军哥12月份安装的LNMP1.4 SSL不能正常续期
root@VM-0-11-debian:~# certbot renew --dry-runSaving debug log to /var/log/letsencrypt/letsencrypt.log
-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/ssssss.org.conf
-------------------------------------------------------------------------------
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for ssssss.org
http-01 challenge for www.ssssss.org
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (ssssss.org) from /etc/letsencrypt/renewal/ssssss.org.conf produced an unexpected error: Failed authorization procedure. www.ssssss.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.ssssss.org/.well-known/acme-challenge/OI2strPy4WxjsjI-FuisIOVlZDYZypHQOwVkzQOXoRk: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>", ssssss.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://ssssss.org/.well-known/acme-challenge/sPgrT-5s791Zbx9RIUemcHm3VdWmcrLRle1Ubf2qR_M: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>". Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/ssssss.org/fullchain.pem (failure)
-------------------------------------------------------------------------------
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/ssssss.org/fullchain.pem (failure)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)
-------------------------------------------------------------------------------
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: www.ssssss.org
Type: unauthorized
Detail: Invalid response from
http://www.ssssss.org/.well-known/acme-challenge/OI2strPy4WxjsjI-FuisIOVlZDYZypHQOwVkzQOXoRk:
"<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"
Domain: ssssss.org
Type: unauthorized
Detail: Invalid response from
http://ssssss.org/.well-known/acme-challenge/sPgrT-5s791Zbx9RIUemcHm3VdWmcrLRle1Ubf2qR_M:
"<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. 按第二行提示发一下提示的日志文件
仅按这个错误提示文件不存在,可能更改过目录或者解析不对
回复 2# 的帖子
2018-03-03 15:59:13,611:DEBUG:certbot.main:certbot version: 0.21.12018-03-03 15:59:13,611:DEBUG:certbot.main:Arguments: ['--dry-run']
2018-03-03 15:59:13,611:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2018-03-03 15:59:13,623:DEBUG:certbot.log:Root logging level set at 20
2018-03-03 15:59:13,623:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-03-03 15:59:13,656:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2018-03-11 17:58:22 UTC.
2018-03-03 15:59:13,656:INFO:certbot.renewal:Cert is due for renewal, auto-renewing...
2018-03-03 15:59:13,674:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2018-03-03 15:59:13,677:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7f4ee75f2f10>
Prep: True
2018-03-03 15:59:13,678:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7f4ee75f2f10> and installer None
2018-03-03 15:59:13,678:INFO:certbot.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2018-03-03 15:59:13,680:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(status=u'valid', contact=(), agreement=u'https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf', key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7f4ee75f2790>)>)), uri=u'https://acme-staging.api.letsencrypt.org/acme/reg/5681527', new_authzr_uri=u'https://acme-staging.api.letsencrypt.org/acme/new-authz', terms_of_service=u'https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'), 755d45382dca9e76cff5c006412d38d6, Meta(creation_host=u'localhost.localdomain', creation_dt=datetime.datetime(2018, 3, 3, 14, 33, 25, tzinfo=<UTC>)))>
2018-03-03 15:59:13,681:DEBUG:acme.client:Sending GET request to https://acme-staging.api.letsencrypt.org/directory.
2018-03-03 15:59:13,685:DEBUG:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-staging.api.letsencrypt.org
2018-03-03 15:59:14,917:DEBUG:requests.packages.urllib3.connectionpool:https://acme-staging.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 582
2018-03-03 15:59:14,918:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 582
Replay-Nonce: h36kzl7-LGJ5GioLK64QPizo9FuVks20zqzeD7xxBYg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sat, 03 Mar 2018 15:59:14 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 03 Mar 2018 15:59:14 GMT
Connection: keep-alive
{
"RvO7kcP4SzM": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"key-change": "https://acme-staging.api.letsencrypt.org/acme/key-change",
"meta": {
"terms-of-service": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf"
},
"new-authz": "https://acme-staging.api.letsencrypt.org/acme/new-authz",
"new-cert": "https://acme-staging.api.letsencrypt.org/acme/new-cert",
"new-reg": "https://acme-staging.api.letsencrypt.org/acme/new-reg",
"revoke-cert": "https://acme-staging.api.letsencrypt.org/acme/revoke-cert"
}
2018-03-03 15:59:14,919:INFO:certbot.main:Renewing an existing certificate
2018-03-03 15:59:14,920:DEBUG:acme.client:Requesting fresh nonce
2018-03-03 15:59:14,920:DEBUG:acme.client:Sending HEAD request to https://acme-staging.api.letsencrypt.org/acme/new-authz.
