Lets加密ACME服务器可能无法访问
Lets加密ACME服务器可能无法访问
提问于 2019-04-15 02:10:12
我已经在Azure web应用中配置了让我们加密扩展。当我尝试为自定义域生成SSL证书时,出现以下错误:
The Lets Encrypt ACME server was probably unable to reach http://www.holzlauf.ch/.well-known/acme-challenge/hyDaCURuFoJGi9ASuJdNppayYcjIRpqp3vMLTKbA-hA view error report from Lets Encrypt at https://acme-staging.api.letsencrypt.org/acme/authz/YnGjTUHQa5upTAajCNPOLX_aLLlmRQiRP6uj3a0vAm8 for more information源错误:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.堆栈跟踪
[Exception: The Lets Encrypt ACME server was probably unable to reach http://www.holzlauf.ch/.well-known/acme-challenge/hyDaCURuFoJGi9ASuJdNppayYcjIRpqp3vMLTKbA-hA view error report from Lets Encrypt at https://acme-staging.api.letsencrypt.org/acme/authz/YnGjTUHQa5upTAajCNPOLX_aLLlmRQiRP6uj3a0vAm8 for more information]
LetsEncrypt.Azure.Core.Services.<Authorize>d__5.MoveNext() in D:\a\1\s\LetsEncrypt.SiteExtension.Core\Services\BaseHttpAuthorizationChallengeProvider.cs:121
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +26
LetsEncrypt.Azure.Core.Services.<Authorize>d__5.MoveNext() in D:\a\1\s\LetsEncrypt.SiteExtension.Core\Services\BaseHttpAuthorizationChallengeProvider.cs:131
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
LetsEncrypt.Azure.Core.Services.<RequestCertificate>d__5.MoveNext() in D:\a\1\s\LetsEncrypt.SiteExtension.Core\Services\AcmeService.cs:44
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
LetsEncrypt.Azure.Core.<RequestInternalAsync>d__16.MoveNext() in D:\a\1\s\LetsEncrypt.SiteExtension.Core\CertificateManager.cs:231
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
LetsEncrypt.Azure.Core.<RequestAndInstallInternalAsync>d__17.MoveNext() in D:\a\1\s\LetsEncrypt.SiteExtension.Core\CertificateManager.cs:244
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
LetsEncrypt.SiteExtension.Controllers.<Install>d__7.MoveNext() in D:\a\1\s\LetsEncrypt-SiteExtension\Controllers\HomeController.cs:250
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
System.Web.Mvc.Async.TaskAsyncActionDescriptor.EndExecute(IAsyncResult asyncResult) +97
System.Web.Mvc.Async.<>c__DisplayClass8_0.<BeginInvokeAsynchronousActionMethod>b__1(IAsyncResult asyncResult) +17
System.Web.Mvc.Async.WrappedAsyncResult`1.CallEndDelegate(IAsyncResult asyncResult) +10
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethod(IAsyncResult asyncResult) +32
System.Web.Mvc.Async.<>c__DisplayClass11_0.<InvokeActionMethodFilterAsynchronouslyRecursive>b__0() +58
System.Web.Mvc.Async.<>c__DisplayClass11_2.<InvokeActionMethodFilterAsynchronouslyRecursive>b__2() +228
System.Web.Mvc.Async.<>c__DisplayClass7_0.<BeginInvokeActionMethodWithFilters>b__1(IAsyncResult asyncResult) +10
System.Web.Mvc.Async.WrappedAsyncResult`1.CallEndDelegate(IAsyncResult asyncResult) +10
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethodWithFilters(IAsyncResult asyncResult) +34
System.Web.Mvc.Async.<>c__DisplayClass3_6.<BeginInvokeAction>b__4() +35
System.Web.Mvc.Async.<>c__DisplayClass3_1.<BeginInvokeAction>b__1(IAsyncResult asyncResult) +100
System.Web.Mvc.Async.WrappedAsyncResult`1.CallEndDelegate(IAsyncResult asyncResult) +10
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeAction(IAsyncResult asyncResult) +27
System.Web.Mvc.<>c.<BeginExecuteCore>b__152_1(IAsyncResult asyncResult, ExecuteCoreState innerState) +11
System.Web.Mvc.Async.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult) +29
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.Controller.EndExecuteCore(IAsyncResult asyncResult) +45
System.Web.Mvc.<>c.<BeginExecute>b__151_2(IAsyncResult asyncResult, Controller controller) +13
System.Web.Mvc.Async.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult) +22
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.Controller.EndExecute(IAsyncResult asyncResult) +26
System.Web.Mvc.Controller.System.Web.Mvc.Async.IAsyncController.EndExecute(IAsyncResult asyncResult) +10
System.Web.Mvc.<>c.<BeginProcessRequest>b__20_1(IAsyncResult asyncResult, ProcessRequestState innerState) +28
System.Web.Mvc.Async.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult) +29
System.Web.Mvc.Async.WrappedAsyncResultBase`1.End() +49
System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult) +28
System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result) +9
System.Web.CallHandlerExecutionStep.InvokeEndHandler(IAsyncResult ar) +152
System.Web.CallHandlerExecutionStep.OnAsyncHandlerCompletion(IAsyncResult ar) +126回答 1
Stack Overflow用户
发布于 2019-04-15 02:58:17
此错误意味着letsencrypt无法验证您是否实际拥有您尝试为其创建证书的域。它正在尝试访问URL:
http://www.holzlauf.ch/.well-known/acme-challenge/hyDaCURuFoJGi9ASuJdNppayYcjIRpqp3vMLTKbA-hA但是,letsencrypt服务器无法到达该位置。
所以,让我们回到这里。通常,letsencrypt的工作方式是,您的certbot (或您正在使用的任何acme客户端)创建一个可在http://www.example.com/.well-known/<some-hash>访问的端点,然后请求服务器访问它。如果HTTP结果是200,则Letsencrypt ACME服务器认为这是成功的,并颁发证书。如果结果是400或更多,则这是一个失败,并返回类似上面的错误。
众所周知的位置是如何创建的,这取决于您使用的certbot插件。例如:
- 将在文件系统上您在配置中指定的位置放置一个文件
- 将更新您的nginx配置,以便GETting资源将返回
状态代码200
- 将更新您的
- 记录以类似的方式进行证明。< code >H212
所以,考虑到所有这些,我不知道到底是什么问题,但它看起来您没有正确配置插件。希望如此,尽管这可以为您提供足够的信息来修复。如果没有,请在下面评论并澄清您使用的是哪个插件以及配置是什么。
编辑
如果你去这里:https://acme-staging.api.letsencrypt.org/acme/authz/YnGjTUHQa5upTAajCNPOLX_aLLlmRQiRP6uj3a0vAm8
您可以看到收到的错误的更长描述。
响应是403禁止。这意味着您的has服务器已阻止对该URL的访问。您需要确保您的need服务器(IIS、apache、nginx)允许访问。修复此问题的确切方法取决于您使用的DNS插件。参见the docs for a list。单击该链接并按照说明进行操作。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/55678458
复制相关文章
相似问题