/N6LQ-oAE87fhrjVkCkgH7iNJpfxU22jAJ3D3vrWTZp4:\r\n   404\r\n\r\n   To fix these errors, please make sure that your domain name was\r\n   entered correctly and the DNS A\/AAAA record<span class=\"o\">(<\/span>s<span class=\"o\">)<\/span> <span class=\"k\">for <\/span>that domain\r\n   contain<span class=\"o\">(<\/span>s<span class=\"o\">)<\/span> the right IP address.\r\n<\/code><\/pre>\n<p>\u4f46\u662f\u5f53\u8bbf\u95eeabc.example.com\u65f6\uff0c\u9875\u9762\u80fd\u591f\u6b63\u5e38\u663e\u793a\uff0c\u4e0d\u77e5\u9053\u4e3a\u4ec0\u4e48\u4f1a\u51fa\u73b0404\u9519\u8bef&#8230;<\/p>\n<h1>\u95ee\u9898\u89e3\u51b3\u65b9\u6848<\/h1>\n<p>\u6700\u7ec8\u4e0d\u77e5\u9053\u4e3a\u4ec0\u4e48\u51fa\u73b0\u4e86404\u9519\u8bef\uff0c\u4f46\u662f\u4e00\u65e6\u5220\u9664\u8bc1\u4e66\uff0c\u4f7f\u7528&#8221;certbot certonly &#8211;apache&#8221;\u5c31\u89e3\u51b3\u4e86\u3002\u4ee5\u524d\u83b7\u53d6\u8bc1\u4e66\u65f6\u4e00\u76f4\u4f7f\u7528&#8221;certbot certonly &#8211;webroot&#8221;\u8fd0\u884c\uff0c\u4f46\u65e0\u6cd5\u4f7f\u7528&#8221;&#8211;standalone&#8221;\u5e76\u4e14\u53d8\u5f97\u7126\u8651\uff0c\u4f46\u4f7f\u7528&#8221;&#8211;apache&#8221;\u8fd0\u884c\u5c31\u53ef\u4ee5\u6b63\u5e38\u5de5\u4f5c\u3002\u6700\u540e\u91cd\u65b0\u542f\u52a8Apache\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"c\"># certbot revoke --cert-path \/etc\/letsencrypt\/live\/abc.example.com\/cert.pem<\/span>\r\n<span class=\"c\"># certbot certonly --apache -w \/var\/www\/html\/ -d abc.example.com -d www.abc.example.com --email info@example.com<\/span>\r\n<span class=\"c\"># systemctl restart apache2<\/span>\r\n<\/code><\/pre>\n<p>\u5404\u79cd\u8bb0\u5f55\u90fd\u5728\u6700\u540e\u8bb0\u5f55\u3002<\/p>\n<h1>\u989d\u5916\u7684\u4e1c\u897f<\/h1>\n<p>\u4e3a\u4e86\u907f\u514d\u6bcf\u6b21\u90fd\u9700\u8981\u4f7f\u7528systemctl\u5173\u95edFlask\uff0c\u6211\u521b\u5efa\u4e86\u4e00\u4e2a\u865a\u62df\u9875\u9762\u3002\u8be5\u9879\u76ee\u88ab\u547d\u540d\u4e3ahogeProject\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"kn\">from<\/span> <span class=\"n\">django.urls<\/span> <span class=\"kn\">import<\/span> <span class=\"n\">path<\/span>\r\n \r\n<span class=\"kn\">from<\/span> <span class=\"n\">.<\/span> <span class=\"kn\">import<\/span> <span class=\"n\">views<\/span>\r\n \r\n<span class=\"c1\"># app_name = index\r\n<\/span><span class=\"n\">urlpatterns<\/span> <span class=\"o\">=<\/span> <span class=\"p\">[<\/span>\r\n    <span class=\"nf\">path<\/span><span class=\"p\">(<\/span><span class=\"sh\">''<\/span><span class=\"p\">,<\/span> <span class=\"n\">views<\/span><span class=\"p\">.<\/span><span class=\"n\">index<\/span><span class=\"p\">,<\/span> <span class=\"n\">name<\/span><span class=\"o\">=<\/span><span class=\"sh\">'<\/span><span class=\"s\">index<\/span><span class=\"sh\">'<\/span><span class=\"p\">)<\/span>\r\n<span class=\"p\">]<\/span>\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code><span class=\"c1\"># from django.shortcuts import render\r\n<\/span> \r\n<span class=\"kn\">from<\/span> <span class=\"n\">django.http<\/span> <span class=\"kn\">import<\/span> <span class=\"n\">HttpResponse<\/span>\r\n \r\n<span class=\"k\">def<\/span> <span class=\"nf\">index<\/span><span class=\"p\">(<\/span><span class=\"n\">request<\/span><span class=\"p\">):<\/span>\r\n    <span class=\"k\">return<\/span> <span class=\"nc\">HttpResponse<\/span><span class=\"p\">(<\/span><span class=\"sh\">'<\/span><span class=\"s\">This Page is for auto-renew SSL Certificate.