更新ubuntu内核后引起的openssl相关问题

问答中心分类: Linux更新ubuntu内核后引起的openssl相关问题
meexo asked 6年 ago

ubuntu16.04 更新内核到4.4.0-119-generic 更新后所有php网站都无法访问,查看日志发现如下错误: ssh: /usr/local/openssl/lib/libcrypto.so.1.0.0: no version information avail 经多方查找,解决方法如下:

  1. 卸载openssl后重新安装
  2. 删除/usr/local/openssl/lib/libcrypto.so.1.0.0,或改名.

此时重启服务器php站点可以正常访问.  

3 Answers
oneinstack answered 6年 ago
重命名以下文件试下:

mv /etc/ld.so.conf.d/openssl.conf /etc/ld.so.conf.d/z_openssl.conf 

meexo answered 6年 ago
新的问题是可能是由于我重装了openssl,于是导致根证书丢失
新建站点时提示如下错误:

Do you want to redirect all HTTP requests to HTTPS? [y/n]: y
More: https://oneinstack.com/faq/letsencrypt
[Fri Apr 13 09:26:18 CST 2018] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Fri Apr 13 09:26:18 CST 2018] Can not init api.
[Fri Apr 13 09:26:18 CST 2018] Single domain='fe.xxx.com'
[Fri Apr 13 09:26:18 CST 2018] Getting domain auth token for each domain
[Fri Apr 13 09:26:18 CST 2018] Getting webroot for domain='fe.xxx.com'
[Fri Apr 13 09:26:18 CST 2018] Getting new-authz for domain='fe.xxx.com'
[Fri Apr 13 09:26:18 CST 2018] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Fri Apr 13 09:26:18 CST 2018] Can not init api.
[Fri Apr 13 09:26:18 CST 2018] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Fri Apr 13 09:26:18 CST 2018] Can not connect to https://acme-v01.api.letsencrypt.org/directory to get nonce.
[Fri Apr 13 09:26:18 CST 2018] Can not get domain new authz.
[Fri Apr 13 09:26:18 CST 2018] Please add '--debug' or '--log' to check more details.
[Fri Apr 13 09:26:18 CST 2018] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
Error: Create Let's Encrypt SSL Certificate failed!

经查:
CURLE_SSL_CACERT_BADFILE (77)
Problem with reading the SSL CA cert (path? access rights?)
此时是否需要手动建立根证书.

meexo answered 6年 ago
解决方法:

apt-get install ca-certificates