请教军哥,创建SSL失败
It will be processed automatically./bin/certbot
Starting create SSL Certificate use Let's Encrypt...
Bootstrapping dependencies for RedHat-based OSes that will use Python3... (you can skip this with --
no-bootstrap)
yum is /usr/bin/yum
To use Certbot, packages from the EPEL repository need to be installed.
Enable the EPEL repository and try running Certbot again.
Let's Encrypt SSL Certificate create failed!
请教下如何解决呢?谢谢。
certbot的我们已经停止更新,建议升级到acme.sh的,https://lnmp.org/notice/lnmp-v1-6.html 升一下管理脚步即可 # wget http://soft.vpser.net/lnmp/lnmp1.6.tar.gz -cO lnmp1.6.tar.gz && tar zxf lnmp1.6.tar.gz && cd lnmp1.6 && ./install.sh lnmp
--2019-08-27 21:17:31--http://soft.vpser.net/lnmp/lnmp1.6.tar.gz
Resolving soft.vpser.net... 2600:3c01::f03c:91ff:fe92:1a06, 104.238.161.196
Connecting to soft.vpser.net|2600:3c01::f03c:91ff:fe92:1a06|:80... connected.
HTTP request sent, awaiting response... 416 Requested Range Not Satisfiable
The file is already fully retrieved; nothing to do.
You have installed LNMP!
If you want to reinstall LNMP, please BACKUP your data.
and run uninstall script: ./uninstall.sh before you install.
# upgrade1.x-1.6.sh
bash: upgrade1.x-1.6.sh: command not found
不好意思,实在不懂。请问下要怎么操作呢?谢谢了 sky 发表于 2019-8-27 21:18
# wget http://soft.vpser.net/lnmp/lnmp1.6.tar.gz -cO lnmp1.6.tar.gz && tar zxf lnmp1.6.tar.gz && cd...
脚本的运行肯定是 ./upgrade1.x-1.6.sh 的,只有系统环境变量目录下的可执行命令才直接输入文件名执行
100%[==============================================>] 139,601 --.-K/s in 0.06s
2019-08-28 09:20:17 (2.08 MB/s) - `latest.tar.gz' saved
It is recommended to install socat first.
We use socat for standalone server if you use standalone mode.
If you don't use standalone mode, just ignore this warning.
Installing to /usr/local/acme.sh
Installed to /usr/local/acme.sh/acme.sh
Installing alias to '/root/.bashrc'
OK, Close and reopen your terminal to start using acme.sh
Installing alias to '/root/.cshrc'
Installing alias to '/root/.tcshrc'
Installing cron job
no crontab for root
no crontab for root
Good, bash is found, so change the shebang to use bash as preferred.
OK
Stopping crond:
Starting crond:
Starting create SSL Certificate use Let's Encrypt...
Create account key ok.
Registering account
Registered
ACCOUNT_THUMBPRINT='JZtCG1A0C6IKqelq3MJUc6Ot52rWyrUOWK9DvwZ0k6M'
Creating domain key
The domain key is here: /usr/local/nginx/conf/ssl/www.mysite.com/www.mysite.com.key
Multi domain='DNS:www.mysite.com,DNS:mysite.com'
Getting domain auth token for each domain
Getting webroot for domain='www.mysite.com'
Getting webroot for domain='mysite.com'
Verifying: www.mysite.com
Success
Verifying: mysite.com
Success
Verify finished, start to sign.
Lets finalize the order, Le_OrderFinalize: https://acme-v02.api.letsencrypt.org/acme/finalize/64410848/975442899
Download cert, Le_LinkCert: https://acme-v02.api.letsencrypt.org/acme/cert/033fc44ea121920b3ddbf2749d112024a6b3
Cert success.
Your cert is in/usr/local/nginx/conf/ssl/www.mysite.com/www.mysite.com.cer
Your cert key is in/usr/local/nginx/conf/ssl/www.mysite.com/www.mysite.com.key
The intermediate CA cert is in/usr/local/nginx/conf/ssl/www.mysite.com/ca.cer
And the full chain certs is there:/usr/local/nginx/conf/ssl/www.mysite.com/fullchain.cer
Run reload cmd: /etc/init.d/nginx reload
Reload service nginx...done
Reload success
Let's Encrypt SSL Certificate create successfully.
Create dhparam.pem...
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
.......................+.................................................................+...................+............................................................................................+................................................................................................................+.....................................+......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................+.....................................+.........+.................++*++*
Test Nginx configure file......
nginx: invalid value "TLSv1.3" in /usr/local/nginx/conf/vhost/www.mysite.com.conf:50
nginx: configuration file /usr/local/nginx/conf/nginx.conf test failed
Reload Nginx......
nginx: invalid value "TLSv1.3" in /usr/local/nginx/conf/vhost/www.mysite.com.conf:50
谢谢,脚本升级成功了,可是通过https://www.mysite.com 打不开
显示无法访问此网站 nginx version: nginx/1.12.2
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-18) (GCC)
built with OpenSSL 1.0.2l25 May 2017
TLS SNI support enabled
谢谢了,查了下版本,好像是目前我的nginx1.12 不支持 TLSv1.3 sky 发表于 2019-8-28 09:31
100%[==============================================>] 139,601 --.-K/s in 0.06s
2019-08-2 ...
上面有错误信息,你nginx版本有点低不支持tls 1.3,lnmp安装包目录下 ./upgrade.sh nginx
升级nginx到 1.16.1 然后重启nginx就可以了 licess 发表于 2019-8-28 13:33
上面有错误信息,你nginx版本有点低不支持tls 1.3,lnmp安装包目录下 ./upgrade.sh nginx
升级nginx到 1. ...
谢谢了。明白了
页:
[1]