§2024-09-03
試作機器: n2Jitsi.yushei.net, 192.168.16.249
- install
$ sudo apt update
$ sudo apt install certbot python3-certbot-nginx
- backup /etc/nginx/sites-available
alexlai@n2Jitsi:~$ ls /etc/nginx/sites-available
default yushei.net.conf
alexlai@n2Jitsi:~$ ls -l /etc/nginx/sites-enabled/
total 0
lrwxrwxrwx 1 root root 34 Sep 2 21:36 default -> /etc/nginx/sites-available/default
lrwxrwxrwx 1 root root 42 Sep 2 21:37 yushei.net.conf -> /etc/nginx/sites-available/yushei.net.conf
alexlai@n2Jitsi:~$ sudo cp -v //etc/nginx/sites-available/default /etc/nginx/sites-available.backup
'//etc/nginx/sites-available/default' -> '/etc/nginx/sites-available.backup'
alexlai@n2Jitsi:~$ sudo cp -v //etc/nginx/sites-available/yushei.net.conf /etc/nginx/sites-available/yushei.net.conf.backup
'//etc/nginx/sites-available/yushei.net.conf' -> '/etc/nginx/sites-available/yushei.net.conf.backup'
alexlai@n2Jitsi:~$ ls -l /etc/nginx/sites-enabled/
total 0
lrwxrwxrwx 1 root root 34 Sep 2 21:36 default -> /etc/nginx/sites-available/default
lrwxrwxrwx 1 root root 42 Sep 2 21:37 yushei.net.conf -> /etc/nginx/sites-available/yushei.net.conf
- use cerbot
erro
sudo certbot --nginx -d default -d yushei.net--> see next section chatGPT -> It looks like there was an issue with using default as a domain name. The default identifier isn't a valid domain name, which is why Let's Encrypt rejected it.
run it again
alexlai@n2Jitsi:~$ sudo certbot --nginx -d yushei.net
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for yushei.net
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/yushei.net/fullchain.pem
Key is saved at: /etc/letsencrypt/live/yushei.net/privkey.pem
This certificate expires on 2024-12-02.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
Deploying certificate
Successfully deployed certificate for yushei.net to /etc/nginx/sites-enabled/yushei.net.conf
Congratulations! You have successfully enabled HTTPS on https://yushei.net
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
alexlai@n2Jitsi:~$ sudo certbot --nginx -d default -d yushei.net
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices)
(Enter 'c' to cancel): rai.sousuke@mac.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf. You must agree in
order to register with the ACME server. Do you agree?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Yes
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: No
Account registered.
Requesting a certificate for default and yushei.net
An unexpected error occurred:
AttributeError: can't set attribute
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
alexlai@n2Jitsi:~$ sudo cp -v //etc/nginx/sites-available/default /etc/nginx/sites-available.backup
'//etc/nginx/sites-available/default' -> '/etc/nginx/sites-available.backup'
alexlai@n2Jitsi:~$ sudo cp -v //etc/nginx/sites-available/yushei.net.conf /etc/nginx/sites-available/yushei.net.conf.backup
'//etc/nginx/sites-available/yushei.net.conf' -> '/etc/nginx/sites-available/yushei.net.conf.backup'
alexlai@n2Jitsi:~$ ls -l /etc/nginx/sites-enabled/
total 0
lrwxrwxrwx 1 root root 34 Sep 2 21:36 default -> /etc/nginx/sites-available/default
lrwxrwxrwx 1 root root 42 Sep 2 21:37 yushei.net.conf -> /etc/nginx/sites-available/yushei.net.conf
alexlai@n2Jitsi:~$ sudo certbot --nginx -d default -d yushei.net
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices)
(Enter 'c' to cancel): rai.sousuke@mac.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf. You must agree in
order to register with the ACME server. Do you agree?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Yes
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: No
Account registered.
