当我使用acme(version v3.0.6)命令颁发证书时:
export Namesilo_Key=812bb423232b951sdfwg3423
acme.sh --issue -d reddwarf.life -d www.reddwarf.life --nginx --debug --dns dns_namesilo -k ec-256
acme进入无限循环,这是日志输出:
[Sat Apr 8 09:22:28 BST 2023] _post_url='https://cloudflare-dns.com/api/v1/purge?domain=_acme-challenge.www.reddwarf.life&type=TXT'
[Sat Apr 8 09:22:28 BST 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '
[Sat Apr 8 09:22:28 BST 2023] _ret='0'
[Sat Apr 8 09:22:39 BST 2023] Let's wait 10 seconds and check again.
[Sat Apr 8 09:22:50 BST 2023] You can use '--dnssleep' to disable public dns checks.
[Sat Apr 8 09:22:50 BST 2023] See: https://github.com/acmesh-official/acme.sh/wiki/dnscheck
[Sat Apr 8 09:22:50 BST 2023] d='www.reddwarf.life'
[Sat Apr 8 09:22:50 BST 2023] txtdomain='_acme-challenge.www.reddwarf.life'
[Sat Apr 8 09:22:50 BST 2023] aliasDomain='_acme-challenge.www.reddwarf.life'
[Sat Apr 8 09:22:50 BST 2023] txt='62YpJEOedfwgewegwehGHYdfGeUFa46972Har48'
[Sat Apr 8 09:22:50 BST 2023] d_api='/root/.acme.sh/dnsapi/dns_namesilo.sh'
[Sat Apr 8 09:22:50 BST 2023] Checking www.reddwarf.life for _acme-challenge.www.reddwarf.life
[Sat Apr 8 09:22:50 BST 2023] _c_txtdomain='_acme-challenge.www.reddwarf.life'
[Sat Apr 8 09:22:51 BST 2023] _c_aliasdomain='_acme-challenge.www.reddwarf.life'
[Sat Apr 8 09:22:51 BST 2023] _c_txt='62YpJEOedfwgewegwehGHYdfGeUFa46972Har48'
[Sat Apr 8 09:22:51 BST 2023] GET
[Sat Apr 8 09:22:51 BST 2023] url='https://cloudflare-dns.com/dns-query?name=_acme-challenge.www.reddwarf.life&type=TXT'
[Sat Apr 8 09:22:51 BST 2023] timeout=
[Sat Apr 8 09:22:51 BST 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '
[Sat Apr 8 09:22:51 BST 2023] ret='0'
[Sat Apr 8 09:22:51 BST 2023] Not valid yet, let's wait 10 seconds and check next one.
[Sat Apr 8 09:22:51 BST 2023] _p_txtdomain='_acme-challenge.www.reddwarf.life'
[Sat Apr 8 09:22:51 BST 2023] Cloudflare purge TXT record for domain _acme-challenge.www.reddwarf.life
[Sat Apr 8 09:22:51 BST 2023] POST
[Sat Apr 8 09:22:51 BST 2023] _post_url='https://cloudflare-dns.com/api/v1/purge?domain=_acme-challenge.www.reddwarf.life&type=TXT'
[Sat Apr 8 09:22:51 BST 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '
[Sat Apr 8 09:22:51 BST 2023] _ret='0'
它显示Not valid yet, let's wait 10 seconds and check next one.和检查永远,哪里出错了?我应该怎么做来解决这个问题?最后我发现,也许dns需要一些时间才能生效。但是最后用下一步来解决这个错误:
[Sat Apr 8 15:23:44 BST 2023] You can use '--dnssleep' to disable public dns checks.
[Sat Apr 8 15:23:44 BST 2023] See: https://github.com/acmesh-official/acme.sh/wiki/dnscheck
[Sat Apr 8 15:23:44 BST 2023] Checking www.reddwarf.life for _acme-challenge.www.reddwarf.life
[Sat Apr 8 15:23:44 BST 2023] Already success, continue next one.
[Sat Apr 8 15:23:44 BST 2023] Checking reddwarf.life for _acme-challenge.reddwarf.life
[Sat Apr 8 15:23:44 BST 2023] Domain reddwarf.life '_acme-challenge.reddwarf.life' success.
[Sat Apr 8 15:23:44 BST 2023] All success, let's return
[Sat Apr 8 15:23:44 BST 2023] Verifying: reddwarf.life
[Sat Apr 8 15:23:44 BST 2023] Nginx mode for domain:reddwarf.life
[Sat Apr 8 15:23:45 BST 2023] Found conf file: /etc/nginx/conf.d/reddwarf.life-80.conf
[Sat Apr 8 15:23:45 BST 2023] Backup /etc/nginx/conf.d/reddwarf.life-80.conf to /root/.acme.sh/reddwarf.life_ecc/backup/reddwarf.life.nginx.conf
[Sat Apr 8 15:23:45 BST 2023] Check the nginx conf before setting up.
[Sat Apr 8 15:23:45 BST 2023] OK, Set up nginx config file
[Sat Apr 8 15:23:45 BST 2023] nginx conf is done, let's check it again.
[Sat Apr 8 15:23:45 BST 2023] Reload nginx
[Sat Apr 8 15:23:47 BST 2023] The replay Nonce is not valid, let's get a new one, Sleeping 1 seconds.
[Sat Apr 8 15:23:50 BST 2023] Processing, The CA is processing your order, please just wait. (1/30)
[Sat Apr 8 15:23:54 BST 2023] reddwarf.life:Verify error:"error":{
[Sat Apr 8 15:23:54 BST 2023] Restoring from /root/.acme.sh/reddwarf.life_ecc/backup/reddwarf.life.nginx.conf to /etc/nginx/conf.d/reddwarf.life-80.conf
[Sat Apr 8 15:23:54 BST 2023] Reload nginx
[Sat Apr 8 15:23:54 BST 2023] Removing DNS records.
[Sat Apr 8 15:23:54 BST 2023] Removing txt: FRtaMsJ7H4INjCc8FlPaI7z8o6ICo9rW5H-tq2h0puk for domain: _acme-challenge.www.reddwarf.life
[Sat Apr 8 15:23:56 BST 2023] Successfully retrieved the record id for ACME challenge.
[Sat Apr 8 15:23:57 BST 2023] Successfully removed the TXT record.
[Sat Apr 8 15:23:57 BST 2023] Removed: Success
[Sat Apr 8 15:23:57 BST 2023] Removing txt: fVQzFJukChDfZn9roxCxHoNKGGBqLj2GNfHisRiLWQQ for domain: _acme-challenge.reddwarf.life
[Sat Apr 8 15:23:59 BST 2023] Successfully retrieved the record id for ACME challenge.
[Sat Apr 8 15:24:00 BST 2023] Successfully removed the TXT record.
[Sat Apr 8 15:24:00 BST 2023] Removed: Success
[Sat Apr 8 15:24:00 BST 2023] Please add '--debug' or '--log' to check more details.
[Sat Apr 8 15:24:00 BST 2023] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
此消息来致命故障reddwarf.life:Verify error:"error":{.
最后我发现nginx服务器将端口80重定向到443,这是遗留配置:
server {
listen 80;
server_name reddwarf.life;
rewrite ^(.*)$ https://${server_name}$1 permanent;
location / {
try_files $uri $uri/ /index.html;
}
}
我删除了重写配置,问题解决了。