投稿
问答

为什么acme.sh申请证书,我就不行。(使用nginx)。我太菜吗??

作者:admin 2021-08-20 我要评论

年前使用过一次acme.sh申请证书,失败了,使用nginx。今天又尝试了下,又失败了。我太奇葩吗??? 使用nginx,之前nginx正常运行,加了--debug --log以后就是下...

在说正事之前,我要推荐一个福利:你还在原价购买阿里云、腾讯云、华为云服务器吗?那太亏啦!来这里,新购、升级、续费都打折,能够为您省60%的钱呢!2核4G企业级云服务器低至69元/年,点击进去看看吧>>>)

年前使用过一次acme.sh申请证书,失败了,使用nginx。今天又尝试了下,又失败了。我太奇葩吗???

使用nginx,之前nginx正常运行,加了--debug --log以后就是下面一大坨的日志。看了半天我也看不出是怎么就错了。一脸懵逼。就硬逼着用dns模式吗??而且acme.sh自带的webroot模式也很不行啊,我吧nginx关闭了她依然不能啊。一脸懵逼

acme.sh --issue -d xxxx.tk --nginx



[Sun Mar 15 05:27:23 EDT 2020] Running cmd: issue
[Sun Mar 15 05:27:23 EDT 2020] _main_domain='xxx.tk'
[Sun Mar 15 05:27:23 EDT 2020] _alt_domains='no'
[Sun Mar 15 05:27:23 EDT 2020] Using config home:/root/.acme.sh
[Sun Mar 15 05:27:23 EDT 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Sun Mar 15 05:27:23 EDT 2020] DOMAIN_PATH='/root/.acme.sh/xxx.tk'
[Sun Mar 15 05:27:23 EDT 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Sun Mar 15 05:27:23 EDT 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Sun Mar 15 05:27:23 EDT 2020] GET
[Sun Mar 15 05:27:23 EDT 2020] url='https://acme-v02.api.letsencrypt.org/directory'
[Sun Mar 15 05:27:23 EDT 2020] timeout=
[Sun Mar 15 05:27:23 EDT 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Sun Mar 15 05:27:23 EDT 2020] ret='0'
[Sun Mar 15 05:27:23 EDT 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Sun Mar 15 05:27:23 EDT 2020] ACME_NEW_AUTHZ
[Sun Mar 15 05:27:23 EDT 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Sun Mar 15 05:27:23 EDT 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Sun Mar 15 05:27:23 EDT 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Sun Mar 15 05:27:23 EDT 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Sun Mar 15 05:27:23 EDT 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Sun Mar 15 05:27:23 EDT 2020] ACME_VERSION='2'
[Sun Mar 15 05:27:23 EDT 2020] Le_NextRenewTime
[Sun Mar 15 05:27:23 EDT 2020] _on_before_issue
[Sun Mar 15 05:27:23 EDT 2020] _chk_main_domain='xxx.tk'
[Sun Mar 15 05:27:23 EDT 2020] _chk_alt_domains
[Sun Mar 15 05:27:23 EDT 2020] Le_LocalAddress
[Sun Mar 15 05:27:23 EDT 2020] d='xxx.tk'
[Sun Mar 15 05:27:23 EDT 2020] Check for domain='xxx.tk'
[Sun Mar 15 05:27:23 EDT 2020] _currentRoot='nginx:'
[Sun Mar 15 05:27:23 EDT 2020] d
[Sun Mar 15 05:27:23 EDT 2020] _saved_account_key_hash is not changed, skip register account.
[Sun Mar 15 05:27:23 EDT 2020] Read key length:
[Sun Mar 15 05:27:23 EDT 2020] _createcsr
[Sun Mar 15 05:27:23 EDT 2020] Single domain='xxx.tk'
[Sun Mar 15 05:27:24 EDT 2020] Getting domain auth token for each domain
[Sun Mar 15 05:27:24 EDT 2020] d
[Sun Mar 15 05:27:24 EDT 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Sun Mar 15 05:27:24 EDT 2020] payload='{"identifiers": [{"type":"dns","value":"xxx.tk"}]}'
[Sun Mar 15 05:27:24 EDT 2020] RSA key
[Sun Mar 15 05:27:24 EDT 2020] HEAD
[Sun Mar 15 05:27:24 EDT 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Sun Mar 15 05:27:24 EDT 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g  -I  '
[Sun Mar 15 05:27:24 EDT 2020] _ret='0'
[Sun Mar 15 05:27:24 EDT 2020] POST
[Sun Mar 15 05:27:24 EDT 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Sun Mar 15 05:27:24 EDT 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Sun Mar 15 05:27:25 EDT 2020] _ret='0'
[Sun Mar 15 05:27:25 EDT 2020] code='201'