2018-03-03 15:59:15,296:DEBUG:requests.packages.urllib3.connectionpool:https://acme-staging.api.letsencrypt.org:443 "HEAD /acme/new-authz HTTP/1.1" 405 0
2018-03-03 15:59:15,297:DEBUG:acme.client:Received response:
HTTP 405
Server: nginx
Content-Type: application/problem+json
Content-Length: 91
Allow: POST
Replay-Nonce: uCqhymg9BzSPadHhiDMCc4Yle0zo98QZ_8FRVEfEzHg
Expires: Sat, 03 Mar 2018 15:59:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 03 Mar 2018 15:59:15 GMT
Connection: keep-alive
2018-03-03 15:59:15,297:DEBUG:acme.client:Storing nonce: uCqhymg9BzSPadHhiDMCc4Yle0zo98QZ_8FRVEfEzHg
2018-03-03 15:59:15,297:DEBUG:acme.client:JWS payload:
{
"identifier": {
"type": "dns",
"value": "ssssss.org"
},
"resource": "new-authz"
}
2018-03-03 15:59:15,300:DEBUG:acme.client:Sending POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz:
{
"protected": "eyJub25jZSI6ICJ1Q3FoeW1nOUJ6U1BhZEhoaURNQ2M0WWxlMHpvOThRWl84RlJWRWZFekhnIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAieDl6WjZqZzF3RWxxMW9JNmdXNU5KTmVZLV9KSWIzRzVqUThGdGl6TW5mSzRwX1Rndkg5eEpmTTB4aWo3aUZaNmd5T2N2UFZwV1lnQlpQZml6T1ZOR2syYUU0X1QtVEtHdzJJZVNPNEVSa0d2X18zOVlnYkpLMFNNb0dFS09SMENlaWQ4b0lOOFpaZ0FkVnJFeGZ1bGw2T09JT19uNEJUVGI2cXZHY3lrT1BpWjMzYkNWVmFjdm13Tlk1NjFjdklpUG56WmMteldUR000U19kUDgyaUZKRGZQZ0hfWXhQM2tjQnFNLURtaWNCblpOU0NKNHJGNnhKclhJSm9HZVZSVVM5UlhUdDJWT2o1Ul9ERFIxbVVxdWM1bVlIYjZwbWd3eHpIOVRvYUFVMTB6SGhxbUFvWDhrWHd2UlU3dXMwVlhhdXByaXVjbmNoU3ZaNlBPQ1JUNXVRIn19",
"payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAic2t5aW5nLm9yZyIKICB9LCAKICAicmVzb3VyY2UiOiAibmV3LWF1dGh6Igp9",
"signature": "pBvDhdJkadYCjmVwNJTIwtRZ5elDj1bWH5bTBF8ktobVOG4t5d_IeNwz9XN7JP2EXm6IomxSkRwE_Pc1JDqYAPrupH33ClAf67KtSdtwigFRTLze1ke3WAqNOoPHSQDWp1gSTgqk3Uh38L2iumd5-NWewTr7WvpjyHxXLvYsZdOpDj3MaYwHxjTQhiYhCkf145IiFk-6XdfPXpa407NgnnjeDzAE-6ca-n9XT7I_Vo4hY9xbqTSXzNUZJM6585XBMUPP2CzIdpKwUVRYz8kCoiZQptsVi9Kkrrvgt3muq9vDKAqGAgGM5z4KofJ6d7WgUGFRPQVlxcjLfo7rwWqbIg"
}
2018-03-03 15:59:16,111:DEBUG:requests.packages.urllib3.connectionpool:https://acme-staging.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 731
2018-03-03 15:59:16,112:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 731
Boulder-Requester: 5681527
Link: <https://acme-staging.api.letsencrypt.org/acme/new-cert>;rel="next"
Location: https://acme-staging.api.letsencrypt.org/acme/authz/Fnpk4FpV_uHyLLaQxlTiXfRFxSbKzHYPQ8s9rnDpLRI
Replay-Nonce: InhupLqNFbgpsfZ3DL-1JCdjlzZl1OWfnj1CVUF-iQ4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sat, 03 Mar 2018 15:59:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 03 Mar 2018 15:59:15 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "ssssss.org"
},
"status": "pending",
"expires": "2018-03-10T15:59:15.461697987Z",
"challenges": [
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/Fnpk4FpV_uHyLLaQxlTiXfRFxSbKzHYPQ8s9rnDpLRI/106266215",
"token": "9GoioOyiyepRhgP9Oaf7-4ElB9CVWJSsriK2GWj7IzM"
},
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/Fnpk4FpV_uHyLLaQxlTiXfRFxSbKzHYPQ8s9rnDpLRI/106266216",
"token": "sPgrT-5s791Zbx9RIUemcHm3VdWmcrLRle1Ubf2qR_M"
}
],
"combinations": [
[
1
],
[
0
]
]
}
2018-03-03 15:59:16,112:DEBUG:acme.client:Storing nonce: InhupLqNFbgpsfZ3DL-1JCdjlzZl1OWfnj1CVUF-iQ4
2018-03-03 15:59:16,113:DEBUG:acme.client:JWS payload: {
"identifier": {
"type": "dns",
"value": "www.ssssss.org"
},
"resource": "new-authz"
}
2018-03-03 15:59:16,115:DEBUG:acme.client:Sending POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz:
{