<\/span><span class=\"sh\">'<\/span><span class=\"p\">)<\/span>\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code><span class=\"err\">\uff08<\/span><span class=\"n\">\u4e2d\u7565<\/span><span class=\"err\">\uff09<\/span>\r\n<span class=\"n\">urlpatterns<\/span> <span class=\"o\">=<\/span> <span class=\"p\">[<\/span>\r\n    <span class=\"nf\">path<\/span><span class=\"p\">(<\/span><span class=\"sh\">'<\/span><span class=\"s\">hoge\/<\/span><span class=\"sh\">'<\/span><span class=\"p\">,<\/span> <span class=\"nf\">include<\/span><span class=\"p\">(<\/span><span class=\"sh\">'<\/span><span class=\"s\">hoge.urls<\/span><span class=\"sh\">'<\/span><span class=\"p\">,<\/span> <span class=\"n\">namespace<\/span><span class=\"o\">=<\/span><span class=\"sh\">'<\/span><span class=\"s\">hoge<\/span><span class=\"sh\">'<\/span><span class=\"p\">)),<\/span>\r\n    <span class=\"nf\">path<\/span><span class=\"p\">(<\/span><span class=\"sh\">'<\/span><span class=\"s\">admin\/<\/span><span class=\"sh\">'<\/span><span class=\"p\">,<\/span> <span class=\"n\">admin<\/span><span class=\"p\">.<\/span><span class=\"n\">site<\/span><span class=\"p\">.<\/span><span class=\"n\">urls<\/span><span class=\"p\">),<\/span>\r\n    <span class=\"nf\">path<\/span><span class=\"p\">(<\/span><span class=\"sh\">''<\/span><span class=\"p\">,<\/span> <span class=\"nf\">include<\/span><span class=\"p\">(<\/span><span class=\"sh\">'<\/span><span class=\"s\">top.urls<\/span><span class=\"sh\">'<\/span><span class=\"p\">)),<\/span>\r\n<span class=\"p\">]<\/span>\r\n\r\n<span class=\"c1\"># urlpatterns += static.static('\/static\/', document_root='static')\r\n<\/span><span class=\"n\">urlpatterns<\/span> <span class=\"o\">+=<\/span> <span class=\"n\">static<\/span><span class=\"p\">.<\/span><span class=\"nf\">static<\/span><span class=\"p\">(<\/span><span class=\"n\">settings<\/span><span class=\"p\">.<\/span><span class=\"n\">STATIC_URL<\/span><span class=\"p\">,<\/span> <span class=\"n\">document_root<\/span><span class=\"o\">=<\/span><span class=\"n\">settings<\/span><span class=\"p\">.<\/span><span class=\"n\">STATIC_ROOT<\/span><span class=\"p\">)<\/span>\r\n<span class=\"n\">urlpatterns<\/span> <span class=\"o\">+=<\/span> <span class=\"n\">static<\/span><span class=\"p\">.<\/span><span class=\"nf\">static<\/span><span class=\"p\">(<\/span><span class=\"n\">settings<\/span><span class=\"p\">.<\/span><span class=\"n\">CERT_URL<\/span><span class=\"p\">,<\/span> <span class=\"n\">document_root<\/span><span class=\"o\">=<\/span><span class=\"n\">settings<\/span><span class=\"p\">.<\/span><span class=\"n\">CERT_ROOT<\/span><span class=\"p\">)<\/span>\r\n<\/code><\/pre>\n<pre class=\"post-pre\"><code><span class=\"err\">\uff08<\/span><span class=\"n\">\u4e2d\u7565<\/span><span class=\"err\">\uff09<\/span>\r\n<span class=\"n\">SECURE_PROXY_SSL_HEADER<\/span> <span class=\"o\">=<\/span> <span class=\"p\">(<\/span><span class=\"sh\">'<\/span><span class=\"s\">HTTP_X_FORWARDED_PROTO<\/span><span class=\"sh\">'<\/span><span class=\"p\">,<\/span> <span class=\"sh\">'<\/span><span class=\"s\">https<\/span><span class=\"sh\">'<\/span><span class=\"p\">)<\/span>\r\n<span class=\"n\">SECURE_SSL_REDIRECT<\/span> <span class=\"o\">=<\/span> <span class=\"bp\">True<\/span>\r\n<span class=\"n\">SESSION_COOKIE_SECURE<\/span> <span class=\"o\">=<\/span> <span class=\"bp\">True<\/span>\r\n<span class=\"n\">CSRF_COOKIE_SECURE<\/span> <span class=\"o\">=<\/span> <span class=\"bp\">True<\/span>\r\n<span class=\"n\">CERT_ROOT<\/span> <span class=\"o\">=<\/span> <span class=\"n\">os<\/span><span class=\"p\">.