我的域是:
monxas.ninja
我运行了以下命令:
sudo certbot --apache --debug-challenges
它产生了以下输出:
Obtaining a new certificate
/usr/lib/python3/dist-packages/josepy/jwa.py:107: CryptographyDeprecationWarning: signer and verifier have been deprecated. Please use sign and verify instead.
signer = key.signer(self.padding, self.hash)
Performing the following challenges:
http-01 challenge for monxas.ninja
Waiting for verification...
-------------------------------------------------------------------------------
Challenges loaded. Press continue to submit to CA. Pass "-v" for more info about
challenges.
-------------------------------------------------------------------------------
Press Enter to Continue
/usr/lib/python3/dist-packages/josepy/jwa.py:107: CryptographyDeprecationWarning: signer and verifier have been deprecated. Please use sign and verify instead.
signer = key.signer(self.padding, self.hash)
Cleaning up challenges
Failed authorization procedure. monxas.ninja (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://monxas.ninja/.well-known/acme-challenge/Wt_CvapZhIJt3EDdoIjop4Lun7V4B_JpWmnpyMxz7es: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: monxas.ninja
Type: unauthorized
Detail: Invalid response from
http://monxas.ninja/.well-known/acme-challenge/Wt_CvapZhIJt3EDdoIjop4Lun7V4B_JpWmnpyMxz7es:
"<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
我的Web服务器是(包括版本):
Apache version 2.4.25
我的Web服务器运行的操作系统是(包括版本):
Raspbian GNU/Linux 9
我可以登录到计算机上的root shell(是或否,或者我不知道):
yes
我正在使用控制面板来管理我的网站(否,或提供控制面板的名称和版本):
no
dns记录是
A *.monxas.ninja 83.56.8.166 300
A monxas.ninja 83.56.8.166 300
我不使用AAAA
此外,您可以手动创建众所周知的路径,如下所示:
答案 0 :(得分:1)
我想我可能已经找到了解决方案。反正这是我的解决方法...
我倾向于查看续订文件,并在其中找到了解决方案。我不知道如何或为什么创建此错误,但是两台服务器上的续订文件中的webroot错误。更正后,两个续订都按预期完成。
/etc/letsencrypt/renewal/www.server.com.conf
在[[webroot_map]]下查找条目
我希望这对某人有帮助。我花了两天时间挠头,然后才考虑查看续订文件。