拨开荷叶行,寻梦已然成。仙女莲花里,翩翩白鹭情。
IMG-LOGO
主页 文章列表 Certbot极致挑战

Certbot极致挑战

白鹭 - 2022-03-14 2084 0 0

我有两台服务器。一个用作 Web 服务器,另一个用作 Radius 服务器。为了设定半径,我必须通过发出来验证域名的所有权

certbot certonly --standalone -d my.comain.com

不幸的是,它回传

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Requesting a certificate for my.domain.com
Performing the following challenges:
http-01 challenge for my.domain.com
Waiting for verification...
Challenge failed for domain my.domain.com
http-01 challenge for my.domain.com
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:
- The following errors were reported by the server:

Domain: my.domain.com
Type:   unauthorized
Detail: Invalid response from
http://my.domain.com/.well-known/acme-challenge/lZJhjHOvCGs0DKmrdJbi31iGW_RpNL58ua2CPzwmKA4
[1XX.1XX.1XX.1XX]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

供您参考,此命令是从 radius 服务器运行的,并且域位于 Web 服务器上。该域可通过浏览器访问。即使我为 http 档案夹设定了 777 权限,错误仍然存??在。

它必须在同一台服务器上吗?

uj5u.com热心网友回复:

从 Certbot 的档案中:

certbot充当 Web 服务器以验证域。Let's Encrypt 尝试连接到certbot's-d选项(my.domain.com在您的情况下)指向的域上的此 Web 服务器。因此,您将需要一些临时网络技巧(埠转发、DNS 更改等),以便在您请求此证书时,来自 Let's Encrypt 的流量到达 RADIUS 服务器,而不是 Web 服务器。您还需要每三个月重复一次以进行续订。

标签:

0 评论

发表评论

您的电子邮件地址不会被公开。 必填的字段已做标记 *