【求助】lnmp ssl 无法更新

lhjian

安装完LNMP后，网站开启了SSL，刚检查发现过几天SSL到期，无法更新。
1. 输入官网解决方案无效：自动更新命令：wget -O - http://soft.vpser.net/lnmp/ext/fix_renewssl.sh|bash

2.按照其他帖子解决方案也不行：
输入：/bin/certbot renew --force-renewal --disable-hook-validation --renew-hook "/etc/init.d/nginx reload"

我看着提示是DNS解析错误，
A记录没问题（网站一直可访问），AAAA记录没填。
请问我该如何操作呢？（新手，如果方便的话请尽量告知具体命令，不胜感激）

以下为提示输入代码后提示内容：

1. [root@2016071346856 ~]# /bin/certbot renew --force-renewal --disable-hook-validation --renew-hook "/etc/init.d/nginx reload"
   
2. /opt/eff.org/certbot/venv/lib/python2.6/site-packages/cryptography/__init__.py:26: DeprecationWarning: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of cryptography will drop support for Python 2.6
   
3.   DeprecationWarning
   
4. Saving debug log to /var/log/letsencrypt/letsencrypt.log
   
5. 
   
6. -------------------------------------------------------------------------------
   
7. Processing /etc/letsencrypt/renewal/www.mydomain.com.conf
   
8. -------------------------------------------------------------------------------
   
9. Plugins selected: Authenticator webroot, Installer None
   
10. Renewing an existing certificate
    
11. /opt/eff.org/certbot/venv/lib/python2.6/site-packages/acme/jose/jwa.py:110: DeprecationWarning: signer and verifier have been deprecated. Please use sign and verify instead.
    
12.   signer = key.signer(self.padding, self.hash)
    
13. Performing the following challenges:
    
14. http-01 challenge for www.mydomain.com
    
15. http-01 challenge for mydomain.com
    
16. Waiting for verification...
    
17. Cleaning up challenges
    
18. Attempting to renew cert (www.mydomain.com) from /etc/letsencrypt/renewal/www.mydomain.com.conf produced an unexpected error: Failed authorization procedure. mydomain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://mydomain.com/.well-known/acme-challenge/0cLkpwKiPfHsQKgoDefkjUEK-97Yv8MINwz8BU2LM4Q: "
    
19. 403 Forbidden
    
20. 
    
21. 403 Forbidden
    
22. ", www.mydomain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.mydomain.com/.well-known/acme-challenge/4NpS5boY7wKxQdpGCmagXcfrGlXBZAxuMAa1lSK6RCc: "
    
23. 403 Forbidden
    
24. 
    
25. 403 Forbidden
    
26. ". Skipping.
    
27. All renewal attempts failed. The following certs could not be renewed:
    
28.   /etc/letsencrypt/live/www.mydomain.com/fullchain.pem (failure)
    
29. 
    
30. -------------------------------------------------------------------------------
    
31. 
    
32. All renewal attempts failed. The following certs could not be renewed:
    
33.   /etc/letsencrypt/live/www.mydomain.com/fullchain.pem (failure)
    
34. -------------------------------------------------------------------------------
    
35. 1 renew failure(s), 0 parse failure(s)
    
36. 
    
37. IMPORTANT NOTES:
    
38. - The following errors were reported by the server:
    
39. 
    
40.    Domain: mydomain.com
    
41.    Type:   unauthorized
    
42.    Detail: Invalid response from
    
43.    http://mydomain.com/.well-known/acme-challenge/0cLkpwKiPfHsQKgoDefkjUEK-97Yv8MINwz8BU2LM4Q:
    
44.    "
    
45.    403 Forbidden
    
46.    
    
47.    403 Forbidden
    
48.    "
    
49. 
    
50.    Domain: www.mydomain.com
    
51.    Type:   unauthorized
    
52.    Detail: Invalid response from
    
53.    http://www.mydomain.com/.well-known/acme-challenge/4NpS5boY7wKxQdpGCmagXcfrGlXBZAxuMAa1lSK6RCc:
    
54.    "
    
55.    403 Forbidden
    
56.    
    
57.    403 Forbidden
    
58.    "
    
59. 
    
60.    To fix these errors, please make sure that your domain name was
    
61.    entered correctly and the DNS A/AAAA record(s) for that domain
    
62.    contain(s) the right IP address.

复制代码

licess

之前生成证书正常，续期返回403错误应该是该虚拟主机上又添加了deny规则，贴一下你的配置看一下

lhjian

CPU：1核

内存：1GB

系统盘：50GB

国际带宽：2mbps独享

licess

该域名的虚拟主机配置文件不是vps配置