Closed Enterpr1se closed 6 years ago
This is not a limitation of acme.sh but of let's encrypt. They only trust services running on port 80 or 443. Any other Port could be rogue.
You can also use dns01 to validate instead of host.
Httpport command is to be used with load balancers and not to change the Port of validation
Unable to use other port to make the cert, the verify process always use port 80, just like this
http://example.com/.well-known/acme-challenge/HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4
even users use --httpport 8080 to change the port to 8080. the like remain the same. I expect the link would be
http://example.com:8080/.well-known/acme-challenge/HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4
Steps to reproduce
acme.sh --issue -d example.com --standalone --httpport 8080
Debug log
admin@RT-AC68U-0A58:/tmp/home/root# /root/.acme.sh/acme.sh --issue -d example.com --standalone --httpport 8080 --debug 2 [Tue Oct 31 12:46:20 GMT 2017] Lets find script dir. [Tue Oct 31 12:46:21 GMT 2017] SCRIPT='/root/.acme.sh/acme.sh' [Tue Oct 31 12:46:21 GMT 2017] _script='/tmp/home/root/.acme.sh/acme.sh' [Tue Oct 31 12:46:21 GMT 2017] _script_home='/tmp/home/root/.acme.sh' [Tue Oct 31 12:46:21 GMT 2017] Using default home:/root/.acme.sh [Tue Oct 31 12:46:21 GMT 2017] Using config home:/root/.acme.sh [Tue Oct 31 12:46:22 GMT 2017] LE_WORKING_DIR='/root/.acme.sh' https://github.com/Neilpang/acme.sh v2.7.4 [Tue Oct 31 12:46:22 GMT 2017] Using config home:/root/.acme.sh [Tue Oct 31 12:46:22 GMT 2017] ACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory' [Tue Oct 31 12:46:22 GMT 2017] _ACME_SERVER_HOST='acme-v01.api.letsencrypt.org' [Tue Oct 31 12:46:23 GMT 2017] DOMAIN_PATH='/root/.acme.sh/example.com' [Tue Oct 31 12:46:23 GMT 2017] Using ACME_DIRECTORY: https://acme-v01.api.letsencrypt.org/directory [Tue Oct 31 12:46:23 GMT 2017] _init api for server: https://acme-v01.api.letsencrypt.org/directory [Tue Oct 31 12:46:23 GMT 2017] ACME_KEY_CHANGE='https://acme-v01.api.letsencrypt.org/acme/key-change' [Tue Oct 31 12:46:23 GMT 2017] ACME_NEW_AUTHZ='https://acme-v01.api.letsencrypt.org/acme/new-authz' [Tue Oct 31 12:46:23 GMT 2017] ACME_NEW_ORDER='https://acme-v01.api.letsencrypt.org/acme/new-cert' [Tue Oct 31 12:46:24 GMT 2017] ACME_NEW_ACCOUNT='https://acme-v01.api.letsencrypt.org/acme/new-reg' [Tue Oct 31 12:46:24 GMT 2017] ACME_REVOKE_CERT='https://acme-v01.api.letsencrypt.org/acme/revoke-cert' [Tue Oct 31 12:46:24 GMT 2017] Le_NextRenewTime [Tue Oct 31 12:46:26 GMT 2017] _on_before_issue [Tue Oct 31 12:46:26 GMT 2017] 'no' contains 'no' [Tue Oct 31 12:46:26 GMT 2017] Le_LocalAddress [Tue Oct 31 12:46:26 GMT 2017] Check for domain='example.com' [Tue Oct 31 12:46:26 GMT 2017] _currentRoot='no' [Tue Oct 31 12:46:27 