【已解决】OneinStack添加虚拟主机的Let’s Encrypt的ssl证书出错:Let’s Encrypt Verify error! DNS problem: NXDOMAIN looking up A for

<code>➜  ~ ping www.crifan.com
PING www.crifan.com ( 56 data bytes
64 bytes from icmp_seq=0 ttl=51 time=357.193 ms
64 bytes from icmp_seq=1 ttl=51 time=301.462 ms
64 bytes from icmp_seq=2 ttl=51 time=443.761 ms
64 bytes from icmp_seq=3 ttl=51 time=275.714 ms
64 bytes from icmp_seq=4 ttl=51 time=315.201 ms
--- www.crifan.com ping statistics ---
6 packets transmitted, 5 packets received, 16.7% packet loss
round-trip min/avg/max/stddev = 275.714/338.666/443.761/58.798 ms


<code>What Are You Doing?
        1. Use HTTP Only
        2. Use your own SSL Certificate and Key
        3. Use Let's Encrypt to Create SSL Certificate and Key
        q. Exit
Please input the correct option: 3

Please input domain(example: www.example.com): www.crifan.com

Please input the directory for the domain:www.crifan.com :
(Default directory: /data/wwwroot/www.crifan.com): 
Virtual Host Directory=/data/wwwroot/www.crifan.com

Create Virtul Host directory......
set permissions of Virtual Host directory......

Do you want to add more domain name? [y/n]: crifan.com
input error! Please only input 'y' or 'n'

Do you want to add more domain name? [y/n]: y

Type domainname or IP(example: example.com other.example.com): crifan.com
domain list=crifan.com

Do you want to redirect from crifan.com to www.crifan.com? [y/n]: y

Do you want to redirect all HTTP requests to HTTPS? [y/n]: y

Let's Encrypt Verify error! DNS problem: NXDOMAIN looking up A for www.crifan.com

Let's Encrypt Verify error! DNS problem: NXDOMAIN looking up A for crifan.com
[Tue Dec 25 21:41:34 CST 2018] Registering account
[Tue Dec 25 21:41:36 CST 2018] Registered
[Tue Dec 25 21:41:36 CST 2018] ACCOUNT_THUMBPRINT='Rve1oSDwjdR0r9OQgKswSrga5vuq2xkzelJ58cX6cqg'
[Tue Dec 25 21:41:36 CST 2018] Creating domain key
[Tue Dec 25 21:41:36 CST 2018] The domain key is here: /root/.acme.sh/www.crifan.com/www.crifan.com.key
[Tue Dec 25 21:41:36 CST 2018] Multi domain='DNS:www.crifan.com,DNS:crifan.com'
[Tue Dec 25 21:41:36 CST 2018] Getting domain auth token for each domain
[Tue Dec 25 21:41:36 CST 2018] Getting webroot for domain='www.crifan.com'
[Tue Dec 25 21:41:36 CST 2018] Getting new-authz for domain='www.crifan.com'
[Tue Dec 25 21:41:38 CST 2018] The new-authz request is ok.
[Tue Dec 25 21:41:38 CST 2018] Getting webroot for domain='crifan.com'
[Tue Dec 25 21:41:38 CST 2018] Getting new-authz for domain='crifan.com'
[Tue Dec 25 21:41:39 CST 2018] The new-authz request is ok.
[Tue Dec 25 21:41:39 CST 2018] Verifying:www.crifan.com
[Tue Dec 25 21:41:43 CST 2018] Pending
[Tue Dec 25 21:41:46 CST 2018] www.crifan.com:Verify error:Invalid response from https://www.crifan.com/.well-known/acme-challenge/hWTtdFEsnlVmHhWEXp8vyj4xGACpyJ1rIwnApNpySq4: 
[Tue Dec 25 21:41:46 CST 2018] Please add '--debug' or '--log' to check more details.
[Tue Dec 25 21:41:46 CST 2018] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
Error: Create Let's Encrypt SSL Certificate failed! 
[root@VM_0_11_centos oneinstack]# 

<code>[root@VM_0_11_centos oneinstack]# ls /data/
mysql  wwwlogs  wwwroot
[root@VM_0_11_centos oneinstack]# ls /data/wwwroot/
default  www.crifan.com
[root@VM_0_11_centos oneinstack]# ls /data/wwwroot/www.crifan.com/
[root@VM_0_11_centos oneinstack]# ls -lh /data/wwwroot/
total 8.0K
drwxr-xr-x 3 www www 4.0K Dec 25 21:17 default
drwxr-xr-x 2 www www 4.0K Dec 25 21:41 www.crifan.com





