当我使用此命令生成我的网站的证书时:
/usr/local/bin/certbot certonly -d '*.poemhub.top' \
--manual --preferred-challenges dns \
--cert-name=poemhub \
--key-type=ecdsa \
--server https://acme-v02.api.letsencrypt.org/directory它告诉我产生成功:
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/poemhub/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/poemhub/privkey.pem
Your certificate will expire on 2021-10-10. To obtain a new or
tweaked version of this certificate in the future, simply run
certbot again. To non-interactively renew *all* of your
certificates, run "certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le现在我使用这个命令来重新加载nginx:
nginx -s reload告诉我这个错误:
nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/poemhub.top/fullchain.pem": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)哪里出了问题?我应该怎么做来解决这个问题?
2条答案
按热度按时间mmvthczy1#
您在nginx配置中使用的路径不是生成文件的路径:
...已保存在:/etc/让加密/实时/poemhub/完整链.pem
与
“/etc/让加密/实时/poemhub.top/完整链.pem”:PEM_read_bio_X509_AUX()失败...
qnakjoqk2#
如果您交换了密钥和证书文件(wasn't me:)),则可能会出现此错误。