<\/span><span class=\"n\">path<\/span><span class=\"p\">.<\/span><span class=\"nf\">join<\/span><span class=\"p\">(<\/span><span class=\"n\">BASE_DIR<\/span><span class=\"p\">,<\/span> <span class=\"sh\">'<\/span><span class=\"s\">.well-known<\/span><span class=\"sh\">'<\/span><span class=\"p\">)<\/span>\r\n<span class=\"n\">CERT_URL<\/span> <span class=\"o\">=<\/span> <span class=\"sh\">'<\/span><span class=\"s\">\/.well-known\/<\/span><span class=\"sh\">'<\/span>\r\n<\/code><\/pre>\n<h1>\u5404\u79cd\u65e5\u5fd7<\/h1>\n<pre class=\"post-pre\"><code><span class=\"c\"># certbot certonly --apache -w \/var\/www\/html\/ -d abc.example.com -d www.abc.example.com --email info@example.com<\/span>\r\nSaving debug log to \/var\/log\/letsencrypt\/letsencrypt.log\r\nPlugins selected: Authenticator apache, Installer apache\r\nCert is due <span class=\"k\">for <\/span>renewal, auto-renewing...\r\nRenewing an existing certificate\r\nPerforming the following challenges:\r\nhttp-01 challenge <span class=\"k\">for <\/span>abc.example.com\r\nEnabled Apache rewrite module\r\nWaiting <span class=\"k\">for <\/span>verification...\r\nCleaning up challenges\r\n\r\nIMPORTANT NOTES:\r\n - Congratulations! Your certificate and chain have been saved at:\r\n   \/etc\/letsencrypt\/live\/abc.example.com-0001\/fullchain.pem\r\n   Your key file has been saved at:\r\n   \/etc\/letsencrypt\/live\/abc.example.com-0001\/privkey.pem\r\n   Your cert will expire on 2023-09-10. To obtain a new or tweaked\r\n   version of this certificate <span class=\"k\">in <\/span>the future, simply run certbot\r\n   again. To non-interactively renew <span class=\"k\">*<\/span>all<span class=\"k\">*<\/span> of your certificates, run\r\n   <span class=\"s2\">\"certbot renew\"<\/span>\r\n - If you like Certbot, please consider supporting our work by:\r\n\r\n   Donating to ISRG \/ Let<span class=\"s1\">'s Encrypt:   https:\/\/letsencrypt.org\/donate\r\n   Donating to EFF:                    https:\/\/eff.org\/donate-le\r\n\r\nroot@paris:\/# certbot renew --dry-run\r\nSaving debug log to \/var\/log\/letsencrypt\/letsencrypt.log\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nProcessing \/etc\/letsencrypt\/renewal\/abc.example.com-0001.conf\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nCert not due for renewal, but simulating renewal for dry run\r\nPlugins selected: Authenticator apache, Installer apache\r\nRenewing an existing certificate\r\nPerforming the following challenges:\r\nhttp-01 challenge for abc.example.com\r\nhttp-01 challenge for www.abc.example.com\r\nEnabled Apache rewrite module\r\nWaiting for verification...\r\nCleaning up challenges\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nnew certificate deployed with reload of apache server; fullchain is\r\n\/etc\/letsencrypt\/live\/abc.example.com-0001\/fullchain.pem\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n** DRY RUN: simulating '<\/span>certbot renew<span class=\"s1\">' close to cert expiry\r\n**          (The test certificates below have not been saved.)