2019年11月开始AMH4.2.1中SSL证书无法获取证书的解决办法


2019年11月开始,陆续发现AMH4.2.1中SSL证书无法正常获取证书了,包括使用命令行渠道也无法获取证书。
尝试生成会有如下提示:

Register account Error: {“type”:“urn:acme:error:unauthorized”,“detail”:“Account creation on ACMEv1 is disabled.
Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555.
See https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430 for details.”,“status”: 403}
[Fri Nov 15 02:29:17 UTC 2019] Please add '–debug' or '–log' to check more details.

原来LET'S ENCRYPT官方在2019年11月将终止V1证书的注册了。


如何判断自己用的是V1还是V2,或是否已升级到V2?

在SSH中执行以下命令

cat /root/.acme.sh/acme.sh | grep VER=

若显示是2.7.3则表示是V1
若是2.8.*或以上则表示是V2


解决办法

在SSH中执行以下命令,完成获取证书的脚本更新即可。

/root/.acme.sh/acme.sh --upgrade
acme.sh --set-default-ca  --server  letsencrypt



更新完成后会有如下提示:

[Fri Nov 15 14:44:06 UTC 2019] Installing from online archive.
[Fri Nov 15 14:44:06 UTC 2019] Downloading https://github.com/Neilpang/acme.sh/archive/master.tar.gz
[Fri Nov 15 14:44:08 UTC 2019] Extracting master.tar.gz
[Fri Nov 15 14:44:08 UTC 2019] It is recommended to install socat first.
[Fri Nov 15 14:44:08 UTC 2019] We use socat for standalone server if you use standalone mode.
[Fri Nov 15 14:44:08 UTC 2019] If you don't use standalone mode, just ignore this warning.
[Fri Nov 15 14:44:08 UTC 2019] Installing to /root/.acme.sh
[Fri Nov 15 14:44:08 UTC 2019] Installed to /root/.acme.sh/acme.sh
[Fri Nov 15 14:44:08 UTC 2019] Installing alias to '/root/.bashrc'
[Fri Nov 15 14:44:08 UTC 2019] OK, Close and reopen your terminal to start using acme.sh
[Fri Nov 15 14:44:08 UTC 2019] Installing alias to '/root/.cshrc'
[Fri Nov 15 14:44:08 UTC 2019] Installing alias to '/root/.tcshrc'
[Fri Nov 15 14:44:08 UTC 2019] Good, bash is found, so change the shebang to use bash as preferred.
[Fri Nov 15 14:44:09 UTC 2019] OK
[Fri Nov 15 14:44:09 UTC 2019] Install success!
[Fri Nov 15 14:44:09 UTC 2019] Upgrade success!
到此,就可以继续使用Let's encrypt免费证书了!

最后更改: in 2021/07/12 11:22