[英]404 error on letsencrypt renew certificate
每次我嘗試更新我的 letsencrypt 證書時,它都會失敗並出現 404 錯誤,使用 nginx 和 certbot。 我設法通過將配置文件修改為基本配置文件來修復它,但這會阻止證書自動更新,因此我必須每 3 個月重復一次操作。 你能幫我找出問題出在哪里嗎?
我的實際域 conf (acuar.io.conf) -- 此代碼用於操作網站但不用於續訂
# Odoo servers
upstream odoo {
server 127.0.0.1:8069;
}
upstream odoochat {
server 127.0.0.1:8072;
}
# HTTP -> HTTPS
server {
listen 80;
server_name www.acuar.io acuar.io;
include snippets/letsencrypt.conf;
return 301 https://acuar.io$request_uri;
}
# WWW -> NON WWW
server {
listen 443 ssl http2;
server_name www.acuar.io;
ssl_certificate /etc/letsencrypt/live/acuar.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/acuar.io/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/acuar.io/chain.pem;
include snippets/ssl.conf;
include snippets/letsencrypt.conf;
return 301 https://acuar.io$request_uri;
}
server {
listen 443 ssl http2;
server_name acuar.io;
proxy_read_timeout 720s;
proxy_connect_timeout 720s;
proxy_send_timeout 720s;
# Proxy headers
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
# SSL parameters
ssl_certificate /etc/letsencrypt/live/acuar.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/acuar.io/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/acuar.io/chain.pem;
include snippets/ssl.conf;
include snippets/letsencrypt.conf;
# log files
access_log /var/log/nginx/odoo.access.log;
error_log /var/log/nginx/odoo.error.log;
# Handle longpoll requests
location /longpolling {
proxy_pass http://odoochat;
}
# Handle / requests
location / {
proxy_redirect off;
proxy_pass http://odoo;
}
# Cache static files
location ~* /web/static/ {
proxy_cache_valid 200 90m;
proxy_buffering on;
expires 864000;
proxy_pass http://odoo;
}
# Gzip
gzip_types text/css text/less text/plain text/xml application/xml application/json application/javascript;
gzip on;
}
我必須設置的代碼才能使證書續訂工作:
server {
listen 80;
server_name acuar.io www.acuar.io;
include snippets/letsencrypt.conf;
}
非常感謝您的幫助
經過多次嘗試,我設法做出了解決方法,我相信可能有更好的選擇,但至少它有效:
我評論了代碼將 HTTP 重定向到 HTTPS 的行:
# HTTP -> HTTPS server { listen 80; server_name www.acuar.io acuar.io; include snippets/letsencrypt.conf; # return 301 https://acuar.io$request_uri; }
據我了解,問題是 Cerbot 需要訪問 HTTP 中的服務器,但服務器已經強制所有流量到 HTTP。
如果有人有更好的方法來做到這一點,我真的很感激幫助。 無論如何,我希望這能幫助像我一樣犯同樣錯誤的人。
謝謝
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.