这是我第一次构建服务器并将其托管到AWS EC2
让我简单介绍一下我到目前为止所做的事情:
第 1 步:我将 EC2 ipv4 地址映射到域(例如 week10.100xdevs.com)
第2步:然后我打开 sudo vi /etc/nginx/nginx.conf 并插入此代码:
events {
worker_connections 1024;
}
http {
server {
listen 80;
server_name week10.100xdevs.com;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
}
第 3 步:我在我的服务器文件上启动了 pm2 index.js。
第4步:然后我使用 sudo snap install --classic certbot 安装了 certbot
第 5 步:使用 sudo ln -s /snap/bin/certbot /usr/bin/certbot 准备 certbot
第6步:最后我做到了,sudo certbot --nginx
我收到此错误:
sudo certbot --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: week10.100xdevs.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Requesting a certificate for week10.100xdevs.com
Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Domain: week10.100xdevs.com
Type: connection
Detail: 3.88.225.115: Fetching http://week10.100xdevs.com/.well-known/acme-challenge/apVWIX8WnEim8VNlAaYc7_mfI2PXAtJ2RLF-1kqEfKc: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
如何修复这个错误?
现在经过太多尝试,我得到了:
Plugins selected: Authenticator nginx, Installer nginx
Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: week10.100xdevs.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Requesting a certificate for week10.100xdevs.com
An unexpected error occurred:
Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/failed-validation-limit/
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
我们需要拥有该域名才能为其生成证书。我生成的 EC2 url 是错误的。 Certbot 验证某人是否确实拥有某个域,我们需要向 certbot 提供域所有权,以便能够为该特定域生成证书。