关于Let's Encrypt证书签发无限等待的问题-使用交流-AppNode 社区

关于Let's Encrypt证书签发无限等待的问题

秋羽和 2018-6-6 3474

我现在遇到一个很囧的问题，证书到期了，现在申请重新签发，但是....

如果按F12可以看到这一条请求一直处于 padding 状态，
....api?api_action=Cert.Request...

请教一下，该怎么办....

最新回复 (3)

虚竹 2018-6-6

引用 2楼
一般是由于你的服务器与 Let's Encrypt 服务器之间的网络连通性造成的，可使用以下命令测试下看看：
```
curl -v https://acme-v02.api.letsencrypt.org/directory
```
正常输出示例：
Quote# curl -v https://acme-v02.api.letsencrypt.org/directory
* About to connect() to acme-v02.api.letsencrypt.org port 443 (#0)
* Trying 125.252.217.88...
* Connected to acme-v02.api.letsencrypt.org (125.252.217.88) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
* subject: CN=acme-v02.api.letsencrypt.org
* start date: May 25 00:25:19 2018 GMT
* expire date: Aug 23 00:25:19 2018 GMT
* common name: acme-v02.api.letsencrypt.org
* issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US
> GET /directory HTTP/1.1
> User-Agent: curl/7.29.0
> Host: acme-v02.api.letsencrypt.org
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx
< Content-Type: application/json
< Content-Length: 658
< X-Frame-Options: DENY
< Strict-Transport-Security: max-age=604800
< Expires: Wed, 06 Jun 2018 06:13:37 GMT
< Cache-Control: max-age=0, no-cache, no-store
< Pragma: no-cache
< Date: Wed, 06 Jun 2018 06:13:37 GMT
< Connection: keep-alive
<
{
"in1Qb0LhppM": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
* Connection #0 to host acme-v02.api.letsencrypt.org left intact
秋羽和 2018-6-6

引用 3楼

运行该命令的回复如下：
[root@s3 ~]# curl -v https://acme-v02.api.letsencrypt.org/directory
* About to connect() to acme-v02.api.letsencrypt.org port 443 (#0)
* Trying 104.78.106.189...
* Connected to acme-v02.api.letsencrypt.org (104.78.106.189) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
* subject: CN=acme-v02.api.letsencrypt.org
* start date: May 25 00:25:19 2018 GMT
* expire date: Aug 23 00:25:19 2018 GMT
* common name: acme-v02.api.letsencrypt.org
* issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US
> GET /directory HTTP/1.1
> User-Agent: curl/7.29.0
> Host: acme-v02.api.letsencrypt.org
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx
< Content-Type: application/json
< Content-Length: 658
< X-Frame-Options: DENY
< Strict-Transport-Security: max-age=604800
< Expires: Wed, 06 Jun 2018 06:18:44 GMT
< Cache-Control: max-age=0, no-cache, no-store
< Pragma: no-cache
< Date: Wed, 06 Jun 2018 06:18:44 GMT
< Connection: keep-alive
<
{
"WOnoj1UlUAk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
* Connection #0 to host acme-v02.api.letsencrypt.org left intact
}[root@s3 ~]#
小鱼儿 2018-6-8

引用 4楼

您好, 您更新后即可修复.

发新帖

秋羽和

主题数
1

帖子数
3

注册排名
1115