1. 기존 인증서, 기록, 설정 파일 제거

[root@centos letsencrypt]# cd /etc/letsencrypt/
[root@centos letsencrypt]# ls -al
total 40
drwxr-xr-x    9 root root 4096 May  1 00:07 .
drwxr-xr-x. 145 root root 8192 Apr 28 20:37 ..
drwx------    3 root root   41 Apr 18 12:46 accounts
drwx------    3 root root   30 May  1 00:07 archive
drwxr-xr-x    2 root root 4096 May  1 00:07 csr
drwx------    2 root root 4096 May  1 00:07 keys
drwx------    3 root root   43 May  1 00:07 live
-rw-r--r--    1 root root  696 Apr 18 12:46 options-ssl-nginx.conf
drwxr-xr-x    2 root root   35 May  1 00:07 renewal
drwxr-xr-x    5 root root   40 Apr 18 11:08 renewal-hooks
-rw-r--r--    1 root root  424 Apr 18 12:46 ssl-dhparams.pem
-rw-r--r--    1 root root   64 Apr 18 12:46 .updated-options-ssl-nginx-conf-digest.txt
-rw-r--r--    1 root root   64 Apr 18 12:46 .updated-ssl-dhparams-pem-digest.txt

[root@centos letsencrypt]# cd archive
[root@centos archive]# rm -rf blog.daonelab.com
[root@centos archive]# cd ..

[root@centos letsencrypt]# cd live
[root@centos live]# rm -rf blog.daonelab.com
[root@centos live]# cd ..

[root@centos letsencrypt]# cd renewal
[root@centos renewal]# rm -rf blog.daonelab.com.conf
[root@centos renewal]# cd ..

[root@centos letsencrypt]# certbot certonly --standalone -d blog.daonelab.com

이렇게 하면 자동적으로 nginx의 conf파일에 인증서경로가 추가되어진다. 물론 기존에도 있던 설정이었다.

[root@centos /]# cd /etc/nginx/conf.d

[root@centos conf.d]# vi default.conf

-----------------------------------------------------------------
...
    ssl_certificate /etc/letsencrypt/live/blog.daonelab.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/blog.daonelab.com/privkey.pem; # managed by Certbot
...
-----------------------------------------------------------------

그리고

systemctl reload nginx