执行certbot --nginx命令生成秘钥时, 报错如下：
Saving debug log to /var/log/letsencrypt/letsencrypt.log
The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError()
查看debug日志内容如下：
DEBUG:certbot.plugins.disco:No installation (PluginEntryPoint#nginx):
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/certbot/plugins/disco.py", line 126, in prepare
    self._initialized.prepare()
  File "/usr/lib/python2.7/site-packages/certbot_nginx/configurator.py", line 131, in prepare
    raise errors.NoInstallationError
经过google，看了几篇帖子发现：
certbot生成证书时，需要读取默认nginx，需要将openresty/nginx/sbin/nginx加入到PATH里 or ln -s /usr/local/openresty/nginx/sbin/nginx /usr/local/sbin/nginx
然后就能才正确安装证书了；希望能帮到同样错误的同学

老师，您好，学完这节我有两个问题，项目是跑的8081（a项目）和8082（b项目）端口的情况下：
第一个问题：nginx配置多域名，https多证书，能不能实现两个域名访问80端口展示不同项目（证书来源于阿里云ssl免费证书，下载后传上去，域名也是购买了的备案域名）
第二个问题：http协议下，能否实现a域名访问a项目，b域名访问b项目，我现在实现了，a、b域名同时访问a项目、a/xxx或者b/xxx访问b项目，如果a、b域名分开配置，a的location /指向a项目，b的location /指向b项目，那么，b域名任然指向a项目。希望老师百忙之中，指点一下，谢谢了。

[root@iz2zea99qngm2wop0tah5fz nginx-1.15.8]# certbot --nginx --nginx-server-root=/usr/local/nginx/conf/ -d www.hwenip.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): 1648855816@qq.com
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
certbot --nginx --nginx-server-root=/usr/local/nginx/conf/ -d www.hwenip.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A
Unable to register an account with ACME server

老师为什么我的和您的不同

老师，我这里已经重新安装编译了nginx，
[root@iZ2ze841dceuaqkayzbyk2Z sbin]# ./nginx -V
nginx version: nginx/1.16.1
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/opt --with-http_stub_status_module --with-http_ssl_module --with-file-aio --with-http_realip_module
但是一直提示我Nginx build is missing SSL module (--with-http_ssl_module).
这个




[root@iZ2ze841dceuaqkayzbyk2Z opt]# cat -n /var/log/letsencrypt/letsencrypt.log
     
     6 2019-11-26 11:03:27,175:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx
     7 2019-11-26 11:03:27,278:DEBUG:certbot.plugins.disco:Other error:(PluginEntryPoint#nginx): Nginx build is missing SSL module (--with-http_ssl_module).
     8 Traceback (most recent call last):
     9 File "/usr/lib/python2.7/site-packages/certbot/plugins/disco.py", line 130, in prepare
    10 self._initialized.prepare()
    11 File "/usr/lib/python2.7/site-packages/certbot_nginx/configurator.py", line 199, in prepare
    12 self.version = self.get_version()
    13 File "/usr/lib/python2.7/site-packages/certbot_nginx/configurator.py", line 993, in get_version
    14 "Nginx build is missing SSL module (--with-http_ssl_module).")
    15 PluginError: Nginx build is missing SSL module (--with-http_ssl_module).
    16 2019-11-26 11:03:27,279:DEBUG:certbot.plugins.selection:No candidate plugin
    17 2019-11-26 11:03:27,279:DEBUG:certbot.plugins.selection:Selected authenticator None and installer None

配好ssl证书，启动nginx时，提示443占用，查看端口，如下：是什么意思？
#lsof -i：443
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nps 11498 root 5u IPv6 18329035 0t0 TCP VM_0_13_centos:https->123.14.255.18:37836 (ESTABLISHED)
nps 11498 root 7u IPv6 18329054 0t0 TCP VM_0_13_centos:https->123.14.255.18:37838 (ESTABLISHED)
nps 11498 root 13u IPv6 15220026 0t0 TCP *:https (LISTEN)

老师，按您的配置，在腾讯云上配置后，提示：建立安全连接失败

连接到 www.iotserver.vip 时发生错误。PR_END_OF_FILE_ERROR

    由于不能验证所收到的数据是否可信，无法显示您想要查看的页面。
    建议向此网站的管理员反馈这个问题。
配置文件如下：
#keepalive_timeout 0;
    keepalive_timeout 65;

    gzip on;
    gzip_comp_level 2;
    gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
    server {
        listen 80;
        server_name iotserver.vip;

        #charset koi8-r;

        #access_log logs/host.access.log main;

        location / {
            alias /home/zx/soft/dist/;
            index index.html index.htm;
        }

        #error_page 404 /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
            root html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        # proxy_pass http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        # root html;
        # fastcgi_pass 127.0.0.1:9000;
        # fastcgi_index index.php;
        # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
        # include fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        # deny all;
        #}

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/iotserver.vip/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/iotserver.vip/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

选择了不进行重定向后报这个错误：
An unexpected error occurred:
UnicodeDecodeError: 'ascii' codec can't decode byte 0xe6 in position 1: ordinal not in range(128)
Please see the logfiles in /var/log/letsencrypt for more details.

IMPORTANT NOTES:
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.

(A)gree/(C)ancel: A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: y
Starting new HTTPS connection (1): supporters.eff.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for lovedb.cn
Cleaning up challenges
An unexpected error occurred:
UnicodeDecodeError: 'ascii' codec can't decode byte 0xe6 in position 1: ordinal not in range(128)
Please see the logfiles in /var/log/letsencrypt for more details.

IMPORTANT NOTES:
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.

陶老师您好，在这章我想跟着使用SSL证书配置的时候，用 pythons-certbot-nginx这个命令一直出现[root@37d8c2847125 sbin]# yum install python2-certbot-nginx
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
....
No package python2-certbot-nginx available.
Error: Nothing to do
这样的错误，yum 也update过了，也根据您在留言中解答时说的下载了epel-realse;但是还是一直不行。网上找了一些办法试了也都不行，我使用的是centOS6；yum源下载的是阿里云的，请问有什么办法可以解决么？现在我不知道问题出在哪里，烦请您有空的时候解答一下如何配置，感谢。

老师，为什么我在centos7.3里面用 yum install python2-certbot-nginx 命令装 certbot，执行certbot之后报了以下的错误：
Traceback (most recent call last):
  File "/usr/bin/certbot", line 9, in <module>
    load_entry_point('certbot==0.29.1', 'console_scripts', 'certbot')()
  File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 487, in load_entry_point
    return get_distribution(dist).load_entry_point(group, name)
  File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2728, in load_entry_point
    return ep.load()
  File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2346, in load
    return self.resolve()
  File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2352, in resolve
    module = __import__(self.module_name, fromlist=['__name__'], level=0)
  File "/usr/lib/python2.7/site-packages/certbot/main.py", line 23, in <module>
    from certbot import client
  File "/usr/lib/python2.7/site-packages/certbot/client.py", line 16, in <module>
    from acme import client as acme_client
  File "/usr/lib/python2.7/site-packages/acme/client.py", line 40, in <module>
    urllib3.contrib.pyopenssl.inject_into_urllib3()
AttributeError: 'module' object has no attribute 'pyopenssl'
  
应当如何解决呢？

请问下老师使用Certbot配置HTTPS，一定要注册真实域名吗？
1.我自己NGINX服务器随便配置一个域名
2.接着内网搭建一个DNS服务器，添加A记录，内网机器解析成功
3.certbot --nginx报错
To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.