设为首页收藏本站
切换到窄版

VPS侦探论坛

 找回密码
 注册
VPS侦探论坛»VPS侦探论坛 技术交流区 LNMP一键安装包 ssl 创建证书失败
返回列表 发新帖
查看: 3489|回复: 7

ssl 创建证书失败

[复制链接]
hnqdgyj
发表于 2021-12-22 17:18:15 | 显示全部楼层 |阅读模式

  1. [Wed Dec 22 17:17:09 CST 2021] Running cmd: issue
  2. [Wed Dec 22 17:17:09 CST 2021] _main_domain='auc.topdoit.com'
  3. [Wed Dec 22 17:17:09 CST 2021] _alt_domains='no'
  4. [Wed Dec 22 17:17:09 CST 2021] Using config home:/usr/local/acme.sh
  5. [Wed Dec 22 17:17:09 CST 2021] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
  6. [Wed Dec 22 17:17:09 CST 2021] DOMAIN_PATH='/usr/local/nginx/conf/ssl/auc.topdoit.com'
  7. [Wed Dec 22 17:17:09 CST 2021] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
  8. [Wed Dec 22 17:17:09 CST 2021] _init api for server: https://acme-v02.api.letsencrypt.org/directory
  9. [Wed Dec 22 17:17:09 CST 2021] Retrying GET
  10. [Wed Dec 22 17:17:09 CST 2021] GET
  11. [Wed Dec 22 17:17:09 CST 2021] url='https://acme-v02.api.letsencrypt.org/directory'
  12. [Wed Dec 22 17:17:09 CST 2021] timeout=
  13. [Wed Dec 22 17:17:09 CST 2021] displayError='1'
  14. [Wed Dec 22 17:17:09 CST 2021] _CURL='curl --silent --dump-header /usr/local/acme.sh/http.header  -L  -g '
  15. [Wed Dec 22 17:17:10 CST 2021] ret='0'
  16. [Wed Dec 22 17:17:10 CST 2021] _hcode='0'
  17. [Wed Dec 22 17:17:10 CST 2021] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
  18. [Wed Dec 22 17:17:10 CST 2021] ACME_NEW_AUTHZ
  19. [Wed Dec 22 17:17:10 CST 2021] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
  20. [Wed Dec 22 17:17:10 CST 2021] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
  21. [Wed Dec 22 17:17:10 CST 2021] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
  22. [Wed Dec 22 17:17:10 CST 2021] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
  23. [Wed Dec 22 17:17:10 CST 2021] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
  24. [Wed Dec 22 17:17:10 CST 2021] Using CA: https://acme-v02.api.letsencrypt.org/directory
  25. [Wed Dec 22 17:17:10 CST 2021] _on_before_issue
  26. [Wed Dec 22 17:17:10 CST 2021] _chk_main_domain='auc.topdoit.com'
  27. [Wed Dec 22 17:17:10 CST 2021] _chk_alt_domains
  28. [Wed Dec 22 17:17:10 CST 2021] Le_LocalAddress
  29. [Wed Dec 22 17:17:10 CST 2021] d='auc.topdoit.com'
  30. [Wed Dec 22 17:17:10 CST 2021] Check for domain='auc.topdoit.com'
  31. [Wed Dec 22 17:17:10 CST 2021] _currentRoot='/home/wwwroot/auc.topdoit.com'
  32. [Wed Dec 22 17:17:10 CST 2021] d
  33. [Wed Dec 22 17:17:10 CST 2021] _saved_account_key_hash is not changed, skip register account.
  34. [Wed Dec 22 17:17:10 CST 2021] Read key length:
  35. [Wed Dec 22 17:17:10 CST 2021] Creating domain key
  36. [Wed Dec 22 17:17:10 CST 2021] Use DEFAULT_DOMAIN_KEY_LENGTH=2048
  37. [Wed Dec 22 17:17:10 CST 2021] Using config home:/usr/local/acme.sh
  38. [Wed Dec 22 17:17:10 CST 2021] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
  39. [Wed Dec 22 17:17:10 CST 2021] Use length 2048
  40. [Wed Dec 22 17:17:10 CST 2021] Using RSA: 2048
  41. [Wed Dec 22 17:17:11 CST 2021] The domain key is here: /usr/local/nginx/conf/ssl/auc.topdoit.com/auc.topdoit.com.key
  42. [Wed Dec 22 17:17:11 CST 2021] _createcsr
  43. [Wed Dec 22 17:17:11 CST 2021] Single domain='auc.topdoit.com'
  44. [Wed Dec 22 17:17:11 CST 2021] Getting domain auth token for each domain
  45. [Wed Dec 22 17:17:11 CST 2021] d
  46. [Wed Dec 22 17:17:11 CST 2021] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
