记一次 Let's Encrypt 续期不成功 

[root@izwz93p6s96mh2av2ty5khz oneinstack]# /usr/local/python/bin/certbot renew --disable-hook-validation --force-renew --renew-hook "/etc/init.d/nginx reload"
Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/pm.avic-s.com.conf
-------------------------------------------------------------------------------
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for pm.avic-s.com
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (pm.avic-s.com) from /etc/letsencrypt/renewal/pm.avic-s.com.conf produced an unexpected error: Failed authorization procedure. pm.avic-s.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://pm.avic-s.com/.well-known/acme-challenge/ZZGZpIBAzJ9RHudL11kw6n4wVzfVfTt3y53ZkEddgbY: "<!DOCTYPE html>\r\n<html>\r\n    <head>\r\n        <meta charset=\"utf-8\">\r\n        <meta name=\"viewport\" content=\"width=device-width\">". Skipping.

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/mall.avic-s.com.conf
-------------------------------------------------------------------------------
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for mall.avic-s.com
Waiting for verification...
Cleaning up challenges
Running deploy-hook command: /etc/init.d/nginx reload
Output from nginx:
Reloading nginx configuration (via systemctl):  [  OK  ]


-------------------------------------------------------------------------------
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/mall.avic-s.com/fullchain.pem
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/b.superdesk.cn.conf
-------------------------------------------------------------------------------
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for b.superdesk.cn
Waiting for verification...
Cleaning up challenges
Running deploy-hook command: /etc/init.d/nginx reload
Output from nginx:
Reloading nginx configuration (via systemctl):  [  OK  ]


-------------------------------------------------------------------------------
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/b.superdesk.cn/fullchain.pem
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/wxm.avic-s.com.conf
-------------------------------------------------------------------------------
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for wxm.avic-s.com
Waiting for verification...
Cleaning up challenges
Running deploy-hook command: /etc/init.d/nginx reload
Output from nginx:
Reloading nginx configuration (via systemctl):  [  OK  ]


-------------------------------------------------------------------------------
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/wxm.avic-s.com/fullchain.pem
-------------------------------------------------------------------------------
The following certs could not be renewed:
  /etc/letsencrypt/live/pm.avic-s.com/fullchain.pem (failure)

-------------------------------------------------------------------------------

The following certs were successfully renewed:
  /etc/letsencrypt/live/mall.avic-s.com/fullchain.pem (success)
  /etc/letsencrypt/live/b.superdesk.cn/fullchain.pem (success)
  /etc/letsencrypt/live/wxm.avic-s.com/fullchain.pem (success)

The following certs could not be renewed:
  /etc/letsencrypt/live/pm.avic-s.com/fullchain.pem (failure)
-------------------------------------------------------------------------------
1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: pm.avic-s.com
   Type:   unauthorized
   Detail: Invalid response from
   http://pm.avic-s.com/.well-known/acme-challenge/ZZGZpIBAzJ9RHudL11kw6n4wVzfVfTt3y53ZkEddgbY:
   "<!DOCTYPE html>\r\n<html>\r\n    <head>\r\n        <meta
   charset=\"utf-8\">\r\n        <meta name=\"viewport\"
   content=\"width=device-width\">"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

未标明原创文章均为采集,版权归作者所有,转载无需和我联系,请注明原出处,南摩阿彌陀佛,知识,不只知道,要得到

请先后发表评论
  • 最新评论
  • 总共1条评论
DeepMind

我是果粉我怕谁

解决办法。不是A记录的问题,大概是当时迁移的问题,从/data/wwwroot/xxx /mnt/wwwroot/xxx 移动了

2019-02-14 11:49:40 回复