1.4下添加ssl报错,升级到1.5还是报错
升级SSL失败,添加新的ssl也失败。能帮忙看下怎么回事吗?谢谢。 _main_domain='veri.wellontech.com'_alt_domains='no'
Using config home:/usr/local/acme.sh
ACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory'
DOMAIN_PATH='/usr/local/nginx/conf/ssl/veri.wellontech.com'
Using ACME_DIRECTORY: https://acme-v01.api.letsencrypt.org/directory
_init api for server: https://acme-v01.api.letsencrypt.org/directory
GET
url='https://acme-v01.api.letsencrypt.org/directory'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
ret='0'
ACME_KEY_CHANGE='https://acme-v01.api.letsencrypt.org/acme/key-change'
ACME_NEW_AUTHZ='https://acme-v01.api.letsencrypt.org/acme/new-authz'
ACME_NEW_ORDER='https://acme-v01.api.letsencrypt.org/acme/new-cert'
ACME_NEW_ACCOUNT='https://acme-v01.api.letsencrypt.org/acme/new-reg'
ACME_REVOKE_CERT='https://acme-v01.api.letsencrypt.org/acme/revoke-cert'
ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
ACME_NEW_NONCE
ACME_VERSION
Le_NextRenewTime
_on_before_issue
_chk_main_domain='veri.wellontech.com'
_chk_alt_domains
Le_LocalAddress
d='veri.wellontech.com'
Check for domain='veri.wellontech.com'
_currentRoot='/home/wwwroot/veri.wellontech.com'
d
_saved_account_key_hash is not changed, skip register account.
Read key length:
_createcsr
Single domain='veri.wellontech.com'
Getting domain auth token for each domain
d='veri.wellontech.com'
Getting webroot for domain='veri.wellontech.com'
_w='/home/wwwroot/veri.wellontech.com'
_currentRoot='/home/wwwroot/veri.wellontech.com'
Getting new-authz for domain='veri.wellontech.com'
_init api for server: https://acme-v01.api.letsencrypt.org/directory
Try new-authz for the 0 time.
url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "veri.wellontech.com"}}'
RSA key
GET
url='https://acme-v01.api.letsencrypt.org/directory'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
ret='0'
POST
_post_url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='201'
The new-authz request is ok.
entry='"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/7n1ozJjtqlgQF-EpHdYk_qw1kXt9TMwr_rP18_VoO0o/5970804998","token":"fUk2Muslbp5Y_tOZ_D6hGOELlQYURLxsOPKd7KNgPHY"'
token='fUk2Muslbp5Y_tOZ_D6hGOELlQYURLxsOPKd7KNgPHY'
uri='https://acme-v01.api.letsencrypt.org/acme/challenge/7n1ozJjtqlgQF-EpHdYk_qw1kXt9TMwr_rP18_VoO0o/5970804998'
keyauthorization='fUk2Muslbp5Y_tOZ_D6hGOELlQYURLxsOPKd7KNgPHY.nK7PDnLzn1wr4o3iemh2uzvh_v1BnFzlbb3GzITi27I'
dvlist='veri.wellontech.com#fUk2Muslbp5Y_tOZ_D6hGOELlQYURLxsOPKd7KNgPHY.nK7PDnLzn1wr4o3iemh2uzvh_v1BnFzlbb3GzITi27I#https://acme-v01.api.letsencrypt.org/acme/challenge/7n1ozJjtqlgQF-EpHdYk_qw1kXt9TMwr_rP18_VoO0o/5970804998#http-01#/home/wwwroot/veri.wellontech.com'
d
vlist='veri.wellontech.com#fUk2Muslbp5Y_tOZ_D6hGOELlQYURLxsOPKd7KNgPHY.nK7PDnLzn1wr4o3iemh2uzvh_v1BnFzlbb3GzITi27I#https://acme-v01.api.letsencrypt.org/acme/challenge/7n1ozJjtqlgQF-EpHdYk_qw1kXt9TMwr_rP18_VoO0o/5970804998#http-01#/home/wwwroot/veri.wellontech.com,'
