VPS侦探论坛

 找回密码
 注册
查看: 447|回复: 5

Let's Encrypt SSL Certificate create failed!

[复制链接]
发表于 2020-7-21 16:50:38 | 显示全部楼层 |阅读模式



创建虚拟主机的时候,我的域名ssl一直创建不了。军哥,是域名解析的问题吗?
美国VPS推荐: 遨游主机LinodeLOCVPSKVMLAVPS2EZ搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
 楼主| 发表于 2020-7-21 16:51:16 | 显示全部楼层



/usr/local/acme.sh/acme.sh [found]
Starting create SSL Certificate use Let's Encrypt...
[Tue Jul 21 16:32:29 CST 2020] Creating domain key
[Tue Jul 21 16:32:29 CST 2020] The domain key is here: /usr/local/nginx/conf/ssl                                                                             /xinliuyi.ws1268.com/xinliuyi.ws1268.com.key
[Tue Jul 21 16:32:29 CST 2020] Single domain='xinliuyi.ws1268.com'
[Tue Jul 21 16:32:29 CST 2020] Getting domain auth token for each domain
[Tue Jul 21 16:32:34 CST 2020] Getting webroot for domain='xinliuyi.ws1268.com'
[Tue Jul 21 16:32:34 CST 2020] Verifying: xinliuyi.ws1268.com
[Tue Jul 21 16:32:39 CST 2020] xinliuyi.ws1268.com:Verify error:Fetching http://xinliuyi.ws1268.com/.well-known/acme-challenge/YhJ3_C4                       tduaQIk_NEOZgxP7IpJbgxu30VRMzT9UCtEM: Connection reset by peer
[Tue Jul 21 16:32:39 CST 2020] Please check log file for more details: /usr/local/acme.sh/acme.sh.log
Let's Encrypt SSL Certificate create failed!
Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
 楼主| 发表于 2020-7-21 16:51:47 | 显示全部楼层



