在使用宝塔面板申请SSL泛域名有个问题,泛域名只能通过DNS方式申请,如果我们只申请*.aichh.com 这一个泛域名的话,根域*.aichh.com解析过来就会报证书错误。同时选择两个域名申请的话面板又会报错,类似下面:
[Mon Nov 26 14:57:52 CST 2018] Multi domain=’DNS:*.a.xyz,DNS:*.b.cn,DNS:*.c.biz’
[Mon Nov 26 14:57:52 CST 2018] Getting domain auth token for each domain
[Mon Nov 26 14:57:53 CST 2018] Getting webroot for domain=’*.a.xyz’
[Mon Nov 26 14:57:52 CST 2018] Getting domain auth token for each domain
[Mon Nov 26 14:57:53 CST 2018] Getting webroot for domain=’*.a.xyz’
[Mon Nov 26 14:57:54 CST 2018] Getting webroot for domain=’*.b.cn’
[Mon Nov 26 14:57:54 CST 2018] Error, can not get domain token entry *.b.cn
[Mon Nov 26 14:57:54 CST 2018] The supported validation types are: dns-01 , but you specified: http-01
[Mon Nov 26 14:57:54 CST 2018] The supported validation types are: dns-01 , but you specified: http-01
经过分析,由于宝塔面板在dns方式申请传多个域名的时候,第一个泛域名dns-01认证成功了,但是第二个泛域名又变成用http-01进行验证,导致失败。
重点来了,修复方式如下:
修改/www/server/panel/class/panelSite.py 找到execStr += ‘ -w ‘ + done; 注释即可。
然后重启面板程序。
iva:https://blog.panzy.org/lets-encrypt-on-bt-pannel.htm
