-1
我試圖更新我的證書(domain.com,這是主要和www.domain.com) 而我重定向WWW。 domain.com到domain.com。 domain.com工作正確 我得到www的連接錯誤[瀏覽器正確地將www重定向到非www)。我試圖重新安裝並添加certbot,但我又得到了同樣的錯誤:讓加密無法連接到www.domain(這是301到非www)
Failed authorization procedure. www.domain.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to www.domain.com
Nginx.conf
server {
listen 80;
server_name www.domain.com domain.com;
root /var/www/domain.com/htdocs;
location /.well-known/ { allow all;}
location/{return 301 domain.com(withhttpsinfront)$request_uri;}
}
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;
ssl_dhparam /etc/letsencrypt/live/domain.com/dhparam.pem;
server_name www.domain.com;
return 301 domain.com(withhttps://infront)$request_uri;
}
and of course server { code for domain.com ssled }
任何人都可以提出解決方案嗎?
您可能需要在'http'服務器上公開'/ .well-known' URI。我不使用該服務 - 但我相信它期望通過'http'而不是'https'連接。見[這個答案](https://stackoverflow.com/questions/43507280/nginx-as-https-proxy-but-want-to-intercept-one-static-path-for-lets-encrypt/43516016#43516016)爲指導。 –
我已經改變http服務器塊,使用cUrl我可以看到index.html我添加在.well-知道的文件夾(當我嘗試 - 使用http- domain.com/.well-known/index.html和www.domain .com/.well-known/index.html我得到200狀態 - >內容,而如果我嘗試任何其他地址我得到301重定向) 但仍然certbot不能連接到www.domain.com :( –
你可以顯示從'curl -v -I http:// example.com/.well-known/acme-challenge/token'和'curl -v -I http://www.example.com/.well-known/acme輸出 - 挑戰/令牌? – AlexD