无法使用 Let's Encrypt 在我的网站上安装 SSL
Can't install SSL on my website with Let's Encrypt
我正尝试按照本指南在我的网站上安装 SSL https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-20-04
正如您所猜到的,我使用 ubuntu 20.04,在我按 Enter(或写 1)问题 Which names would you like to activate HTTPS for?有这个输出:
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: sugacards.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for sugacards.com
Enabled Apache rewrite module
Waiting for verification...
Challenge failed for domain sugacards.com
http-01 challenge for sugacards.com
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: sugacards.com
Type: unauthorized
Detail: Invalid response from
http://sugacards.com/.well-known/acme-challenge/FA0pB7nMEk0_VIaeQPJStKNlXKX5kTqcvHmUi5ESVJ0
[31.220.55.52]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
我该如何解决这个问题?这是我第一次在 vps 上安装 SSL,所以这可能是一个愚蠢的问题,但仍然非常感谢任何答案:)
他们需要验证您确实拥有该域,因为 SSL 证书是基于信任的。为了保持信任,他们需要确保永远不会向非特定域所有者的个人颁发证书。他们这样做的方式是给您一个挑战文件,您需要将其托管在您的网站上:
http://sugacards.com/.well-known/acme-challenge/FA0pB7nMEk0_VIaeQPJStKNlXKX5kTqcvHmUi5ESVJ0
一旦该文件托管在那里,他们就会向该地址发出请求,以验证您确实拥有该网站。您需要做的就是在该路由上托管该文件。您执行此操作的方式取决于您网站的托管方式。
如果您提供有关网站托管方式的更多详细信息,我可以编辑此答案并提供有关如何操作的更多详细信息。
原来我只需要这样做:
sudo ufw enable
:D
如果您更改了域的名称服务器,则必须等待一段时间。您还必须检查端口是否打开,尤其是用于远程连接的端口 80。您还必须阻止任何服务器使用该端口。您可以尝试以下命令
sudo firewall-cmd --zone=public --permanent --add-port=80/tcp
sudo firewall-cmd --reload
我正尝试按照本指南在我的网站上安装 SSL https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-20-04
正如您所猜到的,我使用 ubuntu 20.04,在我按 Enter(或写 1)问题 Which names would you like to activate HTTPS for?有这个输出:
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: sugacards.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for sugacards.com
Enabled Apache rewrite module
Waiting for verification...
Challenge failed for domain sugacards.com
http-01 challenge for sugacards.com
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: sugacards.com
Type: unauthorized
Detail: Invalid response from
http://sugacards.com/.well-known/acme-challenge/FA0pB7nMEk0_VIaeQPJStKNlXKX5kTqcvHmUi5ESVJ0
[31.220.55.52]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
我该如何解决这个问题?这是我第一次在 vps 上安装 SSL,所以这可能是一个愚蠢的问题,但仍然非常感谢任何答案:)
他们需要验证您确实拥有该域,因为 SSL 证书是基于信任的。为了保持信任,他们需要确保永远不会向非特定域所有者的个人颁发证书。他们这样做的方式是给您一个挑战文件,您需要将其托管在您的网站上:
http://sugacards.com/.well-known/acme-challenge/FA0pB7nMEk0_VIaeQPJStKNlXKX5kTqcvHmUi5ESVJ0
一旦该文件托管在那里,他们就会向该地址发出请求,以验证您确实拥有该网站。您需要做的就是在该路由上托管该文件。您执行此操作的方式取决于您网站的托管方式。
如果您提供有关网站托管方式的更多详细信息,我可以编辑此答案并提供有关如何操作的更多详细信息。
原来我只需要这样做:
sudo ufw enable
:D
如果您更改了域的名称服务器,则必须等待一段时间。您还必须检查端口是否打开,尤其是用于远程连接的端口 80。您还必须阻止任何服务器使用该端口。您可以尝试以下命令
sudo firewall-cmd --zone=public --permanent --add-port=80/tcp
sudo firewall-cmd --reload