Я успешно использовал Let's Encrypt для двух своих доменов; но когда я попробовал те же шаги, что и https://antipaucity.com/2016/01/06/lets-encrypt-centos-6-truly-free-ssl/, он зависает и в конечном итоге вызывает исключение ниже. Все рассматриваемые домены размещены на одном сервере, а административные данные, такие как DNS, совпадают.
когда letsencrypt-auto --debug certonly разбился, вот результат:
Traceback (most recent call last):
File "/home/cjsh/.local/share/letsencrypt/bin/letsencrypt", line 11, in
sys.exit(main())
File "/home/cjsh/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/main.py", line 692, in main
return config.func(config, plugins)
File "/home/cjsh/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/main.py", line 509, in obtain_cert
_, action = _auth_from_domains(le_client, config, domains, lineage)
File "/home/cjsh/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/main.py", line 93, in _auth_from_domains
lineage = le_client.obtain_and_enroll_certificate(domains)
File "/home/cjsh/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/client.py", line 274, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File "/home/cjsh/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/client.py", line 246, in obtain_certificate
self.config.allow_subset_of_names)
File "/home/cjsh/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/auth_handler.py", line 74, in get_authorizations
self._respond(resp, best_effort)
File "/home/cjsh/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/auth_handler.py", line 131, in _respond
self._poll_challenges(chall_update, best_effort)
File "/home/cjsh/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/auth_handler.py", line 195, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. pragmatometer.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: DNS problem: query timed out looking up A for pragmatometer.com
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: pragmatometer.com
Type: connection
Detail: DNS problem: query timed out looking up A for
pragmatometer.com
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
Я предполагаю, что со стороны Let's Encrypt произошел прерывистый / кратковременный сбой DNS / тайм-аут (или, возможно, у вас было медленное соединение).
Действительно, быстрая проверка основного сообщения об ошибке ("query timed out looking up A for" site:letsencrypt.org) показывает некоторые сообщения на сайте форума LE, например вот этот.
Попробуйте еще раз чуть позже, и вы должны стать золотыми.