创建ssl提示Verify error:"error":{"type":"urn:acme:error:una
Starting create SSL Certificate use Let's Encrypt...Creating domain key
The domain key is here: /usr/local/nginx/conf/ssl/zhsq.XXX.com/zhsq.XXX.com.key
Single domain='zhsq.XXX.com'
Getting domain auth token for each domain
Getting webroot for domain='zhsq.XXX.com'
Getting new-authz for domain='zhsq.XXX.com'
The new-authz request is ok.
Verifying:zhsq.lzcb.com
zhsq.XXX.com:Verify error:"error":{"type":"urn:acme:error:unauthorized","detail":"
Please check log file for more details: /usr/local/acme.sh/acme.sh.log 没完整 /usr/local/acme.sh/acme.sh.log 日志没法分析原因
回复 2# 的帖子
_main_domain='zhsq.lzcb.com'_alt_domains='no'
Using config home:/usr/local/acme.sh
ACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory'
DOMAIN_PATH='/usr/local/nginx/conf/ssl/zhsq.lzcb.com'
Using ACME_DIRECTORY: https://acme-v01.api.letsencrypt.org/directory
_init api for server: https://acme-v01.api.letsencrypt.org/directory
GET
url='https://acme-v01.api.letsencrypt.org/directory'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
ret='0'
ACME_KEY_CHANGE='https://acme-v01.api.letsencrypt.org/acme/key-change'
ACME_NEW_AUTHZ='https://acme-v01.api.letsencrypt.org/acme/new-authz'
ACME_NEW_ORDER='https://acme-v01.api.letsencrypt.org/acme/new-cert'
ACME_NEW_ACCOUNT='https://acme-v01.api.letsencrypt.org/acme/new-reg'
ACME_REVOKE_CERT='https://acme-v01.api.letsencrypt.org/acme/revoke-cert'
ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
ACME_NEW_NONCE
ACME_VERSION
Le_NextRenewTime
_on_before_issue
_chk_main_domain='zhsq.lzcb.com'
_chk_alt_domains
Le_LocalAddress
d='zhsq.lzcb.com'
Check for domain='zhsq.lzcb.com'
_currentRoot='/alidata/www/zhsq.lznews.cn/public'
d
_saved_account_key_hash is not changed, skip register account.
Read key length:
_createcsr
Single domain='zhsq.lzcb.com'
Getting domain auth token for each domain
d='zhsq.lzcb.com'
Getting webroot for domain='zhsq.lzcb.com'
_w='/alidata/www/zhsq.lznews.cn/public'
_currentRoot='/alidata/www/zhsq.lznews.cn/public'
Getting new-authz for domain='zhsq.lzcb.com'
_init api for server: https://acme-v01.api.letsencrypt.org/directory
Try new-authz for the 0 time.
url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "zhsq.lzcb.com"}}'
RSA key
GET
url='https://acme-v01.api.letsencrypt.org/directory'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
ret='0'
POST
_post_url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='201'
The new-authz request is ok.
