打印

lamp 1.4 Let'sEncrypt SSL证书 续期失败

lamp 1.4 Let'sEncrypt SSL证书 续期失败

# /bin/certbot renew --disable-hook-validation --renew-hook "/etc/init.d/httpd restart"
Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/kf.leubao.com.conf
-------------------------------------------------------------------------------
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for kf.leubao.com
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (kf.leubao.com) from /etc/letsencrypt/renewal/kf.leubao.com.conf produced an unexpected error: F
ailed authorization procedure. kf.leubao.com (http-01): urn:acme:error:connection :: The server could not connect to the
client to verify the domain :: Fetching https://kf.leubao.com.well-known/acme-challenge/6wC1NB47utbuXFTs9dYAvp5GIqykmzsvT
4RwnuCQrLE: Error getting validation data. Skipping.


我按照https://lnmp.org/notice/fix-certbot-renew.html所述进行操作,不知道为什么总是提示上述错误,烦请军哥指教

TOP

仅按上面的信息是letsencrypt无法访问你的网站

LNMP付费问题排查/LNMP技术支持/Paypal信用卡代付/代购VPS,域名,软件等 QQ 503228080 旺旺 lzhenbao
军哥淘宝店铺
QQ/旺旺仅提供代购及付费代维/问题解决等服务,其他不回复!LNMP相关问题请在本论坛发帖,提问前先搜索,按https://bbs.vpser.net/thread-2555-1-1.html 要求反馈问题!

TOP

回复 2# 的帖子

IMPORTANT NOTES:
- The following errors were reported by the server:

   Domain: api.alizhiyou.com
   Type:   connection
   Detail: Fetching
   https://api.alizhiyou.com.well-known/acme-challenge/HgbG6X4W66SLTAuGdLi03ZuaB4fw3_jqyulgDjuEviE:
   Error getting validation data

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.
- The following errors were reported by the server:

   Domain: kf.leubao.com
   Type:   connection
   Detail: Fetching
   https://kf.leubao.com.well-known/acme-challenge/7__ed3goyA76YchO3actxJwV2TPrjJELz4xY7FaoG2E:
   Error getting validation data

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.

完整的错误是这样的

TOP

回复 2# 的帖子

我这边可以打开我的站点   https://kf.leubao.com.well-known/acme-challenge/7__ed3goyA76YchO3actxJwV2TPrjJELz4xY7FaoG2E:  这个在网站目录下确实没找到

TOP

回复 4# 的帖子

不清楚你这里面的域名后面为什么缺少了个 /

建议还是升级到1.5,重新迁移下证书 https://lnmp.org/notice/lnmp-v1-5-beta.html#upgrade

LNMP付费问题排查/LNMP技术支持/Paypal信用卡代付/代购VPS,域名,软件等 QQ 503228080 旺旺 lzhenbao
军哥淘宝店铺
QQ/旺旺仅提供代购及付费代维/问题解决等服务,其他不回复!LNMP相关问题请在本论坛发帖,提问前先搜索,按https://bbs.vpser.net/thread-2555-1-1.html 要求反馈问题!

TOP

回复 5# 的帖子

你好,我是升级到1.5生成的证书,请问自动续期还是1.4的方法吗?

TOP

回复 6# 的帖子

不一样,自动续期的,只要不更改配置文件、网站能正常访问都会自动续期
crontab里有续期命令,可以crontab -l 查看

LNMP付费问题排查/LNMP技术支持/Paypal信用卡代付/代购VPS,域名,软件等 QQ 503228080 旺旺 lzhenbao
军哥淘宝店铺
QQ/旺旺仅提供代购及付费代维/问题解决等服务,其他不回复!LNMP相关问题请在本论坛发帖,提问前先搜索,按https://bbs.vpser.net/thread-2555-1-1.html 要求反馈问题!

TOP

回复 7# 的帖子

有一条
45 0 * * * "/usr/local/acme.sh"/acme.sh --cron --home "/usr/local/acme.sh" > /dev/null
这个就是自动续期证书的定时任务?

TOP

对对

LNMP付费问题排查/LNMP技术支持/Paypal信用卡代付/代购VPS,域名,软件等 QQ 503228080 旺旺 lzhenbao
军哥淘宝店铺
QQ/旺旺仅提供代购及付费代维/问题解决等服务,其他不回复!LNMP相关问题请在本论坛发帖,提问前先搜索,按https://bbs.vpser.net/thread-2555-1-1.html 要求反馈问题!

TOP