因为疏忽(没有用自动续签,并且忘记手动续签),SSL 过期了, 然后上服务器使用 certbot renew 命令更新证书出现了如下提示
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/域名.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator standalone, Installer None
Renewing an existing certificate
Attempting to renew cert (域名) from /etc/letsencrypt/renewal/域名).conf produced an unexpected error:
urn:ietf:params:acme:error:rateLimited ::
There were too many requests of a given type :: Error creating new order ::
too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/.
Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/域名)/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/域名/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: 域名
Type: dns
Detail: DNS problem: NXDOMAIN looking up A for 域名 -
check that a DNS record exists for this domain
留意到错误信息那里:
DNS problem: NXDOMAIN looking up A for www.域名 - check that a DNS record exists for this domain
也就是 DNS出问题了,但是很奇怪的是我最近并没有修改过DNS或者 let's encry 的配置。
尝试一
网上大部分都是说DNS问题的,然后我试着 ping 了自己的域名,是能 ping 通的。说明 DNS -> 服务器 这个通道是正常的.
然后是用了 certbot certificates 去查看证书信息
Found the following certs:
Certificate Name: 域名
Serial Number: 马赛克
Domains: 域名 www.域名
Expiry Date: 过期日期
Certificate Path: /etc/letsencrypt/live/证书地址
Private Key Path: /etc/letsencrypt/live/私钥地址
咦?怎么有两个域名,一个带www, 一个不带的(其实是我自己配的)
然后我刚才 ping 的是不带 www 的, 然后再去试一下ping 带 w 的。ping 不通。
难道问题找到了,但是怎么添加 www 的DNS代理呢..
然后上DNS服务商, 加了一行www的配置
DNS配置
重新 ping 了一下,通了。然后重新跑一遍 certbot renew ,成功了!
网友评论