我有两台服务器。一个用作 Web 服务器，另一个用作 Radius 服务器。为了设定半径，我必须通过发出来验证域名的所有权

certbot certonly --standalone -d my.comain.com

不幸的是，它回传

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Requesting a certificate for my.domain.com
Performing the following challenges:
http-01 challenge for my.domain.com
Waiting for verification...
Challenge failed for domain my.domain.com
http-01 challenge for my.domain.com
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:
- The following errors were reported by the server:

Domain: my.domain.com
Type:   unauthorized
Detail: Invalid response from
http://my.domain.com/.well-known/acme-challenge/lZJhjHOvCGs0DKmrdJbi31iGW_RpNL58ua2CPzwmKA4
[1XX.1XX.1XX.1XX]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

供您参考，此命令是从 radius 服务器运行的，并且域位于 Web 服务器上。该域可通过浏览器访问。即使我为 http 档案夹设定了 777 权限，错误仍然存??在。

它必须在同一台服务器上吗？

uj5u.com热心网友回复：

从 Certbot 的档案中：

certbot充当 Web 服务器以验证域。Let's Encrypt 尝试连接到certbot's-d选项（my.domain.com在您的情况下）指向的域上的此 Web 服务器。因此，您将需要一些临时网络技巧（埠转发、DNS 更改等），以便在您请求此证书时，来自 Let's Encrypt 的流量到达 RADIUS 服务器，而不是 Web 服务器。您还需要每三个月重复一次以进行续订。