myN*_*unt 3 email-server postfix ssl-certificate
主办方:数字海洋
\n\n操作系统: CentOS
\n\n我有一个涵盖我的域的现有 SSL 证书。
\n\n$ certbot certificates产生这个输出。
Found the following certs:\n Certificate Name: example.com\n Domains: example.com www.example.com\n Expiry Date: 2020-04-12 21:20:31+00:00 (VALID: 86 days)\n Certificate Path: /etc/letsencrypt/live/example.com/fullchain.pem\n Private Key Path: /etc/letsencrypt/live/example.com/privkey.pem\n我安装了postfix并且我相信我需要将mail.example.com添加到我的证书中。
我尝试使用此命令将mail.example.com添加到我的证书中,
\n\n$ sudo certbot certonly --standalone -d mail.example.com
不幸的是它抛出了这个错误,
\n\nSaving debug log to /var/log/letsencrypt/letsencrypt.log\nPlugins selected: Authenticator standalone, Installer None\nStarting new HTTPS connection (1): acme-v02.api.letsencrypt.org\nObtaining a new certificate\nPerforming the following challenges:\nhttp-01 challenge for mail.example.com\nWaiting for verification\xe2\x80\xa6\nChallenge failed for domain mail.example.com\nhttp-01 challenge for mail.example.com\nCleaning up challenges\nSome challenges have failed.\n\nIMPORTANT NOTES:\n\nThe following errors were reported by the server:\n\nDomain: mail.example.com\nType: dns\nDetail: DNS problem: NXDOMAIN looking up A for mail.example.com\ncertbot 似乎正在尝试使用 A 记录安装mail.example.com 。在我的域记录部分的 Digital Ocean 上,mail.example.com被创建为 MX 记录,而不是 A 记录。
\n像这样做:
$ sudo certbot -d mail.example.com --manual --preferred-challenges dns certonly
将打印 DNS TXT 记录(只需不要单击Enter),将其发布到您的 DNS 并等待,直到您确定可以从 DNS 外部读取 TXT 记录,然后单击Enter,它将被验证。
| 归档时间: |
|
| 查看次数: |
8112 次 |
| 最近记录: |