Requesting a certificate for default and yushei.net
An unexpected error occurred:
AttributeError: can't set attribute
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
alexlai@n2Jitsi:~$ cat /var/log/letsencrypt/letsencrypt.log
cat: /var/log/letsencrypt/letsencrypt.log: Permission denied
alexlai@n2Jitsi:~$ sudo cat /var/log/letsencrypt/letsencrypt.log
2024-09-03 10:51:15,004:DEBUG:certbot._internal.main:certbot version: 2.1.0
2024-09-03 10:51:15,005:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2024-09-03 10:51:15,005:DEBUG:certbot._internal.main:Arguments: ['--nginx', '-d', 'default', '-d', 'yushei.net']
2024-09-03 10:51:15,005:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2024-09-03 10:51:15,020:DEBUG:certbot._internal.log:Root logging level set at 30
2024-09-03 10:51:15,022:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx
2024-09-03 10:51:15,440:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: Authenticator, Installer, Plugin
Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator
Initialized: <certbot_nginx._internal.configurator.NginxConfigurator object at 0xffff970b9950>
Prep: True
2024-09-03 10:51:15,441:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_nginx._internal.configurator.NginxConfigurator object at 0xffff970b9950> and installer <certbot_nginx._internal.configurator.NginxConfigurator object at 0xffff970b9950>
2024-09-03 10:51:15,441:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx
2024-09-03 10:51:37,146:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2024-09-03 10:51:37,150:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2024-09-03 10:51:37,726:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 746
2024-09-03 10:51:37,727:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 03 Sep 2024 02:51:37 GMT
Content-Type: application/json
Content-Length: 746
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"bz_1s7q8PNQ": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-03/renewalInfo",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2024-09-03 10:51:48,880:DEBUG:acme.client:Requesting fresh nonce
2024-09-03 10:51:48,880:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2024-09-03 10:51:49,050:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2024-09-03 10:51:49,051:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 03 Sep 2024 02:51:48 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: JgybCyl7LxaWwONaaCEIrNPchk7wPaflzNg5RaXAEaSAu3WBKT4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
2024-09-03 10:51:49,051:DEBUG:acme.client:Storing nonce: JgybCyl7LxaWwONaaCEIrNPchk7wPaflzNg5RaXAEaSAu3WBKT4
2024-09-03 10:51:49,051:DEBUG:acme.client:JWS payload:
