VPS侦探论坛

 找回密码
 注册
搜索
热搜: pathinfo
查看: 444|回复: 3

军哥ssl 证书续期失败 日志附上

[复制链接]
发表于 2019-2-16 15:11:12 | 显示全部楼层 |阅读模式



[Sat Feb 16 15:11:04 CST 2019] Using config home:/usr/local/acme.sh
[Sat Feb 16 15:11:04 CST 2019] ACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory'
[Sat Feb 16 15:11:04 CST 2019] ===Starting cron===
[Sat Feb 16 15:11:04 CST 2019] Using config home:/usr/local/acme.sh
[Sat Feb 16 15:11:04 CST 2019] ACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory'
[Sat Feb 16 15:11:04 CST 2019] _stopRenewOnError
[Sat Feb 16 15:11:04 CST 2019] di='/usr/local/nginx/conf/ssl/www.king.com/'
[Sat Feb 16 15:11:04 CST 2019] d='www.king.com'
[Sat Feb 16 15:11:04 CST 2019] Using config home:/usr/local/acme.sh
[Sat Feb 16 15:11:04 CST 2019] ACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory'
[Sat Feb 16 15:11:04 CST 2019] DOMAIN_PATH='/usr/local/nginx/conf/ssl/www.king.com'
[Sat Feb 16 15:11:04 CST 2019] Renew: 'www.king.com'
[Sat Feb 16 15:11:04 CST 2019] Le_API='https://acme-v01.api.letsencrypt.org/directory'
[Sat Feb 16 15:11:04 CST 2019] Using config home:/usr/local/acme.sh
[Sat Feb 16 15:11:04 CST 2019] ACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory'
[Sat Feb 16 15:11:04 CST 2019] _main_domain='www.king.com'
[Sat Feb 16 15:11:04 CST 2019] _alt_domains='no'
[Sat Feb 16 15:11:04 CST 2019] Using ACME_DIRECTORY: https://acme-v01.api.letsencrypt.org/directory
[Sat Feb 16 15:11:04 CST 2019] _init api for server: https://acme-v01.api.letsencrypt.org/directory
[Sat Feb 16 15:11:04 CST 2019] GET
[Sat Feb 16 15:11:04 CST 2019] url='https://acme-v01.api.letsencrypt.org/directory'
[Sat Feb 16 15:11:04 CST 2019] timeout=
[Sat Feb 16 15:11:04 CST 2019] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
[Sat Feb 16 15:11:10 CST 2019] ret='0'
[Sat Feb 16 15:11:10 CST 2019] ACME_KEY_CHANGE='https://acme-v01.api.letsencrypt.org/acme/key-change'
[Sat Feb 16 15:11:10 CST 2019] ACME_NEW_AUTHZ='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Sat Feb 16 15:11:10 CST 2019] ACME_NEW_ORDER='https://acme-v01.api.letsencrypt.org/acme/new-cert'
[Sat Feb 16 15:11:10 CST 2019] ACME_NEW_ACCOUNT='https://acme-v01.api.letsencrypt.org/acme/new-reg'
[Sat Feb 16 15:11:10 CST 2019] ACME_REVOKE_CERT='https://acme-v01.api.letsencrypt.org/acme/revoke-cert'
[Sat Feb 16 15:11:10 CST 2019] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Sat Feb 16 15:11:10 CST 2019] ACME_NEW_NONCE
[Sat Feb 16 15:11:10 CST 2019] ACME_VERSION
[Sat Feb 16 15:11:10 CST 2019] Le_NextRenewTime='1547566950'
[Sat Feb 16 15:11:10 CST 2019] _on_before_issue
[Sat Feb 16 15:11:10 CST 2019] _chk_main_domain='www.king.com'
[Sat Feb 16 15:11:10 CST 2019] _chk_alt_domains
[Sat Feb 16 15:11:10 CST 2019] Le_LocalAddress
[Sat Feb 16 15:11:10 CST 2019] d='www.king.com'
[Sat Feb 16 15:11:10 CST 2019] Check for domain='www.king.com'
[Sat Feb 16 15:11:10 CST 2019] _currentRoot='/home/wwwroot/www.king.com'
[Sat Feb 16 15:11:10 CST 2019] d
[Sat Feb 16 15:11:10 CST 2019] _saved_account_key_hash is not changed, skip register account.
[Sat Feb 16 15:11:10 CST 2019] Read key length:
[Sat Feb 16 15:11:10 CST 2019] _createcsr
[Sat Feb 16 15:11:10 CST 2019] Single domain='www.king.com'
[Sat Feb 16 15:11:10 CST 2019] Getting domain auth token for each domain
[Sat Feb 16 15:11:10 CST 2019] d='www.king.com'
[Sat Feb 16 15:11:10 CST 2019] Getting webroot for domain='www.king.com'
[Sat Feb 16 15:11:10 CST 2019] _w='/home/wwwroot/www.king.com'
[Sat Feb 16 15:11:10 CST 2019] _currentRoot='/home/wwwroot/www.king.com'
[Sat Feb 16 15:11:10 CST 2019] Getting new-authz for domain='www.king.com'
[Sat Feb 16 15:11:10 CST 2019] _init api for server: https://acme-v01.api.letsencrypt.org/directory
[Sat Feb 16 15:11:10 CST 2019] Try new-authz for the 0 time.
[Sat Feb 16 15:11:10 CST 2019] url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Sat Feb 16 15:11:10 CST 2019] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "www.king.com"}}'
[Sat Feb 16 15:11:10 CST 2019] RSA key
[Sat Feb 16 15:11:10 CST 2019] GET
[Sat Feb 16 15:11:10 CST 2019] url='https://acme-v01.api.letsencrypt.org/directory'
[Sat Feb 16 15:11:10 CST 2019] timeout=
[Sat Feb 16 15:11:10 CST 2019] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
[Sat Feb 16 15:11:16 CST 2019] ret='0'
[Sat Feb 16 15:11:16 CST 2019] POST
[Sat Feb 16 15:11:16 CST 2019] _post_url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Sat Feb 16 15:11:16 CST 2019] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
