VPS侦探论坛

 找回密码
 注册
查看: 2731|回复: 1

系统自带的ssl证书续期失败了

[复制链接]
发表于 2020-2-15 15:14:58 | 显示全部楼层 |阅读模式

军哥新年好,遇到了一个问题需要请教你

安装的是lnmp1.6

添加了一个二级域名,并使用了系统自带的Let'sEncrypt的证书,但是我把crontab的自动更新脚本删除了。。。

现在证书马上就要到期了,我使用手动升级命令: acme.sh --renew -d 域名

但是出现了问题,麻烦你看一下我要怎么解决。



日志:
  1. [Sat Feb 15 15:06:37 CST 2020] Running cmd: renew
  2. [Sat Feb 15 15:06:37 CST 2020] Using config home:/usr/local/acme.sh
  3. [Sat Feb 15 15:06:37 CST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
  4. [Sat Feb 15 15:06:37 CST 2020] DOMAIN_PATH='/usr/local/nginx/conf/ssl/tlryjg.jiaohusheji.net'
  5. [Sat Feb 15 15:06:37 CST 2020] Renew: 'tlryjg.jiaohusheji.net'
  6. [Sat Feb 15 15:06:37 CST 2020] Le_API
  7. [Sat Feb 15 15:06:37 CST 2020] _main_domain='tlryjg.jiaohusheji.net'
  8. [Sat Feb 15 15:06:37 CST 2020] _alt_domains='no'
  9. [Sat Feb 15 15:06:37 CST 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
  10. [Sat Feb 15 15:06:37 CST 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory
  11. [Sat Feb 15 15:06:37 CST 2020] GET
  12. [Sat Feb 15 15:06:37 CST 2020] url='https://acme-v02.api.letsencrypt.org/directory'
  13. [Sat Feb 15 15:06:37 CST 2020] timeout=
  14. [Sat Feb 15 15:06:37 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
  15. [Sat Feb 15 15:06:38 CST 2020] ret='0'
  16. [Sat Feb 15 15:06:39 CST 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
  17. [Sat Feb 15 15:06:39 CST 2020] ACME_NEW_AUTHZ
  18. [Sat Feb 15 15:06:39 CST 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
  19. [Sat Feb 15 15:06:39 CST 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
  20. [Sat Feb 15 15:06:39 CST 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
  21. [Sat Feb 15 15:06:39 CST 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
  22. [Sat Feb 15 15:06:39 CST 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
  23. [Sat Feb 15 15:06:39 CST 2020] ACME_VERSION='2'
  24. [Sat Feb 15 15:06:39 CST 2020] Le_NextRenewTime='1580446350'
  25. [Sat Feb 15 15:06:39 CST 2020] _on_before_issue
  26. [Sat Feb 15 15:06:39 CST 2020] _chk_main_domain='tlryjg.jiaohusheji.net'
  27. [Sat Feb 15 15:06:39 CST 2020] _chk_alt_domains
  28. [Sat Feb 15 15:06:39 CST 2020] Le_LocalAddress
  29. [Sat Feb 15 15:06:39 CST 2020] d='tlryjg.jiaohusheji.net'
  30. [Sat Feb 15 15:06:39 CST 2020] Check for domain='tlryjg.jiaohusheji.net'
  31. [Sat Feb 15 15:06:39 CST 2020] _currentRoot='/home/wwwroot/tlryjg.jiaohusheji.net'
  32. [Sat Feb 15 15:06:39 CST 2020] d
  33. [Sat Feb 15 15:06:39 CST 2020] _saved_account_key_hash is not changed, skip register account.
  34. [Sat Feb 15 15:06:39 CST 2020] Read key length:
  35. [Sat Feb 15 15:06:39 CST 2020] _createcsr
  36. [Sat Feb 15 15:06:39 CST 2020] Single domain='tlryjg.jiaohusheji.net'
  37. [Sat Feb 15 15:06:39 CST 2020] Getting domain auth token for each domain
  38. [Sat Feb 15 15:06:39 CST 2020] d
  39. [Sat Feb 15 15:06:39 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
  40. [Sat Feb 15 15:06:39 CST 2020] payload='{"identifiers": [{"type":"dns","value":"tlryjg.jiaohusheji.net"}]}'
  41. [Sat Feb 15 15:06:39 CST 2020] RSA key
  42. [Sat Feb 15 15:06:39 CST 2020] HEAD
  43. [Sat Feb 15 15:06:39 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
