使用 acme 疑似遇到 bug 请教

查看 42|回复 3
作者:brader   
执行命令:
`acme.sh --issue -d xxx.top --standalone --httpport 9500 --debug`
部分 debug 输出:
```
[Tue May 21 11:48:11 CST 2024] response='{"identifier":{"type":"dns","value":"xxx.top"},"status":"invalid","expires":"2024-05-28T03:47:57Z","challenges":[{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:connection","detail":"x.x.x.x: Fetching http://xxx.top/.well-known/acme-challenge/pFksi9WSuRTTRk3oWsM2IGdxxxxxxxxxxxxxxxxx-Nw: Timeout during connect (likely firewall problem)","status": 400},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/353400341062/QZ2Sbg","token":"pFksi9WSuRTTRk3oWsM2IGdxxxxxxxxxxxxxxxxx-Nw","validationRecord":[{"url":"http://xxx.top/.well-known/acme-challenge/pFksi9WSuRTTRk3oWsM2IGdxxxxxxxxxxxxxxxxx-Nw","hostname":"xxx.top","port":"80","addressesResolved":["x.x.x.x"],"addressUsed":"x.x.x.x"}],"validated":"2024-05-21T03:48:00Z"}]}'
[Tue May 21 11:48:11 CST 2024] status='invalid
invalid'
[Tue May 21 11:48:11 CST 2024] error='"error":{"type":"urn:ietf:params:acme:error:connection","detail":"x.x.x.x: Fetching http://xxx.top/.well-known/acme-challenge/pFksi9WSuRTTRk3oWsM2IGdxxxxxxxxxxxxxxxxx-Nw: Timeout during connect (likely firewall problem)","status": 400'
[Tue May 21 11:48:11 CST 2024] errordetail='x.x.x.x: Fetching http://xxx.top/.well-known/acme-challenge/pFksi9WSuRTTRk3oWsM2IGdxxxxxxxxxxxxxxxxx-Nw: Timeout during connect (likely firewall problem)'
[Tue May 21 11:48:11 CST 2024] Invalid status, xxx.top:Verify error detail:x.x.x.x: Fetching http://xxx.top/.well-known/acme-challenge/pFksi9WSuRTTRk3oWsM2IGdxxxxxxxxxxxxxxxxx-Nw: Timeout during connect (likely firewall problem)
[Tue May 21 11:48:11 CST 2024] Debug: get token url.
[Tue May 21 11:48:11 CST 2024] GET
[Tue May 21 11:48:11 CST 2024] url='http://xxx.top/.well-known/acme-challenge/pFksi9WSuRTTRk3oWsM2IGdxxxxxxxxxxxxxxxxx-Nw'
[Tue May 21 11:48:11 CST 2024] timeout=1
[Tue May 21 11:48:11 CST 2024] Http already initialized.
[Tue May 21 11:48:11 CST 2024] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.NsNPLc8GtH -g --connect-timeout 1'
[Tue May 21 11:48:12 CST 2024] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 28
[Tue May 21 11:48:12 CST 2024] Here is the curl dump log:
[Tue May 21 11:48:12 CST 2024] == Info: About to connect() to xxx.top port 80 (#0)
== Info: Trying x.x.x.x...
== Info: Connection timed out after 1001 milliseconds
== Info: Closing connection 0
```
此日志是否表明了它还在致力于连接 80 端口,我的 httpport 参数指令似乎无法生效?
yinmin   
只能 80 、443 端口,这个是 ca 规定,acme 无法改变的
brader
OP
  
@yinmin 原来是这样,我看 acme 手册有介绍用其他端口,但是没有说明 ca 供应商不允许,明白了,谢谢
deelii   
换 dns 验证就没有这个烦恼了
您需要登录后才可以回帖 登录 | 立即注册

返回顶部