Witajcie, od dłuższego czasu używam CyberPanelu do hostingowania swojej strony (w sumie 2 ), od 3 tygodni mam jednak problem z certyfikatem ssl który można z automatu odnowić dzięki Let’s Encrypt.
Zauważyłem że problem zaczął się po wykonaniu aktualizacji certyfikat po prostu się nie odnawia. Z ciekawości utworzyłem domenę testową i sprawdziłem poprawność wygenerowania certyfikatu, więc jest problem tylko z jedną domeną… .
dodam kilka logów
LOG1
2018-09-27 17:55:39,925:DEBUG:certbot.main:certbot version: 0.21.1
2018-09-27 17:55:39,925:DEBUG:certbot.main:Arguments: [’-d’, ‘domena’]
2018-09-27 17:55:39,925:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2018-09-27 17:55:39,940:DEBUG:certbot.log:Root logging level set at 20
2018-09-27 17:55:39,940:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-09-27 17:55:39,941:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File “/usr/bin/certbot”, line 11, in
load_entry_point(‘certbot==0.21.1’, ‘console_scripts’, ‘certbot’)()
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 1240, in main
return config.func(config, plugins)
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 1142, in renew
renewal.handle_renewal_request(config)
File “/usr/lib/python2.7/site-packages/certbot/renewal.py”, line 375, in handle_renewal_request
raise errors.Error("Currently, the renew verb is capable of either "
Error: Currently, the renew verb is capable of either renewing all installed certificates that are due to be renewed or renewing a single certificate specified by its name. If you would like to renew specific certificates by their domains, use the certonly command instead. The renew verb may provide other options for selecting certificates to renew in the future.
LOG2
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Currently, the renew verb is capable of either renewing all installed certificates that are due to be renewed or renewing a single certificate specified by its name. If you would like to renew specific certificates by their domains, use the certonly command instead. The renew verb may provide other options for selecting certificates to renew in the future.
[root@vps ~]# clear
[root@vps ~]# certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Processing /etc/letsencrypt/renewal/skorzane-buty.domena.ovh.conf
Cert not yet due for renewal
Processing /etc/letsencrypt/renewal/www.domena.ovh.conf
Cert not yet due for renewal
Processing /etc/letsencrypt/renewal/domena.ovh.conf
Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for domena.ovh
http-01 challenge for www.domena.ovh
Waiting for verification…
Cleaning up challenges
Attempting to renew cert (domena.ovh) from /etc/letsencrypt/renewal/domena.ovh.conf produced an unexpected error: Failed authorization procedure. domena.ovh (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://domena.ovh/.well-known/acme-challenge/s3dX6XYUsGu4vHzkIa-kIp7lU81p3m_qjy5KF-vzrn8: "\n<html style=“height:100%”>\n 404 Not Found\r\n\n<body style=“color: #444; margin:0;font:”. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/domena.ovh/fullchain.pem (failure)
The following certs are not due for renewal yet:
/etc/letsencrypt/live/skorzane-buty.domena.ovh/fullchain.pem (skipped)
/etc/letsencrypt/live/www.domena.ovh/fullchain.pem (skipped)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/domena.ovh/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: domena.ovh
Type: unauthorized
Detail: Invalid response from
http://domena.ovh/.well-known/acme-challenge/s3dX6XYUsGu4vHzkIa-kIp7lU81p3m_qjy5KF-vzrn8:
"\n<html style=“height:100%”>\n 404
Not Found\r\n\n<body style=“color: #444;
margin:0;font:”To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
prawdziwa domena została specjalnie zamaskowana.
