今天收到letsencrypt的邮件说证书到期,上服务器检查,发现使用cerbot更新证书时,报错HTTPS校验错:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/*****.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Starting new HTTP connection (1): [r3.o.lencr.org](http://r3.o.lencr.org)
Cert not due for renewal, but simulating renewal for dry run
Plugin legacy name certbot-dns-aliyun:dns-aliyun may be removed in a future version. Please use dns-aliyun instead.
Plugins selected: Authenticator certbot-dns-aliyun:dns-aliyun, Installer None
Starting new HTTPS connection (1): [acme-staging-v02.api.letsencrypt.org](http://acme-staging-v02.api.letsencrypt.org)
Failed to renew certificate 我的域名 with error: ("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",)
解决方法1: 不验证https
certbot renew --no-verify-ssl
解决方法2: 更新pip相关模块
-
pip list --outdated --trusted-host mirrors.aliyun.com(用的阿里云)
-
pip install --upgrade pyOpenSSL
-
pip install --upgrade requests
-
pip install --upgrade pycurl(这一步更新失败没影响)
再执行certbot renew
网友评论