b'{\n "contact": [\n "mailto:rai.sousuke@mac.com"\n ],\n "termsOfServiceAgreed": true\n}'
2024-09-03 10:51:49,061:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-acct:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAiandrIjogeyJuIjogInRxYXlrTDdnVWRoUm1UWlprVXRUU0JNTl9SV3Q2eEJsN1VockZHUFhwdmltZjdSS3VpbHUwMlZONG1EYjJzbXdHU3UtWVdseVV3Nzc3dnpLaVNNY2ZadklRQnZEWkwzOU1taGZhUjFzdDJTcWREMjJFUC1sSTloWGhQdl9XcmVrNERlNWUxWWZSdnVudGEtLUtJRVpjd2p0NDdZNXlFaTVyaUR4WHRvbWE2LXdScFhWMzNneVpfbHU4NVJlMzhnSDFYMFZZUzhKbnBiTkxpakxZSEE2R3phUzNZalRTdThvOG1zbXdSdGNtSWpOaW1DWnEtaUctakdrbVcwQXpIYXpqQllrWUtZOHU5VDFPLVhWNUdQelg0SmVkcGwzR2VCem93emoxeVg1emRLeDhLazVZRVk2TmxBdTI2aUxwZzlIQkxPTmFwTzZrWGNObi1VYXJtUnA2dyIsICJlIjogIkFRQUIiLCAia3R5IjogIlJTQSJ9LCAibm9uY2UiOiAiSmd5YkN5bDdMeGFXd09OYWFDRUlyTlBjaGs3d1BhZmx6Tmc1UmFYQUVhU0F1M1dCS1Q0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctYWNjdCJ9",
"signature": "F-mhZy4Vn0Cib_eKVXzuyd_6NeNBl9i5OUeoNvE5GEZCNsSdNprutCHrXs96srXaFa7oCNrQqmXuuRqbCoUcl3PEE1Kzz4PkFbOjRsCiIFjSD92_rZB73fdXLOb2fLByynhBl9-9TUsg6YNIGQxTfnrdwLjSSb-LV9SXoXiGMZHo95azr7kGyzYvKfVUr_BCfpFOWUlEe8ldY6HlItECuNw81_QVKckWzsiR-Cddi2_L9CKe_h_qB2lwA0mU2lk1EOqm0x00wlFQImdzfFZatdvmzdJYgRQ0KwbqAtS0uEa3nV7CZh-hcM2MerWzRhPNhU0d8PPHWsxPgWgjCAbzQw",
"payload": "ewogICJjb250YWN0IjogWwogICAgIm1haWx0bzpyYWkuc291c3VrZUBtYWMuY29tIgogIF0sCiAgInRlcm1zT2ZTZXJ2aWNlQWdyZWVkIjogdHJ1ZQp9"
}
2024-09-03 10:51:49,356:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-acct HTTP/1.1" 201 563
2024-09-03 10:51:49,357:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Tue, 03 Sep 2024 02:51:49 GMT
Content-Type: application/json
Content-Length: 563
Connection: keep-alive
Boulder-Requester: 1925521206
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf>;rel="terms-of-service"
Location: https://acme-v02.api.letsencrypt.org/acme/acct/1925521206
Replay-Nonce: LTxuIrHNHN7EXq_9KNRE6SzZYX6rk413xOj_RZ77gE6D7rkrlkM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"key": {
"kty": "RSA",
"n": "tqaykL7gUdhRmTZZkUtTSBMN_RWt6xBl7UhrFGPXpvimf7RKuilu02VN4mDb2smwGSu-YWlyUw777vzKiSMcfZvIQBvDZL39MmhfaR1st2SqdD22EP-lI9hXhPv_Wrek4De5e1YfRvunta--KIEZcwjt47Y5yEi5riDxXtoma6-wRpXV33gyZ_lu85Re38gH1X0VYS8JnpbNLijLYHA6GzaS3YjTSu8o8msmwRtcmIjNimCZq-iG-jGkmW0AzHazjBYkYKY8u9T1O-XV5GPzX4Jedpl3GeBzowzj1yX5zdKx8Kk5YEY6NlAu26iLpg9HBLONapO6kXcNn-UarmRp6w",
"e": "AQAB"
},
"contact": [
"mailto:rai.sousuke@mac.com"
],
"initialIp": "59.126.118.193",
"createdAt": "2024-09-03T02:51:49.234167334Z",
"status": "valid"
}
2024-09-03 10:51:49,357:DEBUG:acme.client:Storing nonce: LTxuIrHNHN7EXq_9KNRE6SzZYX6rk413xOj_RZ77gE6D7rkrlkM
2024-09-03 10:52:21,459:DEBUG:certbot._internal.display.obj:Notifying user: Account registered.