\r\n\r\nCongratulations, all renewals succeeded. The following certs have been renewed:\r\n  \/etc\/letsencrypt\/live\/abc.example.com-0001\/fullchain.pem (success)\r\n** DRY RUN: simulating '<\/span>certbot renew<span class=\"s1\">' close to cert expiry\r\n**          (The test certificates above have not been saved.)\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n# certbot revoke --cert-path \/etc\/letsencrypt\/live\/abc.example.com\/cert.pem\r\nSaving debug log to \/var\/log\/letsencrypt\/letsencrypt.log\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nWould you like to delete the cert(s) you just revoked, along with all earlier\r\nand later versions of the cert?\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n(Y)es (recommended)\/(N)o: y\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nDeleted all files relating to certificate abc.example.com.\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nCongratulations! You have successfully revoked the certificate that was located\r\nat \/etc\/letsencrypt\/live\/abc.example.com\/cert.pem\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n# certbot certonly --webroot -w \/var\/www\/html\/ -d abc.example.com -d www.abc.example.com --email info@example.com\r\nSaving debug log to \/var\/log\/letsencrypt\/letsencrypt.log\r\nPlugins selected: Authenticator webroot, Installer None\r\nCert is due for renewal, auto-renewing...\r\nRenewing an existing certificate\r\nPerforming the following challenges:\r\nhttp-01 challenge for abc.example.com\r\nUsing the webroot path \/var\/www\/html for all unmatched domains.\r\nWaiting for verification...\r\nChallenge failed for domain abc.example.com\r\nhttp-01 challenge for abc.example.com\r\nCleaning up challenges\r\nSome challenges have failed.\r\n\r\nIMPORTANT NOTES:\r\n - The following errors were reported by the server:\r\n\r\n   Domain: abc.example.com\r\n   Type:   unauthorized\r\n   Detail: (IP ADDRESS): Invalid response from\r\n   https:\/\/abc.example.com\/.well-known\/acme-challenge\/mujAsvwM5sxRsn_ecERGFTUNGicgFWnlHJs4zJWH9VM:\r\n   404\r\n\r\n   To fix these errors, please make sure that your domain name was\r\n   entered correctly and the DNS A\/AAAA record(s) for that domain\r\n   contain(s) the right IP address.\r\n\r\n# certbot certonly --standalone -w \/var\/www\/html\/ -d abc.example.com -d www.abc.example.com --email info@example.com\r\nSaving debug log to \/var\/log\/letsencrypt\/letsencrypt.log\r\nPlugins selected: Authenticator standalone, Installer None\r\nCert is due for renewal, auto-renewing...\r\nRenewing an existing certificate\r\nPerforming the following challenges:\r\nhttp-01 challenge for abc.example.com\r\nCleaning up challenges\r\nProblem binding to port 80: Could not bind to IPv4 or IPv6.\r\n\r\n# certbot certonly --apache -w \/var\/www\/html\/ -d abc.example.com -d www.abc.example.com --email info@example.com\r\nSaving debug log to \/var\/log\/letsencrypt\/letsencrypt.log\r\nPlugins selected: Authenticator apache, Installer apache\r\nCert is due for renewal, auto-renewing...\r\nRenewing an existing certificate\r\nPerforming the following challenges:\r\nhttp-01 challenge for abc.example.com\r\nEnabled Apache rewrite module\r\nWaiting for verification...