打印

ssl添加问题

ssl添加问题

安装到最后提示这个

Starting create SSL Certificate use Let's Encrypt...
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
An unexpected error occurred:
The request message was malformed :: Error creating new authz :: DNS name does not have enough labels
Please see the logfiles in /var/log/letsencrypt for more details.
Let's Encrypt SSL Certificate create failed!

TOP

你输入的域名可能有问题,发 /var/log/letsencrypt/letsencrypt.log 完整日志看一下,也可以升级到1.5后再用新的试试

TOP

回复 2# 的帖子

2018-02-06 08:37:59,956EBUG:certbot.main:certbot version: 0.21.1
2018-02-06 08:37:59,956EBUG:certbot.main:Arguments: ['--email', '3048816744@qq.com', '--agree-tos', '-n', '--webroot', '-w', '/home/wwwroot/ssdtrade', '-d', 'ssdtrade', '-d', 'www.ssdtrade.xyz', '-d', 'ssdtrade.xyz']
2018-02-06 08:37:59,956EBUG:certbot.mainiscovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2018-02-06 08:37:59,968EBUG:certbot.log:Root logging level set at 20
2018-02-06 08:37:59,968:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-02-06 08:37:59,969EBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2018-02-06 08:37:59,972EBUG:certbot.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7ff5696f2110>
Prep: True
2018-02-06 08:37:59,973EBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7ff5696f2110> and installer None
2018-02-06 08:37:59,973:INFO:certbot.plugins.selectionlugins selected: Authenticator webroot, Installer None
2018-02-06 08:37:59,976EBUG:certbot.mainicked account: <Account(RegistrationResource(body=Registration(status=u'valid', contact=(u'mailto:1750010548@qq.com',), agreement=u'https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf', key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7ff5696f2650>)>)), uri=u'https://acme-v01.api.letsencrypt.org/acme/reg/28932631', new_authzr_uri=u'https://acme-v01.api.letsencrypt.org/acme/new-authz', terms_of_service=u'https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'), abf3571ed22a49b4e3bb45197968a0b4, Meta(creation_host=u'ip-172-31-14-104.us-east-2.compute.internal', creation_dt=datetime.datetime(2018, 2, 6, 7, 56, 19, tzinfo=<UTC>)))>
2018-02-06 08:37:59,977EBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/directory.
2018-02-06 08:37:59,981:DEBUG:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2018-02-06 08:38:00,209:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 562
2018-02-06 08:38:00,209:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 562
Replay-Nonce: 17yZVtjO5XaQAj0qPeFhKXeZ_xN6f1jr8-u8WPu25u4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Tue, 06 Feb 2018 08:38:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 06 Feb 2018 08:38:00 GMT
Connection: keep-alive

{
  "ZmY0Jb6jhr0": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",
  "meta": {
    "terms-of-service": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf"
  },
  "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",
  "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",
  "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",
  "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"
}
2018-02-06 08:38:00,210:INFO:certbot.main:Obtaining a new certificate
2018-02-06 08:38:00,210:DEBUG:acme.client:Requesting fresh nonce
2018-02-06 08:38:00,210:DEBUG:acme.client:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz.
2018-02-06 08:38:00,276:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "HEAD /acme/new-authz HTTP/1.1" 405 0
2018-02-06 08:38:00,276:DEBUG:acme.client:Received response:
HTTP 405
Server: nginx
Content-Type: application/problem+json
Content-Length: 91
Allow: POST
Replay-Nonce: PnFtpQv6RtDG3EGXcCJqomecHhP7YN9PP6amGaBQW2s
Expires: Tue, 06 Feb 2018 08:38:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 06 Feb 2018 08:38:00 GMT
Connection: keep-alive


