@47911

Не получается получить сертификат letsencrypt для ~560 доменов. Проблема в cerbot или у https://acme-v02.api.letsencrypt.org/acme/new-nonce?

Инструкция:
https://certbot.eff.org/lets-encrypt/debianbuster-nginx

Когда установил и запустил:
sudo certbot --nginx
Мне выдаёт:
>>>>>
>>после указания "все домены", их порядка 560<<
Renewing an existing certificate
An unexpected error occurred:
acme.errors.ClientError:
Please see the logfiles in /var/log/letsencrypt for more details.
<<<<<<

в логах "413 Request Entity Too Large"
Подробнее:
И в логе /var/log/letsencrypt

2020-09-20 17:43:01,752:DEBUG:certbot.cert_manager:Renewal conf file /etc/letsencrypt/renewal/xn--142.xn--p1ai.conf is broken. Skipping.
2020-09-20 17:43:01,752:DEBUG:certbot.cert_manager:Traceback was:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/cert_manager.py", line 383, in _search_lineages
candidate_lineage = storage.RenewableCert(renewal_file, cli_config)
File "/usr/lib/python3/dist-packages/certbot/storage.py", line 444, in __init__
"file reference".format(self.configfile))
certbot.errors.CertStorageError: renewal config file {} is missing a required file reference

2020-09-20 17:43:07,015:INFO:certbot.main:Renewing an existing certificate
2020-09-20 17:43:07,365:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/9295_key-certbot.pem
2020-09-20 17:43:07,500:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/9295_csr-certbot.pem
2020-09-20 17:43:07,506:DEBUG:acme.client:Requesting fresh nonce
2020-09-20 17:43:07,506:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2020-09-20 17:43:07,507:DEBUG:urllib3.connectionpool:Resetting dropped connection: acme-v02.api.letsencrypt.org
2020-09-20 17:43:08,380:DEBUG:urllib3.connectionpool:https://acme-v02.api.... "HEAD /acme/new-nonce HTTP/1.1" 200 0
2020-09-20 17:43:08,381:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 20 Sep 2020 10:43:08 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: ;rel="index"
Replay-Nonce: 0102YoUqBj7ubs69ET3MWsacLyTkReo0VpJfrvfVH-afVsk
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

2020-09-20 17:43:08,381:DEBUG:acme.client:Storing nonce: 0102YoUqBj7ubs69ET3MWsacLyTkReo0VpJfrvfVH-afVsk
2020-09-20 17:43:08,394:DEBUG:acme.client:JWS payload:
b'{\n "identifiers": [\n {\n
>>>>>>>>>>>>>>>>>>>>>>>>>>>>тут идёт перечисление доменов сервера. Порядка 560 штук. на 50 000 символов<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
\n }\n ]\n}'
2020-09-20 17:43:08,400:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzQyMTY3ODAiLCAibm9uY2UiOiAiMDEwMllvVXFCajd1YnM2OUVUM01Xc2FjTHlUa1JlbzBWcEpmcnZmVkgtYWZWc2siLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9",
"signature": "Y3HqMUiE4FTpzjptxNWvmQhJnzrnSUkrT2S0pjqSYOiPW3ptNRnQm-h0NEj82qXnKDb4zeYWQxO9jzo3dQFV_ksifs50YLsCmbHjEwJ3TejUpL8cwpp7DiOzppVVY4f3AZ9QCLQ66w-zHQA-qpT3toYxIM56S6N_poOhKfILSI5xiX9k-06gxuQh565wZs_JG9Ncsg7AZyebfexUmaKO4oEUscRbmd45tPehbPxeBc8AkjIooKWOhK9eMdkAMaEJ5JaJu7IxXLuyTyHdqdW91u-aQj_j-An60ywdv760BYW5iah2BV5rfVWvq7_1q2BHaMLWNJ1wr65SsOqjXoWGYQ",
"payload": "КУЧАБУКВ. Более 55 000 штук."
}
2020-09-20 17:43:08,603:DEBUG:urllib3.connectionpool:https://acme-v02.api.... "POST /acme/new-order HTTP/1.1" 413 176
2020-09-20 17:43:08,604:DEBUG:acme.client:Received response:
HTTP 413
Server: nginx
Date: Sun, 20 Sep 2020 10:43:08 GMT
Content-Type: text/html
Content-Length: 176
Connection: close


413 Request Entity Too Large

413 Request Entity Too Large
nginx



2020-09-20 17:43:08,605:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 11, in
load_entry_point('certbot==0.31.0', 'console_scripts', 'certbot')()
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1365, in main
return config.func(config, plugins)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1119, in run
certname, lineage)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 116, in _get_and_save_cert
renewal.renew_cert(config, domains, le_client, lineage)
File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 310, in renew_cert
new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 353, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 385, in _get_order_and_authorizations
orderr = self.acme.new_order(csr_pem)
File "/usr/lib/python3/dist-packages/acme/client.py", line 889, in new_order
return self.client.new_order(csr_pem)
File "/usr/lib/python3/dist-packages/acme/client.py", line 672, in new_order
response = self._post(self.directory['newOrder'], order)
File "/usr/lib/python3/dist-packages/acme/client.py", line 96, in _post
return self.net.post(*args, **kwargs)
File "/usr/lib/python3/dist-packages/acme/client.py", line 1204, in post
return self._post_once(*args, **kwargs)
File "/usr/lib/python3/dist-packages/acme/client.py", line 1218, in _post_once
response = self._check_response(response, content_type=content_type)
File "/usr/lib/python3/dist-packages/acme/client.py", line 1079, in _check_response
raise errors.ClientError(response)
acme.errors.ClientError:
2020-09-20 17:43:08,608:ERROR:certbot.log:An unexpected error occurred:

Собственно как получить сертификаты?
  • Вопрос задан
  • 118 просмотров
Пригласить эксперта
Ответы на вопрос 1
@Wexter
Получайте отдельными запросами
Ответ написан
Ваш ответ на вопрос

Войдите, чтобы написать ответ

Войти через центр авторизации
Похожие вопросы
Indacoin Москва
До 240 000 ₽
Studyworld Санкт-Петербург
от 150 000 до 200 000 ₽
24 окт. 2020, в 13:21
12000 руб./за проект
24 окт. 2020, в 12:03
1 руб./за проект
24 окт. 2020, в 11:52
90000 руб./за проект