LetsEncrypt 续期报错

因为DNS被污染,无法解析,使用certbot-auto renew 命令会报错

Traceback (most recent call last):
  File "/usr/local/lib/python3.6/site-packages/certbot/ocsp.py", line 187, in _check_ocsp_cryptography
    timeout=timeout)
  File "/usr/lib/python3.6/site-packages/requests/api.py", line 112, in post
    return request('post', url, data=data, json=json, **kwargs)
  File "/usr/lib/python3.6/site-packages/requests/api.py", line 58, in request
    return session.request(method=method, url=url, **kwargs)
  File "/usr/lib/python3.6/site-packages/requests/sessions.py", line 530, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/lib/python3.6/site-packages/requests/sessions.py", line 651, in send
    r = adapter.send(request, **kwargs)
  File "/usr/lib/python3.6/site-packages/requests/adapters.py", line 514, in send
    raise ReadTimeout(e, request=request)
requests.exceptions.ReadTimeout: HTTPConnectionPool(host='ocsp.int-x3.letsencrypt.org', port=80): Read timed out. (read timeout=10)
2020-06-23 16:46:22,386:INFO:certbot._internal.renewal:Cert not yet due for renewal
2020-06-23 16:46:22,388:DEBUG:certbot._internal.plugins.selection:Requested authenticator certbot-dns-aliyun:dns-aliyun and installer None
2020-06-23 16:46:22,389:DEBUG:certbot._internal.renewal:no renewal failures

最快的解决方法:
需要一台香港或海外的云机,ping ocsp.int-x3.letsencrypt.org 的真实ip.然后在自己的云机host中指定域名的ip

vim /etc/hosts

你可能感兴趣的:(LetsEncrypt 续期报错)