entry='"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/8_szMuMXWjnSugA17CHKuIosXPwCY6IuaQhXQfNt4Wc/5802535770","token":"m2cJSZPzcZw9dzpv_erBddbgLyr04LlFjYTWimr3qyw"'
token='m2cJSZPzcZw9dzpv_erBddbgLyr04LlFjYTWimr3qyw'
uri='https://acme-v01.api.letsencrypt.org/acme/challenge/8_szMuMXWjnSugA17CHKuIosXPwCY6IuaQhXQfNt4Wc/5802535770'
keyauthorization='m2cJSZPzcZw9dzpv_erBddbgLyr04LlFjYTWimr3qyw.JCHrfFGLSH09vgdL9F7qZqlTuvIHb-fu91TboqSWIn8'
dvlist='zhsq.lzcb.com#m2cJSZPzcZw9dzpv_erBddbgLyr04LlFjYTWimr3qyw.JCHrfFGLSH09vgdL9F7qZqlTuvIHb-fu91TboqSWIn8#https://acme-v01.api.letsencrypt.org/acme/challenge/8_szMuMXWjnSugA17CHKuIosXPwCY6IuaQhXQfNt4Wc/5802535770#http-01#/alidata/www/zhsq.lznews.cn/public'
d
vlist='zhsq.lzcb.com#m2cJSZPzcZw9dzpv_erBddbgLyr04LlFjYTWimr3qyw.JCHrfFGLSH09vgdL9F7qZqlTuvIHb-fu91TboqSWIn8#https://acme-v01.api.letsencrypt.org/acme/challenge/8_szMuMXWjnSugA17CHKuIosXPwCY6IuaQhXQfNt4Wc/5802535770#http-01#/alidata/www/zhsq.lznews.cn/public,'
d='zhsq.lzcb.com'
ok, let's start to verify
Verifying:zhsq.lzcb.com
d='zhsq.lzcb.com'
keyauthorization='m2cJSZPzcZw9dzpv_erBddbgLyr04LlFjYTWimr3qyw.JCHrfFGLSH09vgdL9F7qZqlTuvIHb-fu91TboqSWIn8'
uri='https://acme-v01.api.letsencrypt.org/acme/challenge/8_szMuMXWjnSugA17CHKuIosXPwCY6IuaQhXQfNt4Wc/5802535770'
_currentRoot='/alidata/www/zhsq.lznews.cn/public'
wellknown_path='/alidata/www/zhsq.lznews.cn/public/.well-known/acme-challenge'
writing token:m2cJSZPzcZw9dzpv_erBddbgLyr04LlFjYTWimr3qyw to /alidata/www/zhsq.lznews.cn/public/.well-known/acme-challenge/m2cJSZPzcZw9dzpv_erBddbgLyr04LlFjYTWimr3qyw
Changing owner/group of .well-known to www:www
url='https://acme-v01.api.letsencrypt.org/acme/challenge/8_szMuMXWjnSugA17CHKuIosXPwCY6IuaQhXQfNt4Wc/5802535770'
payload='{"resource": "challenge", "keyAuthorization": "m2cJSZPzcZw9dzpv_erBddbgLyr04LlFjYTWimr3qyw.JCHrfFGLSH09vgdL9F7qZqlTuvIHb-fu91TboqSWIn8"}'
POST
_post_url='https://acme-v01.api.letsencrypt.org/acme/challenge/8_szMuMXWjnSugA17CHKuIosXPwCY6IuaQhXQfNt4Wc/5802535770'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='202'
sleep 2 secs to verify
checking
GET
url='https://acme-v01.api.letsencrypt.org/acme/challenge/8_szMuMXWjnSugA17CHKuIosXPwCY6IuaQhXQfNt4Wc/5802535770'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
ret='0'
zhsq.lzcb.com:Verify error:"error":{"type":"urn:acme:error:unauthorized","detail":"
pid
No need to restore nginx, skip.
_clearupdns
skip dns.
_on_issue_err
Please check log file for more details: /usr/local/acme.sh/acme.sh.log
url='https://acme-v01.api.letsencrypt.org/acme/challenge/8_szMuMXWjnSugA17CHKuIosXPwCY6IuaQhXQfNt4Wc/5802535770'
payload='{"resource": "challenge", "keyAuthorization": "m2cJSZPzcZw9dzpv_erBddbgLyr04LlFjYTWimr3qyw.JCHrfFGLSH09vgdL9F7qZqlTuvIHb-fu91TboqSWIn8"}'
POST
_post_url='https://acme-v01.api.letsencrypt.org/acme/challenge/8_szMuMXWjnSugA17CHKuIosXPwCY6IuaQhXQfNt4Wc/5802535770'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='400' "detail": "\"zhsq.lzcb.com\" was considered an unsafe domain by a third-party API",
你的域名被举报为恶意网站了的是没法生成ssl的,如果是误报,先找google解封后才能生成ssl
页:
[1]