V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
crazycabbage
V2EX  ›  域名

关于使用 acme.sh 申请 Let's encrypt 的问题

  •  
  •   crazycabbage · 2016-12-31 18:32:08 +08:00 · 410 次点击
    这是一个创建于 2915 天前的主题,其中的信息可能已经有所发展或是发生改变。

    情况是这样的,本来用 acme.sh 申请了一个一级域名的证书,突然想起二级域名忘记申请了就重新写了一个申请二级域名的,但在 renew 的时候出错了,使用的 dns 方式生成的证书,报错如下

    
    [root@centos ~]# acme.sh --force  --renew -d crazyc.cn -d www.crazyc. cn -d chat.crazyc.cn
    [Sat Dec 31 18:23:23 CST 2016] Renew: 'crazyc.cn'
    [Sat Dec 31 18:23:23 CST 2016] Multi domain='DNS:www.crazyc.cn,DNS:chat.crazyc.cn'
    [Sat Dec 31 18:23:23 CST 2016] Getting domain auth token for each domain
    [Sat Dec 31 18:23:23 CST 2016] crazyc.cn is already verified, skip dns-01.
    [Sat Dec 31 18:23:23 CST 2016] Verifying:www.crazyc.cn
    [Sat Dec 31 18:23:30 CST 2016] www.crazyc.cn:Challenge error: {"type":"urn:acme:error:malformed","detail":"Unable to update challenge :: Response does not complete challenge","status": 400}
    [Sat Dec 31 18:23:30 CST 2016] Please check log file for more details: /root/.acme.sh/acme.sh.log
    

    加上 debug 发现

    [Sat Dec 31 18:23:45 CST 2016] RSA key
    [Sat Dec 31 18:23:46 CST 2016] GET
    [Sat Dec 31 18:23:47 CST 2016] url='https://acme-v01.api.letsencrypt.org/directo                                                         ry'
    [Sat Dec 31 18:23:47 CST 2016] timeout
    [Sat Dec 31 18:23:47 CST 2016] _CURL='curl -L --silent --dump-header /root/.acme                                                         .sh/http.header '
    [Sat Dec 31 18:23:47 CST 2016] Please refer to https://curl.haxx.se/libcurl/c/li                                                         bcurl-errors.html for error code: 7
    [Sat Dec 31 18:23:47 CST 2016] ret='7'
    [Sat Dec 31 18:23:47 CST 2016] Can not connect to https://acme-v01.api.letsencry                                                         pt.org/directory to get nonce.
    [Sat Dec 31 18:23:47 CST 2016] www.crazyc.cn:Can not get challenge:
    [Sat Dec 31 18:23:47 CST 2016] Skip for removelevel:
    [Sat Dec 31 18:23:47 CST 2016] pid
    [Sat Dec 31 18:23:47 CST 2016] _clearupdns
    [Sat Dec 31 18:23:47 CST 2016] Dns not added, skip.
    [Sat Dec 31 18:23:47 CST 2016] _on_issue_err
    [Sat Dec 31 18:23:47 CST 2016] Please check log file for more details: /root/.ac                                                         me.sh/acme.sh.log
    [Sat Dec 31 18:23:47 CST 2016] nc doesn't exists.
    [Sat Dec 31 18:23:47 CST 2016] Diagnosis versions:
    openssl:openssl
    OpenSSL 1.0.1e-fips 11 Feb 2013
    apache:
    apache doesn't exists.
    nc:
    

    为什么会 time out ,是我的问题还是 Let's encrypt 那边的问题,求告知怎么解决的,万分感谢!

    目前尚无回复
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   5493 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 28ms · UTC 08:55 · PVG 16:55 · LAX 00:55 · JFK 03:55
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.