关于使用 acme.sh 申请 Let's encrypt 的问题

2016-12-31 18:32:08 +08:00
 crazycabbage

情况是这样的,本来用 acme.sh 申请了一个一级域名的证书,突然想起二级域名忘记申请了就重新写了一个申请二级域名的,但在 renew 的时候出错了,使用的 dns 方式生成的证书,报错如下


[root@centos ~]# acme.sh --force  --renew -d crazyc.cn -d www.crazyc. cn -d chat.crazyc.cn
[Sat Dec 31 18:23:23 CST 2016] Renew: 'crazyc.cn'
[Sat Dec 31 18:23:23 CST 2016] Multi domain='DNS:www.crazyc.cn,DNS:chat.crazyc.cn'
[Sat Dec 31 18:23:23 CST 2016] Getting domain auth token for each domain
[Sat Dec 31 18:23:23 CST 2016] crazyc.cn is already verified, skip dns-01.
[Sat Dec 31 18:23:23 CST 2016] Verifying:www.crazyc.cn
[Sat Dec 31 18:23:30 CST 2016] www.crazyc.cn:Challenge error: {"type":"urn:acme:error:malformed","detail":"Unable to update challenge :: Response does not complete challenge","status": 400}
[Sat Dec 31 18:23:30 CST 2016] Please check log file for more details: /root/.acme.sh/acme.sh.log

加上 debug 发现

[Sat Dec 31 18:23:45 CST 2016] RSA key
[Sat Dec 31 18:23:46 CST 2016] GET
[Sat Dec 31 18:23:47 CST 2016] url='https://acme-v01.api.letsencrypt.org/directo                                                         ry'
[Sat Dec 31 18:23:47 CST 2016] timeout
[Sat Dec 31 18:23:47 CST 2016] _CURL='curl -L --silent --dump-header /root/.acme                                                         .sh/http.header '
[Sat Dec 31 18:23:47 CST 2016] Please refer to https://curl.haxx.se/libcurl/c/li                                                         bcurl-errors.html for error code: 7
[Sat Dec 31 18:23:47 CST 2016] ret='7'
[Sat Dec 31 18:23:47 CST 2016] Can not connect to https://acme-v01.api.letsencry                                                         pt.org/directory to get nonce.
[Sat Dec 31 18:23:47 CST 2016] www.crazyc.cn:Can not get challenge:
[Sat Dec 31 18:23:47 CST 2016] Skip for removelevel:
[Sat Dec 31 18:23:47 CST 2016] pid
[Sat Dec 31 18:23:47 CST 2016] _clearupdns
[Sat Dec 31 18:23:47 CST 2016] Dns not added, skip.
[Sat Dec 31 18:23:47 CST 2016] _on_issue_err
[Sat Dec 31 18:23:47 CST 2016] Please check log file for more details: /root/.ac                                                         me.sh/acme.sh.log
[Sat Dec 31 18:23:47 CST 2016] nc doesn't exists.
[Sat Dec 31 18:23:47 CST 2016] Diagnosis versions:
openssl:openssl
OpenSSL 1.0.1e-fips 11 Feb 2013
apache:
apache doesn't exists.
nc:

为什么会 time out ,是我的问题还是 Let's encrypt 那边的问题,求告知怎么解决的,万分感谢!

326 次点击
所在节点    域名
0 条回复

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/331475

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX