我正在尝试使用带有
registry.cuongncc.uk
身份验证器的 Certbot 为我的域 --standalone
获取 SSL 证书,但我一直遇到 http-01
挑战失败的问题。详情如下:
certbot certonly --standalone -d registry.cuongncc.uk --preferred-challenges http --agree-tos -m [email protected] --keep-until-expiring -v
输出
Requesting a certificate for registry.cuongncc.uk
Performing the following challenges:
http-01 challenge for registry.cuongncc.uk
Waiting for verification...
Challenge failed for domain registry.cuongncc.uk
http-01 challenge for registry.cuongncc.uk
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: registry.cuongncc.uk
Type: unauthorized
Detail: 2606:4700:3037::6815:57b4: Invalid response from http://registry.cuongncc.uk/.well-known/acme-challenge/RuR-1jApRXG5MPzRCHacjG-x-PyyS2hMGnboqXdn8qs: 522
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Cleaning up challenges
Some challenges have failed.
我已经查过了
我的环境:
如何解决这个问题?
我希望 Certbot 通过从临时独立网络服务器提供质询文件、验证域所有权并颁发 SSL 证书来成功完成
http-01
质询。
[已解决]通过调整 AWS 中的安全组设置以允许流向域的流量解决了该问题。这就是我所做的:
找到与您的实例关联的安全组并选择它。 编辑入站规则以允许 HTTP 流量