我已经在Azure web应用中配置了让我们加密扩展。当我尝试为自定义域生成SSL证书时,出现以下错误:
The Lets Encrypt ACME server was probably unable to reach http://www.holzlauf.ch/.well-known/acme-challenge/hyDaCURuFoJGi9ASuJdNppayYcjIRpqp3vMLTKbA-hA view error report from Lets Encrypt at https://acme-staging.api.letsencrypt.org/acme/authz/YnGjTUHQa5upTAajCNPOLX_aLLlmRQiRP6uj3a0vAm8 for more information
源错误:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
堆栈跟踪
[Exception: The Lets Encrypt ACME server was probably unable to reach http://www.holzlauf.ch/.well-known/acme-challenge/hyDaCURuFoJGi9ASuJdNppayYcjIRpqp3vMLTKbA-hA view error report from Lets Encrypt at https://acme-staging.api.letsencrypt.org/acme/authz/YnGjTUHQa5upTAajCNPOLX_aLLlmRQiRP6uj3a0vAm8 for more information]
LetsEncrypt.Azure.Core.Services.<Authorize>d__5.MoveNext() in D:\a\1\s\LetsEncrypt.SiteExtension.Core\Services\BaseHttpAuthorizationChallengeProvider.cs:121
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +26
LetsEncrypt.Azure.Core.Services.<Authorize>d__5.MoveNext() in D:\a\1\s\LetsEncrypt.SiteExtension.Core\Services\BaseHttpAuthorizationChallengeProvider.cs:131
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
LetsEncrypt.Azure.Core.Services.<RequestCertificate>d__5.MoveNext() in D:\a\1\s\LetsEncrypt.SiteExtension.Core\Services\AcmeService.cs:44
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
LetsEncrypt.Azure.Core.<RequestInternalAsync>d__16.MoveNext() in D:\a\1\s\LetsEncrypt.SiteExtension.Core\CertificateManager.cs:231
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
LetsEncrypt.Azure.Core.<RequestAndInstallInternalAsync>d__17.MoveNext() in D:\a\1\s\LetsEncrypt.SiteExtension.Core\CertificateManager.cs:244
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
LetsEncrypt.SiteExtension.Controllers.<Install>d__7.MoveNext() in D:\a\1\s\LetsEncrypt-SiteExtension\Controllers\HomeController.cs:250
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
System.Web.Mvc.Async.TaskAsyncActionDescriptor.EndExecute(IAsyncResult asyncResult) +97
System.Web.Mvc.Async.<>c__DisplayClass8_0.<BeginInvokeAsynchronousActionMethod>b__1(IAsyncResult asyncResult) +17
System.Web.Mvc.Async.WrappedAsyncResult`1.CallEndDelegate(IAsyncResult asyncResult) +10
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethod(IAsyncResult asyncResult) +32
System.Web.Mvc.Async.<>c__DisplayClass11_0.<InvokeActionMethodFilterAsynchronouslyRecursive>b__0() +58
System.Web.Mvc.Async.<>c__DisplayClass11_2.<InvokeActionMethodFilterAsynchronouslyRecursive>b__2() +228
System.Web.Mvc.Async.<>c__DisplayClass7_0.<BeginInvokeActionMethodWithFilters>b__1(IAsyncResult asyncResult) +10
System.Web.Mvc.Async.WrappedAsyncResult`1.CallEndDelegate(IAsyncResult asyncResult) +10
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethodWithFilters(IAsyncResult asyncResult) +34
System.Web.Mvc.Async.<>c__DisplayClass3_6.<BeginInvokeAction>b__4() +35
System.Web.Mvc.Async.<>c__DisplayClass3_1.<BeginInvokeAction>b__1(IAsyncResult asyncResult) +100
System.Web.Mvc.Async.WrappedAsyncResult`1.CallEndDelegate(IAsyncResult asyncResult) +10
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeAction(IAsyncResult asyncResult) +27
System.Web.Mvc.<>c.<BeginExecuteCore>b__152_1(IAsyncResult asyncResult, ExecuteCoreState innerState) +11
System.Web.Mvc.Async.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult) +29
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.Controller.EndExecuteCore(IAsyncResult asyncResult) +45
System.Web.Mvc.<>c.<BeginExecute>b__151_2(IAsyncResult asyncResult, Controller controller) +13
System.Web.Mvc.Async.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult) +22
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.Controller.EndExecute(IAsyncResult asyncResult) +26
System.Web.Mvc.Controller.System.Web.Mvc.Async.IAsyncController.EndExecute(IAsyncResult asyncResult) +10
System.Web.Mvc.<>c.<BeginProcessRequest>b__20_1(IAsyncResult asyncResult, ProcessRequestState innerState) +28
System.Web.Mvc.Async.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult) +29
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult) +28
System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result) +9
System.Web.CallHandlerExecutionStep.InvokeEndHandler(IAsyncResult ar) +152
System.Web.CallHandlerExecutionStep.OnAsyncHandlerCompletion(IAsyncResult ar) +126
发布于 2019-04-15 02:58:17
此错误意味着letsencrypt无法验证您是否实际拥有您尝试为其创建证书的域。它正在尝试访问URL:
http://www.holzlauf.ch/.well-known/acme-challenge/hyDaCURuFoJGi9ASuJdNppayYcjIRpqp3vMLTKbA-hA
但是,letsencrypt服务器无法到达该位置。
所以,让我们回到这里。通常,letsencrypt的工作方式是,您的certbot
(或您正在使用的任何acme客户端)创建一个可在http://www.example.com/.well-known/<some-hash>
访问的端点,然后请求服务器访问它。如果HTTP结果是200,则Letsencrypt ACME服务器认为这是成功的,并颁发证书。如果结果是400或更多,则这是一个失败,并返回类似上面的错误。
众所周知的位置是如何创建的,这取决于您使用的certbot插件。例如:
状态代码200
所以,考虑到所有这些,我不知道到底是什么问题,但它看起来您没有正确配置插件。希望如此,尽管这可以为您提供足够的信息来修复。如果没有,请在下面评论并澄清您使用的是哪个插件以及配置是什么。
编辑
如果你去这里:https://acme-staging.api.letsencrypt.org/acme/authz/YnGjTUHQa5upTAajCNPOLX_aLLlmRQiRP6uj3a0vAm8
您可以看到收到的错误的更长描述。
响应是403禁止。这意味着您的has服务器已阻止对该URL的访问。您需要确保您的need服务器(IIS、apache、nginx)允许访问。修复此问题的确切方法取决于您使用的DNS插件。参见the docs for a list。单击该链接并按照说明进行操作。
https://stackoverflow.com/questions/55678458
复制相似问题