能 ping 通 https 不一定能连通,用 curl 命令实际测试下。
# curl -v https://acme-v01.api.letsencrypt.org/directory
* About to connect() to acme-v01.api.letsencrypt.org port 443 (#0)
* Trying 184.27.173.2...
* Connected to acme-v01.api.letsencrypt.org (184.27.173.2) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN=acme-v02.api.letsencrypt.org
* start date: Oct 12 01:36:41 2018 GMT
* expire date: Jan 10 01:36:41 2019 GMT
* common name: acme-v02.api.letsencrypt.org
* issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US
> GET /directory HTTP/1.1
> User-Agent: curl/7.29.0
> Host: acme-v01.api.letsencrypt.org
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx
< Content-Type: application/json
< Content-Length: 658
< Replay-Nonce: ecNfooZMh6ZzNJ_8Ip-XcxV2RTF9fQE2qB1prrCRdHs
< X-Frame-Options: DENY
< Strict-Transport-Security: max-age=604800
< Expires: Mon, 12 Nov 2018 06:44:34 GMT
< Cache-Control: max-age=0, no-cache, no-store
< Pragma: no-cache
< Date: Mon, 12 Nov 2018 06:44:34 GMT
< Connection: keep-alive
<
{
"3knmnOwPyqA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"terms-of-service": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",
"new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",
"new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",
"revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"
* Connection #0 to host acme-v01.api.letsencrypt.org left intact
}
可以ping通啊