ssl手动续期失败
本帖最后由 1576696143 于 2021-5-24 15:35 编辑/usr/local/acme.sh/acme.sh --cron --home "/usr /local/acme.sh"
===Starting cron===
Already uptodate!
Upgrade success!
Auto upgraded to: 2.9.0
Renew: 'www.0524.com'
Skip invalid cert for: www.0524.com
Skipped www.0524.com
Renew: 'www.tvst.cn'
Using CA: https://acme-v02.api.letsencrypt.org/di rectory
Multi domain='DNS:www.tvst.cn,DNS:tvst.cn'
Getting domain auth token for each domain
Getting webroot for domain='www.tvst.cn'
Getting webroot for domain='tvst.cn'
Verifying: www.tvst.cn
www.tvst.cn:Verify error:Invalid response from ht tps://www.tvst.cn/.well-known/acme-challenge/b4ygHVHzTRmMWl6Q36aOqw111656wWXxeRG TkAdolwk :
Please check log file for more details: /usr/loca l/acme.sh/acme.sh.log
Error renew www.tvst.cn.
===End cron===
是否更改过网站的配置文件?如更改贴出
是否增加了301跳转,如有,是否按官网教程设置的301 server
{
listen 80;
#listen [::]:80;
server_name www.tvst.cn tvst.cn;
index index.html index.htm index.php default.html default.htm default.php;
root/data/web/www.tvst.cn/tp-site;
client_max_body_size 1000m;
include rewrite/other.conf;
#error_page 404 /404.html;
return 301 https://$server_name$request_uri;
# Deny access to PHP files in specific directory
#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }
include enable-php-pathinfo.conf;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /.well-known {
allow all;
}
location ~ /\.
{
deny all;
}
location / {
if (!-e $request_filename) {
rewrite^(.*)[ DISCUZ_CODE_1 ]nbsp; /index.php?s=/$1last;
break;
}
}
access_log/home/wwwlogs/www.tvst.cn.log;
}
server
{
listen 443 ssl http2;
#listen [::]:443 ssl http2;
server_name www.tvst.cn tvst.cn;
index index.html index.htm index.php default.html default.htm default.php;
root/data/web/www.tvst.cn/tp-site;
client_max_body_size 1000m;
ssl_certificate /usr/local/nginx/conf/ssl/www.tvst.cn/fullchain.cer;
ssl_certificate_key /usr/local/nginx/conf/ssl/www.tvst.cn/www.tvst.cn.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
ssl_session_cache builtin:1000 shared:SSL:10m;
# openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;
include rewrite/other.conf;
#error_page 404 /404.html;
# Deny access to PHP files in specific directory
#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }
include enable-php-pathinfo.conf;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /.well-known {
allow all;
}
location ~ /\.
{
deny all;
}
location / {
if (!-e $request_filename) {
rewrite ^/index.php(.*)$ /index.php?s=$1 last;
rewrite^(.*)[ DISCUZ_CODE_1 ]nbsp; /index.php?s=/$1last;
break;
}
}
access_log/home/wwwlogs/www.tvst.cn.log;
}
licess 发表于 2021-5-25 08:00
是否更改过网站的配置文件?如更改贴出
是否增加了301跳转,如有,是否按官网教程设置的301 ...
虚拟主机配置在上面,301就是那个return 301了 1576696143 发表于 2021-5-29 11:18
虚拟主机配置在上面,301就是那个return 301了
首先,网站目录你都改了肯定不行,你要自定义或改目录必须在生成ssl证书前或更改目录后自己去改对应letsencrypt ssl证书目录下的配置文件
其次,前面已经和你说过了使用免费letsencrypt证书必须要按官网教程设置301,否则无法续期
再就是如果你不确定网站程序是否需要pathinfo就不要开启
页:
[1]