Certbot: يتجاهل المكون الإضافي المستقل المنفذ الذي طلبت استخدامه
إذا كنت تواجه مشكلة في استخدام Certbot ولست متأكدًا من العثور على خطأ أو ملف
طلب ميزة جديدة ، يرجى أولاً محاولة طلب المساعدة على
https://community.letsencrypt.org/. هناك مجتمع أكبر بكثير هناك
الأشخاص المطلعين على المشروع والذين سيكونون قادرين على الإجابة بسرعة أكبر على
أسئلة.
نظام التشغيل الخاص بي (يشمل الإصدار):
Linux openvpn1.ismyservice.space 4.4.0-134-generic #160-Ubuntu SMP Wed Aug 15 14:58:00 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
certbot 0.26.1
لقد قمت بتثبيت Certbot مع (certbot-auto ، مدير حزمة نظام التشغيل ، النقطة ، إلخ):
Ubuntu package maanger
قمت بتشغيل هذا الأمر وأنتج هذا الناتج:
sudo certbot certonly --standalone --non-interactive --preferred-challenge http-01
--http-01-port 10000 --agree-tos
--email [email protected] --domains realtebo.example.com
--pre-hook 'sudo service webmin stop'
--post-hook 'sudo service webmin start'
--staging --dry-run
Domain: realtebo.example.com
Type: connection
Detail: Fetching
http://realtebo.example.com/.well-known/acme-challenge/DbE18Iyfud0xBRtrfvz-ILifSzqV-7GoV5uRAyuNYRw:
Timeout during connect (likely firewall problem)
اختلف سلوك Certbot عما كنت أتوقعه للأسباب التالية:
يتم فتح جدار الحماية على المنفذ 10000. عند انتهاء certbot ، يقوم بإعادة تشغيل webmin ، الذي يعمل على نفس المنفذ. يمكنني الاتصال بـ webmin من الخارج باستخدام المنفذ 10000 دون أي مشكلة
انظر السجل في النقطة التالية ؛ بدأ certbot خادم الويب المستقل الخاص به على المنفذ 10000 ، ولا بأس ، لكنه يستخدم المنفذ 80 للتحدي!
فيما يلي سجل Certbot يوضح المشكلة (إن وجد):
يتم تخزين السجلات افتراضيًا في /var/log/letsencrypt . لا تتردد في تنقيح المجالات والبريد الإلكتروني وعناوين IP كما تراه مناسبًا.
2018-08-29 13:56:27,322:DEBUG:certbot.main:certbot version: 0.26.1
2018-08-29 13:56:27,322:DEBUG:certbot.main:Arguments: ['--standalone', '--non-interactive', '--preferred-challenge', 'http-01', '--http-01-port', '10000', '--agree-tos', '--email', '[email protected]', '--domains', 'realtebo.example.com', '--pre-hook', 'sudo service webmin stop', '--post-hook', 'sudo service webmin start', '--staging', '--dry-run']
2018-08-29 13:56:27,323:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2018-08-29 13:56:27,330:DEBUG:certbot.log:Root logging level set at 20
2018-08-29 13:56:27,331:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-08-29 13:56:27,332:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer None
2018-08-29 13:56:27,540:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone
Description: Spin up a temporary webserver
Interfaces: IAuthenticator, IPlugin
Entry point: standalone = certbot.plugins.standalone:Authenticator
Initialized: <certbot.plugins.standalone.Authenticator object at 0x7f3a5b6006d8>
Prep: True
2018-08-29 13:56:27,540:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.standalone.Authenticator object at 0x7f3a5b6006d8> and installer None
2018-08-29 13:56:27,541:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer None
2018-08-29 13:56:27,544:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(terms_of_service=None, uri='https://acme-staging-v02.api.letsencrypt.org/acme/acct/6829761', new_authzr_uri=None, body=Registration(contact=(), status=None, terms_of_service_agreed=None, key=None, only_return_existing=None, agreement=None)), 79b142d506837dc821d95200358290de, Meta(creation_host='realtebo.example.com', creation_dt=datetime.datetime(2018, 8, 29, 11, 29, 47, tzinfo=<UTC>)))>
2018-08-29 13:56:27,545:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory.
