lnmp安装证书失败
最近通过lnmp dnsssl dp来安装证书提示失败,DP_Id跟DP_Key没有错误。不知道什么问题?错误如下截图lnmp什么版本?
第一次添加ssl是什么时候?
/usr/local/acme.sh/acme.sh --upgrade 升级一下再试试 本帖最后由 pkz1024 于 2020-8-13 15:05 编辑
licess 发表于 2020-8-13 14:50
lnmp什么版本?
第一次添加ssl是什么时候?
你好,军哥,lnmp 是1.6版本,已经升级过了,之前是上个月其他服务器添加没有问题,这个月添加就出现这个问题了,这个服务器是没添加过证书的刚看日志
_currentRoot='dns_dp'
d
config file is empty, can not read CA_KEY_HASH
Using config home:/usr/local/acme.sh
ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
_init api for server: https://acme-v02.api.letsencrypt.org/directory
RSA key
Registering account
url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
payload='{"termsOfServiceAgreed": true}'
HEAD
_post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g-I'
_ret='0'
POST
_post_url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='400'
Register account Error: {
"type": "urn:ietf:params:acme:error:malformed",
"detail": "Parse error reading JWS",
"status": 400
}
_on_issue_err
Please check log file for more details: /usr/local/acme.sh/acme.sh.log
pkz1024 发表于 2020-8-13 14:58
你好,军哥,lnmp 是1.6版本,已经升级过了,之前是上个月其他服务器添加没有问题,这个月添加就出现这个 ...
我这边测试dnspod api方式不论upgrade前后都可以正常生成ssl证书
我感觉要不就是可能你dnspod后台开了IP白名单或者api请求次数多被拉黑之类的
你可以修改 /usr/local/acme.sh/account.conf 将里面 #LOG_LEVEL=1 改成 LOG_LEVEL=2 保存,再重新生成证书试试,将完整的acme.sh.log发一下看看 本帖最后由 pkz1024 于 2020-8-13 19:54 编辑
licess 发表于 2020-8-13 17:57
我这边测试dnspod api方式不论upgrade前后都可以正常生成ssl证书
我感觉要不就是可能你dnspod后台开了IP ...修改后日志如下
LE_WORKING_DIR='/usr/local/acme.sh'
Running cmd: issue
_main_domain='l.lfdths.com'
_alt_domains='lfdths.com'
Using config home:/usr/local/acme.sh
ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
_ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
DOMAIN_PATH='/usr/local/nginx/conf/ssl/l.lfdths.com'
'dns_dp' does not contain 'dns'
Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
_init api for server: https://acme-v02.api.letsencrypt.org/directory
GET
url='https://acme-v02.api.letsencrypt.org/directory'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
ret='0'
response='{
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert",
"zx_nxN_sSVU": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417"
}'
ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
ACME_NEW_AUTHZ
ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
ACME_VERSION='2'
Le_NextRenewTime
_on_before_issue
_chk_main_domain='l.lfdths.com'
_chk_alt_domains='lfdths.com'
'dns_dp' does not contain 'no'
Le_LocalAddress
d='l.lfdths.com'
Check for domain='l.lfdths.com'
_currentRoot='dns_dp'
d='lfdths.com'
Check for domain='lfdths.com'
_currentRoot='dns_dp'
d
'dns_dp' does not contain 'apache'
config file is empty, can not read CA_KEY_HASH
_saved_account_key_hash
Using config home:/usr/local/acme.sh
ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
_ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
_init api for server: https://acme-v02.api.letsencrypt.org/directory
RSA key
Registering account
url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
payload='{"termsOfServiceAgreed": true}'
Use cached jwk for file: /usr/local/acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
Get nonce with HEAD. ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
HEAD
_post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
body
_postContentType='application/jose+json'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g-I'
_ret='0'
_headers='HTTP/2 200
server: nginx
date: Thu, 13 Aug 2020 11:53:37 GMT
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0002pb6ADN_PL52vCJ4lqsw6BHuJcsCZUetvQT1LgLlniDY
x-frame-options: DENY
strict-transport-security: max-age=604800
'
_CACHED_NONCE='0002pb6ADN_PL52vCJ4lqsw6BHuJcsCZUetvQT1LgLlniDY'
nonce='0002pb6ADN_PL52vCJ4lqsw6BHuJcsCZUetvQT1LgLlniDY'
POST
_post_url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
body='{"protected": "eyJub25jZSI6ICIwMDAycGI2QUROX1BMNTJ2Q0o0bHFzdzZCSHVKY3NDWlVldHZRVDFMZ0xsbmlEWSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LWFjY3QiLCAiYWxnIjogIlJTMjU2IiwgImp3ayI6IHsiZSI6ICIiLCAia3R5IjogIlJTQSIsICJuIjogIiJ9fQ", "payload": "eyJ0ZXJtc09mU2VydmljZUFncmVlZCI6IHRydWV9", "signature": "VLvyoZhy1UgCkMOohYPC_vilEB6TK8o8L5q1yT0rZX1H57Hrox9JkFHjSDN0HLt8zBQ5JmNiOtz9aBULUSU7fvfx29-d3M8_qxAofZwH9CKIBDT_-WcllGWgpZNqnKLCocCLO5DyVCK9Td3UBRQXmHeuIpsQoIUiPAPz_x74UVrd6HB5pOCWHbe0VGXVSnp_xLl5VdBbuk_oaC28y6J2EO8ko8Ttqg6qnNfLXlLK9RKlKJ69ooG0rlHgW1Ju5avc1plti3-IGQhv8I-iW4my21ciU-PkKn8HR1NTdCQWKfu8ZMSrDejaY6OhMsciCQj8-U3NHfXfy18INqN8L9gfNw"}'
_postContentType='application/jose+json'
Http already initialized.
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
responseHeaders='HTTP/2 400
server: nginx
date: Thu, 13 Aug 2020 11:53:38 GMT
content-type: application/problem+json
content-length: 108
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0102mhXep8XIUtTXAm9EhcCAm4yM20EnPLBOR5lcqWcPNyo
'
code='400'
original='{
"type": "urn:ietf:params:acme:error:malformed",
"detail": "Parse error reading JWS",
"status": 400
}'
response='{
"type": "urn:ietf:params:acme:error:malformed",
"detail": "Parse error reading JWS",
"status": 400
}'
Register account Error: {
"type": "urn:ietf:params:acme:error:malformed",
"detail": "Parse error reading JWS",
"status": 400
}
_on_issue_err
Please check log file for more details: /usr/local/acme.sh/acme.sh.log
_chk_vlist
pkz1024 发表于 2020-8-13 19:51
修改后日志如下
LE_WORKING_DIR='/usr/local/acme.sh'
不清楚什么问题,我这边测试也都是正常的,有可能就是你系统上的问题
你是什么系统及版本? licess 发表于 2020-8-14 08:56
不清楚什么问题,我这边测试也都是正常的,有可能就是你系统上的问题
你是什么系统及版本? ...
centos8版本。 licess 发表于 2020-8-14 08:56
不清楚什么问题,我这边测试也都是正常的,有可能就是你系统上的问题
你是什么系统及版本? ...
你好,centos7系统可以,centos8就不可以,怎么处理这个问题? pkz1024 发表于 2020-8-14 10:05
你好,centos7系统可以,centos8就不可以,怎么处理这个问题?
我这边有centos 8的测试机,centos 8 上测试了没有问题 licess 发表于 2020-8-14 14:40
我这边有centos 8的测试机,centos 8 上测试了没有问题
那可能这个系统有问题,vim软件都用不了,要用vi,谢谢军哥答疑
页:
[1]