[Tue Jul 21 16:32:27 CST 2020] Running cmd: issue
[Tue Jul 21 16:32:27 CST 2020] _main_domain='xinliuyi.ws1268.com'
[Tue Jul 21 16:32:27 CST 2020] _alt_domains='no'
[Tue Jul 21 16:32:27 CST 2020] Using config home:/usr/local/acme.sh
[Tue Jul 21 16:32:27 CST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Tue Jul 21 16:32:27 CST 2020] DOMAIN_PATH='/usr/local/nginx/conf/ssl/xinliuyi.ws1268.com'
[Tue Jul 21 16:32:27 CST 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Tue Jul 21 16:32:27 CST 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Tue Jul 21 16:32:27 CST 2020] GET
[Tue Jul 21 16:32:27 CST 2020] url='https://acme-v02.api.letsencrypt.org/directory'
[Tue Jul 21 16:32:27 CST 2020] timeout=
[Tue Jul 21 16:32:27 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
[Tue Jul 21 16:32:29 CST 2020] ret='0'
[Tue Jul 21 16:32:29 CST 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Tue Jul 21 16:32:29 CST 2020] ACME_NEW_AUTHZ
[Tue Jul 21 16:32:29 CST 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Tue Jul 21 16:32:29 CST 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Tue Jul 21 16:32:29 CST 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Tue Jul 21 16:32:29 CST 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Tue Jul 21 16:32:29 CST 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Tue Jul 21 16:32:29 CST 2020] ACME_VERSION='2'
[Tue Jul 21 16:32:29 CST 2020] _on_before_issue
[Tue Jul 21 16:32:29 CST 2020] _chk_main_domain='xinliuyi.ws1268.com'
[Tue Jul 21 16:32:29 CST 2020] _chk_alt_domains
[Tue Jul 21 16:32:29 CST 2020] Le_LocalAddress
[Tue Jul 21 16:32:29 CST 2020] d='xinliuyi.ws1268.com'
[Tue Jul 21 16:32:29 CST 2020] Check for domain='xinliuyi.ws1268.com'
[Tue Jul 21 16:32:29 CST 2020] _currentRoot='/home/wwwroot/xinliuyi.ws1268.com'
[Tue Jul 21 16:32:29 CST 2020] d
[Tue Jul 21 16:32:29 CST 2020] _saved_account_key_hash is not changed, skip register account.
[Tue Jul 21 16:32:29 CST 2020] Read key length:
[Tue Jul 21 16:32:29 CST 2020] Creating domain key
[Tue Jul 21 16:32:29 CST 2020] Use DEFAULT_DOMAIN_KEY_LENGTH=2048
[Tue Jul 21 16:32:29 CST 2020] Using config home:/usr/local/acme.sh
[Tue Jul 21 16:32:29 CST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Tue Jul 21 16:32:29 CST 2020] Use length 2048
[Tue Jul 21 16:32:29 CST 2020] Using RSA: 2048
[Tue Jul 21 16:32:29 CST 2020] The domain key is here: /usr/local/nginx/conf/ssl/xinliuyi.ws1268.com/xinliuyi.ws1268.com.key
[Tue Jul 21 16:32:29 CST 2020] _createcsr
[Tue Jul 21 16:32:29 CST 2020] Single domain='xinliuyi.ws1268.com'
[Tue Jul 21 16:32:29 CST 2020] Getting domain auth token for each domain
[Tue Jul 21 16:32:29 CST 2020] d
[Tue Jul 21 16:32:29 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Tue Jul 21 16:32:29 CST 2020] payload='{"identifiers": [{"type":"dns","value":"xinliuyi.ws1268.com"}]}'
[Tue Jul 21 16:32:29 CST 2020] RSA key
[Tue Jul 21 16:32:29 CST 2020] HEAD
[Tue Jul 21 16:32:29 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Tue Jul 21 16:32:29 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g  -I  '
[Tue Jul 21 16:32:32 CST 2020] _ret='0'
[Tue Jul 21 16:32:32 CST 2020] POST
[Tue Jul 21 16:32:32 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Tue Jul 21 16:32:32 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
[Tue Jul 21 16:32:33 CST 2020] _ret='0'
[Tue Jul 21 16:32:33 CST 2020] code='201'
[Tue Jul 21 16:32:33 CST 2020] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/71717027/4305056408'
[Tue Jul 21 16:32:33 CST 2020] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/71717027/4305056408'
[Tue Jul 21 16:32:33 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/6015350539'
[Tue Jul 21 16:32:33 CST 2020] payload
[Tue Jul 21 16:32:33 CST 2020] POST
[Tue Jul 21 16:32:33 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/6015350539'
[Tue Jul 21 16:32:33 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
[Tue Jul 21 16:32:34 CST 2020] _ret='0'
[Tue Jul 21 16:32:34 CST 2020] code='200'
[Tue Jul 21 16:32:34 CST 2020] d='xinliuyi.ws1268.com'
[Tue Jul 21 16:32:34 CST 2020] Getting webroot for domain='xinliuyi.ws1268.com'
[Tue Jul 21 16:32:34 CST 2020] _w='/home/wwwroot/xinliuyi.ws1268.com'
[Tue Jul 21 16:32:34 CST 2020] _currentRoot='/home/wwwroot/xinliuyi.ws1268.com'
[Tue Jul 21 16:32:34 CST 2020] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/6015350539/CZhcpw","token":"YhJ3_C4tduaQIk_NEOZgxP7IpJbgxu30VRMzT9UCtEM"'