[Sun Mar 15 05:27:25 EDT 2020] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/80638343/2662556201'
[Sun Mar 15 05:27:25 EDT 2020] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/80638343/2662556201'
[Sun Mar 15 05:27:25 EDT 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/3370329503'
[Sun Mar 15 05:27:25 EDT 2020] payload
[Sun Mar 15 05:27:25 EDT 2020] POST
[Sun Mar 15 05:27:25 EDT 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/3370329503'
[Sun Mar 15 05:27:25 EDT 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Sun Mar 15 05:27:25 EDT 2020] _ret='0'
[Sun Mar 15 05:27:25 EDT 2020] code='200'
[Sun Mar 15 05:27:25 EDT 2020] d='xxx.tk'
[Sun Mar 15 05:27:25 EDT 2020] Getting webroot for domain='xxx.tk'
[Sun Mar 15 05:27:25 EDT 2020] _w='nginx:'
[Sun Mar 15 05:27:25 EDT 2020] _currentRoot='nginx:'
[Sun Mar 15 05:27:25 EDT 2020] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/3370329503/pKv1Aw","token":"yPvnA4KIkX-WfkAfZ5kE-iKYjXKTwyafMPrThzK0gR4"'
[Sun Mar 15 05:27:25 EDT 2020] token='yPvnA4KIkX-WfkAfZ5kE-iKYjXKTwyafMPrThzK0gR4'
[Sun Mar 15 05:27:25 EDT 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/3370329503/pKv1Aw'
[Sun Mar 15 05:27:25 EDT 2020] keyauthorization='yPvnA4KIkX-WfkAfZ5kE-iKYjXKTwyafMPrThzK0gR4.C-emGTp4bXxGK5WLG1icrZ2ff261L7Jf_McGSWKKGUM'
[Sun Mar 15 05:27:25 EDT 2020] dvlist='xxx.tk#yPvnA4KIkX-WfkAfZ5kE-iKYjXKTwyafMPrThzK0gR4.C-emGTp4bXxGK5WLG1icrZ2ff261L7Jf_McGSWKKGUM#https://acme-v02.api.letsencrypt.org/acme/chall-v3/3370329503/pKv1Aw#http-01#nginx:'
[Sun Mar 15 05:27:25 EDT 2020] d
[Sun Mar 15 05:27:25 EDT 2020] vlist='xxx.tk#yPvnA4KIkX-WfkAfZ5kE-iKYjXKTwyafMPrThzK0gR4.C-emGTp4bXxGK5WLG1icrZ2ff261L7Jf_McGSWKKGUM#https://acme-v02.api.letsencrypt.org/acme/chall-v3/3370329503/pKv1Aw#http-01#nginx:,'
[Sun Mar 15 05:27:25 EDT 2020] d='xxx.tk'
[Sun Mar 15 05:27:25 EDT 2020] ok, let's start to verify
[Sun Mar 15 05:27:25 EDT 2020] Verifying: xxx.tk
[Sun Mar 15 05:27:25 EDT 2020] d='xxx.tk'
[Sun Mar 15 05:27:25 EDT 2020] keyauthorization='yPvnA4KIkX-WfkAfZ5kE-iKYjXKTwyafMPrThzK0gR4.C-emGTp4bXxGK5WLG1icrZ2ff261L7Jf_McGSWKKGUM'
[Sun Mar 15 05:27:25 EDT 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/3370329503/pKv1Aw'
[Sun Mar 15 05:27:25 EDT 2020] _currentRoot='nginx:'
[Sun Mar 15 05:27:25 EDT 2020] Nginx mode for domain:xxx.tk
[Sun Mar 15 05:27:25 EDT 2020] _croot='nginx:'
[Sun Mar 15 05:27:25 EDT 2020] _start_f
[Sun Mar 15 05:27:25 EDT 2020] find start conf from nginx command
[Sun Mar 15 05:27:25 EDT 2020] NGINX_CONF='--conf-path=/etc/nginx/nginx.conf'
[Sun Mar 15 05:27:25 EDT 2020] NGINX_CONF='/etc/nginx/nginx.conf'
[Sun Mar 15 05:27:25 EDT 2020] Found nginx conf file:/etc/nginx/nginx.conf
[Sun Mar 15 05:27:25 EDT 2020] Start detect nginx conf for xxx.tk from:/etc/nginx/nginx.conf
[Sun Mar 15 05:27:25 EDT 2020] Start _checkConf from:/etc/nginx/nginx.conf
[Sun Mar 15 05:27:25 EDT 2020] single
[Sun Mar 15 05:27:25 EDT 2020] _isRealNginxConf xxx.tk /etc/nginx/nginx.conf
[Sun Mar 15 05:27:25 EDT 2020] _fln='25'
[Sun Mar 15 05:27:25 EDT 2020] _start='23:    server {'
[Sun Mar 15 05:27:25 EDT 2020] _start_n='23'
[Sun Mar 15 05:27:25 EDT 2020] _start_nn='24'
[Sun Mar 15 05:27:25 EDT 2020] _end='6:    server {'
[Sun Mar 15 05:27:25 EDT 2020] _end_n='6'
[Sun Mar 15 05:27:25 EDT 2020] _seg_n='        listen       80;
        server_name  xxx.tk;
        rewrite ^(.*)$ https://$host$1 permanent;
    }