是不是只是 去原Linode中crifan.com中拷贝过来ssl证书的pem和crt等文件 就可以了。

不过此处add vhost后续步骤:



acme.sh upgrade


<code>[root@VM_0_11_centos oneinstack]# ll
total 3300
-rwxr-xr-x 1 root root   25291 Dec 25 18:41 addons.sh
-rwxr-xr-x 1 root root   18853 Dec 25 18:41 backup_setup.sh
-rwxr-xr-x 1 root root    7858 Dec 25 18:41 backup.sh
drwxr-xr-x 2 root root    4096 Dec 25 18:41 config
drwxr-xr-x 2 root root    4096 Dec 25 18:41 include
drwxr-xr-x 2 root root    4096 Dec 25 18:41 init.d
-rw-r--r-- 1 root root 3116030 Dec 25 21:17 install.log
-rwxr-xr-x 1 root root   43681 Dec 25 18:41 install.sh
-rw-r--r-- 1 root root   11358 Dec 25 18:41 LICENSE
-rw-r--r-- 1 root root    2395 Dec 25 21:00 options.conf
-rwxr-xr-x 1 root root    7778 Dec 25 18:41 pureftpd_vhost.sh
-rw-r--r-- 1 root root    5489 Dec 25 18:41 README.md
-rwxr-xr-x 1 root root    4926 Dec 25 18:41 reset_db_root_password.sh
drwxr-xr-x 4 root root    4096 Dec 25 21:40 src
-rwxr-xr-x 1 root root   11390 Dec 25 18:41 ss.sh
drwxr-xr-x 2 root root    4096 Dec 25 18:41 tools
-rwxr-xr-x 1 root root   17441 Dec 25 18:41 uninstall.sh
-rwxr-xr-x 1 root root    5725 Dec 25 18:41 upgrade.sh
-rw-r--r-- 1 root root    1803 Dec 25 18:41 versions.txt
-rwxr-xr-x 1 root root   47574 Dec 25 18:41 vhost.sh


<code>Let's Encrypt Verify error! DNS problem: NXDOMAIN looking up A for www.crifan.com
Let's Encrypt Verify error! DNS problem: NXDOMAIN looking up A for crifan.com








<code>➜  ~ dig www.crifan.com

; &lt;&lt;&gt;&gt; DiG 9.10.6 &lt;&lt;&gt;&gt; www.crifan.com
;; global options: +cmd
;; Got answer:
;; -&gt;&gt;HEADER&lt;&lt;- opcode: QUERY, status: NOERROR, id: 60995
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 4096
;www.crifan.com.            IN    A

www.crifan.com.        133    IN    A

;; Query time: 107 msec
;; WHEN: Tue Dec 25 22:03:15 CST 2018
;; MSG SIZE  rcvd: 59

解决Let’s Encrypt SSL证书配置错误”DNS problem: NXDOMAIN looking up A for xxx.com” – 数安时代(GDCA)



服务器本地 DNS缓存未更新”


Let’s Encrypt 简单使用 | ckwongloy




<code>[root@VM_0_11_centos oneinstack]# ping www.crifan.com
PING www.crifan.com ( 56(84) bytes of data.
64 bytes from ( icmp_seq=1 ttl=63 time=0.329 ms


<code>[root@VM_0_11_centos oneinstack]# pwd
[root@VM_0_11_centos oneinstack]# ll
total 3300
-rwxr-xr-x 1 root root   25291 Dec 25 18:41 addons.sh
-rwxr-xr-x 1 root root   18853 Dec 25 18:41 backup_setup.sh
-rwxr-xr-x 1 root root    7858 Dec 25 18:41 backup.sh
drwxr-xr-x 2 root root    4096 Dec 25 18:41 config
drwxr-xr-x 2 root root    4096 Dec 25 18:41 include
drwxr-xr-x 2 root root    4096 Dec 25 18:41 init.d
-rw-r--r-- 1 root root 3116030 Dec 25 21:17 install.log
-rwxr-xr-x 1 root root   43681 Dec 25 18:41 install.sh
-rw-r--r-- 1 root root   11358 Dec 25 18:41 LICENSE
-rw-r--r-- 1 root root    2395 Dec 25 21:00 options.conf
-rwxr-xr-x 1 root root    7778 Dec 25 18:41 pureftpd_vhost.sh
-rw-r--r-- 1 root root    5489 Dec 25 18:41 README.md
-rwxr-xr-x 1 root root    4926 Dec 25 18:41 reset_db_root_password.sh
drwxr-xr-x 4 root root    4096 Dec 25 21:40 src
-rwxr-xr-x 1 root root   11390 Dec 25 18:41 ss.sh
drwxr-xr-x 2 root root    4096 Dec 25 18:41 tools
-rwxr-xr-x 1 root root   17441 Dec 25 18:41 uninstall.sh
-rwxr-xr-x 1 root root    5725 Dec 25 18:41 upgrade.sh
-rw-r--r-- 1 root root    1803 Dec 25 18:41 versions.txt
-rwxr-xr-x 1 root root   47574 Dec 25 18:41 vhost.sh
[root@VM_0_11_centos oneinstack]# ./vhost.sh 