"protected": "eyJub25jZSI6ICJJbmh1cExxTkZiZ3BzZlozREwtMUpDZGpselpsMU9XZm5qMUNWVUYtaVE0IiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAieDl6WjZqZzF3RWxxMW9JNmdXNU5KTmVZLV9KSWIzRzVqUThGdGl6TW5mSzRwX1Rndkg5eEpmTTB4aWo3aUZaNmd5T2N2UFZwV1lnQlpQZml6T1ZOR2syYUU0X1QtVEtHdzJJZVNPNEVSa0d2X18zOVlnYkpLMFNNb0dFS09SMENlaWQ4b0lOOFpaZ0FkVnJFeGZ1bGw2T09JT19uNEJUVGI2cXZHY3lrT1BpWjMzYkNWVmFjdm13Tlk1NjFjdklpUG56WmMteldUR000U19kUDgyaUZKRGZQZ0hfWXhQM2tjQnFNLURtaWNCblpOU0NKNHJGNnhKclhJSm9HZVZSVVM5UlhUdDJWT2o1Ul9ERFIxbVVxdWM1bVlIYjZwbWd3eHpIOVRvYUFVMTB6SGhxbUFvWDhrWHd2UlU3dXMwVlhhdXByaXVjbmNoU3ZaNlBPQ1JUNXVRIn19",
"payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAid3d3LnNreWluZy5vcmciCiAgfSwgCiAgInJlc291cmNlIjogIm5ldy1hdXRoeiIKfQ",
"signature": "xubo2KXqoQlvOrdlr56TyvDbDNFoDgVggK5yXxFvWFr9d-iP123FjltCssg3kBWct9jkVH9ASZqMxQKf7-W2yCeGEyQhtatAvtVnuEThT9Co96Q_w2EXacN42oFbxvUwAD5dzSNxHZnvjQhpsl3Gwi7cbJYtTXPDvAlk_PhSNJfRhoHANvVz56sUmCmWAT-ELYFMMf6XC8wKb4Leka7nSSE02-Mi7pI7fmQtb9XNIakLV4q5rZ8n45obytQxvhlpjLZXhjB0V_SCK2PTzixlXXVc1JQGf41UuohNi8YEXGk1qohU7A3aIjVx8bAsYIHndbZIF2hoyUQsxStN411jxw"
}
2018-03-03 15:59:16,513:DEBUG:requests.packages.urllib3.connectionpool:https://acme-staging.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 735
2018-03-03 15:59:16,514:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 735
Boulder-Requester: 5681527
Link: <https://acme-staging.api.letsencrypt.org/acme/new-cert>;rel="next"
Location: https://acme-staging.api.letsencrypt.org/acme/authz/1CKDAVrqvxsZcRfCrl7W4fBoBVST07CPqSOYSoT8QhY
Replay-Nonce: yWVHpt-bpg0gRYcKRkWLVj9y8PWEANXgcAk4pGReOXk
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sat, 03 Mar 2018 15:59:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 03 Mar 2018 15:59:16 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "www.ssssss.org"
},
"status": "pending",
"expires": "2018-03-10T15:59:16.278365285Z",
"challenges": [
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/1CKDAVrqvxsZcRfCrl7W4fBoBVST07CPqSOYSoT8QhY/106266225",
"token": "xydyLJAjTLew8M68TDvl1YLYQGzW87TiUPRw5yfMPtE"
},
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/1CKDAVrqvxsZcRfCrl7W4fBoBVST07CPqSOYSoT8QhY/106266226",
"token": "OI2strPy4WxjsjI-FuisIOVlZDYZypHQOwVkzQOXoRk"
}
],
"combinations": [
[
0
],
[
1
]
]
}
[ 本帖最后由 土豆和白菜 于 2018-3-4 15:42 编辑 ] 2018-03-03 15:59:16,514:DEBUG:acme.client:Storing nonce: yWVHpt-bpg0gRYcKRkWLVj9y8PWEANXgcAk4pGReOXk
2018-03-03 15:59:16,515:INFO:certbot.auth_handler:Performing the following challenges:
2018-03-03 15:59:16,515:INFO:certbot.auth_handler:http-01 challenge for ssssss.org
2018-03-03 15:59:16,515:INFO:certbot.auth_handler:http-01 challenge for www.ssssss.org
2018-03-03 15:59:16,516:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /home/wwwroot/.well-known/acme-challenge
2018-03-03 15:59:16,516:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /home/wwwroot/.well-known/acme-challenge
2018-03-03 15:59:16,520:DEBUG:certbot.plugins.webroot:Attempting to save validation to /home/wwwroot/.well-known/acme-challenge/sPgrT-5s791Zbx9RIUemcHm3VdWmcrLRle1Ubf2qR_M
2018-03-03 15:59:16,522:DEBUG:certbot.plugins.webroot:Attempting to save validation to /home/wwwroot/.well-known/acme-challenge/OI2strPy4WxjsjI-FuisIOVlZDYZypHQOwVkzQOXoRk
2018-03-03 15:59:16,522:INFO:certbot.auth_handler:Waiting for verification...
2018-03-03 15:59:16,522:DEBUG:acme.client:JWS payload:
{
"keyAuthorization": "sPgrT-5s791Zbx9RIUemcHm3VdWmcrLRle1Ubf2qR_M.q1VK3F5NROERQUzXgUMKHjPFOw85HOzQ-teleIPG3os",
"type": "http-01",
"resource": "challenge"
}
2018-03-03 15:59:16,525:DEBUG:acme.client:Sending POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/Fnpk4FpV_uHyLLaQxlTiXfRFxSbKzHYPQ8s9rnDpLRI/106266216:
{
