SSL 無料証明書 - トラブルシュート - py37-certbot-1.2.0,1 → 1.3.0,1 エラー

 クラウディア
1. 概要
2. 順番を変えればいいのだ

1. 概要

 更新状況を見ていて

> pkg version -vl "<"
py37-acme-1.2.0,1                  <   needs updating (index has 1.3.0,1)
py37-certbot-1.2.0,1               <   needs updating (index has 1.3.0,1)
 てなことになっておりましたので、アップグレードしようとして

> portupgrade -Rr py37-certbot
[Reading data from pkg(8) ... - 423 packages found - done]
[Gathering depends for security/py-certbot ................................ done]
[Exclude up-to-date packages ........... done]
--->  Upgrading 'py37-certbot-1.2.0,1' to 'py37-certbot-1.3.0,1' (security/py-certbot)
--->  Building '/usr/ports/security/py-certbot'
===>  Cleaning for py37-certbot-1.3.0,1
===>  Cleaning for py27-certbot-1.3.0,1

・・・	略	・・・

running install_scripts
writing list of installed files to '/usr/ports/security/py-acme/work-py37/.PLIST.pymodtmp'
====> Compressing man pages (compress-man)
===>  Installing for py37-acme-1.3.0,1
===>  Checking if py37-acme is already installed
===>   An older version of py37-acme is already installed (py37-acme-1.2.0,1)
      You may wish to ``make deinstall'' and install this port again
      by ``make reinstall'' to upgrade it properly.
      If you really wish to overwrite the old port of py37-acme
      without deleting it first, set the variable "FORCE_PKG_REGISTER"
      in your environment or the "make install" command line.
*** Error code 1

Stop.
make[1]: stopped in /usr/ports/security/py-acme
*** Error code 1

Stop.
make: stopped in /usr/ports/security/py-certbot
** Command failed [exit code 1]: /usr/bin/script -qa /tmp/portupgrade20200319-52489-6oggqg env UPGRADE_TOOL=portupgrade UPGRADE_PORT=py37-certbot-1.2.0,1 UPGRADE_PORT_VER=1.2.0,1 make
** Fix the problem and try again.
** Listing the failed packages (-:ignored / *:skipped / !:failed)
        ! security/py-certbot (py37-certbot-1.2.0,1)    (unknown build error)
 てなことになっちゃいました。

2. 順番を変えればいいのだ

 「py37-certbot」の依存している「py37-acme」で、エラーになっております。  まずは、「py37-acme」をアップグレードするかな・・・と。

> portupgrade -Rr py37-acme
 しましたらば・・・。

[Reading data from pkg(8) ... - 423 packages found - done]
[Gathering depends for security/py-acme ........................... done]
[Gathering depends for security/py-certbot ............... done]
[Exclude up-to-date packages ........... done]
--->  Upgrading 'py37-acme-1.2.0,1' to 'py37-acme-1.3.0,1' (security/py-acme)
--->  Building '/usr/ports/security/py-acme'
===>  Cleaning for py37-acme-1.3.0,1
===>  Cleaning for py27-acme-1.3.0,1
===>  License APACHE20 accepted by the user
===>   py37-acme-1.3.0,1 depends on file: /usr/local/sbin/pkg - found
===> Fetching all distfiles required by py37-acme-1.3.0,1 for building
===>  Extracting for py37-acme-1.3.0,1
=> SHA256 Checksum OK for acme-1.3.0.tar.gz.
===>  Patching for py37-acme-1.3.0,1
===>  Applying FreeBSD patches for py37-acme-1.3.0,1
===>   py37-acme-1.3.0,1 depends on package: py37-setuptools>0 - found
===>   py37-acme-1.3.0,1 depends on file: /usr/local/bin/python3.7 - found
===>  Configuring for py37-acme-1.3.0,1
running config
===>  Building for py37-acme-1.3.0,1

・・・	略	・・・

===>  Checking if py37-certbot is already installed
===>   Registering installation for py37-certbot-1.3.0,1
Installing py37-certbot-1.3.0,1...
This port installs the "standalone" client only, which does not use and
is not the certbot-auto bootstrap/wrapper script.

The simplest form of usage to obtain certificates is:

 # sudo certbot certonly --standalone -d <domain>, [domain2, ... domainN]>

NOTE:

The client requires the ability to bind on TCP port 80 or 443 (depending
on the --preferred-challenges option used). If a server is running on that
port, it will need to be temporarily stopped so that the standalone server
can listen on that port to complete the challenge authentication process.

For more information on the 'standalone' mode, see:

  https://certbot.eff.org/docs/using.html#standalone

The certbot plugins to support apache and nginx certificate installation
will be made available in the following ports:

 * Apache plugin: security/py-certbot-apache
 * Nginx plugin: security/py-certbot-nginx

In order to automatically renew the certificates, add this line to
/etc/periodic.conf:

    weekly_certbot_enable="YES"

===>  Cleaning for py37-certbot-1.3.0,1
===>  Cleaning for py27-certbot-1.3.0,1
--->  Cleaning out obsolete shared libraries
 とまぁ、依存している「py37-certbot」まで、アップグレードされたようです。  最後の方の

In order to automatically renew the certificates, add this line to
/etc/periodic.conf:

    weekly_certbot_enable="YES"
 は、気になりますがね。  こっちの方がいいのかしら・・・。  でもカスタマイズしている部分があるので、自前のシェルスクリプトで動かしたいのですよ。  シェルスクリプトの動作も一応確認しておきました。

> sh/certbot.sh
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /usr/local/etc/letsencrypt/renewal/freebsd.sing.ne.jp.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not yet due for renewal

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /usr/local/etc/letsencrypt/renewal/ns.sing.ne.jp.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not yet due for renewal

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /usr/local/etc/letsencrypt/renewal/www.sing.ne.jp.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not yet due for renewal

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

The following certs are not due for renewal yet:
  /usr/local/etc/letsencrypt/live/freebsd.sing.ne.jp/fullchain.pem expires on 2020-05-10 (skipped)
  /usr/local/etc/letsencrypt/live/ns.sing.ne.jp/fullchain.pem expires on 2020-06-08 (skipped)
  /usr/local/etc/letsencrypt/live/www.sing.ne.jp/fullchain.pem expires on 2020-05-10 (skipped)
No renewals were attempted.
No hooks were run.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 一応動作はしているようです。  次回の更新時期にちゃんと更新されるかが気になるところです(2020年3月19日)。
 
 
カウンタバックグラウンド