军哥:lnmp ssl安装失败。不知道是不是python的问题。帮忙看下。
选择证书2.Lets Encrypt 报错如下,请军哥过目 :It will be processed automatically./bin/certbot
Starting create SSL Certificate use Let's Encrypt...
/root/.local/share/letsencrypt/lib/python2.6/site-packages/cryptography/__init__.py:26: DeprecationWarning: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of cryptography will drop support for Python 2.6
DeprecationWarning
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for www.ef201.com
http-01 challenge for ef201.com
Using the webroot path /home/wwwroot/www.ef201.com for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. www.ef201.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://www.ef201.com/.well-known/acme-challenge/OtDRWlzbNREKbWH-Cds-BWS92a6pal4hAZxpU_tB9CE: Error getting validation data, ef201.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://ef201.com/.well-known/acme-challenge/9azR2zW6RCQpwR0AhZOC_bA5y3pBjcG2iyytC2_lPss: Error getting validation data
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: www.ef201.com
Type: connection
Detail: Fetching
https://www.ef201.com/.well-known/acme-challenge/OtDRWlzbNREKbWH-Cds-BWS92a6pal4hAZxpU_tB9CE:
Error getting validation data
Domain: ef201.com
Type: connection
Detail: Fetching
https://ef201.com/.well-known/acme-challenge/9azR2zW6RCQpwR0AhZOC_bA5y3pBjcG2iyytC2_lPss:
Error getting validation data
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
Let's Encrypt SSL Certificate create failed!
服务器IP地址没问题。
dns和ip都没问题。正常。防火墙443也有开启
防火墙443也有开启是python2.6版本太低了吗?
是python2.6版本太低了吗? 虽然python 2.6低点,但是目前来说还可以用按上面的信息,应该是没解析出ip来
而且里面fetch 的url一般都是http的
可以发 /var/log/letsencrypt/letsencrypt.log 的信息看看更详细的错误信息
军哥:我把python升级到2.7,换个网址尝试。还是不行。报错内容如下:
/var/log/letsencrypt/letsencrypt.log报错内容如下:Domain: www.otaku.com
Type: unauthorized
Detail: Invalid response from http://www.otaku.com/.well-known/acme-challenge/kenU3ggVNRtDZPzvPfIgMRgzi74pzq43h25fdwYl-o4: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p"
To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address.
2017-06-22 03:05:29,796:INFO:certbot.auth_handler:Cleaning up challenges
2017-06-22 03:05:29,796:DEBUG:certbot.plugins.webroot:Removing /home/wwwroot/www.otaku.com/.well-known/acme-challenge/kenU3ggVNRtDZPzvPfIgMRgzi74pzq43h25fdwYl-o4
2017-06-22 03:05:29,797:DEBUG:certbot.plugins.webroot:Removing /home/wwwroot/www.otaku.com/.well-known/acme-challenge/E0zXNqQPoVFcDoe4L4nUbiOBIlwM0eakFBHrx68MeSU
2017-06-22 03:05:29,797:DEBUG:certbot.plugins.webroot:All challenges cleaned up, removing /home/wwwroot/www.otaku.com/.well-known/acme-challenge
2017-06-22 03:05:29,797:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/root/.local/share/letsencrypt/bin/letsencrypt", line 11, in <module>
sys.exit(main())
File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/certbot/main.py", line 743, in main
return config.func(config, plugins)
File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/certbot/main.py", line 683, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/certbot/main.py", line 82, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/certbot/client.py", line 344, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/certbot/client.py", line 313, in obtain_certificate
self.config.allow_subset_of_names)
File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/certbot/auth_handler.py", line 81, in get_authorizations
self._respond(resp, best_effort)
File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/certbot/auth_handler.py", line 138, in _respond
self._poll_challenges(chall_update, best_effort)
File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/certbot/auth_handler.py", line 202, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. otaku.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://otaku.com/.well-known/acme-challenge/E0zXNqQPoVFcDoe4L4nUbiOBIlwM0eakFBHrx68MeSU: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p", www.otaku.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.otaku.com/.well-known/acme-challenge/kenU3ggVNRtDZPzvPfIgMRgzi74pzq43h25fdwYl-o4: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
[ 本帖最后由 810656823 于 2017-6-22 11:16 编辑 ]
执行lnmp ssl的时候。提示的错误:
Starting create SSL Certificate use Let's Encrypt...Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for www.otaku.com
http-01 challenge for otaku.com
Using the webroot path /home/wwwroot/www.otaku.com for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. otaku.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://otaku.com/.well-known/acme-challenge/ZJaju8UfCJBF7pgt4wVfD_lkqNAyOwM-SsfIjvR45JQ: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p", www.otaku.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.otaku.com/.well-known/acme-challenge/7FjOHgvy87MYsgSVZs7vpDGs8EZsyYgYO8p_qntK8nE: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: otaku.com
Type: unauthorized
Detail: Invalid response from
http://otaku.com/.well-known/acme-challenge/ZJaju8UfCJBF7pgt4wVfD_lkqNAyOwM-SsfIjvR45JQ:
"<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p"
Domain: www.otaku.com
Type: unauthorized
Detail: Invalid response from
http://www.otaku.com/.well-known/acme-challenge/7FjOHgvy87MYsgSVZs7vpDGs8EZsyYgYO8p_qntK8nE:
"<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
Let's Encrypt SSL Certificate create failed!
[ 本帖最后由 810656823 于 2017-6-22 11:15 编辑 ]
回复 7# 的帖子
可能是1.3升级到1.4的为按要求修改 https://lnmp.org/faq/upgrade1-4.html也可以自己设置了就行deny规则
我的是lamp的环境的。也要这样设置吗?
我的是lamp的环境的。也要这样设置吗?我不是升级的。我是直接安装的lnmp1.4稳定版的。
我不是升级的。我是直接安装的lnmp1.4稳定版的。然后我是lamp的环境。 403的话可能是有deny规则,可以贴该域名的配置文件和网站根目录的.htaccess 看一下再有可能是目录权限设置有问题
页:
[1]