#       OneinStack for CentOS/RedHat 6+ Debian 7+ and Ubuntu 12+      #
#       For more information please visit https://oneinstack.com      #

What Are You Doing?
        1. Use HTTP Only
        2. Use your own SSL Certificate and Key
        3. Use Let's Encrypt to Create SSL Certificate and Key
        q. Exit
Please input the correct option: 3

Please input domain(example: www.example.com): www.crifan.com

Please input the directory for the domain:www.crifan.com :
(Default directory: /data/wwwroot/www.crifan.com): 
Virtual Host Directory=/data/wwwroot/www.crifan.com

Create Virtul Host directory......
set permissions of Virtual Host directory......

Do you want to add more domain name? [y/n]: y

Type domainname or IP(example: example.com other.example.com): crifan.com
domain list=crifan.com

Do you want to redirect from crifan.com to www.crifan.com? [y/n]: y

Do you want to redirect all HTTP requests to HTTPS? [y/n]: y
[Sun Dec 30 11:16:53 CST 2018] Multi domain='DNS:www.crifan.com,DNS:crifan.com'
[Sun Dec 30 11:16:53 CST 2018] Getting domain auth token for each domain
[Sun Dec 30 11:16:53 CST 2018] Getting webroot for domain='www.crifan.com'
[Sun Dec 30 11:16:53 CST 2018] Getting new-authz for domain='www.crifan.com'
[Sun Dec 30 11:16:55 CST 2018] The new-authz request is ok.
[Sun Dec 30 11:16:55 CST 2018] Getting webroot for domain='crifan.com'
[Sun Dec 30 11:16:55 CST 2018] Getting new-authz for domain='crifan.com'
[Sun Dec 30 11:16:56 CST 2018] The new-authz request is ok.
[Sun Dec 30 11:16:57 CST 2018] Verifying:www.crifan.com
[Sun Dec 30 11:17:01 CST 2018] Success
[Sun Dec 30 11:17:01 CST 2018] Verifying:crifan.com
[Sun Dec 30 11:17:04 CST 2018] Success
[Sun Dec 30 11:17:04 CST 2018] Verify finished, start to sign.
[Sun Dec 30 11:17:07 CST 2018] Cert success.
[Sun Dec 30 11:17:07 CST 2018] Your cert is in  /root/.acme.sh/www.crifan.com/www.crifan.com.cer 
[Sun Dec 30 11:17:07 CST 2018] Your cert key is in  /root/.acme.sh/www.crifan.com/www.crifan.com.key 
[Sun Dec 30 11:17:07 CST 2018] The intermediate CA cert is in  /root/.acme.sh/www.crifan.com/ca.cer 
[Sun Dec 30 11:17:07 CST 2018] And the full chain certs is there:  /root/.acme.sh/www.crifan.com/fullchain.cer 

Do you want to add hotlink protection? [y/n]: n

Allow Rewrite rule? [y/n]: y

Please input the rewrite of programme :
thinkphp,pathinfo,discuz,typecho,ecshop,nextcloud rewrite was exist.
(Default rewrite: other): wordpress
You choose rewrite=wordpress

Allow Nginx/Tengine/OpenResty access_log? [y/n]: y
You access log file=/data/wwwlogs/www.crifan.com_nginx.log

nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
Reload Nginx......

#       OneinStack for CentOS/RedHat 6+ Debian 7+ and Ubuntu 12+      #
#       For more information please visit https://oneinstack.com      #
Your domain:                  www.crifan.com
Virtualhost conf:             /usr/local/nginx/conf/vhost/www.crifan.com.conf
Directory of:                 /data/wwwroot/www.crifan.com
Rewrite rule:                 /usr/local/nginx/conf/rewrite/wordpress.conf
Let's Encrypt SSL Certificate:/usr/local/nginx/conf/ssl/www.crifan.com.crt
SSL Private Key:              /usr/local/nginx/conf/ssl/www.crifan.com.key




<code>ping www.crifan.com


然后才能正常的使用Let’s Encrypt去生成ssl证书,才能正常添加域名的。

转载请注明:在路上 » 【已解决】OneinStack添加虚拟主机的Let's Encrypt的ssl证书出错:Let's Encrypt Verify error! DNS problem: NXDOMAIN looking up A for




