let’s encrypt ipv6下更新ssl證書404問題

前些時間服務器配置了ipv6訪問,後來就收到了let’s encrypt的郵件說域名ssl證書過時。但問題是certbot會應該是自動更新證書纔對啊。html

登上服務器手動更新證書試下,提示404錯誤:前端

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: gwlin.com
   Type:   unauthorized
   Detail: Invalid response from
   http://gwlin.com/.well-known/acme-challenge/eHOBoFPw4Uz5vM9Xzk9D91nsm292bxSNyuePVerQRMY
   [2600:3c01::f03c:92ff:fee2:491b]: "<html>rn<head><title>404 Not
   Found</title></head>rn<body bgcolor="white">rn<center><h1>404
   Not Found</h1></center>rn<hr><center>"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

因而谷歌一頓,但文章都在說是well-known目錄的配置問題,因而檢查了nginx配置,檢查了網站根目錄的權限,徹底沒用。nginx

在stackoverflow上有一個0讚的答案說到應該檢查ipv6是否開啓了,若是開啓了就要加上 [::]:80 。服務器

一言驚醒夢中人啊,忽然想起前端時間確實啓用了ipv6。因而打開gwlin.com的nginx配置文件,加上:app

{
  //...
  server_name gwlin.com;
  listen 80;
  listen [::]:80; // 加這個
  //...
}

而後certbot更新證書,搞定。dom

參考文章:post

https://stackoverflow.com/questions/42269107/using-certbot-to-apply-lets-encrypt-certificate-failed-authorization-procedure網站

我的博客:https://www.gwlin.com/posts/5942code

相關文章
相關標籤/搜索