    server {'
[Sun Mar 15 05:27:25 EDT 2020] /etc/nginx/nginx.conf is found.
[Sun Mar 15 05:27:25 EDT 2020] Found conf file: /etc/nginx/nginx.conf
[Sun Mar 15 05:27:25 EDT 2020] _ln='25'
[Sun Mar 15 05:27:25 EDT 2020] _lnn='26'
[Sun Mar 15 05:27:25 EDT 2020] _start_tag='        rewrite ^(.*)$ https://$host$1 permanent;'
[Sun Mar 15 05:27:25 EDT 2020] _backup_conf='/root/.acme.sh/xxx.tk/backup/xxx.tk.nginx.conf'
[Sun Mar 15 05:27:25 EDT 2020] Backup /etc/nginx/nginx.conf to /root/.acme.sh/xxx.tk/backup/xxx.tk.nginx.conf
[Sun Mar 15 05:27:25 EDT 2020] Check the nginx conf before setting up.
[Sun Mar 15 05:27:25 EDT 2020] OK, Set up nginx config file
[Sun Mar 15 05:27:25 EDT 2020] nginx conf is done, let's check it again.
[Sun Mar 15 05:27:25 EDT 2020] Reload nginx
[Sun Mar 15 05:27:25 EDT 2020] _realConf='/etc/nginx/nginx.conf'
[Sun Mar 15 05:27:27 EDT 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/3370329503/pKv1Aw'
[Sun Mar 15 05:27:27 EDT 2020] payload='{}'
[Sun Mar 15 05:27:28 EDT 2020] POST
[Sun Mar 15 05:27:28 EDT 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/3370329503/pKv1Aw'
[Sun Mar 15 05:27:28 EDT 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Sun Mar 15 05:27:28 EDT 2020] _ret='0'
[Sun Mar 15 05:27:28 EDT 2020] code='200'
[Sun Mar 15 05:27:28 EDT 2020] trigger validation code: 200
[Sun Mar 15 05:27:28 EDT 2020] sleep 2 secs to verify
[Sun Mar 15 05:27:30 EDT 2020] checking
[Sun Mar 15 05:27:30 EDT 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/3370329503/pKv1Aw'
[Sun Mar 15 05:27:30 EDT 2020] payload
[Sun Mar 15 05:27:30 EDT 2020] POST
[Sun Mar 15 05:27:30 EDT 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/3370329503/pKv1Aw'
[Sun Mar 15 05:27:30 EDT 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Sun Mar 15 05:27:31 EDT 2020] _ret='0'
[Sun Mar 15 05:27:31 EDT 2020] code='200'
[Sun Mar 15 05:27:31 EDT 2020] xxx.tk:Verify error:Invalid response from https://xxx.tk/.well-known/acme-challenge/yPvnA4KIkX-WfkAfZ5kE-iKYjXKTwyafMPrThzK0gR4 [2.56.255.23]: 
[Sun Mar 15 05:27:31 EDT 2020] Debug: get token url.
[Sun Mar 15 05:27:31 EDT 2020] GET
[Sun Mar 15 05:27:31 EDT 2020] url='http://xxx.tk/.well-known/acme-challenge/yPvnA4KIkX-WfkAfZ5kE-iKYjXKTwyafMPrThzK0gR4'
[Sun Mar 15 05:27:31 EDT 2020] timeout=1
[Sun Mar 15 05:27:31 EDT 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g  --connect-timeout 1'
[Sun Mar 15 05:27:32 EDT 2020] ret='0'
[Sun Mar 15 05:27:32 EDT 2020] Skip for removelevel:
[Sun Mar 15 05:27:32 EDT 2020] pid
[Sun Mar 15 05:27:32 EDT 2020] _restoreNginx
[Sun Mar 15 05:27:32 EDT 2020] NGINX_RESTORE_VLIST='xxx.tk#/etc/nginx/nginx.conf#/root/.acme.sh/xxx.tk/backup/xxx.tk.nginx.conf,'
[Sun Mar 15 05:27:32 EDT 2020] ng_entry='xxx.tk#/etc/nginx/nginx.conf#/root/.acme.sh/xxx.tk/backup/xxx.tk.nginx.conf'
[Sun Mar 15 05:27:32 EDT 2020] Restoring from /root/.acme.sh/xxx.tk/backup/xxx.tk.nginx.conf to /etc/nginx/nginx.conf
[Sun Mar 15 05:27:32 EDT 2020] Reload nginx
[Sun Mar 15 05:27:32 EDT 2020] _clearupdns
[Sun Mar 15 05:27:32 EDT 2020] dns_entries
[Sun Mar 15 05:27:32 EDT 2020] skip dns.
[Sun Mar 15 05:27:32 EDT 2020] _on_issue_err
[Sun Mar 15 05:27:32 EDT 2020] Please check log file for more details: /root/.acme.sh/acme.sh.log
[Sun Mar 15 05:27:32 EDT 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/3370329503/pKv1Aw'
[Sun Mar 15 05:27:32 EDT 2020] payload='{}'
[Sun Mar 15 05:27:32 EDT 2020] POST
[Sun Mar 15 05:27:32 EDT 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/3370329503/pKv1Aw'
[Sun Mar 15 05:27:32 EDT 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Sun Mar 15 05:27:32 EDT 2020] _ret='0'
[Sun Mar 15 05:27:32 EDT 2020] code='400'
[Sun Mar 15 05:27:32 EDT 2020] socat doesn't exists.
[Sun Mar 15 05:27:32 EDT 2020] Diagnosis versions:
###