2024-09-03 10:52:21,460:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0xffff971c7810>)>), contact=('mailto:rai.sousuke@mac.com',), agreement=None, status='valid', terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/1925521206', new_authzr_uri=None, terms_of_service='https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf'), fb7156877471839506c5ffc6d4d7a4e0, Meta(creation_dt=datetime.datetime(2024, 9, 3, 2, 51, 49, tzinfo=<UTC>), creation_host='n2Jitsi.yushei.net', register_to_eff=None))>
2024-09-03 10:52:21,461:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for default and yushei.net
2024-09-03 10:52:21,466:DEBUG:certbot.crypto_util:Generating ECDSA key (2048 bits): /etc/letsencrypt/keys/0000_key-certbot.pem
2024-09-03 10:52:21,471:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0000_csr-certbot.pem
2024-09-03 10:52:21,474:DEBUG:acme.client:JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "default"\n },\n {\n "type": "dns",\n "value": "yushei.net"\n }\n ]\n}'
2024-09-03 10:52:21,480:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTkyNTUyMTIwNiIsICJub25jZSI6ICJMVHh1SXJITkhON0VYcV85S05SRTZTelpZWDZyazQxM3hPal9SWjc3Z0U2RDdya3Jsa00iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9",
"signature": "OHHIZFe4L4bZqK2ekwBA5Hm_dPXrJGMvSMg74EOAsjKia5yIyhHrGBexr-XtBNrET5SwmYFGf8aa0wnKzrJLNu0EtUMRd6MwDc3im7ahLNYlvLMGL06izKX4aSoJz0TRENfatlDjykEtK9qMzb6W8M4zzRcXOgAC0u9Um31lwHR3z5aaCUy8c145mzNi1s15dUeXPfW7bKXb1hra5-h16CvsMmkuB2TffL10PNZWYRAZzliK1LLKDGFhJqcVFCdYyTCCJ9A9SP-axF0up9HuxER87ywMCvuIBeDPRTq9V_gMYtZea6eGTbcgVc1Hb28HmnA_NiBG3f5vDcXeWGXo6g",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRlZmF1bHQiCiAgICB9LAogICAgewogICAgICAidHlwZSI6ICJkbnMiLAogICAgICAidmFsdWUiOiAieXVzaGVpLm5ldCIKICAgIH0KICBdCn0"
}
2024-09-03 10:52:21,654:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 400 191
2024-09-03 10:52:21,655:DEBUG:acme.client:Received response:
HTTP 400
Server: nginx
Date: Tue, 03 Sep 2024 02:52:21 GMT
Content-Type: application/problem+json
Content-Length: 191
Connection: keep-alive
Boulder-Requester: 1925521206
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: LTxuIrHNwopV-y7rBkuH4q4jcpHA1gNOsnOH0wBHjGjyZ-eIrks
{
"type": "urn:ietf:params:acme:error:rejectedIdentifier",
"detail": "Invalid identifiers requested :: Cannot issue for \"default\": Domain name needs at least one dot",
"status": 400
}
2024-09-03 10:52:21,656:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/lib/python3.11/contextlib.py", line 155, in __exit__
self.gen.throw(typ, value, traceback)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1683, in make_displayer
yield displayer
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1736, in main
return config.func(config, plugins)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1440, in run
new_lineage = _get_and_save_cert(le_client, config, domains,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 138, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 516, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 428, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 478, in _get_order_and_authorizations
orderr = self.acme.new_order(csr_pem)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/acme/client.py", line 138, in new_order
response = self._post(self.directory['newOrder'], order)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/acme/client.py", line 338, in _post
return self.net.post(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/acme/client.py", line 711, in post
return self._post_once(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/acme/client.py", line 724, in _post_once
response = self._check_response(response, content_type=content_type)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/acme/client.py", line 575, in _check_response
raise messages.Error.from_json(jobj)
acme.messages.Error: urn:ietf:params:acme:error:rejectedIdentifier :: The server will not issue certificates for the identifier :: Invalid identifiers requested :: Cannot issue for "default": Domain name needs at least one dot
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/bin/certbot", line 33, in <module>
sys.exit(load_entry_point('certbot==2.1.0', 'console_scripts', 'certbot')())
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/main.py", line 19, in main
return internal_main.main(cli_args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1733, in main
with make_displayer(config) as displayer:
File "/usr/lib/python3.11/contextlib.py", line 188, in __exit__
exc.__traceback__ = traceback
^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/josepy/util.py", line 191, in __setattr__
raise AttributeError("can't set attribute")
AttributeError: can't set attribute
2024-09-03 10:52:21,662:ERROR:certbot._internal.log:An unexpected error occurred:
2024-09-03 10:52:21,663:ERROR:certbot._internal.log:AttributeError: can't set attribute
It looks like there was an issue with using default as a domain name.
The defaultidentifier isn't a valid domain name, which is why Let's Encrypt rejected it.