2018-08-29 13:56:27,547:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
2018-08-29 13:56:27,847:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 724
2018-08-29 13:56:27,848:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 724
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Wed, 29 Aug 2018 11:56:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 29 Aug 2018 11:56:27 GMT
Connection: keep-alive
{
"drsHm9_JSMQ": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org/docs/staging-environment/"
},
"newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert"
}
2018-08-29 13:56:27,849:INFO:certbot.hooks:Running pre-hook command: sudo service webmin stop
2018-08-29 13:56:27,957:INFO:certbot.main:Obtaining a new certificate
2018-08-29 13:56:27,999:DEBUG:acme.client:Requesting fresh nonce
2018-08-29 13:56:28,000:DEBUG:acme.client:Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order.
2018-08-29 13:56:28,261:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "HEAD /acme/new-order HTTP/1.1" 405 0
2018-08-29 13:56:28,262:DEBUG:acme.client:Received response:
HTTP 405
Server: nginx
Content-Type: application/problem+json
Content-Length: 103
Allow: POST
Replay-Nonce: WnqBHl9ZAJ8NdQnttV0FJQHxefu-O3op92NR8uFoMtg
Expires: Wed, 29 Aug 2018 11:56:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 29 Aug 2018 11:56:28 GMT
Connection: keep-alive
2018-08-29 13:56:28,262:DEBUG:acme.client:Storing nonce: WnqBHl9ZAJ8NdQnttV0FJQHxefu-O3op92NR8uFoMtg
2018-08-29 13:56:28,263:DEBUG:acme.client:JWS payload:
b'{\n "status": "pending",\n "resource": "new-order",\n "identifiers": [\n {\n "type": "dns",\n "value": "realtebo.example.com"\n }\n ]\n}'
2018-08-29 13:56:28,266:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJub25jZSI6ICJXbnFCSGw5WkFKOE5kUW50dFYwRkpRSHhlZnUtTzNvcDkyTlI4dUZvTXRnIiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzY4Mjk3NjEiLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIn0",
"signature": "O_HrIU4h2mWDEOZJdvBdZLKBEkVSd2b3gj08iSImg6NSbu8N79ff75nksKnqeCr_vb1vPx-RPgsAU3B3P7gxilOV3kuGMHiA0kRIq36BiZeAm5Y4gQWGXAh263CBm5EZpGpUn5yx_MVLoy4mioZ-Tf8MLMYflKwTvtRre3xLjlZuXDlf1chGebgw9yXD_fJWsdzVR1jwv_JOtBAlTnHGHmfntlWPNuJqFCusdfSF9Itu2ttQBDbSLbi72yxqb1S9ZLD1XoQw_pkSI0VDRdhdcjamAfsomfueJ_kJvFV6rrS0OUUzXpPCprnyRFKljrHrco9Kn6VpxtK7qNK50E0BlQ",
"payload": "ewogICJzdGF0dXMiOiAicGVuZGluZyIsCiAgInJlc291cmNlIjogIm5ldy1vcmRlciIsCiAgImlkZW50aWZpZXJzIjogWwogICAgewogICAgICAidHlwZSI6ICJkbnMiLAogICAgICAidmFsdWUiOiAidnBubWlya28uaXNteXNlcnZpY2Uuc3BhY2UiCiAgICB9CiAgXQp9"
}
2018-08-29 13:56:28,606:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 398
2018-08-29 13:56:28,607:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 398
Boulder-Requester: 6829761
Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/6829761/6638025
Replay-Nonce: b-xmrBO3u6xWnQ3X-pjscz3-5UW-tY-cIy-rHHRFCjw
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Wed, 29 Aug 2018 11:56:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 29 Aug 2018 11:56:28 GMT
Connection: keep-alive
{
"status": "pending",
"expires": "2018-09-05T11:56:28.394993245Z",
"identifiers": [
{
"type": "dns",
"value": "realtebo.example.com"
}
],
"authorizations": [
"https://acme-staging-v02.api.letsencrypt.org/acme/authz/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE"
],
"finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/6829761/6638025"
}
2018-08-29 13:56:28,607:DEBUG:acme.client:Storing nonce: b-xmrBO3u6xWnQ3X-pjscz3-5UW-tY-cIy-rHHRFCjw
2018-08-29 13:56:28,608:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE.