使用acme.sh不顺利的话,你可以试试这个ohttps.com,基本上跟acme.sh的功能差不多,是图形界面的,除了支持证书自动更新外,还支持nginx容器多节点自动部署,很方便。

###

我申请证书一般都是不加 --nginx 的,我是手动改写 nginx 配置文件。

你可以试下不加 --nginx

版权声明:本文转载自网络,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。本站转载出于传播更多优秀技术知识之目的,如有侵权请联系QQ/微信:153890879删除

相关文章
  • 使用箭头函数return数据不能实现

    使用箭头函数return数据不能实现

  • 个人小程序号能接入小程序3D地图吗?

    个人小程序号能接入小程序3D地图吗?

  • vue 移动端项目中,使用了better-scrol

    vue 移动端项目中,使用了better-scrol

  • css如何做出区域平均划分为四列

    css如何做出区域平均划分为四列

腾讯云代理商
精彩导读
/images/defaultpic.gif

windows7好还是windows10好_电脑系统7

/images/defaultpic.gif

PHP怎么调用这种接口文件

/images/defaultpic.gif

关于 Type接口和ParameterizedType接口

/images/defaultpic.gif

请问ant-design-vue如何把table和form

/uploads/allimg/210722/16043B964-0-lp.jpg

使用html2canvas生成图片,然后将生成

/uploads/allimg/210422/0Z205Ea-0-lp.jpg

主要开发微信小程序,用uni-app、taro

海外云服务器
热门资讯
备案:湘ICP备15009499号-1
网站简介 投稿须知 商务合作 版权申明 技术支持:TOP云