https://www.vpser.net/build/letsencrypt-certbot.html

andyma

军哥，

  我看了这个说明：

https://www.vpser.net/build/letsencrypt-certbot.html

  安装方法：

  如果是CentOS 6、7，先执行：

yum install epel-release

cd /root/wget https://dl.eff.org/certbot-auto --no-check-certificate
chmod +x ./certbot-auto
./certbot-auto -n


安装“./certbot-auto -n”这一步就提示又错误了，试了几次。我看不懂，我查了其他安装方法，有人说：跟“/.well-known”和443端口之类的有关系，

是不是按照您的这个步骤安装的话，还有其他的地方要处理呢？请指教一下啊！！！











[ 本帖最后由 andyma 于 2016-11-1 20:06 编辑 ]

licess

没有具体错误信息，我也没法说

andyma

军哥，

   我不理睬执行./certbot-auto -n的错误后，接着执行该步：单域名生成证书：
./certbot-auto certonly --email admin@vpser.net --agree-tos --webroot -w /home/wwwroot/www.vpser.net -d www.vpser.net
提示错误如下：

Failed authorization procedure. www.example.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to www.example.com
IMPORTANT NOTES:
- If you lose your account credentials, you can recover through
   e-mails sent to ******@qq.com.
- The following errors were reported by the server:

   Domain: www.example.com
   Type:   connection
   Detail: Could not connect to www.example.com

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.
- Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
[root@******** ~]#

andyma

军哥，
   如上错误知道原因了，是因为还没有建立虚拟主机和绑定域名造成的！
   另外我想问下：执行该步前：“单域名生成证书：
./certbot-auto certonly --email admin@vpser.net --agree-tos --webroot -w /home/wwwroot/www.vpser.net -d www.vpser.net”
  是否必须先执行：“mkdir -p /home/wwwroot/域名/.well-known/acme-challenge 创建临时目录，当然这个.well-known/acme-challenge前面的目录要替换为你自己的网站目录，根据你自己的实际情况修改”。这个目录不能在安装Let's Encrypt的时候自动产生吗？

[ 本帖最后由 andyma 于 2016-11-1 22:43 编辑 ]

licess

不一定都会自动创建

andyma

军哥，
   
    那什么时候会自动创建呢：

mkdir -p /home/wwwroot/域名/.well-known/acme-challenge 创建临时目录，当然这个.well-known/acme-challenge前面的目录要替换为你自己的网站目录，根据你自己的实际情况修改”。

   而且要取得证书，这个文件夹是必须的吧？

andyma

军哥，
  执行“./certbot-auto -n“提示如下：

Creating virtual environment...
Installing Python packages...
Installation succeeded.
usage:
  certbot-auto [SUBCOMMAND] [options] [-d domain] [-d domain] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
cert. Major SUBCOMMANDS are:

  (default) run        Obtain & install a cert in your current webserver
  certonly             Obtain cert, but do not install it (aka "auth")
  install              Install a previously obtained cert in a server
  renew                Renew previously obtained certs that are near expiry
  revoke               Revoke a previously obtained certificate
  register             Perform tasks related to registering with the CA
  rollback             Rollback server configuration changes made during install
  config_changes       Show changes made to server config during installation
  plugins              Display information about installed plugins
letsencrypt: error: ambiguous option: --n could match --num, --no-hsts, --no-redirect, --nginx-ctl, --nginx-server-root, --no-staple-ocsp, --no-uir, --nginx, --no-self-upgrade, --noninteractive, --no-verify-ssl, --non-interactive
后面我查了/etc,并没有找到/etc/letsencrypt哦？是啥原因呢？

licess

那天另外一个添加就已经说过了./certbot-auto -n 只是用来安装依赖包的

没创建成功的话就只能向letsencrypt反馈