[Sat Feb 16 15:11:22 CST 2019] _ret='0'
[Sat Feb 16 15:11:22 CST 2019] code='201'
[Sat Feb 16 15:11:22 CST 2019] The new-authz request is ok.
[Sat Feb 16 15:11:22 CST 2019] entry='"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171","token":"a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU"'
[Sat Feb 16 15:11:22 CST 2019] token='a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU'
[Sat Feb 16 15:11:22 CST 2019] uri='https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171'
[Sat Feb 16 15:11:22 CST 2019] keyauthorization='a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU.k0fYWRGTw3OfueTUGUvB60yRRJO4xqC2t-6duOvFQUc'
[Sat Feb 16 15:11:22 CST 2019] dvlist='www.king.com#a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU.k0fYWRGTw3OfueTUGUvB60yRRJO4xqC2t-6duOvFQUc#https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171#http-01#/home/wwwroot/www.king.com'
[Sat Feb 16 15:11:22 CST 2019] d
[Sat Feb 16 15:11:22 CST 2019] vlist='www.king.com#a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU.k0fYWRGTw3OfueTUGUvB60yRRJO4xqC2t-6duOvFQUc#https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171#http-01#/home/wwwroot/www.king.com,'
[Sat Feb 16 15:11:22 CST 2019] d='www.king.com'
[Sat Feb 16 15:11:22 CST 2019] ok, let's start to verify
[Sat Feb 16 15:11:22 CST 2019] Verifying:www.king.com
[Sat Feb 16 15:11:22 CST 2019] d='www.king.com'
[Sat Feb 16 15:11:22 CST 2019] keyauthorization='a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU.k0fYWRGTw3OfueTUGUvB60yRRJO4xqC2t-6duOvFQUc'
[Sat Feb 16 15:11:22 CST 2019] uri='https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171'
[Sat Feb 16 15:11:22 CST 2019] _currentRoot='/home/wwwroot/www.king.com'
[Sat Feb 16 15:11:22 CST 2019] wellknown_path='/home/wwwroot/www.king.com/.well-known/acme-challenge'
[Sat Feb 16 15:11:22 CST 2019] writing token:a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU to /home/wwwroot/www.king.com/.well-known/acme-challenge/a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU
[Sat Feb 16 15:11:22 CST 2019] Changing owner/group of .well-known to www:www
[Sat Feb 16 15:11:22 CST 2019] url='https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171'
[Sat Feb 16 15:11:22 CST 2019] payload='{"resource": "challenge", "keyAuthorization": "a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU.k0fYWRGTw3OfueTUGUvB60yRRJO4xqC2t-6duOvFQUc"}'
[Sat Feb 16 15:11:22 CST 2019] POST
[Sat Feb 16 15:11:22 CST 2019] _post_url='https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171'
[Sat Feb 16 15:11:22 CST 2019] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
[Sat Feb 16 15:11:28 CST 2019] _ret='0'
[Sat Feb 16 15:11:28 CST 2019] code='202'
[Sat Feb 16 15:11:28 CST 2019] sleep 2 secs to verify
[Sat Feb 16 15:11:30 CST 2019] checking
[Sat Feb 16 15:11:30 CST 2019] GET
[Sat Feb 16 15:11:30 CST 2019] url='https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171'
[Sat Feb 16 15:11:30 CST 2019] timeout=
[Sat Feb 16 15:11:30 CST 2019] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
[Sat Feb 16 15:11:36 CST 2019] ret='0'
[Sat Feb 16 15:11:36 CST 2019] www.king.com:Verify error:Invalid response from http://www.king.com/.well-known/acme-challenge/a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU:
[Sat Feb 16 15:11:36 CST 2019] pid
[Sat Feb 16 15:11:36 CST 2019] No need to restore nginx, skip.
[Sat Feb 16 15:11:36 CST 2019] _clearupdns
[Sat Feb 16 15:11:36 CST 2019] skip dns.
[Sat Feb 16 15:11:36 CST 2019] _on_issue_err
[Sat Feb 16 15:11:36 CST 2019] Please check log file for more details: /usr/local/acme.sh/acme.sh.log
[Sat Feb 16 15:11:36 CST 2019] url='https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171'
[Sat Feb 16 15:11:36 CST 2019] payload='{"resource": "challenge", "keyAuthorization": "a5a1m1wOU4aDYbULPMULGQjIKCA2N0SYl3v7wRTPCfU.k0fYWRGTw3OfueTUGUvB60yRRJO4xqC2t-6duOvFQUc"}'
[Sat Feb 16 15:11:36 CST 2019] POST
[Sat Feb 16 15:11:36 CST 2019] _post_url='https://acme-v01.api.letsencrypt.org/acme/challenge/4uwgFgdUkZ64RzLsgzfhdh_smBsld5piyUxQ75jw1ws/12670892171'
[Sat Feb 16 15:11:36 CST 2019] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
[Sat Feb 16 15:11:41 CST 2019] _ret='0'
[Sat Feb 16 15:11:42 CST 2019] code='400'
[Sat Feb 16 15:11:42 CST 2019] Return code: 1
[Sat Feb 16 15:11:42 CST 2019] Error renew www.king.com.
[Sat Feb 16 15:11:42 CST 2019] ===End cron===