"protected": "eyJub25jZSI6ICJ5V1ZIcHQtYnBnMGdSWWNLUmtXTFZqOXk4UFdFQU5YZ2NBazRwR1JlT1hrIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAieDl6WjZqZzF3RWxxMW9JNmdXNU5KTmVZLV9KSWIzRzVqUThGdGl6TW5mSzRwX1Rndkg5eEpmTTB4aWo3aUZaNmd5T2N2UFZwV1lnQlpQZml6T1ZOR2syYUU0X1QtVEtHdzJJZVNPNEVSa0d2X18zOVlnYkpLMFNNb0dFS09SMENlaWQ4b0lOOFpaZ0FkVnJFeGZ1bGw2T09JT19uNEJUVGI2cXZHY3lrT1BpWjMzYkNWVmFjdm13Tlk1NjFjdklpUG56WmMteldUR000U19kUDgyaUZKRGZQZ0hfWXhQM2tjQnFNLURtaWNCblpOU0NKNHJGNnhKclhJSm9HZVZSVVM5UlhUdDJWT2o1Ul9ERFIxbVVxdWM1bVlIYjZwbWd3eHpIOVRvYUFVMTB6SGhxbUFvWDhrWHd2UlU3dXMwVlhhdXByaXVjbmNoU3ZaNlBPQ1JUNXVRIn19",
"payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogInNQZ3JULTVzNzkxWmJ4OVJJVWVtY0htM1ZkV21jckxSbGUxVWJmMnFSX00ucTFWSzNGNU5ST0VSUVV6WGdVTUtIalBGT3c4NUhPelEtdGVsZUlQRzNvcyIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9",
"signature": "SRv3RozHCuw3jwRzh5mCZWzuGS9VIjviX9hsDsUlOK0HoLVVZAoODUwufZxAjOOGwM9965REfKtc69ht9KWLukKl9H36WVAu_sDttGAGVTrxKYxujhn-wWcdSDYJ7rPbI_-qgm9w7qk0HqLxtqD_D1pA4YP0tJVJ0wVv_5sQcn5GEBsehx6SYgomR3ItOSaYBfbuBCDAF9M8XYUYH9CSJQLwwUmff6dbdQg7glSgvLWZBH_1bfSSQ4ilskqZd7YuyWaC2qUlvYkEwmTX7lgdVgXZV_lXrFLOF9VjyWXEAtR_n7Cv4jjVZWZqA0SCmr4kctpee3leSNxuvrf8IJctbg"
}
2018-03-03 15:59:16,940:DEBUG:requests.packages.urllib3.connectionpool:https://acme-staging.api.letsencrypt.org:443 "POST /acme/challenge/Fnpk4FpV_uHyLLaQxlTiXfRFxSbKzHYPQ8s9rnDpLRI/106266216 HTTP/1.1" 202 339
2018-03-03 15:59:16,940:DEBUG:acme.client:Received response:
HTTP 202
Server: nginx
Content-Type: application/json
Content-Length: 339
Boulder-Requester: 5681527
Link: <https://acme-staging.api.letsencrypt.org/acme/authz/Fnpk4FpV_uHyLLaQxlTiXfRFxSbKzHYPQ8s9rnDpLRI>;rel="up"
Location: https://acme-staging.api.letsencrypt.org/acme/challenge/Fnpk4FpV_uHyLLaQxlTiXfRFxSbKzHYPQ8s9rnDpLRI/106266216
Replay-Nonce: GGSY2JUKe89LlrX8KRN7JZg3L8-AcIyuounhOvUPeeY
Expires: Sat, 03 Mar 2018 15:59:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 03 Mar 2018 15:59:16 GMT
Connection: keep-alive
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/Fnpk4FpV_uHyLLaQxlTiXfRFxSbKzHYPQ8s9rnDpLRI/106266216",
"token": "sPgrT-5s791Zbx9RIUemcHm3VdWmcrLRle1Ubf2qR_M",
"keyAuthorization": "sPgrT-5s791Zbx9RIUemcHm3VdWmcrLRle1Ubf2qR_M.q1VK3F5NROERQUzXgUMKHjPFOw85HOzQ-teleIPG3os"
}
2018-03-03 15:59:16,940:DEBUG:acme.client:Storing nonce: GGSY2JUKe89LlrX8KRN7JZg3L8-AcIyuounhOvUPeeY
2018-03-03 15:59:16,941:DEBUG:acme.client:JWS payload:
{
"keyAuthorization": "OI2strPy4WxjsjI-FuisIOVlZDYZypHQOwVkzQOXoRk.q1VK3F5NROERQUzXgUMKHjPFOw85HOzQ-teleIPG3os",
"type": "http-01",
"resource": "challenge"
}
2018-03-03 15:59:16,943:DEBUG:acme.client:Sending POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/1CKDAVrqvxsZcRfCrl7W4fBoBVST07CPqSOYSoT8QhY/106266226:
{
"protected": "eyJub25jZSI6ICJHR1NZMkpVS2U4OUxsclg4S1JON0paZzNMOC1BY0l5dW91bmhPdlVQZWVZIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAieDl6WjZqZzF3RWxxMW9JNmdXNU5KTmVZLV9KSWIzRzVqUThGdGl6TW5mSzRwX1Rndkg5eEpmTTB4aWo3aUZaNmd5T2N2UFZwV1lnQlpQZml6T1ZOR2syYUU0X1QtVEtHdzJJZVNPNEVSa0d2X18zOVlnYkpLMFNNb0dFS09SMENlaWQ4b0lOOFpaZ0FkVnJFeGZ1bGw2T09JT19uNEJUVGI2cXZHY3lrT1BpWjMzYkNWVmFjdm13Tlk1NjFjdklpUG56WmMteldUR000U19kUDgyaUZKRGZQZ0hfWXhQM2tjQnFNLURtaWNCblpOU0NKNHJGNnhKclhJSm9HZVZSVVM5UlhUdDJWT2o1Ul9ERFIxbVVxdWM1bVlIYjZwbWd3eHpIOVRvYUFVMTB6SGhxbUFvWDhrWHd2UlU3dXMwVlhhdXByaXVjbmNoU3ZaNlBPQ1JUNXVRIn19",
"payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIk9JMnN0clB5NFd4anNqSS1GdWlzSU9WbFpEWVp5cEhRT3dWa3pRT1hvUmsucTFWSzNGNU5ST0VSUVV6WGdVTUtIalBGT3c4NUhPelEtdGVsZUlQRzNvcyIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9",
