英文:
acme/autocert: unable to satisfy acme challenges for domain: no viable challenge type found
问题
我正在尝试从Let's Encrypt获取TLS证书,以便通过HTTPS提供内容。
在我在GCP的VM实例上的服务器上运行代码并尝试从浏览器连接时,显示以下错误消息:
acme/autocert: 无法满足域名"www.mydomain.com"的"https://acme-v02.api.letsencrypt.org/acme/authz-v3/..."的要求:找不到可行的挑战类型
然后我按照终端中显示的acme-v02.api链接,显示如下:
{
"identifier": {
"type": "dns",
"value": "www.mydomain.com"
},
"status": "deactivated",
"expires": "2022-06-01T12:37:05Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/...",
"token": "..."
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/...",
"token": "..."
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/...",
"token": "..."
}
]
}
注意:我使用...来隐藏值,因为我认为这些信息对解决问题不是必要的。如果需要这些信息,请告诉我。
英文:
I trying to obtain a TLS certificate from Let's Encrypt in order to serve content over HTTPS.
After I run the code on the server in the VM instance on GCP, and tried to connect to it from my browser, the following error message is shown
acme/autocert: unable to satisfy "https://acme-v02.api.letsencrypt.org/acme/authz-v3/..." for domain "www.mydomain.com": no viable challenge type found
Then I followed the acme-v02.api link shown in the terminal, and the following is shown:
{
"identifier": {
"type": "dns",
"value": "www.mydomain.com"
},
"status": "deactivated",
"expires": "2022-06-01T12:37:05Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/...",
"token": "..."
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/...",
"token": "..."
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/...",
"token": "..."
}
]
}
Note: the ... is used to obscure the values as I don't think the information is necessary to solve the problem. Please let me know if they are needed.
答案1
得分: 1
直到我意识到我的 DNS 服务器没有为我的主机设置 CAA 记录 条目,我才解决了同样的问题。我记得去年我的设置是有效的,但可能是我犯了一个错误,或者我的 DNS 服务丢失了那个记录。无论原因如何,错误信息并没有提供太多帮助。此外,根据我在网上看到的信息,这个失败可能有很多其他原因,所以请对我的解决方案持保留态度。
英文:
I had the same problem until I realized my DNS server didn't have a CAA record entry for my host that would have allowed Let's Encrypt. I could have sworn I used to have it as my setup had worked last year. But either I made a mistake or my DNS service lost track of that record. Whatever the cause, the error message wasn't very helpful. Also, from what I see online, there are many other causes for this same failure so take my solution with a grain of salt.
答案2
得分: 0
问题是我错误地配置了从我的域名到我的服务器的重定向。
英文:
The problem was that I have configured a redirect from my domain name to my server by mistake.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论