美国VPS、VPN、域名代购:http://shop63846532.taobao.com/

发表于 2019-2-16 16:59:54 | 显示全部楼层

网站无法访问是无法通过验证的,也就无法生成ssl证书

美国VPS、VPN、域名代购:http://shop63846532.taobao.com/

发表于 2019-3-6 21:00:29 | 显示全部楼层

原帖由 licess 于 2019-2-16 16:59 发表
网站无法访问是无法通过验证的,也就无法生成ssl证书

大概率应该也是因为网站目录变更导致的。

军哥,这边如果网站根目录变更后,应该怎么修正,让acme.sh可以正确执行呢?

美国VPS、VPN、域名代购:http://shop63846532.taobao.com/

发表于 2019-3-7 13:13:40 | 显示全部楼层

回复 3# 的帖子




lnmp或lnmpa 的话 /usr/local/nginx/conf/ssl/域名/域名.conf 里就有你网站目录的设置
lamp的话 /usr/local/apache/conf/ssl/域名/域名.conf

美国VPS、VPN、域名代购:http://shop63846532.taobao.com/

您需要登录后才可以回帖 登录 | 注册

本版积分规则

小黑屋|手机版|Archiver|VPS侦探 ( 鲁ICP备16040043号-1 )

GMT+8, 2019-5-25 12:16 , Processed in 0.070990 second(s), 26 queries .

Powered by Discuz! X3.4

© 2001-2017 Comsenz Inc.

快速回复 返回顶部 返回列表