Certbot没有创建acme-challenge文件夹 [英] Certbot not creating acme-challenge folder

问题描述

几个月前，我曾在工作，让我们使用旧的letencrypt客户端对证书进行加密. 我正在使用的服务器是nginx.

I had working Let's encrypt certificates some months ago (with the old letsencrypt client). The server I am using is nginx.

Certbot将创建.well-known文件夹，但不会创建acme-challenge文件夹

Certbot is creating the .well-known folder, but not the acme-challenge folder

现在，我尝试通过~/certbot-auto certonly --webroot -w /var/www/webroot -d domain.com -d www.domain.com -d git.domain.com

但是我总是会收到这样的错误:

But I always get errors like this:

IMPORTANT NOTES:
   - The following errors were reported by the server:

   Domain: git.domain.com
   Type:   unauthorized
   Detail: Invalid response from
   http://git.domain.com/.well-known/acme-challenge/ZLsZwCsBU5LQn6mnzDBaD6MHHlhV3FP7ozenxaw4fow:
   "<.!DOCTYPE html>
   <.html lang='en'>
   <.head prefix='og: http://ogp.me/ns#'>
   <.meta charset='utf-8'>
   <.meta content='IE=edge' http-equiv"

   Domain: www.domain.com
   Type:   unauthorized
   Detail: Invalid response from
   http://www.domain.com/.well-known/acme-challenge/7vHwDXstyiY0wgECcR5zuS2jE57m8I3utszEkwj_mWw:
   "<.html>
   <.head><.title>404 Not Found</title></head>
   <.body bgcolor="white">
   <.center><.h1>404 Not Found</h1></center>

(当然，HTML标记内的点实际上并不存在)

(Of course the dots inside the HTML tags are not really there)

我一直在寻找解决方案，但尚未找到解决方案. 有人知道为什么certbot不创建文件夹吗?

I have looked for a solution, but didn't found one yet. Does anybody know why certbot is not creating the folders?

提前谢谢！

推荐答案

问题是nginx配置. 我用尽可能简单的配置替换了我的长配置文件:

The problem was the nginx configuration. I replaced my long configuration files with the simplest config possible:

server {
    listen 80;
    server_name domain.com www.domain.com git.domain.com;
    root /var/www/domain/;
}

然后我能够颁发新证书.

Then I was able to issue new certificates.

我的长配置文件存在的问题是(据我所知)我有以下几行:

The problem with my long configuration files was (as far as I can tell) that I had the these lines:

location ~ /.well-known {
    allow all;
}

但是它们应该是:

location ~ /.well-known/acme-challenge/ {
    allow all;
}

现在更新也可以.

这篇关于Certbot没有创建acme-challenge文件夹的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！