这是 tail -n100 /var/log/ee/ee.log

这是 tail -n100 /var/log/ee/ee.log

编辑:

Nginx 配置:

server {

    server_name selftestcheck.com   www.selftestcheck.com;


    access_log /var/log/nginx/selftestcheck.com.access.log rt_cache_redis;
    error_log /var/log/nginx/selftestcheck.com.error.log;


    root /var/www/selftestcheck.com/htdocs;



    index index.php index.html index.htm;


    include  common/redis-php7.conf;

    include common/wpcommon-php7.conf;
    include common/locations-php7.conf;
    include /var/www/selftestcheck.com/conf/nginx/*.conf;

    location '/.well-known/acme-challenge' {
       root /var/www/domain/htdocs;
    }
}

这个问题可能以前被问过,但似乎没有答案,所以我想尝试回答它,因为很多人似乎都受到它的困扰。

这就是问题:

我运行“sudo ee site create domain --wpfc --letsencrypt”或“sudo ee site update domain --letsencrypt”

我收到此错误:

“要修复这些错误,请确保您输入的域名正确,并且该域的 DNS A 记录包含正确的 IP 地址。”

几个月前,我可以执行 sudo ee site create domain --wpfc --letsencrypt,一切都会顺利进行。现在突然间,我用 ee 创建的每个网站都出现了这个 https 问题。为什么?!

无论如何,以下是我认为每个人都需要了解的关于发生了什么事情的基本信息:

这是 tail -n100 /var/log/ee/ee.log

2017-06-27 16:01:33,531 (DEBUG) ee : logging initialized for 'ee' using LoggingLogHandler
2017-06-27 16:01:33,826 (DEBUG) ee : ['/usr/local/bin/ee', 'site', 'update', 'domain', '--letsencrypt']
2017-06-27 16:01:33,827 (DEBUG) ee : collecting arguments/commands for <ee.cli.controllers.base.EEBaseController object at 0x7ff98cd5d908>
2017-06-27 16:01:33,829 (DEBUG) ee : collecting arguments/commands for <ee.cli.plugins.site.EESiteController object at 0x7ff98cd5dac8>
2017-06-27 16:01:33,830 (DEBUG) ee : collecting arguments/commands for <ee.cli.plugins.site.EESiteUpdateController object at 0x7ff98cd6f3c8>
2017-06-27 16:01:33,833 (INFO) ee : Initializing EasyEngine Database
2017-06-27 16:01:33,843 (INFO) ee : Letsencrypt is currently in beta phase.
Do you wish to enable SSl now for domain?
2017-06-27 16:01:36,195 (DEBUG) ee : Changing directory to /opt/letsencrypt
2017-06-27 16:01:36,195 (DEBUG) ee : Running command: git pull
2017-06-27 16:01:36,548 (DEBUG) ee : Command Output: Already up-to-date.
,
Command Error:
2017-06-27 16:01:36,549 (WARNING) ee : Please Wait while we fetch SSL Certificate for your site.
It may take time depending upon network.
2017-06-27 16:01:36,549 (DEBUG) ee : Running command: ./letsencrypt-auto certonly --webroot -w /var/www/domain/htdocs/ -d domain -d domain --email email --text --agree-tos
2017-06-27 16:01:44,332 (DEBUG) ee : Command Output: IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: domain
   Type:   unauthorized
   Detail: Invalid response from
   //domain/.well-known/acme-challenge/uLxoAUahNQ-eqXBUfYuYP2xVEQwohM1o4zm53RgqtHI:
   "<html>
   <head><title>404 Not Found</title></head>
   <body bgcolor="white">
   <center><h1>404 Not Found</h1></center>
   <center>"

   Domain: non-www-domain
   Type:   unauthorized
   Detail: Invalid response from
   //non-www-domain/.well-known/acme-challenge/vFzrgVwx62VPdsAeN4M1DGXJDwLkPaIC3nuCMfXvw0Q:
   "<html>
   <head><title>404 Not Found</title></head>
   <body bgcolor="white">
   <center><h1>404 Not Found</h1></center>
   <center>"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A record(s) for that domain
   contain(s) the right IP address.
,
Command Error: Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for domain
http-01 challenge for non-www-domain
Using the webroot path /var/www/domain/htdocs for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. domain (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from //domain/.well-known/acme-challenge/uLxoAUahNQ-eqXBUfYuYP2xVEQwohM1o4zm53RgqtHI: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<center>", domain (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from //domain/.well-known/acme-challenge/vFzrgVwx62VPdsAeN4M1DGXJDwLkPaIC3nuCMfXvw0Q: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<center>"

2017-06-27 16:01:44,333 (ERROR) ee : Unable to setup, Let's Encrypt
2017-06-27 16:01:44,333 (ERROR) ee : Please make sure that your site is pointed to
same server on which you are running Let's Encrypt Client
 to allow it to verify the site automatically.

我已经使用 pingdom 来检查我的 DNS,它指向 Linode 上所有正确的名称服务器,网站解析后我可以看到它,反向 DNS 有效。

这是 UFW 输出:

Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
22                         DENY IN     Anywhere
80                         ALLOW IN    Anywhere
443                        ALLOW IN    Anywhere
xxxxxxx                    ALLOW IN    Anywhere
xxx                        ALLOW IN    Anywhere
22 (v6)                    DENY IN     Anywhere (v6)
80 (v6)                    ALLOW IN    Anywhere (v6)
443 (v6)                   ALLOW IN    Anywhere (v6)
xxxxxxx (v6)               ALLOW IN    Anywhere (v6)
xxx (v6)                   ALLOW IN    Anywhere (v6)

下面是我放入 DIR 中的一个测试文件,只是为了确保它可以访问:

http://selftestcheck.com/.well-known/acme-challenge/test.txt

应该看到“嗨你好”有人请帮忙!

答案1

您的配置很可能配置错误。

location ~ /.well-known/ {  
    allow all;
}

确保你的配置中有这个。也可以尝试通过以下方式配置是否正确sudo nginx -t

相关内容