军哥ssl 证书续期失败 日志附上
Using config home:/usr/local/acme.shACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory'
===Starting cron===
Using config home:/usr/local/acme.sh
ACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory'
_stopRenewOnError
di='/usr/local/nginx/conf/ssl/www.king.com/'
d='www.king.com'
Using config home:/usr/local/acme.sh
ACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory'
DOMAIN_PATH='/usr/local/nginx/conf/ssl/www.king.com'
Renew: 'www.king.com'
Le_API='https://acme-v01.api.letsencrypt.org/directory'
Using config home:/usr/local/acme.sh
ACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory'
_main_domain='www.king.com'
_alt_domains='no'
Using ACME_DIRECTORY: https://acme-v01.api.letsencrypt.org/directory
_init api for server: https://acme-v01.api.letsencrypt.org/directory
GET
url='https://acme-v01.api.letsencrypt.org/directory'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
ret='0'
ACME_KEY_CHANGE='https://acme-v01.api.letsencrypt.org/acme/key-change'
ACME_NEW_AUTHZ='https://acme-v01.api.letsencrypt.org/acme/new-authz'
ACME_NEW_ORDER='https://acme-v01.api.letsencrypt.org/acme/new-cert'
ACME_NEW_ACCOUNT='https://acme-v01.api.letsencrypt.org/acme/new-reg'
ACME_REVOKE_CERT='https://acme-v01.api.letsencrypt.org/acme/revoke-cert'
ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
ACME_NEW_NONCE
ACME_VERSION
Le_NextRenewTime='1547566950'
_on_before_issue
_chk_main_domain='www.king.com'
_chk_alt_domains
Le_LocalAddress
d='www.king.com'
Check for domain='www.king.com'
_currentRoot='/home/wwwroot/www.king.com'
d
_saved_account_key_hash is not changed, skip register account.
Read key length:
_createcsr
Single domain='www.king.com'
Getting domain auth token for each domain
d='www.king.com'
Getting webroot for domain='www.king.com'
_w='/home/wwwroot/www.king.com'
_currentRoot='/home/wwwroot/www.king.com'
Getting new-authz for domain='www.king.com'
_init api for server: https://acme-v01.api.letsencrypt.org/directory
Try new-authz for the 0 time.
url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "www.king.com"}}'
RSA key
GET
url='https://acme-v01.api.letsencrypt.org/directory'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
ret='0'
POST
_post_url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='201'
The new-authz request is ok.
entry='"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171","token":"a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU"'
token='a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU'
uri='https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171'
keyauthorization='a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU.k0fYWRGTw3OfueTUGUvB60yRRJO4xqC2t-6duOvFQUc'
dvlist='www.king.com#a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU.k0fYWRGTw3OfueTUGUvB60yRRJO4xqC2t-6duOvFQUc#https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171#http-01#/home/wwwroot/www.king.com'
d
vlist='www.king.com#a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU.k0fYWRGTw3OfueTUGUvB60yRRJO4xqC2t-6duOvFQUc#https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171#http-01#/home/wwwroot/www.king.com,'
d='www.king.com'
ok, let's start to verify
Verifying:www.king.com
d='www.king.com'
keyauthorization='a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU.k0fYWRGTw3OfueTUGUvB60yRRJO4xqC2t-6duOvFQUc'
uri='https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171'
_currentRoot='/home/wwwroot/www.king.com'
wellknown_path='/home/wwwroot/www.king.com/.well-known/acme-challenge'
writing token:a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU to /home/wwwroot/www.king.com/.well-known/acme-challenge/a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU
Changing owner/group of .well-known to www:www
url='https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171'
payload='{"resource": "challenge", "keyAuthorization": "a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU.k0fYWRGTw3OfueTUGUvB60yRRJO4xqC2t-6duOvFQUc"}'
POST
_post_url='https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='202'
sleep 2 secs to verify
checking
GET
url='https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
ret='0'
www.king.com:Verify error:Invalid response from http://www.king.com/.well-known/acme-challenge/a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU:
pid
No need to restore nginx, skip.
_clearupdns
skip dns.
_on_issue_err
Please check log file for more details: /usr/local/acme.sh/acme.sh.log
url='https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171'
payload='{"resource": "challenge", "keyAuthorization": "a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU.k0fYWRGTw3OfueTUGUvB60yRRJO4xqC2t-6duOvFQUc"}'
POST
_post_url='https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='400'
Return code: 1
Error renew www.king.com.
===End cron=== 网站无法访问是无法通过验证的,也就无法生成ssl证书 原帖由 licess 于 2019-2-16 16:59 发表 http://bbs.vpser.net/images/common/back.gif
网站无法访问是无法通过验证的,也就无法生成ssl证书
大概率应该也是因为网站目录变更导致的。
军哥,这边如果网站根目录变更后,应该怎么修正,让acme.sh可以正确执行呢?
回复 3# 的帖子
lnmp或lnmpa 的话 /usr/local/nginx/conf/ssl/域名/域名.conf 里就有你网站目录的设置lamp的话 /usr/local/apache/conf/ssl/域名/域名.conf
页:
[1]