  47. [Wed Dec 22 17:17:11 CST 2021] payload='{"identifiers": [{"type":"dns","value":"auc.topdoit.com"}]}'
  48. [Wed Dec 22 17:17:11 CST 2021] RSA key
  49. [Wed Dec 22 17:17:11 CST 2021] Retrying post
  50. [Wed Dec 22 17:17:11 CST 2021] HEAD
  51. [Wed Dec 22 17:17:11 CST 2021] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
  52. [Wed Dec 22 17:17:11 CST 2021] _CURL='curl --silent --dump-header /usr/local/acme.sh/http.header  -L  -g  -I  '
  53. [Wed Dec 22 17:17:12 CST 2021] _ret='0'
  54. [Wed Dec 22 17:17:12 CST 2021] _hcode='0'
  55. [Wed Dec 22 17:17:12 CST 2021] Retrying post
  56. [Wed Dec 22 17:17:12 CST 2021] POST
  57. [Wed Dec 22 17:17:12 CST 2021] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
  58. [Wed Dec 22 17:17:12 CST 2021] _CURL='curl --silent --dump-header /usr/local/acme.sh/http.header  -L  -g '
  59. [Wed Dec 22 17:17:13 CST 2021] _ret='0'
  60. [Wed Dec 22 17:17:13 CST 2021] _hcode='0'
  61. [Wed Dec 22 17:17:13 CST 2021] code='201'
  62. [Wed Dec 22 17:17:13 CST 2021] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/172280710/49245762250'
  63. [Wed Dec 22 17:17:14 CST 2021] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/172280710/49245762250'
  64. [Wed Dec 22 17:17:14 CST 2021] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/60895511920'
  65. [Wed Dec 22 17:17:14 CST 2021] payload
  66. [Wed Dec 22 17:17:14 CST 2021] Retrying post
  67. [Wed Dec 22 17:17:14 CST 2021] POST
  68. [Wed Dec 22 17:17:14 CST 2021] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/60895511920'
  69. [Wed Dec 22 17:17:14 CST 2021] _CURL='curl --silent --dump-header /usr/local/acme.sh/http.header  -L  -g '
  70. [Wed Dec 22 17:17:15 CST 2021] _ret='0'
  71. [Wed Dec 22 17:17:15 CST 2021] _hcode='0'
  72. [Wed Dec 22 17:17:15 CST 2021] code='200'
  73. [Wed Dec 22 17:17:15 CST 2021] d='auc.topdoit.com'
  74. [Wed Dec 22 17:17:15 CST 2021] Getting webroot for domain='auc.topdoit.com'
  75. [Wed Dec 22 17:17:15 CST 2021] _w='/home/wwwroot/auc.topdoit.com'
  76. [Wed Dec 22 17:17:15 CST 2021] _currentRoot='/home/wwwroot/auc.topdoit.com'
  77. [Wed Dec 22 17:17:15 CST 2021] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/60895511920/xHlnOA","token":"qYzYCX9iQgjnUEnA6Ih6bGQ7R5UM29l1S1JzpkGV_7E"'
  78. [Wed Dec 22 17:17:15 CST 2021] token='qYzYCX9iQgjnUEnA6Ih6bGQ7R5UM29l1S1JzpkGV_7E'
  79. [Wed Dec 22 17:17:15 CST 2021] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/60895511920/xHlnOA'
  80. [Wed Dec 22 17:17:15 CST 2021] keyauthorization='qYzYCX9iQgjnUEnA6Ih6bGQ7R5UM29l1S1JzpkGV_7E.XpyY5y2hcocYLBOcO3lH65PgNePhn9jSThD_T6sXez8'
  81. [Wed Dec 22 17:17:15 CST 2021] dvlist='auc.topdoit.com#qYzYCX9iQgjnUEnA6Ih6bGQ7R5UM29l1S1JzpkGV_7E.XpyY5y2hcocYLBOcO3lH65PgNePhn9jSThD_T6sXez8#https://acme-v02.api.letsencrypt.org/acme/chall-v3/60895511920/xHlnOA#http-01#/home/wwwroot/auc.topdoit.com'
  82. [Wed Dec 22 17:17:15 CST 2021] d
  83. [Wed Dec 22 17:17:15 CST 2021] vlist='auc.topdoit.com#qYzYCX9iQgjnUEnA6Ih6bGQ7R5UM29l1S1JzpkGV_7E.XpyY5y2hcocYLBOcO3lH65PgNePhn9jSThD_T6sXez8#https://acme-v02.api.letsencrypt.org/acme/chall-v3/60895511920/xHlnOA#http-01#/home/wwwroot/auc.topdoit.com,'
  84. [Wed Dec 22 17:17:15 CST 2021] d='auc.topdoit.com'
  85. [Wed Dec 22 17:17:15 CST 2021] ok, let's start to verify
  86. [Wed Dec 22 17:17:15 CST 2021] Verifying: auc.topdoit.com
  87. [Wed Dec 22 17:17:15 CST 2021] d='auc.topdoit.com'
  88. [Wed Dec 22 17:17:15 CST 2021] keyauthorization='qYzYCX9iQgjnUEnA6Ih6bGQ7R5UM29l1S1JzpkGV_7E.XpyY5y2hcocYLBOcO3lH65PgNePhn9jSThD_T6sXez8'
  89. [Wed Dec 22 17:17:15 CST 2021] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/60895511920/xHlnOA'
  90. [Wed Dec 22 17:17:15 CST 2021] _currentRoot='/home/wwwroot/auc.topdoit.com'
  91. [Wed Dec 22 17:17:15 CST 2021] wellknown_path='/home/wwwroot/auc.topdoit.com/.well-known/acme-challenge'
  92. [Wed Dec 22 17:17:15 CST 2021] writing token:qYzYCX9iQgjnUEnA6Ih6bGQ7R5UM29l1S1JzpkGV_7E to /home/wwwroot/auc.topdoit.com/.well-known/acme-challenge/qYzYCX9iQgjnUEnA6Ih6bGQ7R5UM29l1S1JzpkGV_7E
  93. [Wed Dec 22 17:17:15 CST 2021] Changing owner/group of .well-known to www:www
  94. [Wed Dec 22 17:17:15 CST 2021] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/60895511920/xHlnOA'
  95. [Wed Dec 22 17:17:15 CST 2021] payload='{}'
  96. [Wed Dec 22 17:17:15 CST 2021] Retrying post
  97. [Wed Dec 22 17:17:15 CST 2021] POST
  98. [Wed Dec 22 17:17:15 CST 2021] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/60895511920/xHlnOA'
  99. [Wed Dec 22 17:17:15 CST 2021] _CURL='curl --silent --dump-header /usr/local/acme.sh/http.header  -L  -g '
  100. [Wed Dec 22 17:17:16 CST 2021] _ret='0'
  101. [Wed Dec 22 17:17:16 CST 2021] _hcode='0'
  102. [Wed Dec 22 17:17:16 CST 2021] code='200'
  103. [Wed Dec 22 17:17:16 CST 2021] trigger validation code: 200
  104. [Wed Dec 22 17:17:16 CST 2021] Pending, The CA is processing your order, please just wait. (1/30)
  105. [Wed Dec 22 17:17:16 CST 2021] sleep 2 secs to verify again
  106. [Wed Dec 22 17:17:18 CST 2021] checking
  107. [Wed Dec 22 17:17:18 CST 2021] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/60895511920/xHlnOA'
  108. [Wed Dec 22 17:17:18 CST 2021] payload
  109. [Wed Dec 22 17:17:18 CST 2021] Retrying post
  110. [Wed Dec 22 17:17:18 CST 2021] POST
  111. [Wed Dec 22 17:17:18 CST 2021] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/60895511920/xHlnOA'
  112. [Wed Dec 22 17:17:18 CST 2021] _CURL='curl --silent --dump-header /usr/local/acme.sh/http.header  -L  -g '
  113. [Wed Dec 22 17:17:19 CST 2021] _ret='0'
  114. [Wed Dec 22 17:17:19 CST 2021] _hcode='0'
  115. [Wed Dec 22 17:17:19 CST 2021] code='200'
  116. [Wed Dec 22 17:17:19 CST 2021] auc.topdoit.com:Verify error:Invalid response from http://auc.topdoit.com/.well-known/acme-challenge/qYzYCX9iQgjnUEnA6Ih6bGQ7R5UM29l1S1JzpkGV_7E [120.24.94.212]:
  117. [Wed Dec 22 17:17:19 CST 2021] pid
  118. [Wed Dec 22 17:17:19 CST 2021] No need to restore nginx, skip.
  119. [Wed Dec 22 17:17:19 CST 2021] _clearupdns
  120. [Wed Dec 22 17:17:19 CST 2021] dns_entries
  121. [Wed Dec 22 17:17:19 CST 2021] skip dns.
  122. [Wed Dec 22 17:17:19 CST 2021] _on_issue_err
  123. [Wed Dec 22 17:17:19 CST 2021] Please check log file for more details: /usr/local/acme.sh/acme.sh.log
  124. [Wed Dec 22 17:17:19 CST 2021] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/60895511920/xHlnOA'
  125. [Wed Dec 22 17:17:19 CST 2021] payload='{}'
  126. [Wed Dec 22 17:17:19 CST 2021] Retrying post
  127. [Wed Dec 22 17:17:19 CST 2021] POST
  128. [Wed Dec 22 17:17:19 CST 2021] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/60895511920/xHlnOA'
  129. [Wed Dec 22 17:17:19 CST 2021] _CURL='curl --silent --dump-header /usr/local/acme.sh/http.header  -L  -g '
  130. [Wed Dec 22 17:17:20 CST 2021] _ret='0'
  131. [Wed Dec 22 17:17:20 CST 2021] _hcode='0'
  132. [Wed Dec 22 17:17:20 CST 2021] code='400'
复制代码