2018-08-29 13:56:28,852:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/authz/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE HTTP/1.1" 200 939
2018-08-29 13:56:28,853:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 939
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Wed, 29 Aug 2018 11:56:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 29 Aug 2018 11:56:28 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "realtebo.example.com"
},
"status": "pending",
"expires": "2018-09-05T11:56:28Z",
"challenges": [
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854448",
"token": "r_EGiMDAA18pVLDSiEqPUIQe57RTnH79YxN65ybsLHg"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854449",
"token": "qDoGsuxMNdrihAuIbetnBFTSqz6uSyTYX-Jm_JW3xKc"
},
{
"type": "http-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854450",
"token": "nJANiwx4dXcJ5lnw-fVjdHyv7ZWop9GYf20pM7zl2ow"
}
]
}
2018-08-29 13:56:28,854:INFO:certbot.auth_handler:Performing the following challenges:
2018-08-29 13:56:28,854:INFO:certbot.auth_handler:http-01 challenge for realtebo.example.com
2018-08-29 13:56:28,855:DEBUG:acme.standalone:Successfully bound to :10000 using IPv6
2018-08-29 13:56:28,855:DEBUG:acme.standalone:Certbot wasn't able to bind to :10000 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations.
2018-08-29 13:56:28,859:INFO:certbot.auth_handler:Waiting for verification...
2018-08-29 13:56:28,859:DEBUG:acme.client:JWS payload:
b'{\n "resource": "challenge",\n "type": "http-01",\n "keyAuthorization": "nJANiwx4dXcJ5lnw-fVjdHyv7ZWop9GYf20pM7zl2ow.RbQZDrhcRU5z3T8Ak72neNkXe8hh9D5yKNV-PomuANo"\n}'
2018-08-29 13:56:28,861:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854450:
{
"protected": "eyJub25jZSI6ICJiLXhtckJPM3U2eFduUTNYLXBqc2N6My01VVctdFktY0l5LXJISFJGQ2p3IiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzY4Mjk3NjEiLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGxlbmdlL0Iyc0kwSkFCbWd6VllFWURkOUNGbEZRTjNwWHRIaVBnMWtXYTFjZThnU0UvMTY0ODU0NDUwIn0",
"signature": "db4xpVwufNdIrQ0jScXiOz4QZyHbtYvUAWiH91JSd4yhdjLHNyF80KQR71a9xkZy2F_dGfZWrPiJym7R9soQrMcSwlC6d2e-1nshJNrb7iLju2CfHBiDPK4LwD6epICxH-cgT4ANafTHEWJIUmnxUVLzfa9uZ1inUboMaZw6G9jCA_P7KKsPVaX76BF-laDi882knktzdOHe1o74bMdumgTwrfhHrFK2S6GP-ZHufdghShV71X7NhK0tJjpoDR09B8NTysCgkNg787i7rIfYbftrY_QESLjQxSsYHG6k3vqBeGWaJ-KBJkCvgU2jb8b8jJB43G9IUsXDQYDnkG9lcg",
"payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiLAogICJrZXlBdXRob3JpemF0aW9uIjogIm5KQU5pd3g0ZFhjSjVsbnctZlZqZEh5djdaV29wOUdZZjIwcE03emwyb3cuUmJRWkRyaGNSVTV6M1Q4QWs3Mm5lTmtYZThoaDlENXlLTlYtUG9tdUFObyIKfQ"
}
2018-08-29 13:56:29,151:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854450 HTTP/1.1" 200 230
2018-08-29 13:56:29,151:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 230
Boulder-Requester: 6829761
Link: <https://acme-staging-v02.api.letsencrypt.org/acme/authz/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE>;rel="up"
Location: https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854450
Replay-Nonce: NNtlhuo7zvSfZnilaDdPb-CF7pWHLmSB-Dk6qloCttM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Wed, 29 Aug 2018 11:56:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 29 Aug 2018 11:56:29 GMT
Connection: keep-alive
{
"type": "http-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854450",
"token": "nJANiwx4dXcJ5lnw-fVjdHyv7ZWop9GYf20pM7zl2ow"
}
2018-08-29 13:56:29,152:DEBUG:acme.client:Storing nonce: NNtlhuo7zvSfZnilaDdPb-CF7pWHLmSB-Dk6qloCttM
2018-08-29 13:56:32,155:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE.
