这是我第一次构建服务器并将其托管到AWS EC2
让我简单介绍一下我到目前为止所做的工作:
步骤1:我将EC2 ipv4地址Map到域(例如week10.100xdevs.com)
步骤2:然后我打开sudo vi /etc/nginx/nginx.conf并插入以下代码:
events {
worker_connections 1024;
}
http {
server {
listen 80;
server_name week10.100xdevs.com;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
}字符串
第三步:我用pm2在我的服务器文件上启动了index.js。
第4步:然后我使用sudo snap install安装了certbot--经典certbot
第5步:使用sudo ln -s /snap/bin/certbot /usr/bin/certbot准备证书机器人
第六步:我终于做到了,sudo certbot --nginx
我得到这个错误:
sudo certbot --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: week10.100xdevs.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Requesting a certificate for week10.100xdevs.com
Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Domain: week10.100xdevs.com
Type: connection
Detail: 3.88.225.115: Fetching http://week10.100xdevs.com/.well-known/acme-challenge/apVWIX8WnEim8VNlAaYc7_mfI2PXAtJ2RLF-1kqEfKc: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.型
如何修复此错误?
现在经过太多的尝试,我得到:
Plugins selected: Authenticator nginx, Installer nginx
Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: week10.100xdevs.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Requesting a certificate for week10.100xdevs.com
An unexpected error occurred:
Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/failed-validation-limit/
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.型
1条答案
按热度按时间ippsafx71#
我们需要拥有域来为其生成证书。我为EC2 URL生成的是错误的。Certbot验证是否有人实际拥有域,我们需要向Certbot提供域所有权,以便能够为该特定域生成证书。