美国VPS推荐: 遨游主机LinodeLOCVPS主机云搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
回复

举报

hnqdgyj
 楼主| 发表于 2021-12-22 17:21:25 | 显示全部楼层


  1. Starting create SSL Certificate use Let's Encrypt...
  2. [Wed Dec 22 17:17:10 CST 2021] Using CA: https://acme-v02.api.letsencrypt.org/directory
  3. [Wed Dec 22 17:17:10 CST 2021] Creating domain key
  4. [Wed Dec 22 17:17:11 CST 2021] The domain key is here: /usr/local/nginx/conf/ssl/auc.topdoit.com/auc.topdoit.com.key
  5. [Wed Dec 22 17:17:11 CST 2021] Single domain='auc.topdoit.com'
  6. [Wed Dec 22 17:17:11 CST 2021] Getting domain auth token for each domain
  7. [Wed Dec 22 17:17:15 CST 2021] Getting webroot for domain='auc.topdoit.com'
  8. [Wed Dec 22 17:17:15 CST 2021] Verifying: auc.topdoit.com
  9. [Wed Dec 22 17:17:16 CST 2021] Pending, The CA is processing your order, please just wait. (1/30)
  10. [Wed Dec 22 17:17:19 CST 2021] auc.topdoit.com:Verify error:Invalid response from http://auc.topdoit.com/.well-known/acme-challenge/qYzYCX9iQgjnUEnA6Ih6bGQ7R5UM29l1S1JzpkGV_7E [120.24.94.212]:
  11. [Wed Dec 22 17:17:19 CST 2021] Please check log file for more details: /usr/local/acme.sh/acme.sh.log
  12. Let's Encrypt SSL Certificate create failed!
复制代码
Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
回复 支持 反对