  44. [Sat Feb 15 15:06:39 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g  -I  '
  45. [Sat Feb 15 15:06:40 CST 2020] _ret='0'
  46. [Sat Feb 15 15:06:40 CST 2020] POST
  47. [Sat Feb 15 15:06:40 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
  48. [Sat Feb 15 15:06:40 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
  49. [Sat Feb 15 15:06:43 CST 2020] _ret='0'
  50. [Sat Feb 15 15:06:43 CST 2020] code='201'
  51. [Sat Feb 15 15:06:43 CST 2020] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/69649468/2337235879'
  52. [Sat Feb 15 15:06:43 CST 2020] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/69649468/2337235879'
  53. [Sat Feb 15 15:06:43 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2826459960'
  54. [Sat Feb 15 15:06:43 CST 2020] payload
  55. [Sat Feb 15 15:06:43 CST 2020] POST
  56. [Sat Feb 15 15:06:43 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2826459960'
  57. [Sat Feb 15 15:06:43 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
  58. [Sat Feb 15 15:06:44 CST 2020] _ret='0'
  59. [Sat Feb 15 15:06:44 CST 2020] code='200'
  60. [Sat Feb 15 15:06:44 CST 2020] d='tlryjg.jiaohusheji.net'
  61. [Sat Feb 15 15:06:44 CST 2020] Getting webroot for domain='tlryjg.jiaohusheji.net'
  62. [Sat Feb 15 15:06:44 CST 2020] _w='/home/wwwroot/tlryjg.jiaohusheji.net'
  63. [Sat Feb 15 15:06:44 CST 2020] _currentRoot='/home/wwwroot/tlryjg.jiaohusheji.net'
  64. [Sat Feb 15 15:06:44 CST 2020] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2826459960/k-UA8A","token":"aPP6IRwWEQSMcjPrU0t_W-xMsfpQLij7Sik4Lm7obbQ"'
  65. [Sat Feb 15 15:06:44 CST 2020] token='aPP6IRwWEQSMcjPrU0t_W-xMsfpQLij7Sik4Lm7obbQ'
  66. [Sat Feb 15 15:06:44 CST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2826459960/k-UA8A'
  67. [Sat Feb 15 15:06:44 CST 2020] keyauthorization='aPP6IRwWEQSMcjPrU0t_W-xMsfpQLij7Sik4Lm7obbQ.MRUZ5DWTAV3hva6TT0QYRS_Na049T9UclLzLWAR7UhA'
  68. [Sat Feb 15 15:06:44 CST 2020] dvlist='tlryjg.jiaohusheji.net#aPP6IRwWEQSMcjPrU0t_W-xMsfpQLij7Sik4Lm7obbQ.MRUZ5DWTAV3hva6TT0QYRS_Na049T9UclLzLWAR7UhA#https://acme-v02.api.letsencrypt.org/acme/chall-v3/2826459960/k-UA8A#http-01#/home/wwwroot/tlryjg.jiaohusheji.net'
  69. [Sat Feb 15 15:06:44 CST 2020] d
  70. [Sat Feb 15 15:06:44 CST 2020] vlist='tlryjg.jiaohusheji.net#aPP6IRwWEQSMcjPrU0t_W-xMsfpQLij7Sik4Lm7obbQ.MRUZ5DWTAV3hva6TT0QYRS_Na049T9UclLzLWAR7UhA#https://acme-v02.api.letsencrypt.org/acme/chall-v3/2826459960/k-UA8A#http-01#/home/wwwroot/tlryjg.jiaohusheji.net,'
  71. [Sat Feb 15 15:06:44 CST 2020] d='tlryjg.jiaohusheji.net'
  72. [Sat Feb 15 15:06:44 CST 2020] ok, let's start to verify
  73. [Sat Feb 15 15:06:44 CST 2020] Verifying: tlryjg.jiaohusheji.net
  74. [Sat Feb 15 15:06:44 CST 2020] d='tlryjg.jiaohusheji.net'
  75. [Sat Feb 15 15:06:44 CST 2020] keyauthorization='aPP6IRwWEQSMcjPrU0t_W-xMsfpQLij7Sik4Lm7obbQ.MRUZ5DWTAV3hva6TT0QYRS_Na049T9UclLzLWAR7UhA'
  76. [Sat Feb 15 15:06:44 CST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2826459960/k-UA8A'
  77. [Sat Feb 15 15:06:44 CST 2020] _currentRoot='/home/wwwroot/tlryjg.jiaohusheji.net'
  78. [Sat Feb 15 15:06:44 CST 2020] wellknown_path='/home/wwwroot/tlryjg.jiaohusheji.net/.well-known/acme-challenge'