2018-08-29 13:56:32,387:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/authz/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE HTTP/1.1" 200 939
2018-08-29 13:56:32,388:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 939
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Wed, 29 Aug 2018 11:56:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 29 Aug 2018 11:56:32 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "realtebo.example.com"
},
"status": "pending",
"expires": "2018-09-05T11:56:28Z",
"challenges": [
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854448",
"token": "r_EGiMDAA18pVLDSiEqPUIQe57RTnH79YxN65ybsLHg"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854449",
"token": "qDoGsuxMNdrihAuIbetnBFTSqz6uSyTYX-Jm_JW3xKc"
},
{
"type": "http-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854450",
"token": "nJANiwx4dXcJ5lnw-fVjdHyv7ZWop9GYf20pM7zl2ow"
}
]
}
2018-08-29 13:56:35,392:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE.
2018-08-29 13:56:35,666:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/authz/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE HTTP/1.1" 200 939
2018-08-29 13:56:35,666:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 939
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Wed, 29 Aug 2018 11:56:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 29 Aug 2018 11:56:35 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "realtebo.example.com"
},
"status": "pending",
"expires": "2018-09-05T11:56:28Z",
"challenges": [
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854448",
"token": "r_EGiMDAA18pVLDSiEqPUIQe57RTnH79YxN65ybsLHg"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854449",
"token": "qDoGsuxMNdrihAuIbetnBFTSqz6uSyTYX-Jm_JW3xKc"
},
{
"type": "http-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854450",
"token": "nJANiwx4dXcJ5lnw-fVjdHyv7ZWop9GYf20pM7zl2ow"
}
]
}
2018-08-29 13:56:38,671:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE.
2018-08-29 13:56:39,216:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/authz/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE HTTP/1.1" 200 939
2018-08-29 13:56:39,217:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 939
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Wed, 29 Aug 2018 11:56:39 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 29 Aug 2018 11:56:39 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "realtebo.example.com"
},
"status": "pending",
"expires": "2018-09-05T11:56:28Z",
"challenges": [
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854448",
"token": "r_EGiMDAA18pVLDSiEqPUIQe57RTnH79YxN65ybsLHg"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854449",
"token": "qDoGsuxMNdrihAuIbetnBFTSqz6uSyTYX-Jm_JW3xKc"
},
{
"type": "http-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854450",
"token": "nJANiwx4dXcJ5lnw-fVjdHyv7ZWop9GYf20pM7zl2ow"
}
]
}
2018-08-29 13:56:42,222:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE.