2018-02-06 08:38:00,276:DEBUG:acme.client:Storing nonce: PnFtpQv6RtDG3EGXcCJqomecHhP7YN9PP6amGaBQW2s
2018-02-06 08:38:00,277:DEBUG:acme.client:JWS payload:
{
  "identifier": {
    "type": "dns",
    "value": "ssdtrade"
  },
  "resource": "new-authz"
}
2018-02-06 08:38:00,279:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz:
{
  "protected": "eyJub25jZSI6ICJQbkZ0cFF2NlJ0REczRUdYY0NKcW9tZWNIaFA3WU45UFA2YW1HYUJRVzJzIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAiMjBDbG5RUGNBbS1iNzJKTFJSdWhxN2ZsaVVVZlkyQmRIRldOc1NwNWd4N2U1U3VNd0ZJWGtlNzRIa3ZuZG1NTFVYRlBBdzNsVndOaFp2cDVSRDF4LUZSREtrTzVGcGgxejBUYlB0Tmw5ZWFFNzNHLVhyUHM2ZVBENzNNWU1wNmJ6NnVzMU45MlJrdHlVWkwyMmh0X2ZkUzZuTmxNU0h4QTdDbWhiUE42N3Z5Z2FXZFZid3c5TWc3R29yblhlQmhqbVZOR21VZk9lalN2UjdKOE1FYmpsZUx1T3NRal82WHdIdGNWWmZDTWxFNTlWZzVyYW52R1Rzb242SDZZaGJBYlNyZkdtTkY3eFREaURXZ0dGN1RTMWdsUm9VVkt4VzMtdDlEb1hiRnFvZ0FBUGVnQWxVU2ROb3Azck54aXZfZk9xQk91TEE2QXVIc1Y0QkJYRnRWWk53In19",
  "payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAic3NkdHJhZGUiCiAgfSwgCiAgInJlc291cmNlIjogIm5ldy1hdXRoeiIKfQ",
  "signature": "0dbR01Zu_22DSSwufqF037mfRz2EhFdHnNV3301KSkV5qoL-caqrM9AMUYCqxvaln7ez06ZHJMCdYl4dGW5OP1C4hxqKNoy09rJ4NgXvQci_C6KpBa4Iw8BysKSqZe0C4wzr-4-1NUGV-XMUz2_Zrw-kJdIC9PX740VOxcbcCBcbqEijJU5DS__tO-4DXQXYpUmhHRQEyzSAzbjxlHsw82fwCQz_Q_q9wPjgXAPOOP1izRla1kg1t48kyrxhR6O7o6Z7V1XSzxu_bCg2OAq1c32N244-N_m1cCSwpB3hG7RBTGYE_ZdwoZ3WPCMqh8PTJ9-7m1H-Suoc-X6c9zHqHA"
}
2018-02-06 08:38:00,367:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "OST /acme/new-authz HTTP/1.1" 400 137
2018-02-06 08:38:00,368:DEBUG:acme.client:Received response:
HTTP 400
Server: nginx
Content-Type: application/problem+json
Content-Length: 137
Boulder-Requester: 28932631
Replay-Nonce: ImbAQrguo2QR52mW89luYmVWmtcfrOfYaZBxNsruI6s
Expires: Tue, 06 Feb 2018 08:38:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 06 Feb 2018 08:38:00 GMT
Connection: close

{
  "type": "urn:acme:error:malformed",
  "detail": "Error creating new authz :: DNS name does not have enough labels",
  "status": 400
}
2018-02-06 08:38:00,368:DEBUG:acme.client:Storing nonce: ImbAQrguo2QR52mW89luYmVWmtcfrOfYaZBxNsruI6s
2018-02-06 08:38:00,369:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 11, in <module>
    sys.exit(main())
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 1240, in main
    return config.func(config, plugins)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 1120, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 118, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/client.py", line 357, in obtain_and_enroll_certificate
    certr, chain, key, _ = self.obtain_certificate(domains)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/client.py", line 318, in obtain_certificate
    self.config.allow_subset_of_names)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 66, in get_authorizations
    self.authzr[domain] = self.acme.request_domain_challenges(domain)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/acme/client.py", line 213, in request_domain_challenges
    typ=messages.IDENTIFIER_FQDN, value=domain), new_authzr_uri)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/acme/client.py", line 192, in request_challenges
    response = self.net.post(self.directory.new_authz, new_authz)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/acme/client.py", line 709, in post
    return self._post_once(*args, **kwargs)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/acme/client.py", line 722, in _post_once
    return self._check_response(response, content_type=content_type)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/acme/client.py", line 583, in _check_response
    raise messages.Error.from_json(jobj)
Error: urn:acme:error:malformed :: The request message was malformed :: Error creating new authz :: DNS name does not have enough labels
2018-02-06 08:38:00,369:ERROR:certbot.log:An unexpected error occurred:
2018-02-06 08:38:00,370:ERROR:certbot.log:The request message was malformed :: Error creating new authz :: DNS name does not have enough labels

TOP

回复 3# 的帖子

Arguments: ['--email', '3048816744@qq.com', '--agree-tos', '-n', '--webroot', '-w', '/home/wwwroot/ssdtrade', '-d', 'ssdtrade', '-d', 'www.ssdtrade.xyz', '-d', 'ssdtrade.xyz']
上面参数里有ssdtrade不是域名,不是域名加到输入域名的里面都是非法参数

TOP