\r\nCleaning up challenges\r\n\r\nIMPORTANT NOTES:\r\n - Congratulations! Your certificate and chain have been saved at:\r\n   \/etc\/letsencrypt\/live\/abc.example.com-0001\/fullchain.pem\r\n   Your key file has been saved at:\r\n   \/etc\/letsencrypt\/live\/abc.example.com-0001\/privkey.pem\r\n   Your cert will expire on 2023-09-10. To obtain a new or tweaked\r\n   version of this certificate in the future, simply run certbot\r\n   again. To non-interactively renew *all* of your certificates, run\r\n   \"certbot renew\"\r\n - If you like Certbot, please consider supporting our work by:\r\n\r\n   Donating to ISRG \/ Let'<\/span>s Encrypt:   https:\/\/letsencrypt.org\/donate\r\n   Donating to EFF:                    https:\/\/eff.org\/donate-le\r\n\r\n<span class=\"c\"># systemctl restart apache2<\/span>\r\n<\/code><\/pre>\n<h1>\u8bf7\u53c2\u8003\u6240\u63d0\u4f9b\u7684\u6587\u732e\u3002<\/h1>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u9996\u5148 \u7531\u65bc Certbot \u8b49\u66f8\u5373\u5c07\u904e\u671f\uff0c\u5617\u8a66\u9032\u884c\u66f4\u65b0\u4f46\u5931\u6557\u4e86\u3002\u7121\u6cd5\u89e3\u6c7a\u6b64\u554f\u984c\uff0c\u56e0\u6b64\u7d00\u9304\u4e0b\u4f86\u4f5c\u70ba\u500b\u4eba\u7b46\u8a18\u3002\u9664\u4e86 [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-37047","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.5 (Yoast SEO v21.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>\u4f7f\u7528 Ubuntu 20.04LTS \u7684 Apache + Flask \u6765\u521b\u5efa\u548c\u66f4\u65b0 Let&#039;s Encrypt \u7684 SAN \u8bc1\u4e66\u7684\u6545\u4e8b\uff08\u89e3\u51b3\u65e0\u6cd5\u66f4\u65b0\u7684\u95ee\u9898\uff09 - Blog - Silicon Cloud<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528-ubuntu-20-04lts-\u7684-apache-flask-\u6765\u521b\u5efa\u548c\u66f4\u65b0-lets-encrypt-\u7684-san-\u8bc1\u4e66\u7684\u6545\u4e8b\uff08\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u4f7f\u7528 Ubuntu 20.04LTS \u7684 Apache + Flask \u6765\u521b\u5efa\u548c\u66f4\u65b0 Let&#039;s Encrypt \u7684 SAN \u8bc1\u4e66\u7684\u6545\u4e8b\uff08\u89e3\u51b3\u65e0\u6cd5\u66f4\u65b0\u7684\u95ee\u9898\uff09\" \/>\n<meta property=\"og:description\" content=\"\u9996\u5148 \u7531\u65bc Certbot \u8b49\u66f8\u5373\u5c07\u904e\u671f\uff0c\u5617\u8a66\u9032\u884c\u66f4\u65b0\u4f46\u5931\u6557\u4e86\u3002\u7121\u6cd5\u89e3\u6c7a\u6b64\u554f\u984c\uff0c\u56e0\u6b64\u7d00\u9304\u4e0b\u4f86\u4f5c\u70ba\u500b\u4eba\u7b46\u8a18\u3002\u9664\u4e86 [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528-ubuntu-20-04lts-\u7684-apache-flask-\u6765\u521b\u5efa\u548c\u66f4\u65b0-lets-encrypt-\u7684-san-\u8bc1\u4e66\u7684\u6545\u4e8b\uff08\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-11-21T20:52:32+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-29T19:38:11+00:00\" \/>\n<meta name=\"author\" content=\"\u6587, \u7fd4\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u6587, \u7fd4\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8-ubuntu-20-04lts-%e7%9a%84-apache-flask-%e6%9d%a5%e5%88%9b%e5%bb%ba%e5%92%8c%e6%9b%b4%e6%96%b0-lets-encrypt-%e7%9a%84-san-%e8%af%81%e4%b9%a6%e7%9a%84%e6%95%85%e4%ba%8b%ef%bc%88\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8-ubuntu-20-04lts-%e7%9a%84-apache-flask-%e6%9d%a5%e5%88%9b%e5%bb%ba%e5%92%8c%e6%9b%b4%e6%96%b0-lets-encrypt-%e7%9a%84-san-%e8%af%81%e4%b9%a6%e7%9a%84%e6%95%85%e4%ba%8b%ef%bc%88\/\",\"name\":\"\u4f7f\u7528 