Let's Encrypt用certbot-auto安装依赖包时出错
# ./certbot-auto -nBootstrapping dependencies for RedHat-based OSes...
yum is /usr/bin/yum
To use Certbot, packages from the EPEL repository need to be installed.
Please enable this repository and try running Certbot again.
我已经执行过yum install epel-release
Total download size: 14 k
Installed size: 22 k
Is this ok : y
Downloading Packages:
epel-release-6-8.noarch.rpm |14 kB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : epel-release-6-8.noarch 1/1
Verifying: epel-release-6-8.noarch 1/1
Installed:
epel-release.noarch 0:6-8
显示应该是安装成功了吖,怎么回事呢?
找到错误 原因了,运行certbot-auto前,安装epel-release後,还需要执行以下命令:
yum repolist
如果执行此命令仍然出错,即需vi /etc/yum.repos.d/epel.repo, 将baseurl的注释取消, 再注释掉mirrorlist。保存即可。
执行完yum repolist,即可执行./certbot-auto -n 出了一个新问题,军哥帮帮忙,执行./certbot-auto -n後,长时间停留在
Creating virtual environment...
Installing Python packages...
中断後再执行多次依然如此
Package python-devel-2.6.6-66.el6_8.x86_64 already installed and latest version
Package python-virtualenv-1.10.1-1.el6.noarch already installed and latest version
Package python-tools-2.6.6-66.el6_8.x86_64 already installed and latest version
Package python-pip-7.1.0-1.el6.noarch already installed and latest version
Nothing to do
Creating virtual environment...
Installing Python packages...
于是再中断,直接
./certbot-auto certonly --email admin@vpser.net --agree-tos --webroot -w /home/wwwroot/www.vpser.net -d www.vpser.net -d bbs.vpser.net -w /home/wwwroot/lnmp.org -d www.lnmp.org -d lnmp.org
注:以上命令中的网站根目录及域名全部换成了我自己的,在这里是直接帖出相关教程里的命令语句作例而已,根目录及域名已经多次确认没有出错。
又出现错误
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
[ 本帖最后由 yanqzh 于 2016-11-7 08:36 编辑 ] /etc/letsencrypt/下没有live这个目录。
出了上面的错误之後,在/usr/local/nginx/conf/nginx.conf中
location ~ /\.
{
deny all;
}
的前面添加以下代码,并lnmp restart
location ~ /.well-known {
allow all;
}
再次./certbot-auto certonly --email admin@vpser.net --agree-tos --webroot -w /home/wwwroot/www.vpser.net -d www.vpser.net -d bbs.vpser.net -w /home/wwwroot/lnmp.org -d www.lnmp.org -d lnmp.org
还是错误依旧:
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: www.aaaaaaa.com
Type: unauthorized
Detail: Invalid response from
http://www.aaaaaaa.com/.well-known/acme-challenge/5vKY4MjzNrJq4FGtQ5UVIR8K-g9wo2Etb9lXbp4wTsw:
"<!DOCTYPE html>
<html lang="zh-TW" class="no-js">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=devic"
Domain: aaaaaaa.com
Type: unauthorized
Detail: Invalid response from
http://aaaaaaa.com/.well-known/acme-challenge/uq76fDkJsaVockV4oT3vwCdMD9vNUaBajV5hHR-TnrE:
"<!DOCTYPE html>
<html lang="zh-TW" class="no-js">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=devic"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
[ 本帖最后由 yanqzh 于 2016-11-7 08:45 编辑 ]
回复 4# 的帖子
有可能你目录输错了,提示的域名下面没有验证文件,而是提示的文件 原帖由 licess 于 2016-11-7 09:49 发表 http://bbs.vpser.net/images/common/back.gif有可能你目录输错了,提示的域名下面没有验证文件,而是提示的文件
目录是网站的根目录。这个是没有问题的,不过你说的验证文件是什么文件呢?这个在网站根目录下倒是没有的,我都是按你的教程https://www.vpser.net/build/letsencrypt-certbot.html步步为营。
我刚看到网上也有人类似错误,安装python时卡住,由于找不到pip.conf在哪,所以我直接下载http://python.org/ftp/python/2.7.4/Python-2.7.4.tgz安装,并已成功。
现在重新
./certbot-auto certonly --email admin@vpser.net --agree-tos --webroot -w /home/wwwroot/www.vpser.net -d www.vpser.net -d bbs.vpser.net -w /home/wwwroot/lnmp.org -d www.lnmp.org -d lnmp.org
错误提示已经不同:
An unexpected error occurred:
ConnectionError: HTTPSConnectionPool(host='acme-v01.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x26b9750>: Failed to establish a new connection: Network is unreachable',))
Please see the logfiles in /var/log/letsencrypt for more details. Version: 1.1-20080819
/root/.local/share/letsencrypt/lib/python2.6/site-packages/dialog.py:779: DeprecationWarning: the DIALOG_OK attribute of Dialog instances is obsolete; use the Dialog.OK class attribute instead.
回复 6# 的帖子
6楼 错误为你已经超过了最多的重试次数回复 8# 的帖子
那样的话应该怎么解决呢? 这个是他们官网的限制,等一天再试试 刚试了下,还是出现这样的错误:To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
回复 11# 的帖子
只看错误信息是需要确保你的域名a记录解析到正确的ip回复 12# 的帖子
军哥,最近使用 Let’s Encrypt客户端 certbot-auto的时候:
Creating virtual environment…
Installing Python packages…
好像一直等待........,有时候会提示失败,是啥原因,有什么解决办法啊?
回复 13# 的帖子
可能是国内的机器,pip源国内可能有时候无法连接或较慢,可以乎那个国内的pip源再试试回复 14# 的帖子
军哥,你博客文章里提到:
crontab 里加上如下规则:0 3 */5 * * /root/certbot-auto renew --renew-hook "/etc/init.d/nginx reload" 这样每5天就会执行一次所有域名的续期操作。当然时间也可以自行进行调整,建议别太频繁,因为他们都有请求次数的限制,如果需要强制更新可以在前面命令上加上 --force-renew 参数。
=》"/etc/init.d/nginx reload":自动续期后必须要执行nginx重装载吗?没有这步可以吗?
页:
[1]
2