search

xdtianyu / scripts

scripts for work
https://www.xdty.org
1.03k stars 245 forks source link

errer #33

Closed yeniugo closed 7 years ago

yeniugo commented 7 years ago 
[root@localhost ~]# ./letsencrypt.sh letsencrypt.conf
Generate CSR...abc.csr
Parsing account key...
Parsing CSR...
Registering account...
Already registered!
Verifying www.abc.com...
Traceback (most recent call last):
  File "/tmp/acme_tiny.py", line 198, in <module>
    main(sys.argv[1:])
  File "/tmp/acme_tiny.py", line 194, in main
    signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca)
  File "/tmp/acme_tiny.py", line 123, in get_crt
    wellknown_path, wellknown_url))
ValueError: Wrote file to /var/www/abc/.well-known/acme-challenge/xxxxxxx, but couldn't download http://www.abc.com/.well-known/acme-challenge/xxxxxxx

this is the resulte,but i dont know what error there,and how to do.

xdtianyu commented 7 years ago

Have you pointed your domain www.abc.com to your server's IP address? It seems Let's encrypt could not access http://www.abc.com/.well-known/acme-challenge/xxxxxxx, can you try visit http://www.abc.com website in your browser?

yeniugo commented 7 years ago

@xdtianyu i changed the setting for my website,and i dont know where is the problem,and i use the official settings to solve the problem.thanks.

Mr-xn commented 7 years ago

[root@localhost]# ./letsencrypt.sh letsencrypt.conf Generate account key... Generating RSA private key, 4096 bit long modulus .++ ...........................................................................................................................................................++ e is 65537 (0x10001) Generate domain key... Generating RSA private key, 2048 bit long modulus ......................+++ ..........+++ e is 65537 (0x10001) Generate CSR...test.csr Parsing account key... Parsing CSR... Registering account... Registered! Verifying www.xxx.com... Traceback (most recent call last): File "/tmp/acme_tiny.py", line 198, in main(sys.argv[1:]) File "/tmp/acme_tiny.py", line 194, in main signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca) File "/tmp/acme_tiny.py", line 104, in get_crt raise ValueError("Error requesting challenges: {0} {1}".format(code, result)) ValueError: Error requesting challenges: 403 { "type": "urn:acme:error:unauthorized", "detail": "Error creating new authz :: \"www.xxx.com\" was considered an unsafe domain by a third-party API", "status": 403 } 表哥 这是啥情况?

xdtianyu commented 7 years ago

@Mr-xn 在 https://www.google.com/transparencyreport/safebrowsing/diagnostic/?hl=en#url=www.xxx.com 输入你的域名试试看是不是有什么提示,参考这里 Error creating new authz :: “domain” was considered an unsafe domain by a third-party API

Mr-xn commented 7 years ago

Site Safety Details Some pages on this website send visitors to the following dangerous websites: tongjii.us. Testing details We last updated our information about mrxn.net on January 23, 2017. This website is hosted on 3 ASes: AS4837 (CHINA169-BACKBONE) AS23650 (CHINANET-JS-AS-AP) AS37963 (CNNIC-ALIBABA-CN-NET-AP) Google提示危险站 咋搞...自己的一个小博客 搞安全的,写了一些破解文章之类的就被标记不安全了.... 表哥,这个咋破?

xdtianyu commented 7 years ago

@Mr-xn 这个情况只能移除网页上的标记为危险的信息,或者我建议你可以换一个 HTTPS 证书提供商,手动签一个。比如 https://assl.loovit.net/ 的免费泛域名证书,网上搜下教程吧。

Mr-xn commented 7 years ago

@xdtianyu 好的 谢谢 蛋疼 我找到原因了 我看了一下我的nginx配置文件 以前用过https后来到期了 就直接从https跳转到了http 结果现在就被Google标记不安全了 估计是这个原因....这只有我把配置文件修改过来让他慢慢变好吧....感谢表哥!