無料のＳＳＬ証明書認証サイトＬｅｔ’ｓＥｎｃｒｙｐｔを使ったＳＳＬ化

pi@raspberrypi:~ $ sudo apt install dirmngr
> Reading package lists... Done
> Building dependency tree
> Reading state information... Done
> Suggested packages:
>   dbus-user-session pinentry-gnome3 tor
> The following NEW packages will be installed:
>   dirmngr
> 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
> Need to get 547 kB of archives.
> After this operation, 963 kB of additional disk space will be used.
> Get:1 http://ftp.jaist.ac.jp/pub/Linux/raspbian-archive/raspbian stretch/main armhf dirmngr armhf 2.1.18-8~deb9u4 [547 kB]
> Fetched 547 kB in 6s (86.9 kB/s)
> Selecting previously unselected package dirmngr.
> (Reading database ... 37769 files and directories currently installed.)
> Preparing to unpack .../dirmngr_2.1.18-8~deb9u4_armhf.deb ...
> Unpacking dirmngr (2.1.18-8~deb9u4) ...
> Processing triggers for man-db (2.7.6.1-2) ...
> Setting up dirmngr (2.1.18-8~deb9u4) ...

参考にさせて頂いたサイトの記載通り実施する。
pi@raspberrypi:~ $ gpg --keyserver pgpkeys.mit.edu --recv-key 8B48AD6246925553
gpg: directory '/home/pi/.gnupg' created
gpg: keybox '/home/pi/.gnupg/pubring.kbx' created
gpg: key 8B48AD6246925553: 28 signatures not checked due to missing keys
gpg: /home/pi/.gnupg/trustdb.gpg: trustdb created
gpg: key 8B48AD6246925553: public key "Debian Archive Automatic Signing Key (7.0/wheezy) " imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1

pi@raspberrypi:~ $ gpg -a --export 8B48AD6246925553 | sudo apt-key add -
OK

$ sudo apt-get install certbot python-certbot-apache -t stretch-backports
指示通り実施したがエラー
Reading package lists... Done
E: The value 'stretch-backports' is invalid for APT::Default-Release as such a release is not available in the sources

/etc/apt/source.listに
deb http://deb.debian.org/debian stretch-backports main　を追記
$ sudo apt-get update

で再度
pi@raspberrypi:~ $ sudo apt-get install certbot python-certbot-apache -t stretch-backports

で無事インストール成功

pi@raspberrypi:~ $ sudo certbot
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): hide_8024@yahoo.co.jp

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: a

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
No names were found in your configuration files. Please enter in your domain
name(s) (comma and/or space separated)  (Enter 'c' to cancel): anabuki.mydns.jp
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for anabuki.mydns.jp
Enabled Apache rewrite module
Waiting for verification...
Cleaning up challenges
Incomplete authorizations

IMPORTANT NOTES:
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.

pi@raspberrypi:~ $ sudo certbot certonly --webroot -w /var/www/html -d anabuki.mydns.jp
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for anabuki.mydns.jp
Using the webroot path /var/www/html for all unmatched domains.
Waiting for verification...
Cleaning up challenges

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/anabuki.mydns.jp/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/anabuki.mydns.jp/privkey.pem
   Your cert will expire on 2019-07-03. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot
   again. To non-interactively renew *all* of your certificates, run
   "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

pi@raspberrypi:~ $ sudo a2enmod ssl
実施済み

pi@raspberrypi:~ $ sudo a2ensite default-ssl
Enabling site default-ssl.
To activate the new configuration, you need to run:
  systemctl reload apache2

pi@raspberrypi:~ $ sudo certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/anabuki.mydns.jp.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not yet due for renewal

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

The following certs are not due for renewal yet:
  /etc/letsencrypt/live/anabuki.mydns.jp/fullchain.pem expires on 2019-07-03 (skippe
No renewals were attempted.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -