let's encrypt 生成证书时，404 not found的错误_acme 404

今天在服务器上为另一个域名添加ssl，结果出现了http://xxx/.well-known/… 404 not found的错误

[root@fungli myxhs]# sudo certbot certonly --webroot -w /webser/www/myxhs -d xxx.xxx.cn -m xxxx@outlook.com --agree-tos
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for xxx.xxx.cn
Using the webroot path /webser/www/myxhs for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. xxx.xxx.cn (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://xxx.xxx.cn/.well-known/acme-challenge/5vo0TVEuIagsjJ5Z3o0s9Kpvbi2I4Mz21hyg3SB3y2c: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: xxx.xxx.cn
   Type:   unauthorized
   Detail: Invalid response from
   http://xxx.xxx.cn/.well-known/acme-challenge/5vo0TVEuIagsjJ5Z3o0s9Kpvbi2I4Mz21hyg3SB3y2c:
   "<html>
   <head><title>404 Not Found</title></head>
   <body bgcolor="white">
   <center><h1>404 Not Found</h1></center>
   <hr><center>"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

后台发现是nginx配置的错误，我的项目是基于Laravel5开发的，需要在nginx配置中加上一段：

#myxhs 是我项目的根目录，而站点的解析目录需要指定到/var/www/html/myxhs/public下。

location ~ /.well-known {
        root /var/www/html/myxhs;
        allow all;
    }
1
2
3
4
5
6
7
8

.well-known是什么文件夹？

.well-known 文件夹是申请SSL时自动生成的，删除不影响SSL工作，但是当SSL过期续期后会再次自动生成
1