【求助】lnmp ssl 无法更新
安装完LNMP后,网站开启了SSL,刚检查发现过几天SSL到期,无法更新。1. 输入官网解决方案无效:自动更新命令:wget -O - http://soft.vpser.net/lnmp/ext/fix_renewssl.sh|bash
2.按照其他帖子解决方案也不行:
输入:/bin/certbot renew --force-renewal --disable-hook-validation --renew-hook "/etc/init.d/nginx reload"
我看着提示是DNS解析错误,
A记录没问题(网站一直可访问),AAAA记录没填。
请问我该如何操作呢?(新手,如果方便的话请尽量告知具体命令,不胜感激)
以下为提示输入代码后提示内容:
# /bin/certbot renew --force-renewal --disable-hook-validation --renew-hook "/etc/init.d/nginx reload"
/opt/eff.org/certbot/venv/lib/python2.6/site-packages/cryptography/__init__.py:26: DeprecationWarning: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of cryptography will drop support for Python 2.6
DeprecationWarning
Saving debug log to /var/log/letsencrypt/letsencrypt.log
-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/www.mydomain.com.conf
-------------------------------------------------------------------------------
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
/opt/eff.org/certbot/venv/lib/python2.6/site-packages/acme/jose/jwa.py:110: DeprecationWarning: signer and verifier have been deprecated. Please use sign and verify instead.
signer = key.signer(self.padding, self.hash)
Performing the following challenges:
http-01 challenge for www.mydomain.com
http-01 challenge for mydomain.com
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (www.mydomain.com) from /etc/letsencrypt/renewal/www.mydomain.com.conf produced an unexpected error: Failed authorization procedure. mydomain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://mydomain.com/.well-known/acme-challenge/0cLkpwKiPfHsQKgoDefkjUEK-97Yv8MINwz8BU2LM4Q: "
403 Forbidden
403 Forbidden
", www.mydomain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.mydomain.com/.well-known/acme-challenge/4NpS5boY7wKxQdpGCmagXcfrGlXBZAxuMAa1lSK6RCc: "
403 Forbidden
403 Forbidden
". Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/www.mydomain.com/fullchain.pem (failure)
-------------------------------------------------------------------------------
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/www.mydomain.com/fullchain.pem (failure)
-------------------------------------------------------------------------------
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: mydomain.com
Type: unauthorized
Detail: Invalid response from
http://mydomain.com/.well-known/acme-challenge/0cLkpwKiPfHsQKgoDefkjUEK-97Yv8MINwz8BU2LM4Q:
"
403 Forbidden
403 Forbidden
"
Domain: www.mydomain.com
Type: unauthorized
Detail: Invalid response from
http://www.mydomain.com/.well-known/acme-challenge/4NpS5boY7wKxQdpGCmagXcfrGlXBZAxuMAa1lSK6RCc:
"
403 Forbidden
403 Forbidden
"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
之前生成证书正常,续期返回403错误应该是该虚拟主机上又添加了deny规则,贴一下你的配置看一下
回复 2# 的帖子
CPU:1核内存:1GB
系统盘:50GB
国际带宽:2mbps独享
回复 3# 的帖子
该域名的虚拟主机配置文件不是vps配置
页:
[1]