nginx – 安装LetsEncrypt SSL时出错：(http-01)：urn：acme：e

我正在尝试在我的服务器上安装LetsEncrypt(我有root SSH访问权限),用于staging.dnslaude.com – 这是一个可公开访问的域,指向213.212.81.89.

服务器正在运行ubuntu 16.04和一个nginx web服务器.下面是nginx配置：

server {
  listen 80;
  server_name staging.dnslaude.com;

  root /path/to/webroot;

  location ^~ /.well-known/acme-challenge/ {
    try_files $uri $uri/ =404;
  }
  rewrite ^(.*) https://$host$1 permanent;
}

server {
  listen 443;
  ssl on;
  ssl_certificate /path/to/self/signed/certificate.crt;
  ssl_certificate_key /path/to/key.key;

  server_name staging.dnslaude.com;

  root /path/to/webroot;

  # ....

  location ^~ /.well-known/acme-challenge/ {
    try_files $uri $uri/ =404;
  }
}

您可以看到nginx配置似乎有效,因为我手动将文件放在acme-challenge文件夹here中.

但是,当我运行命令时：

letsencrypt certonly --webroot -w /path/to/webroot -d staging.dnslaude.com

它返回以下错误：

Failed authorization procedure. staging.dnslaude.com (http-01):
urn:acme:error:connection :: The server could not connect to the
client to verify the domain :: Could not connect to
staging.dnslaude.com

IMPORTANT NOTES:
– The following errors were reported by the server:

Domain: staging.dnslaude.com Type: connection Detail: Could
not connect to staging.dnslaude.com

To fix these errors,please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally,please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you’re using the webroot plugin,you should also verify
that you are serving files from the webroot path you provided.

我按照here概述的基本设置指南,尝试了各种配置变体,例如建议的here.但是,我无法通过上述错误 – 并且无法在日志文件中看到任何指示原因的内容.

有什么建议？