"signature": "xm5UB7HTvE9idMCgzpUBF4D3j-P328ev5o_eHlRgVjfM27cZskRlBTNVVNt5kO2ENrkLUWHqjVEiRuaSIh6xvB4SJKnRdZUbRhBBT9k5ntz8NuSnnr99BBN_DveRTGf9XsYnLDaXgzZfP5hdoTtFAhoYcyu3DXS3Zdmyah3x51RNbj0FlcfPNmQpPPc9xDeldd1s0HOfj3gUT1C5p8VgiyCh6R8Kd8P8RAN3iZi_SDgOlam_ckX1wUbj_Dekr5J6imV1ghx7zcnZw3kfx-cOolTQenZI-l_nI5uMK147d6VAcyAgzYj7vV1KKlIz1527tHHCq_gCSDV9EvPU1m8zGw"
}
2018-03-03 15:59:17,351:DEBUG:requests.packages.urllib3.connectionpool:https://acme-staging.api.letsencrypt.org:443 "POST /acme/challenge/1CKDAVrqvxsZcRfCrl7W4fBoBVST07CPqSOYSoT8QhY/106266226 HTTP/1.1" 202 339
2018-03-03 15:59:17,352:DEBUG:acme.client:Received response:
HTTP 202
Server: nginx
Content-Type: application/json
Content-Length: 339
Boulder-Requester: 5681527
Link: <https://acme-staging.api.letsencrypt.org/acme/authz/1CKDAVrqvxsZcRfCrl7W4fBoBVST07CPqSOYSoT8QhY>;rel="up"
Location: https://acme-staging.api.letsencrypt.org/acme/challenge/1CKDAVrqvxsZcRfCrl7W4fBoBVST07CPqSOYSoT8QhY/106266226
Replay-Nonce: vZPBktAZ-oox85NiPI2c_VzpiZ9yFR2v_0NFAz2XcHY
Expires: Sat, 03 Mar 2018 15:59:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 03 Mar 2018 15:59:17 GMT
Connection: keep-alive
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/1CKDAVrqvxsZcRfCrl7W4fBoBVST07CPqSOYSoT8QhY/106266226",
"token": "OI2strPy4WxjsjI-FuisIOVlZDYZypHQOwVkzQOXoRk",
"keyAuthorization": "OI2strPy4WxjsjI-FuisIOVlZDYZypHQOwVkzQOXoRk.q1VK3F5NROERQUzXgUMKHjPFOw85HOzQ-teleIPG3os"
}
2018-03-03 15:59:17,352:DEBUG:acme.client:Storing nonce: vZPBktAZ-oox85NiPI2c_VzpiZ9yFR2v_0NFAz2XcHY
2018-03-03 15:59:20,355:DEBUG:acme.client:Sending GET request to https://acme-staging.api.letsencrypt.org/acme/authz/1CKDAVrqvxsZcRfCrl7W4fBoBVST07CPqSOYSoT8QhY.
2018-03-03 15:59:20,748:DEBUG:requests.packages.urllib3.connectionpool:https://acme-staging.api.letsencrypt.org:443 "GET /acme/authz/1CKDAVrqvxsZcRfCrl7W4fBoBVST07CPqSOYSoT8QhY HTTP/1.1" 200 1690
2018-03-03 15:59:20,749:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1690
Link: <https://acme-staging.api.letsencrypt.org/acme/new-cert>;rel="next"
Replay-Nonce: dvNc3m_70AeWI7z4-M3GafCRmL1flMos-gZ5xPJo6vA
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sat, 03 Mar 2018 15:59:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 03 Mar 2018 15:59:20 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "www.ssssss.org"
},
"status": "invalid",
"expires": "2018-03-10T15:59:16Z",
"challenges": [
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/1CKDAVrqvxsZcRfCrl7W4fBoBVST07CPqSOYSoT8QhY/106266225",
"token": "xydyLJAjTLew8M68TDvl1YLYQGzW87TiUPRw5yfMPtE"
},
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:acme:error:unauthorized",
"detail": "Invalid response from http://www.ssssss.org/.well-known/acme-challenge/OI2strPy4WxjsjI-FuisIOVlZDYZypHQOwVkzQOXoRk: \"\u003chtml\u003e\r\n\u003chead\u003e\u003ctitle\u003e404 Not Found\u003c/title\u003e\u003c/head\u003e\r\n\u003cbody bgcolor=\"white\"\u003e\r\n\u003ccenter\u003e\u003ch1\u003e404 Not Found\u003c/h1\u003e\u003c/center\u003e\r\n\u003chr\u003e\u003ccenter\u003e\"",
"status": 403
},
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/1CKDAVrqvxsZcRfCrl7W4fBoBVST07CPqSOYSoT8QhY/106266226",
"token": "OI2strPy4WxjsjI-FuisIOVlZDYZypHQOwVkzQOXoRk",
"keyAuthorization": "OI2strPy4WxjsjI-FuisIOVlZDYZypHQOwVkzQOXoRk.q1VK3F5NROERQUzXgUMKHjPFOw85HOzQ-teleIPG3os",
"validationRecord": [
{
"url": "http://www.ssssss.org/.well-known/acme-challenge/OI2strPy4WxjsjI-FuisIOVlZDYZypHQOwVkzQOXoRk",
"hostname": "www.ssssss.org",
"port": "80",
"addressesResolved": [
"111.230.185.144"
],
"addressUsed": "111.230.185.144"
}
]
}
],
"combinations": [
[
0
],
[
1
]
]
}
2018-03-03 15:59:20,750:DEBUG:acme.client:Sending GET request to https://acme-staging.api.letsencrypt.org/acme/authz/Fnpk4FpV_uHyLLaQxlTiXfRFxSbKzHYPQ8s9rnDpLRI.