  79. [Sat Feb 15 15:06:44 CST 2020] writing token:aPP6IRwWEQSMcjPrU0t_W-xMsfpQLij7Sik4Lm7obbQ to /home/wwwroot/tlryjg.jiaohusheji.net/.well-known/acme-challenge/aPP6IRwWEQSMcjPrU0t_W-xMsfpQLij7Sik4Lm7obbQ
  80. [Sat Feb 15 15:06:44 CST 2020] Changing owner/group of .well-known to www:www
  81. [Sat Feb 15 15:06:44 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2826459960/k-UA8A'
  82. [Sat Feb 15 15:06:44 CST 2020] payload='{}'
  83. [Sat Feb 15 15:06:44 CST 2020] POST
  84. [Sat Feb 15 15:06:44 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2826459960/k-UA8A'
  85. [Sat Feb 15 15:06:44 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
  86. [Sat Feb 15 15:06:46 CST 2020] _ret='0'
  87. [Sat Feb 15 15:06:46 CST 2020] code='200'
  88. [Sat Feb 15 15:06:46 CST 2020] trigger validation code: 200
  89. [Sat Feb 15 15:06:46 CST 2020] sleep 2 secs to verify
  90. [Sat Feb 15 15:06:48 CST 2020] checking
  91. [Sat Feb 15 15:06:48 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2826459960/k-UA8A'
  92. [Sat Feb 15 15:06:48 CST 2020] payload
  93. [Sat Feb 15 15:06:48 CST 2020] POST
  94. [Sat Feb 15 15:06:48 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2826459960/k-UA8A'
  95. [Sat Feb 15 15:06:48 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
  96. [Sat Feb 15 15:06:51 CST 2020] _ret='0'
  97. [Sat Feb 15 15:06:51 CST 2020] code='200'
  98. [Sat Feb 15 15:06:51 CST 2020] tlryjg.jiaohusheji.net:Verify error:Invalid response from https://tlryjg.jiaohusheji.net/.well-known/acme-challenge/aPP6IRwWEQSMcjPrU0t_W-xMsfpQLij7Sik4Lm7obbQ [58.211.137.142]:
  99. [Sat Feb 15 15:06:51 CST 2020] pid
  100. [Sat Feb 15 15:06:51 CST 2020] No need to restore nginx, skip.
  101. [Sat Feb 15 15:06:51 CST 2020] _clearupdns
  102. [Sat Feb 15 15:06:51 CST 2020] dns_entries
  103. [Sat Feb 15 15:06:51 CST 2020] skip dns.
  104. [Sat Feb 15 15:06:51 CST 2020] _on_issue_err
  105. [Sat Feb 15 15:06:51 CST 2020] Please check log file for more details: /usr/local/acme.sh/acme.sh.log
  106. [Sat Feb 15 15:06:51 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2826459960/k-UA8A'
  107. [Sat Feb 15 15:06:51 CST 2020] payload='{}'
  108. [Sat Feb 15 15:06:51 CST 2020] POST
  109. [Sat Feb 15 15:06:51 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2826459960/k-UA8A'
  110. [Sat Feb 15 15:06:51 CST 2020] _CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header  -g '
  111. [Sat Feb 15 15:06:52 CST 2020] _ret='0'
  112. [Sat Feb 15 15:06:52 CST 2020] code='400'
复制代码


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有账号?注册

x
美国VPS推荐: 遨游主机LinodeLOCVPS主机云搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
发表于 2020-2-15 19:15:43 | 显示全部楼层


crontab 里面你可以自己再重新添加一下:
40 0 * * * "/usr/local/acme.sh"/acme.sh --cron --home "/usr/local/acme.sh" > /dev/null
手动续期的话可以执行 "/usr/local/acme.sh"/acme.sh --cron --home "/usr/local/acme.sh" 这样试一下

你这个域名的验证文件不存在,可能你更改过该域名对应的配置文件设置,如root网站目录、或设置过其他一些影响续期的配置
Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
您需要登录后才可以回帖 登录 | 注册

本版积分规则

小黑屋|手机版|Archiver|VPS侦探 ( 鲁ICP备16040043号-1 )

GMT+8, 2024-11-20 21:37 , Processed in 0.025828 second(s), 17 queries .

Powered by Discuz! X3.4

© 2001-2023 Discuz! Team.

快速回复 返回顶部 返回列表