d='veri.wellontech.com'
ok, let's start to verify
Verifying:veri.wellontech.com
d='veri.wellontech.com'
keyauthorization='fUk2Muslbp5Y_tOZ_D6hGOELlQYURLxsOPKd7KNgPHY.nK7PDnLzn1wr4o3iemh2uzvh_v1BnFzlbb3GzITi27I'
uri='https://acme-v01.api.letsencrypt.org/acme/challenge/7n1ozJjtqlgQF-EpHdYk_qw1kXt9TMwr_rP18_VoO0o/5970804998'
_currentRoot='/home/wwwroot/veri.wellontech.com'
wellknown_path='/home/wwwroot/veri.wellontech.com/.well-known/acme-challenge'
writing token:fUk2Muslbp5Y_tOZ_D6hGOELlQYURLxsOPKd7KNgPHY to /home/wwwroot/veri.wellontech.com/.well-known/acme-challenge/fUk2Muslbp5Y_tOZ_D6hGOELlQYURLxsOPKd7KNgPHY
Changing owner/group of .well-known to www:www
url='https://acme-v01.api.letsencrypt.org/acme/challenge/7n1ozJjtqlgQF-EpHdYk_qw1kXt9TMwr_rP18_VoO0o/5970804998'
payload='{"resource": "challenge", "keyAuthorization": "fUk2Muslbp5Y_tOZ_D6hGOELlQYURLxsOPKd7KNgPHY.nK7PDnLzn1wr4o3iemh2uzvh_v1BnFzlbb3GzITi27I"}'
POST
_post_url='https://acme-v01.api.letsencrypt.org/acme/challenge/7n1ozJjtqlgQF-EpHdYk_qw1kXt9TMwr_rP18_VoO0o/5970804998'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='202'
sleep 2 secs to verify
checking
GET
url='https://acme-v01.api.letsencrypt.org/acme/challenge/7n1ozJjtqlgQF-EpHdYk_qw1kXt9TMwr_rP18_VoO0o/5970804998'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
ret='0'
Pending
sleep 2 secs to verify
checking
GET
url='https://acme-v01.api.letsencrypt.org/acme/challenge/7n1ozJjtqlgQF-EpHdYk_qw1kXt9TMwr_rP18_VoO0o/5970804998'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
ret='0'
veri.wellontech.com:Verify error:Fetching http://veri.wellontech.com/.well-known/acme-challenge/fUk2Muslbp5Y_tOZ_D6hGOELlQYURLxsOPKd7KNgPHY: Connection reset by peer
pid
No need to restore nginx, skip.
_clearupdns
skip dns.
_on_issue_err
Please check log file for more details: /usr/local/acme.sh/acme.sh.log
url='https://acme-v01.api.letsencrypt.org/acme/challenge/7n1ozJjtqlgQF-EpHdYk_qw1kXt9TMwr_rP18_VoO0o/5970804998'
payload='{"resource": "challenge", "keyAuthorization": "fUk2Muslbp5Y_tOZ_D6hGOELlQYURLxsOPKd7KNgPHY.nK7PDnLzn1wr4o3iemh2uzvh_v1BnFzlbb3GzITi27I"}'
POST
_post_url='https://acme-v01.api.letsencrypt.org/acme/challenge/7n1ozJjtqlgQF-EpHdYk_qw1kXt9TMwr_rP18_VoO0o/5970804998'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='400' veri.wellontech.com:Verify error:Fetching http://veri.wellontech.com/.well-known/acme-challenge/fUk2Muslbp5Y_tOZ_D6hGOELlQYURLxsOPKd7KNgPHY: Connection reset by peer
验证时网站无法正常访问,Connection reset by peer 实际山是能访问的,我还放了一个文件在根目录index.html,默认能打开的 早几个月1.4环境下,顺利安装了SSL,也自动续期了,这次是新加一个主机并开启SSL,报错,于是升级到1.5,./upgrade1.x-1.5.sh ssl按提示填好之后,也是报上面类似错误。Verify error:Fetching Connection reset by peer
回复 4# 的帖子
这是letsencrypt的服务器去获取你服务器上的验证文件无法访问
页:
[1]