2018-03-03 15:59:21,133:DEBUG:requests.packages.urllib3.connectionpool:https://acme-staging.api.letsencrypt.org:443 "GET /acme/authz/Fnpk4FpV_uHyLLaQxlTiXfRFxSbKzHYPQ8s9rnDpLRI HTTP/1.1" 200 1674
2018-03-03 15:59:21,134:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1674
Link: <https://acme-staging.api.letsencrypt.org/acme/new-cert>;rel="next"
Replay-Nonce: Cw50EFahoeoXLhcNFVdjYkY5LuEntp_fwnJh76eQZK0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sat, 03 Mar 2018 15:59:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 03 Mar 2018 15:59:21 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "ssssss.org"
},
"status": "invalid",
"expires": "2018-03-10T15:59:15Z",
"challenges": [
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/Fnpk4FpV_uHyLLaQxlTiXfRFxSbKzHYPQ8s9rnDpLRI/106266215",
"token": "9GoioOyiyepRhgP9Oaf7-4ElB9CVWJSsriK2GWj7IzM"
},
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:acme:error:unauthorized",
"detail": "Invalid response from http://ssssss.org/.well-known/acme-challenge/sPgrT-5s791Zbx9RIUemcHm3VdWmcrLRle1Ubf2qR_M: \"\u003chtml\u003e\r\n\u003chead\u003e\u003ctitle\u003e404 Not Found\u003c/title\u003e\u003c/head\u003e\r\n\u003cbody bgcolor=\"white\"\u003e\r\n\u003ccenter\u003e\u003ch1\u003e404 Not Found\u003c/h1\u003e\u003c/center\u003e\r\n\u003chr\u003e\u003ccenter\u003e\"",
"status": 403
},
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/Fnpk4FpV_uHyLLaQxlTiXfRFxSbKzHYPQ8s9rnDpLRI/106266216",
"token": "sPgrT-5s791Zbx9RIUemcHm3VdWmcrLRle1Ubf2qR_M",
"keyAuthorization": "sPgrT-5s791Zbx9RIUemcHm3VdWmcrLRle1Ubf2qR_M.q1VK3F5NROERQUzXgUMKHjPFOw85HOzQ-teleIPG3os",
"validationRecord": [
{
"url": "http://ssssss.org/.well-known/acme-challenge/sPgrT-5s791Zbx9RIUemcHm3VdWmcrLRle1Ubf2qR_M",
"hostname": "ssssss.org",
"port": "80",
"addressesResolved": [
"111.230.185.144"
],
"addressUsed": "111.230.185.144"
}
]
}
],
"combinations": [
[
1
],
[
0
]
]
}
2018-03-03 15:59:21,135:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
Domain: www.ssssss.org
Type: unauthorized
Detail: Invalid response from http://www.ssssss.org/.well-known/acme-challenge/OI2strPy4WxjsjI-FuisIOVlZDYZypHQOwVkzQOXoRk: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"
Domain: ssssss.org
Type: unauthorized
Detail: Invalid response from http://ssssss.org/.well-known/acme-challenge/sPgrT-5s791Zbx9RIUemcHm3VdWmcrLRle1Ubf2qR_M: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
2018-03-03 15:59:21,135:INFO:certbot.auth_handler:Cleaning up challenges
2018-03-03 15:59:21,135:DEBUG:certbot.plugins.webroot:Removing /home/wwwroot/.well-known/acme-challenge/sPgrT-5s791Zbx9RIUemcHm3VdWmcrLRle1Ubf2qR_M
2018-03-03 15:59:21,135:DEBUG:certbot.plugins.webroot:Removing /home/wwwroot/.well-known/acme-challenge/OI2strPy4WxjsjI-FuisIOVlZDYZypHQOwVkzQOXoRk
2018-03-03 15:59:21,135:DEBUG:certbot.plugins.webroot:All challenges cleaned up, removing /home/wwwroot/.well-known/acme-challenge
2018-03-03 15:59:21,136:WARNING:certbot.renewal:Attempting to renew cert (ssssss.org) from /etc/letsencrypt/renewal/ssssss.org.conf produced an unexpected error: Failed authorization procedure. www.ssssss.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.ssssss.org/.well-known/acme-challenge/OI2strPy4WxjsjI-FuisIOVlZDYZypHQOwVkzQOXoRk: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>", ssssss.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://ssssss.org/.well-known/acme-challenge/sPgrT-5s791Zbx9RIUemcHm3VdWmcrLRle1Ubf2qR_M: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>". Skipping.
2018-03-03 15:59:21,137:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/renewal.py", line 425, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 1065, in renew_cert
_get_and_save_cert(le_client, config, lineage=lineage)
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 113, in _get_and_save_cert
renewal.renew_cert(config, domains, le_client, lineage)
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/renewal.py", line 297, in renew_cert
new_certr, new_chain, new_key, _ = le_client.obtain_certificate(domains)
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/client.py", line 318, in obtain_certificate
self.config.allow_subset_of_names)
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 81, in get_authorizations
self._respond(resp, best_effort)
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 138, in _respond
self._poll_challenges(chall_update, best_effort)
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 202, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. www.ssssss.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.ssssss.org/.well-known/acme-challenge/OI2strPy4WxjsjI-FuisIOVlZDYZypHQOwVkzQOXoRk: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>", ssssss.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://ssssss.org/.well-known/acme-challenge/sPgrT-5s791Zbx9RIUemcHm3VdWmcrLRle1Ubf2qR_M: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"
2018-03-03 15:59:21,137:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2018-03-03 15:59:21,137:ERROR:certbot.renewal:/etc/letsencrypt/live/ssssss.org/fullchain.pem (failure)
2018-03-03 15:59:21,138:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 11, in <module>
sys.exit(main())
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 1240, in main
return config.func(config, plugins)
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 1142, in renew
renewal.handle_renewal_request(config)
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/renewal.py", line 443, in handle_renewal_request
len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 0 parse failure(s) 检查你该域名配置文件里的网站目录和添加ssl时是否一样,按certbot日志你网站目录设置的是/home/wwwroot/
回复 8# 的帖子
root@VM-0-11-debian:~# wget -O - http://soft.vpser.net/lnmp/ext/fix_renewssl.sh|bash--2018-03-05 18:22:47--http://soft.vpser.net/lnmp/ext/fix_renewssl.sh
Resolving soft.vpser.net (soft.vpser.net)... 112.85.42.39
Connecting to soft.vpser.net (soft.vpser.net)|112.85.42.39|:80... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: http://202.115.33.13/soft/lnmp/ext/fix_renewssl.sh
--2018-03-05 18:22:47--http://202.115.33.13/soft/lnmp/ext/fix_renewssl.sh
Connecting to 202.115.33.13:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1410 (1.4K)
Saving to: ‘STDOUT’
- 100%[=========================>] 1.38K--.-KB/s in 0s
2018-03-05 18:22:47 (231 MB/s) - written to stdout
Remove Let's encrypt crontab renew rule...
