lyman 发表于 2018-4-11 08:57:23

Let'sEncrypt 免费SSL证书不能自动更新,手动也不成功

到期后没有自动更新ssl证书,然后我手动运行wget -O - http://soft.vpser.net/lnmp/ext/fix_renewssl.sh|bash后,报错如下,请问军哥如何解决:
2018-04-11 08:52:08 (147 MB/s) - written to stdout

Remove Let's encrypt crontab renew rule...
Update Let's encrypt crontab renew rule...
OK.
Try to run certbot renew script...
Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/wx.baiyousem.com.conf
-------------------------------------------------------------------------------
Cert not yet due for renewal

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/www.baiyousem.com.conf
-------------------------------------------------------------------------------
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for www.baiyousem.com
http-01 challenge for baiyousem.com
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (www.baiyousem.com) from /etc/letsencrypt/renewal/www.baiyousem.com.conf produced an unexpected error: Failed authorization procedure. baiyousem.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://baiyousem.com/.well-known/acme-challenge/zK9z23UOIl7Z6vrNB-lUafrhMrtRBfPayzs-xZx21Kw: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>", www.baiyousem.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.baiyousem.com/.well-known/acme-challenge/z0i_MCA8aZ1k6rtbAtoGGrfwUNXy4zOjGKPRX1Hgmhw: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>". Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/www.baiyousem.com/fullchain.pem (failure)

-------------------------------------------------------------------------------

The following certs are not due for renewal yet:
/etc/letsencrypt/live/wx.baiyousem.com/fullchain.pem expires on 2018-05-22 (skipped)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/www.baiyousem.com/fullchain.pem (failure)
-------------------------------------------------------------------------------
1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:
- The following errors were reported by the server:

   Domain: baiyousem.com
   Type:   unauthorized
   Detail: Invalid response from
   http://baiyousem.com/.well-known/acme-challenge/zK9z23UOIl7Z6vrNB-lUafrhMrtRBfPayzs-xZx21Kw:
   "<html>
   <head><title>404 Not Found</title></head>
   <body bgcolor="white">
   <center><h1>404 Not Found</h1></center>
   <hr><center>"

   Domain: www.baiyousem.com
   Type:   unauthorized
   Detail: Invalid response from
   http://www.baiyousem.com/.well-known/acme-challenge/z0i_MCA8aZ1k6rtbAtoGGrfwUNXy4zOjGKPRX1Hgmhw:
   "<html>
   <head><title>404 Not Found</title></head>
   <body bgcolor="white">
   <center><h1>404 Not Found</h1></center>
   <hr><center>"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

licess 发表于 2018-4-11 09:20:03

回复 1# 的帖子

有可能目录权限有问题,要看完整日志才能确定

建议升级到1.5,重新迁移生成新的证书,https://lnmp.org/notice/lnmp-v1-5-beta.html#upgrade
页: [1]
查看完整版本: Let'sEncrypt 免费SSL证书不能自动更新,手动也不成功