Certbot失败: ssl.SSLError:[X509]没有找到证书或crl (_ssl.c:3732)
Certbot失败: ssl.SSLError:[X509]没有找到证书或crl (_ssl.c:3732)
提问于 2020-07-09 09:56:23
这是最近一个让我们加密社区论坛线程的副本,它帮助我缓解了这个问题。我在这里添加这一点,因为它可能会影响更多的用户。
我有一个服务器,目前有三个网站使用加密。这些证书可以毫无问题地续签。现在,我想为第四个新网站生成一个证书。这就是我所得到的:
certbot --apache certonly -w /path/to/docroot/ -d subdomain.example.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
An unexpected error occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/urllib3/util/ssl_.py", line 313, in ssl_wrap_socket
context.load_verify_locations(ca_certs, ca_cert_dir)
ssl.SSLError: [X509] no certificate or crl found (_ssl.c:3732)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 601, in urlopen
chunked=chunked)
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 346, in _make_request
self._validate_conn(conn)
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 852, in _validate_conn
conn.connect()
File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 326, in connect
ssl_context=context)
File "/usr/lib/python3/dist-packages/urllib3/util/ssl_.py", line 315, in ssl_wrap_socket
raise SSLError(e)
urllib3.exceptions.SSLError: [X509] no certificate or crl found (_ssl.c:3732)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 440, in send
timeout=timeout
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 639, in urlopen
_stacktrace=sys.exc_info()[2])
File "/usr/lib/python3/dist-packages/urllib3/util/retry.py", line 398, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by SSLError(SSLError(185090184, '[X509] no certificate or crl found (_ssl.c:3732)'),))
During handling of the above exception, another exception occurred:
requests.exceptions.SSLError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by SSLError(SSLError(185090184, '[X509] no certificate or crl found (_ssl.c:3732)'),))
Please see the logfiles in /var/log/letsencrypt for more details.这是在Ubuntu 18.04上。我不知道这是怎么回事。
回答 1
Server Fault用户
发布于 2020-07-09 09:59:34
为了减轻这种情况,您必须卸载“ca证书”和"certbot“,并为它们重新安装。
情况:
certbot --apache certonly -w /path/to/docroot/ -d subdomain.example.com->失败:(
测试:
curl -I https://www.gnu.org/->失败:(
解决方案第一步:
sudo apt remove ca-certificates
sudo apt install ca-certificates测试:
curl -I https://www.gnu.org/->工程:)
解决方案步骤二(Apache用户):
sudo apt install certbot python3-certbot-apache解决方案第二步(Nginx用户):
sudo apt install certbot python3-certbot-nginx结果:
certbot --apache certonly -w /path/to/docroot/ -d subdomain.example.com->工程:)
感谢您的帮助,让我们来加密社区吧!他们太棒了!
页面原文内容由Server Fault提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://serverfault.com/questions/1024607
复制相关文章
相似问题
腾讯云开发者