Update Let's encrypt crontab renew rule...
OK.
Try to run certbot renew script...
Saving debug log to /var/log/letsencrypt/letsencrypt.log
-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/ssssss.org.conf
-------------------------------------------------------------------------------
Cert not yet due for renewal
-------------------------------------------------------------------------------
The following certs are not due for renewal yet:
/etc/letsencrypt/live/ssssss.org/fullchain.pem (skipped)
No renewals were attempted.
No hooks were run.
-------------------------------------------------------------------------------
root@VM-0-11-debian:~# cat /var/log/letsencrypt/letsencrypt.log
2018-03-05 10:22:53,761:DEBUG:certbot.main:certbot version: 0.21.1
2018-03-05 10:22:53,761:DEBUG:certbot.main:Arguments: ['--disable-hook-validation', '--renew-hook', '/etc/init.d/nginx reload']
2018-03-05 10:22:53,761:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2018-03-05 10:22:53,774:DEBUG:certbot.log:Root logging level set at 20
2018-03-05 10:22:53,775:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-03-05 10:22:53,813:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7f96c9804dd0> and installer <certbot.cli._Default object at 0x7f96c9804dd0>
2018-03-05 10:22:53,813:DEBUG:certbot.cli:Default Detector is Namespace(account=<certbot.cli._Default object at 0x7f96c97da290>, agree_dev_preview=None, allow_subset_of_names=<certbot.cli._Default object at 0x7f96c9844d10>, apache=<certbot.cli._Default object at 0x7f96c98047d0>, apache_challenge_location=<certbot.cli._Default object at 0x7f96c978e3d0>, apache_ctl=<certbot.cli._Default object at 0x7f96c978e7d0>, apache_dismod=<certbot.cli._Default object at 0x7f96c984bd50>, apache_enmod=<certbot.cli._Default object at 0x7f96c9832850>, apache_handle_modules=<certbot.cli._Default object at 0x7f96c978e550>, apache_handle_sites=<certbot.cli._Default object at 0x7f96c978e6d0>, apache_init_script=<certbot.cli._Default object at 0x7f96c978e910>, apache_le_vhost_ext=<certbot.cli._Default object at 0x7f96c984b650>, apache_logs_root=<certbot.cli._Default object at 0x7f96c978e210>, apache_server_root=<certbot.cli._Default object at 0x7f96c984b210>, apache_vhost_root=<certbot.cli._Default object at 0x7f96c984bfd0>, authenticator=<certbot.cli._Default object at 0x7f96c9804dd0>, break_my_certs=<certbot.cli._Default object at 0x7f96c9804350>, cert_path=<certbot.cli._Default object at 0x7f96c9808d90>, certname=<certbot.cli._Default object at 0x7f96c984bc90>, chain_path=<certbot.cli._Default object at 0x7f96c9808790>, checkpoints=<certbot.cli._Default object at 0x7f96c9808f10>, config_dir=<certbot.cli._Default object at 0x7f96c9808610>, config_file=None, configurator=<certbot.cli._Default object at 0x7f96c9804dd0>, csr=<certbot.cli._Default object at 0x7f96c9808b10>, debug=<certbot.cli._Default object at 0x7f96c97dac10>, debug_challenges=<certbot.cli._Default object at 0x7f96c97dad10>, delete_after_revoke=<certbot.cli._Default object at 0x7f96c9808d10>, deploy_hook=<certbot.cli._Default object at 0x7f96c9808390>, dialog=None, directory_hooks=<certbot.cli._Default object at 0x7f96c9808590>, dns_cloudflare=<certbot.cli._Default object at 0x7f96c97dad90>, dns_cloudxns=<certbot.cli._Default object at 0x7f96c97dab90>, dns_digitalocean=<certbot.cli._Default object at 0x7f96c97da990>, dns_dnsimple=<certbot.cli._Default object at 0x7f96c97da7d0>, dns_dnsmadeeasy=<certbot.cli._Default object at 0x7f96c97da1d0>, dns_google=<certbot.cli._Default object at 0x7f96c97da6d0>, dns_luadns=<certbot.cli._Default object at 0x7f96c9844a50>, dns_nsone=<certbot.cli._Default object at 0x7f96c9844750>, dns_rfc2136=<certbot.cli._Default object at 0x7f96c9844290>, dns_route53=<certbot.cli._Default object at 0x7f96c9832dd0>, domains=<certbot.cli._Default object at 0x7f96c984ba50>, dry_run=<certbot.cli._Default object at 0x7f96c9832510>, duplicate=<certbot.cli._Default object at 0x7f96c97da110>, eff_email=<certbot.cli._Default object at 0x7f96c9832e50>, email=<certbot.cli._Default object at 0x7f96c9832c10>, expand=<certbot.cli._Default object at 0x7f96c9844590>, force_interactive=<certbot.cli._Default object at 0x7f96c984b810>, fullchain_path=<certbot.cli._Default object at 0x7f96c9808990>, func=<function