Let'sEncrypt更新失败
按军哥的方法:wget -O - http://soft.vpser.net/lnmp/ext/fix_renewssl.sh|bash报错:2018-01-09 16:34:42 (91.7 MB/s) - written to stdout
Remove Let's encrypt crontab renew rule...
Update Let's encrypt crontab renew rule...
OK.
Try to run certbot renew script...
/opt/eff.org/certbot/venv/lib/python2.6/site-packages/cryptography/__init__.py:26: DeprecationWarning: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of cryptography will drop support for Python 2.6
DeprecationWarning
Saving debug log to /var/log/letsencrypt/letsencrypt.log
-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/wx.baiyousem.com.conf
-------------------------------------------------------------------------------
Cert not yet due for renewal
-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/www.baiyousem.com.conf
-------------------------------------------------------------------------------
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
/opt/eff.org/certbot/venv/lib/python2.6/site-packages/acme/jose/jwa.py:110: DeprecationWarning: signer and verifier have been deprecated. Please use sign and verify instead.
signer = key.signer(self.padding, self.hash)
Performing the following challenges:
http-01 challenge for www.baiyousem.com
http-01 challenge for baiyousem.com
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (www.baiyousem.com) from /etc/letsencrypt/renewal/www.baiyousem.com.conf produced an unexpected error: Failed authorization procedure. baiyousem.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: DNS problem: SERVFAIL looking up A for baiyousem.com, www.baiyousem.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: DNS problem: SERVFAIL looking up CAA for www.baiyousem.com. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/www.baiyousem.com/fullchain.pem (failure)
-------------------------------------------------------------------------------
The following certs are not due for renewal yet:
/etc/letsencrypt/live/wx.baiyousem.com/fullchain.pem (skipped)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/www.baiyousem.com/fullchain.pem (failure)
-------------------------------------------------------------------------------
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: baiyousem.com
Type: connection
Detail: DNS problem: SERVFAIL looking up A for baiyousem.com
Domain: www.baiyousem.com
Type: connection
Detail: DNS problem: SERVFAIL looking up CAA for www.baiyousem.com
回复 1# 的帖子
To fix these errors, please make sure that your domain name wasentered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided. 执行:cd /tmp && wget http://soft.vpser.net/lnmp/lnmp1.4.tar.gz -O lnmp1.4.tar.gz && tar zxf lnmp1.4.tar.gz && cd lnmp1.4 && ./upgrade1.x-1.4.sh
报如下信息:
--2018-01-09 16:42:28--http://soft.vpser.net/lnmp/lnmp1.4.tar.gz
Resolving soft.vpser.net... 117.34.112.38, 2600:3c01::f03c:91ff:fe92:1a06
Connecting to soft.vpser.net|117.34.112.38|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 136983 (134K)
Saving to: “lnmp1.4.tar.gz”
100%[====================================================================>] 136,983 --.-K/s in 0.1s
2018-01-09 16:42:28 (904 KB/s) - “lnmp1.4.tar.gz” saved
+--------------------------------------------------+
|A tool to upgrade lnmp manager from 1.x to 1.4|
+--------------------------------------------------+
|For more information please visit https://lnmp.org|
+--------------------------------------------------+
upgrade lnmp manager complete.
这个是不是代表更新成功了。 打开域名报如下错误:
您的时钟快了您计算机的日期和时间(2018年1月9日星期二 下午4:47:48)不正确,因此无法与www.baiyousem.com 建立私密连接。
NET::ERR_CERT_DATE_INVALID
/bin/certbot renew --disable-hook-validation --renew-hook "/etc/init.d/nginx reload"
执行后不能正常 更新还是报如下错误:
Attempting to renew cert (www.baiyousem.com) from /etc/letsencrypt/renewal/www.baiyousem.com.conf produced an unexpected error: Failed authorization procedure. baiyousem.com (http-01): urn:acme:error:unknownHost :: The server could not resolve a domain name :: No valid IP addresses found for baiyousem.com. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/www.baiyousem.com/fullchain.pem (failure) No valid IP addresses found for baiyousem.com. Skipping.
ip都解析不出来肯定无法正常续期的
回复 6# 的帖子
Attempting to renew cert (www.baiyousem.com) from /etc/letsencrypt/renewal/www.baiyousem.com.conf produced an unexpected error: Failed authorization procedure. baiyousem.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: DNS problem: SERVFAIL looking up A for baiyousem.com. Skipping.All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/www.baiyousem.com/fullchain.pem (failure)
现在报的是这个错,我用的是爱名网自带的DNS,.是不是DNS的问题....
两个域名,你不带www的域名解析不出ip来,估计没做解析吧
页:
[1]