添加链接
link管理
链接快照平台
  • 输入网页链接,自动生成快照
  • 标签化管理网页链接

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com ), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: websitename

I ran this command: ee site ssl-renew websitename

It produced this output:

PHP Fatal error: Uncaught GuzzleHttp\Exception\ConnectException: cURL error 7: Failed to connect to www.beansincup.se port 80: Connection refused (see http://curl.haxx.se/libcurl/c/libcurl-errors.html ) in phar:///usr/local/bin/ee/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php:185

Stack trace:

#0 phar:///usr/local/bin/ee/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php(149): GuzzleHttp\Handler\CurlFactory::createRejection(Object(GuzzleHttp\Handler\EasyHandle), Array)

#1 phar:///usr/local/bin/ee/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php(102): GuzzleHttp\Handler\CurlFactory::finishError(Object(GuzzleHttp\Handler\CurlHandler), Object(GuzzleHttp\Handler\EasyHandle), Object(GuzzleHttp\Handler\CurlFactory))

#2 phar:///usr/local/bin/ee/vendor/guzzlehttp/guzzle/src/Handler/CurlHandler.php(43): GuzzleHttp\Handler\CurlFactory::finish(Object(GuzzleHttp\Handler\CurlHandler), Object(GuzzleHttp\Handler\EasyHandle), Object(GuzzleHttp\Handler\CurlFactory))

#3 phar:///usr/local/bin/ee/vendor/guzzlehttp/guzzle/src/Handler/P in phar:///usr/local/bin/ee/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php on line 185

Warning: An Error occurred. Initiating clean-up.

Warning: Exiting gracefully after rolling back. This may take some time.

Success: Rollback complete. Exiting now.

My web server is (include version):

The operating system my web server runs on is (include version): Nginx

My hosting provider, if applicable, is: Linode

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Please, I need help. Thanks!

root@localhost:~# ps aux | grep nginx
root 2755 0.0 0.3 76456 7828 ? Ss 10:23 0:00 nginx: master process /usr/bin/openresty -g daemon off;
root 2805 0.0 0.3 76456 7836 ? Ss 10:23 0:00 nginx: master process /usr/bin/openresty -g daemon off;
root 2835 0.0 0.3 76456 7904 ? Ss 10:23 0:00 nginx: master process /usr/bin/openresty -g daemon off;
www-data 3615 0.0 0.2 78196 5056 ? S 10:23 0:00 nginx: worker process
www-data 3616 0.0 0.2 78196 5112 ? S 10:23 0:00 nginx: worker process
www-data 3675 0.0 0.2 78196 4996 ? S 10:23 0:00 nginx: worker process
root 4875 0.0 0.0 14228 916 pts/0 S+ 11:00 0:00 grep --color=auto nginx

ss -tlnp

The current “connection refused” error is usually an indicator of the domain pointing to the wrong IP address, the webserver not listening on the correct address (or at all), or a firewalling issue.

The site is indeed not reachable externally, but the EE certificate issuance process seems to depend on it being available:

$ curl -X GET -I http://www.beansincup.se/
curl: (7) Failed to connect to www.beansincup.se port 80: Connection refused

root@localhost:~# ps aux | grep nginx
root 2755 0.0 0.3 76456 7828 ? Ss 10:23 0:00 nginx: master process /usr/bin/openresty -g daemon off;
root 2805 0.0 0.3 76456 7836 ? Ss 10:23 0:00 nginx: master process /usr/bin/openresty -g daemon off;
root 2835 0.0 0.3 76456 7904 ? Ss 10:23 0:00 nginx: master process /usr/bin/openresty -g daemon off;
www-data 3615 0.0 0.2 78196 5056 ? S 10:23 0:00 nginx: worker process
www-data 3616 0.0 0.2 78196 5112 ? S 10:23 0:00 nginx: worker process
www-data 3675 0.0 0.2 78196 4996 ? S 10:23 0:00 nginx: worker process
root 4875 0.0 0.0 14228 916 pts/0 S+ 11:00 0:00 grep --color=auto nginx
root@localhost:~# sudo service nginx start
Failed to start nginx.service: Unit nginx.service not found.
root@localhost:~# ss -tlnp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 :22 : users:((“sshd”,pid=1186,fd=3))
LISTEN 0 128 :::22 :::
users:((“sshd”,pid=1186,fd=4))

root@localhost:~# ss -tlnp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 :22 : users:((“sshd”,pid=1186,fd=3))
LISTEN 0 128 :::22 :::
users:((“sshd”,pid=1186,fd=4))

I'm not too familiar with EasyEngine, but it doesn't look like that your webserver is running at all. Because of that, EasyEngine's Let's Encrypt functionality is not working.

It seems to me that you should try get your nginx/nginx-proxy service running again, before trying to address the Let's Encrypt issue.

Failing that, you might have more luck asking for help on the EasyEngine community forums - Requesting Support .

FWIW the domain is working now.

$ echo | openssl s_client -connect www.beansincup.se:443 -servername www.beansincup.se 2>/dev/null | openssl x509 -noout -startdate -enddate
notBefore=Jun 13 13:19:45 2019 GMT
notAfter=Sep 11 13:19:45 2019 GMT
$ curl -IL www.beansincup.se
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 13 Jun 2019 16:44:57 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.beansincup.se/
X-Powered-By: EasyEngine v4.0.10
HTTP/2 200 
server: nginx
date: Thu, 13 Jun 2019 16:44:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://www.beansincup.se/wp-json/>; rel="https://api.w.org/"
link: <https://www.beansincup.se/>; rel=shortlink
x-srcache-fetch-status: MISS
x-srcache-store-status: BYPASS
x-powered-by: EasyEngine v4.0.10