2

我有一个使用以下配置运行的 nginx 服务

location /.well-known {
        root /tmp/letsencrypt/;
}

我执行以下 docker 命令

sudo docker run -it --rm --name certbot \
        -v /etc/letsencrypt \
        -v /var/lib/letsencrypt \
        -v /tmp/letsencrypt \
        quay.io/letsencrypt/letsencrypt:latest certonly \
        --webroot --webroot-path /tmp/letsencrypt \
        -d dev.blockloop.io --renew-by-default

我从letsencrypt得到以下输出

Type:   unauthorized
Detail: Invalid response from
http://dev.blockloop.io/.well-known/acme-challenge/wupz1YYLDRv8dJRYegoFXfZ24rJCwRrenQxBoYndO30:
"<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"

我的 nginx 日志这样说

nginx_1  | 2016/05/28 20:10:44 [error] 6#6: *1 open() "/tmp/letsencrypt/.well-known/acme-challenge/wupz1YYLDRv8dJRYegoFXfZ24rJCwRrenQxBoYndO30" failed (2: No such file or directory), client: 66.133.109.36, server: dev.blockloop.io, request: "GET /.well-known/acme-challenge/wupz1YYLDRv8dJRYegoFXfZ24rJCwRrenQxBoYndO30 HTTP/1.1", host: "dev.blockloop.io"
nginx_1  | 66.133.109.36 - - [28/May/2016:20:10:44 +0000] "GET /.well-known/acme-challenge/wupz1YYLDRv8dJRYegoFXfZ24rJCwRrenQxBoYndO30 HTTP/1.1" 404 169 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"

当我查看/tmp/letsencrypt 时,我希望看到letsencrypt 剩余的一些文件,但唯一的事情是一个空的.well-known 目录。我怀疑letsencrypt正在清理或者它没有创建文件。

如果我将 index.html 文件放入/tmp/letsencrypt/.well-known并转到http://dev.blockloop.io/.well-known/我会看到它的内容,所以我知道 nginx 工作正常。

4

1 回答 1

1

我设法以某种方式解决了这个问题。我认为解决方案是结尾的斜杠--webroot-path /tmp/letsencrypt/,但谁知道呢。这是生成的脚本。其他一切都保持不变。

sudo docker run -it --rm --name certbot \
        -v "/etc/letsencrypt:/etc/letsencrypt" \
        -v "/var/lib/letsencrypt:/var/lib/letsencrypt" \
        -v "/tmp/letsencrypt:/tmp/letsencrypt" \
        quay.io/letsencrypt/letsencrypt:latest certonly \
        --webroot --webroot-path /tmp/letsencrypt/ \
        -d dev.blockloop.io --renew-by-default
于 2016-05-29T03:06:01.070 回答