[Tue Jul 21 16:32:34 CST 2020] token='YhJ3_C4tduaQIk_NEOZgxP7IpJbgxu30VRMzT9UCtEM'
[Tue Jul 21 16:32:34 CST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/6015350539/CZhcpw'
[Tue Jul 21 16:32:34 CST 2020] keyauthorization='YhJ3_C4tduaQIk_NEOZgxP7IpJbgxu30VRMzT9UCtEM.GWGcA_WZB-v9Y1H8QUOpUVUxWwqX_XRlWIMnNrGNPyA'
[Tue Jul 21 16:32:34 CST 2020] dvlist='xinliuyi.ws1268.com#YhJ3_C4tduaQIk_NEOZgxP7IpJbgxu30VRMzT9UCtEM.GWGcA_WZB-v9Y1H8QUOpUVUxWwqX_XRlWIMnNrGNPyA#https://acme-v02.api.letsencrypt.org/acme/chall-v3/6015350539/CZhcpw#http-01#/home/wwwroot/xinliuyi.ws1268.com'
[Tue Jul 21 16:32:34 CST 2020] d
[Tue Jul 21 16:32:34 CST 2020] vlist='xinliuyi.ws1268.com#YhJ3_C4tduaQIk_NEOZgxP7IpJbgxu30VRMzT9UCtEM.GWGcA_WZB-v9Y1H8QUOpUVUxWwqX_XRlWIMnNrGNPyA#https://acme-v02.api.letsencrypt.org/acme/chall-v3/6015350539/CZhcpw#http-01#/home/wwwroot/xinliuyi.ws1268.com,'
[Tue Jul 21 16:32:34 CST 2020] d='xinliuyi.ws1268.com'
[Tue Jul 21 16:32:34 CST 2020] ok, let's start to verify
[Tue Jul 21 16:32:34 CST 2020] Verifying: xinliuyi.ws1268.com
[Tue Jul 21 16:32:34 CST 2020] d='xinliuyi.ws1268.com'
[Tue Jul 21 16:32:34 CST 2020] keyauthorization='YhJ3_C4tduaQIk_NEOZgxP7IpJbgxu30VRMzT9UCtEM.GWGcA_WZB-v9Y1H8QUOpUVUxWwqX_XRlWIMnNrGNPyA'
[Tue Jul 21 16:32:34 CST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/6015350539/CZhcpw'
[Tue Jul 21 16:32:34 CST 2020] _currentRoot='/home/wwwroot/xinliuyi.ws1268.com'
[Tue Jul 21 16:32:34 CST 2020] wellknown_path='/home/wwwroot/xinliuyi.ws1268.com/.well-known/acme-challenge'
[Tue Jul 21 16:32:34 CST 2020] writing token:YhJ3_C4tduaQIk_NEOZgxP7IpJbgxu30VRMzT9UCtEM to /home/wwwroot/xinliuyi.ws1268.com/.well-known/acme-challenge/YhJ3_C4tduaQIk_NEOZgxP7IpJbgxu30VRMzT9UCtEM
[Tue Jul 21 16:32:34 CST 2020] Changing owner/group of .well-known to www:www
[Tue Jul 21 16:32:34 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/6015350539/CZhcpw'
[Tue Jul 21 16:32:34 CST 2020] payload='{}'
[Tue Jul 21 16:32:34 CST 2020] POST
[Tue Jul 21 16:32:34 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/6015350539/CZhcpw'
[Tue Jul 21 16:32:34 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
[Tue Jul 21 16:32:36 CST 2020] _ret='0'
[Tue Jul 21 16:32:36 CST 2020] code='200'
[Tue Jul 21 16:32:36 CST 2020] trigger validation code: 200
[Tue Jul 21 16:32:36 CST 2020] sleep 2 secs to verify
[Tue Jul 21 16:32:38 CST 2020] checking
[Tue Jul 21 16:32:38 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/6015350539/CZhcpw'
[Tue Jul 21 16:32:38 CST 2020] payload
[Tue Jul 21 16:32:38 CST 2020] POST
[Tue Jul 21 16:32:38 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/6015350539/CZhcpw'
[Tue Jul 21 16:32:38 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
[Tue Jul 21 16:32:39 CST 2020] _ret='0'
[Tue Jul 21 16:32:39 CST 2020] code='200'
[Tue Jul 21 16:32:39 CST 2020] xinliuyi.ws1268.com:Verify error:Fetching http://xinliuyi.ws1268.com/.well-known/acme-challenge/YhJ3_C4tduaQIk_NEOZgxP7IpJbgxu30VRMzT9UCtEM: Connection reset by peer
[Tue Jul 21 16:32:39 CST 2020] pid
[Tue Jul 21 16:32:39 CST 2020] No need to restore nginx, skip.
[Tue Jul 21 16:32:39 CST 2020] _clearupdns
[Tue Jul 21 16:32:39 CST 2020] dns_entries
[Tue Jul 21 16:32:39 CST 2020] skip dns.
[Tue Jul 21 16:32:39 CST 2020] _on_issue_err
[Tue Jul 21 16:32:39 CST 2020] Please check log file for more details: /usr/local/acme.sh/acme.sh.log
[Tue Jul 21 16:32:39 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/6015350539/CZhcpw'
[Tue Jul 21 16:32:39 CST 2020] payload='{}'
[Tue Jul 21 16:32:39 CST 2020] POST
[Tue Jul 21 16:32:39 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/6015350539/CZhcpw'
[Tue Jul 21 16:32:39 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
[Tue Jul 21 16:32:41 CST 2020] _ret='0'
[Tue Jul 21 16:32:41 CST 2020] code='400'
美国VPS推荐: 遨游主机LinodeLOCVPSKVMLAVPS2EZ搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
 楼主| 发表于 2020-7-21 16:53:31 | 显示全部楼层



后面两个帖子,一个命令返回的信息,一个是复制的日志文件
Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
发表于 2020-7-21 20:32:17 | 显示全部楼层

你这域名被墙了,虽然现在是国内的机器,国内可以访问但是国外是无法访问的,所以也就无法验证域名生成ssl证书,只能用泛域名方式生成ssl证书

美国VPS、VPN、域名代购:http://shop63846532.taobao.com/

 楼主| 发表于 2020-7-22 10:38:15 | 显示全部楼层

好,我配置泛域名增加ssl,感谢
您需要登录后才可以回帖 登录 | 注册

本版积分规则

小黑屋|手机版|Archiver|VPS侦探 ( 鲁ICP备16040043号-1 )

GMT+8, 2020-10-29 12:17 , Processed in 0.056236 second(s), 26 queries .

Powered by Discuz! X3.4

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表