SFTP Connection Failed. Please check that all fields are correct. If there is a firewall then temporarily disable it or make an exception for "67.222.10.211".
因为PCCW家用的broadband没有开放port 80,所以我用FTP method,但是我选用了sftp方法,我还以为可以用自己定义的port,例如hostname:8xxx, router port forward to internal v2ray server port 22。谁知道对方进入如果用sftp,一定用port 22入,还有不止,还要用port 21 (ftp)(还在set)。
之前的问题
SFTP Connection Failed. Please check that all fields are correct. If there is a firewall then temporarily disable it or make an exception for "67.222.10.211".
I got the following error when the port 21 and 22 were suitably re-directed to the correct machine. However Let's Encrypt requires the directory being publicly accessible through port 80, which is impossible for domestic subscribers of PCCW.
Server error 0. Make sure directory is publicly accessible through port 80. Turn off password protection temporarily if on. Ask your host if unsure about the directory or try using an FTP client or >web FTP if you do not have an FTP client to try finding it out.
複製代碼
.
I have to make a pause for this issue and attempt to use the self-signed certificate method.
Installing your SSL Certificate
The easiest way to install the SSL certificate is to contact your host, developer or admin. Most of the time your host will install it for free. You can also view ssl certificate installation tutorials depending on your server setup.
If you use IIS and need a PFX file then follow the instructions in the following link to convert the certificate and private key file into a .PFX file - http://stackoverflow.com/a/17284371 (Install openssl and run openssl pkcs12 -export -out "certificate_combined.pfx" -inkey "private.key" -in "certificate.crt" -certfile ca_bundle.crt in a command prompt with path set to location of downloaded certificate files or use https://www.digicert.com/util/)
If you have any issues with certain browsers like Android not recognizing the certificate then test your server SSL configuration on SSL Labs and fix any errors shown.
If you get an error saying the certificate and key do not match then contact your host asking for the key type they accept. If they require the old RSA key type then download OpenSSL and execute the following command on the private key file: openssl rsa -in private.key -out private_rsa.key
If you need the private key in PEM format then install OpenSSL and run the following on the private key file: "openssl rsa -in private.key -text > private.pem"
If you need the multiple certificates in PEM format or everything in PEM format then first convert your private key to PEM format above then follow these instructions.
發表於 2019-3-25 09:32
| 