renew at 0x7f96c9a77668>, hsts=<certbot.cli._Default object at 0x7f96c9804850>, http01_address=<certbot.cli._Default object at 0x7f96c9804250>, http01_port=<certbot.cli._Default object at 0x7f96c9804150>, ifaces=<certbot.cli._Default object at 0x7f96c978e250>, init=<certbot.cli._Default object at 0x7f96c978e050>, installer=<certbot.cli._Default object at 0x7f96c9804dd0>, key_path=<certbot.cli._Default object at 0x7f96c9808b90>, logs_dir=<certbot.cli._Default object at 0x7f96c9808210>, manual=<certbot.cli._Default object at 0x7f96c98041d0>, manual_auth_hook=<certbot.cli._Default object at 0x7f96c9832950>, manual_cleanup_hook=<certbot.cli._Default object at 0x7f96c978eb50>, manual_public_ip_logging_ok=<certbot.cli._Default object at 0x7f96c978ec50>, max_log_backups=<certbot.cli._Default object at 0x7f96c984b390>, must_staple=<certbot.cli._Default object at 0x7f96c9804550>, nginx=<certbot.cli._Default object at 0x7f96c98045d0>, nginx_ctl=<certbot.cli._Default object at 0x7f96c978ee90>, nginx_server_root=<certbot.cli._Default object at 0x7f96c978ea10>, no_bootstrap=<certbot.cli._Default object at 0x7f96c97da910>, no_self_upgrade=<certbot.cli._Default object at 0x7f96c97da750>, no_verify_ssl=<certbot.cli._Default object at 0x7f96c97dae10>, noninteractive_mode=<certbot.cli._Default object at 0x7f96c984b5d0>, num=<certbot.cli._Default object at 0x7f96c9808810>, os_packages_only=<certbot.cli._Default object at 0x7f96c97da790>, post_hook=<certbot.cli._Default object at 0x7f96c9808190>, pre_hook=<certbot.cli._Default object at 0x7f96c9808090>, pref_challs=<certbot.cli._Default object at 0x7f96c9804f50>, prepare=<certbot.cli._Default object at 0x7f96c978e150>, quiet=<certbot.cli._Default object at 0x7f96c97daa10>, reason=<certbot.cli._Default object at 0x7f96c9808c10>, redirect=<certbot.cli._Default object at 0x7f96c9804650>, register_unsafely_without_email=<certbot.cli._Default object at 0x7f96c9832790>, reinstall=<certbot.cli._Default object at 0x7f96c9844310>, renew_by_default=<certbot.cli._Default object at 0x7f96c9844890>, renew_hook='/etc/init.d/nginx reload', renew_with_new_domains=<certbot.cli._Default object at 0x7f96c9844ad0>, rsa_key_size=<certbot.cli._Default object at 0x7f96c9804450>, server=<certbot.cli._Default object at 0x7f96c9808050>, staging=<certbot.cli._Default object at 0x7f96c97dab10>, standalone=<certbot.cli._Default object at 0x7f96c98043d0>, standalone_supported_challenges=<certbot.cli._Default object at 0x7f96c978ef90>, staple=<certbot.cli._Default object at 0x7f96c9804c50>, strict_permissions=<certbot.cli._Default object at 0x7f96c9804e50>, text_mode=<certbot.cli._Default object at 0x7f96c984b150>, tls_sni_01_address=<certbot.cli._Default object at 0x7f96c9804050>, tls_sni_01_port=<certbot.cli._Default object at 0x7f96c97daf10>, tos=<certbot.cli._Default object at 0x7f96c97da3d0>, uir=<certbot.cli._Default object at 0x7f96c9804a50>, update_registration=<certbot.cli._Default object at 0x7f96c98329d0>, user_agent=<certbot.cli._Default object at 0x7f96c9808910>, user_agent_comment=<certbot.cli._Default object at 0x7f96c9808a10>, validate_hooks=True, verb='renew', verbose_count=<certbot.cli._Default object at 0x7f96c984bed0>, webroot=<certbot.cli._Default object at 0x7f96c97daf90>, webroot_map=<certbot.cli._Default object at 0x7f96c97901d0>, webroot_path=<certbot.cli._Default object at 0x7f96c978ed90>, work_dir=<certbot.cli._Default object at 0x7f96c9808410>)
2018-03-05 10:22:53,830:INFO:certbot.renewal:Cert not yet due for renewal
2018-03-05 10:22:53,831:DEBUG:certbot.renewal:no renewal failures
root@VM-0-11-debian:~# crontab -l
*/1 * * * * /usr/local/qcloud/stargate/admin/start.sh > /dev/null 2>&1 &
*/20 * * * * /usr/sbin/ntpdate ntpupdate.tencentyun.com >/dev/null &
39 1,13 * * * root /home/ec2-user/certbot-auto renew –no-self-upgrade –debuge
0 3 */7 * * /bin/certbot renew --disable-hook-validation --renew-hook "/etc/init.d/nginx reload"
军哥现在这样有问题么?
crontab规则中倒数第二条有没有必要删掉?现在我看浏览器中该证书有效期还是没有发生变化。
nginx.conf中加入
location / {
rewrite ^(.) https://$host$1 permanent;
}
与SSSSSS.org.conf中加入
if ($scheme = http) {
#return 301 https://$host$request_uri;
}有什么区别么?
军哥辛苦了
回复 9# 的帖子
可能会有影响建议删除不清楚你想具体实现什么,如果要设置301,使用return是最标准的
回复 10# 的帖子
crontab规则已经删除,301也已经按照提示修改,现在不用管他ssl就会自动续期了么?
页:
[1]