2018-08-29 13:56:42,462:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/authz/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE HTTP/1.1" 200 1600
2018-08-29 13:56:42,463:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1600
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Wed, 29 Aug 2018 11:56:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 29 Aug 2018 11:56:42 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "realtebo.example.com"
},
"status": "invalid",
"expires": "2018-09-05T11:56:28Z",
"challenges": [
{
"type": "dns-01",
"status": "invalid",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854448",
"token": "r_EGiMDAA18pVLDSiEqPUIQe57RTnH79YxN65ybsLHg"
},
{
"type": "tls-alpn-01",
"status": "invalid",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854449",
"token": "qDoGsuxMNdrihAuIbetnBFTSqz6uSyTYX-Jm_JW3xKc"
},
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:connection",
"detail": "Fetching http://realtebo.example.com/.well-known/acme-challenge/nJANiwx4dXcJ5lnw-fVjdHyv7ZWop9GYf20pM7zl2ow: Timeout during connect (likely firewall problem)",
"status": 400
},
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/B2sI0JABmgzVYEYDd9CFlFQN3pXtHiPg1kWa1ce8gSE/164854450",
"token": "nJANiwx4dXcJ5lnw-fVjdHyv7ZWop9GYf20pM7zl2ow",
"validationRecord": [
{
"url": "http://realtebo.example.com/.well-known/acme-challenge/nJANiwx4dXcJ5lnw-fVjdHyv7ZWop9GYf20pM7zl2ow",
"hostname": "realtebo.example.com",
"port": "80",
"addressesResolved": [
"79.19.63.157"
],
"addressUsed": "79.19.63.157"
}
]
}
]
}
2018-08-29 13:56:42,464:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
Domain: realtebo.example.com
Type: connection
Detail: Fetching http://realtebo.example.com/.well-known/acme-challenge/nJANiwx4dXcJ5lnw-fVjdHyv7ZWop9GYf20pM7zl2ow: Timeout during connect (likely firewall problem)
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2018-08-29 13:56:42,464:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
self._respond(aauthzrs, resp, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 155, in _respond
self._poll_challenges(aauthzrs, chall_update, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. realtebo.example.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://realtebo.example.com/.well-known/acme-challenge/nJANiwx4dXcJ5lnw-fVjdHyv7ZWop9GYf20pM7zl2ow: Timeout during connect (likely firewall problem)
2018-08-29 13:56:42,464:DEBUG:certbot.error_handler:Calling registered functions
2018-08-29 13:56:42,464:INFO:certbot.auth_handler:Cleaning up challenges
2018-08-29 13:56:42,465:DEBUG:certbot.plugins.standalone:Stopping server at :::10000...
2018-08-29 13:56:42,887:INFO:certbot.hooks:Running post-hook command: sudo service webmin start
2018-08-29 13:56:45,631:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 11, in <module>
load_entry_point('certbot==0.26.1', 'console_scripts', 'certbot')()
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1364, in main
return config.func(config, plugins)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1254, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 120, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 391, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 334, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 370, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
self._respond(aauthzrs, resp, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 155, in _respond
self._poll_challenges(aauthzrs, chall_update, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. realtebo.example.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://realtebo.example.com/.well-known/acme-challenge/nJANiwx4dXcJ5lnw-fVjdHyv7ZWop9GYf20pM7zl2ow: Timeout during connect (likely firewall problem)
فيما يلي كتلة خادم nginx ذات الصلة أو مضيف Apache الظاهري للمجال الذي أقوم بتكوينه:
ليس لدي شيء لأكتبه هنا
realtebo
ال 3 كومينتر
هذا سلوك معروف وموثق. إنه ليس خطأ. أغلق.
realtebo
في ٢٩ أغسطس ٢٠١٨
مرحباrealtebo! شكرا على الإبلاغ :)
Let's Encrypt ، بواسطة بروتوكول ACME ، يجب أن يقوم بالتحقق من صحة المنفذ 80 لتحدي HTTP. لا يستطيع --http-01-port تغيير المنفذ الذي يتوقع LE أن يقوم بالتحقق منه. كما يذكر براد هنا :
كل هذه العلامات تسمح لك بالقيام به هو التحكم في المنافذ التي يستمع إليها Certbot من أجل المكونات الإضافية مثل المنفصلة. يكون هذا مفيدًا إذا كنت تقوم بتوجيه كل حركة مرور المنفذ 80 إلى المنفذ 8080 على سبيل المثال.
سنقوم بإغلاق هذه المشكلة في الوقت الحالي ، ولكن لا تتردد في أن تطلب مني إعادة فتح أو إنشاء واحدة جديدة إذا وجدت شيئًا خاطئًا في Certbot!
sydneyli
في ٢٩ أغسطس ٢٠١٨
😕1
👍1
أوه ، يبدو أنك هزمتني: د
sydneyli
في ٢٩ أغسطس ٢٠١٨
😄1
هل كانت هذه الصفحة مفيدة؟
0 / 5 - 0 التقييمات
القضايا ذات الصلة
GEEK-WALKER
·
3تعليقات
NiklasMerz
·
3تعليقات
bmw
·
3تعليقات
darkworks
·
3تعليقات
SlavikCA
·
3تعليقات