我有两台服务器。一个用作 Web 服务器,另一个用作 Radius 服务器。为了设定半径,我必须通过发出来验证域名的所有权
certbot certonly --standalone -d my.comain.com
不幸的是,它回传
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Requesting a certificate for my.domain.com
Performing the following challenges:
http-01 challenge for my.domain.com
Waiting for verification...
Challenge failed for domain my.domain.com
http-01 challenge for my.domain.com
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: my.domain.com
Type:   unauthorized
Detail: Invalid response from
http://my.domain.com/.well-known/acme-challenge/lZJhjHOvCGs0DKmrdJbi31iGW_RpNL58ua2CPzwmKA4
[1XX.1XX.1XX.1XX]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
供您参考,此命令是从 radius 服务器运行的,并且域位于 Web 服务器上。该域可通过浏览器访问。即使我为 http 档案夹设定了 777 权限,错误仍然存??在。
它必须在同一台服务器上吗?
uj5u.com热心网友回复:
从 Certbot 的档案中:
certbot充当 Web 服务器以验证域。Let's Encrypt 尝试连接到certbot's-d选项(my.domain.com在您的情况下)指向的域上的此 Web 服务器。因此,您将需要一些临时网络技巧(埠转发、DNS 更改等),以便在您请求此证书时,来自 Let's Encrypt 的流量到达 RADIUS 服务器,而不是 Web 服务器。您还需要每三个月重复一次以进行续订。

 
							 
										
										 
										
										 
										
										
										 
										
										 
										
										 
										
										
0 评论