Ubuntu 20.04LTS \u7684 Apache + Flask \u6765\u521b\u5efa\u548c\u66f4\u65b0 Let's Encrypt \u7684 SAN \u8bc1\u4e66\u7684\u6545\u4e8b\uff08\u89e3\u51b3\u65e0\u6cd5\u66f4\u65b0\u7684\u95ee\u9898\uff09 - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2023-11-21T20:52:32+00:00\",\"dateModified\":\"2024-04-29T19:38:11+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/64d5cc7727fffbff2f9a2a8da1de3e5c\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8-ubuntu-20-04lts-%e7%9a%84-apache-flask-%e6%9d%a5%e5%88%9b%e5%bb%ba%e5%92%8c%e6%9b%b4%e6%96%b0-lets-encrypt-%e7%9a%84-san-%e8%af%81%e4%b9%a6%e7%9a%84%e6%95%85%e4%ba%8b%ef%bc%88\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8-ubuntu-20-04lts-%e7%9a%84-apache-flask-%e6%9d%a5%e5%88%9b%e5%bb%ba%e5%92%8c%e6%9b%b4%e6%96%b0-lets-encrypt-%e7%9a%84-san-%e8%af%81%e4%b9%a6%e7%9a%84%e6%95%85%e4%ba%8b%ef%bc%88\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8-ubuntu-20-04lts-%e7%9a%84-apache-flask-%e6%9d%a5%e5%88%9b%e5%bb%ba%e5%92%8c%e6%9b%b4%e6%96%b0-lets-encrypt-%e7%9a%84-san-%e8%af%81%e4%b9%a6%e7%9a%84%e6%95%85%e4%ba%8b%ef%bc%88\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u4f7f\u7528 Ubuntu 20.04LTS \u7684 Apache + Flask \u6765\u521b\u5efa\u548c\u66f4\u65b0 Let&#8217;s Encrypt \u7684 SAN \u8bc1\u4e66\u7684\u6545\u4e8b\uff08\u89e3\u51b3\u65e0\u6cd5\u66f4\u65b0\u7684\u95ee\u9898\uff09\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/64d5cc7727fffbff2f9a2a8da1de3e5c\",\"name\":\"\u6587, \u7fd4\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/920c3d673e0bccacc98e5e6b7149bb3c22edd8d39cb753e5d7d7e471498118a1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/920c3d673e0bccacc98e5e6b7149bb3c22edd8d39cb753e5d7d7e471498118a1?s=96&d=mm&r=g\",\"caption\":\"\u6587, \u7fd4\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/wenxiang\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8-ubuntu-20-04lts-%e7%9a%84-apache-flask-%e6%9d%a5%e5%88%9b%e5%bb%ba%e5%92%8c%e6%9b%b4%e6%96%b0-lets-encrypt-%e7%9a%84-san-%e8%af%81%e4%b9%a6%e7%9a%84%e6%95%85%e4%ba%8b%ef%bc%88\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u4f7f\u7528 Ubuntu 20.04LTS \u7684 Apache + Flask \u6765\u521b\u5efa\u548c\u66f4\u65b0 Let's Encrypt \u7684 SAN \u8bc1\u4e66\u7684\u6545\u4e8b\uff08\u89e3\u51b3\u65e0\u6cd5\u66f4\u65b0\u7684\u95ee\u9898\uff09 - Blog - Silicon Cloud","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528-ubuntu-20-04lts-\u7684-apache-flask-\u6765\u521b\u5efa\u548c\u66f4\u65b0-lets-encrypt-\u7684-san-\u8bc1\u4e66\u7684\u6545\u4e8b\uff08\/","og_locale":"zh_CN","og_type":"article","og_title":"\u4f7f\u7528 Ubuntu 20.04LTS \u7684 Apache + Flask \u6765\u521b\u5efa\u548c\u66f4\u65b0 Let's Encrypt \u7684 SAN \u8bc1\u4e66\u7684\u6545\u4e8b\uff08\u89e3\u51b3\u65e0\u6cd5\u66f4\u65b0\u7684\u95ee\u9898\uff09","og_description":"\u9996\u5148 \u7531\u65bc Certbot \u8b49\u66f8\u5373\u5c07\u904e\u671f\uff0c\u5617\u8a66\u9032\u884c\u66f4\u65b0\u4f46\u5931\u6557\u4e86\u3002\u7121\u6cd5\u89e3\u6c7a\u6b64\u554f\u984c\uff0c\u56e0\u6b64\u7d00\u9304\u4e0b\u4f86\u4f5c\u70ba\u500b\u4eba\u7b46\u8a18\u3002\u9664\u4e86 [&hellip;]","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528-ubuntu-20-04lts-\u7684-apache-flask-\u6765\u521b\u5efa\u548c\u66f4\u65b0-lets-encrypt-\u7684-san-\u8bc1\u4e66\u7684\u6545\u4e8b\uff08\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2023-11-21T20:52:32+00:00","article_modified_time":"2024-04-29T19:38:11+00:00","author":"\u6587, \u7fd4","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u6587, \u7fd4","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"10 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8-ubuntu-20-04lts-%e7%9a%84-apache-flask-%e6%9d%a5%e5%88%9b%e5%bb%ba%e5%92%8c%e6%9b%b4%e6%96%b0-lets-encrypt-%e7%9a%84-san-%e8%af%81%e4%b9%a6%e7%9a%84%e6%95%85%e4%ba%8b%ef%bc%88\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8-ubuntu-20-04lts-%e7%9a%84-apache-flask-%e6%9d%a5%e5%88%9b%e5%bb%ba%e5%92%8c%e6%9b%b4%e6%96%b0-lets-encrypt-%e7%9a%84-san-%e8%af%81%e4%b9%a6%e7%9a%84%e6%95%85%e4%ba%8b%ef%bc%88\/","name":"\u4f7f\u7528 Ubuntu 20.04LTS \u7684 Apache + Flask \u6765\u521b\u5efa\u548c\u66f4\u65b0 Let's Encrypt \u7684 SAN \u8bc1\u4e66\u7684\u6545\u4e8b\uff08\u89e3\u51b3\u65e0\u6cd5\u66f4\u65b0\u7684\u95ee\u9898\uff09 - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2023-11-21T20:52:32+00:00","dateModified":"2024-04-29T19:38:11+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/64d5cc7727fffbff2f9a2a8da1de3e5c"},"breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8-ubuntu-20-04lts-%e7%9a%84-apache-flask-%e6%9d%a5%e5%88%9b%e5%bb%ba%e5%92%8c%e6%9b%b4%e6%96%b0-lets-encrypt-%e7%9a%84-san-%e8%af%81%e4%b9%a6%e7%9a%84%e6%95%85%e4%ba%8b%ef%bc%88\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8-ubuntu-20-04lts-%e7%9a%84-apache-flask-%e6%9d%a5%e5%88%9b%e5%bb%ba%e5%92%8c%e6%9b%b4%e6%96%b0-lets-encrypt-%e7%9a%84-san-%e8%af%81%e4%b9%a6%e7%9a%84%e6%95%85%e4%ba%8b%ef%bc%88\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8-ubuntu-20-04lts-%e7%9a%84-apache-flask-%e6%9d%a5%e5%88%9b%e5%bb%ba%e5%92%8c%e6%9b%b4%e6%96%b0-lets-encrypt-%e7%9a%84-san-%e8%af%81%e4%b9%a6%e7%9a%84%e6%95%85%e4%ba%8b%ef%bc%88\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"\u4f7f\u7528 Ubuntu 20.04LTS \u7684 Apache + Flask \u6765\u521b\u5efa\u548c\u66f4\u65b0 Let&#8217;s Encrypt \u7684 SAN \u8bc1\u4e66\u7684\u6545\u4e8b\uff08\u89e3\u51b3\u65e0\u6cd5\u66f4\u65b0\u7684\u95ee\u9898\uff09"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/64d5cc7727fffbff2f9a2a8da1de3e5c","name":"\u6587, \u7fd4","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/920c3d673e0bccacc98e5e6b7149bb3c22edd8d39cb753e5d7d7e471498118a1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/920c3d673e0bccacc98e5e6b7149bb3c22edd8d39cb753e5d7d7e471498118a1?s=96&d=mm&r=g","caption":"\u6587, \u7fd4"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/wenxiang\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8-ubuntu-20-04lts-%e7%9a%84-apache-flask-%e6%9d%a5%e5%88%9b%e5%bb%ba%e5%92%8c%e6%9b%b4%e6%96%b0-lets-encrypt-%e7%9a%84-san-%e8%af%81%e4%b9%a6%e7%9a%84%e6%95%85%e4%ba%8b%ef%bc%88\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/37047","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=37047"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/37047\/revisions"}],"predecessor-version":[{"id":89451,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/37047\/revisions\/89451"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=37047"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=37047"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=37047"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}