举报

licess
发表于 2021-12-22 19:10:51 | 显示全部楼层

访问验证文件404,可能你添加的虚拟主机未生效或者添加过程中报错或之前nginx上就存在错误

最简单的方法 去 /home/wwwlogs/access.log 查看 如果有 /.well-known/acme-challenge/qYzYCX9iQgjnUEnA6Ih6bGQ7R5UM29l1S1JzpkGV_7E 这个那就肯定是访问的默认虚拟主机,而不是你新添加的这个上
美国VPS推荐: 遨游主机LinodeLOCVPS主机云搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
回复 支持 反对

举报

hnqdgyj
 楼主| 发表于 2021-12-23 11:26:05 | 显示全部楼层



按照你的方法查了,access.log 没有相关记录,可以排除这个错误,单昨天debug时发现有这个错误
  1. [Wed Dec 22 17:31:28 CST 2021] Create new order error. Le_OrderFinalize not found. {
  2.   "type": "urn:ietf:params:acme:error:rateLimited",
  3.   "detail": "Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/",
  4.   "status": 429
  5. }
复制代码

Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
回复 支持 反对

举报

licess
发表于 2021-12-23 19:47:06 | 显示全部楼层

hnqdgyj 发表于 2021-12-23 11:26
按照你的方法查了,access.log 没有相关记录,可以排除这个错误,单昨天debug时发现有这个错误

...

这个是你目前已经超限额了,请求次数过多了
可以尝试选择zerossl或buypass

军哥运维代购:http://shop63846532.taobao.com/
回复 支持 反对

举报

hnqdgyj
 楼主| 发表于 2021-12-24 08:35:36 | 显示全部楼层

licess 发表于 2021-12-23 19:47
这个是你目前已经超限额了,请求次数过多了
可以尝试选择zerossl或buypass

lnmp1.7 貌似没得选,只有,1,2选择2就是letsencrypt的。
回复 支持 反对

举报

licess
发表于 2021-12-24 10:36:35 | 显示全部楼层

hnqdgyj 发表于 2021-12-24 08:35
lnmp1.7 貌似没得选,只有,1,2选择2就是letsencrypt的。

先在你创建的虚拟主机目录下随便放个index.html 或 index.php 内容随意,确定是否正常生效

lnmp 1.7的话可以用lnmp 1.8的脚本升级一下管理脚本,要不就只能等letsencrypt的限制解除
美国VPS推荐: 遨游主机LinodeLOCVPS主机云搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
回复 支持 反对

举报

hnqdgyj
 楼主| 发表于 2021-12-24 11:35:25 | 显示全部楼层

licess 发表于 2021-12-24 10:36
先在你创建的虚拟主机目录下随便放个index.html 或 index.php 内容随意,确定是否正常生效

lnmp 1.7的话 ...

感谢军哥,已搞定。
Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
回复 支持 反对

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

小黑屋|手机版|Archiver|VPS侦探 ( 鲁ICP备16040043号-1 )

GMT+8, 2024-9-20 17:29 , Processed in 0.028126 second(s), 17 queries .

Powered by Discuz! X3.4

© 2001-2023 Discuz! Team.

快速回复 返回顶部 返回列表