GMT 2017] Standalone mode. [Tue Oct 31 12:46:27 GMT 2017] _checkport='8080' [Tue Oct 31 12:46:27 GMT 2017] _checkaddr [Tue Oct 31 12:46:28 GMT 2017] Using: netstat [Tue Oct 31 12:46:28 GMT 2017] 'no' does not contain 'apache' [Tue Oct 31 12:46:28 GMT 2017] _saved_account_key_hash='wZ/35sefizjbxpm2PFBWgUrxYlPcDN8XdiGAtCW2rD4=' [Tue Oct 31 12:46:29 GMT 2017] _saved_account_key_hash is not changed, skip register account. [Tue Oct 31 12:46:29 GMT 2017] Read key length: [Tue Oct 31 12:46:29 GMT 2017] _createcsr [Tue Oct 31 12:46:29 GMT 2017] domain='example.com' [Tue Oct 31 12:46:29 GMT 2017] domainlist [Tue Oct 31 12:46:30 GMT 2017] csrkey='/root/.acme.sh/example.com/example.com.key' [Tue Oct 31 12:46:30 GMT 2017] csr='/root/.acme.sh/example.com/example.com.csr' [Tue Oct 31 12:46:30 GMT 2017] csrconf='/root/.acme.sh/example.com/example.com.csr.conf' [Tue Oct 31 12:46:30 GMT 2017] Single domain='example.com' [Tue Oct 31 12:46:30 GMT 2017] _is_idn_d='example.com' [Tue Oct 31 12:46:30 GMT 2017] _idn_temp [Tue Oct 31 12:46:30 GMT 2017] _csr_cn='example.com' [Tue Oct 31 12:46:31 GMT 2017] Getting domain auth token for each domain [Tue Oct 31 12:46:31 GMT 2017] Getting webroot for domain='example.com' [Tue Oct 31 12:46:31 GMT 2017] _w='no' [Tue Oct 31 12:46:32 GMT 2017] _currentRoot='no' [Tue Oct 31 12:46:32 GMT 2017] Getting new-authz for domain='example.com' [Tue Oct 31 12:46:32 GMT 2017] _init api for server: https://acme-v01.api.letsencrypt.org/directory [Tue Oct 31 12:46:32 GMT 2017] ACME_KEY_CHANGE='https://acme-v01.api.letsencrypt.org/acme/key-change' [Tue Oct 31 12:46:33 GMT 2017] ACME_NEW_AUTHZ='https://acme-v01.api.letsencrypt.org/acme/new-authz' [Tue Oct 31 12:46:33 GMT 2017] ACME_NEW_ORDER='https://acme-v01.api.letsencrypt.org/acme/new-cert' [Tue Oct 31 12:46:33 GMT 2017] ACME_NEW_ACCOUNT='https://acme-v01.api.letsencrypt.org/acme/new-reg' [Tue Oct 31 12:46:33 GMT 2017] ACME_REVOKE_CERT='https://acme-v01.api.letsencrypt.org/acme/revoke-cert' [Tue Oct 31 12:46:33 GMT 2017] Try new-authz for the 0 time. [Tue Oct 31 12:46:33 GMT 2017] _is_idn_d='example.com' [Tue Oct 31 12:46:34 GMT 2017] _idn_temp [Tue Oct 31 12:46:34 GMT 2017] url='https://acme-v01.api.letsencrypt.org/acme/new-authz' [Tue Oct 31 12:46:34 GMT 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "example.com"}}' [Tue Oct 31 12:46:34 GMT 2017] RSA key [Tue Oct 31 12:46:34 GMT 2017] _URGLY_PRINTF [Tue Oct 31 12:46:35 GMT 2017] xargs [Tue Oct 31 12:46:35 GMT 2017] _URGLY_PRINTF [Tue Oct 31 12:46:35 GMT 2017] xargs [Tue Oct 31 12:46:36 GMT 2017] Get nonce. ACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory' [Tue Oct 31 12:46:36 GMT 2017] GET [Tue Oct 31 12:46:36 GMT 2017] url='https://acme-v01.api.letsencrypt.org/directory' [Tue Oct 31 12:46:36 GMT 2017] timeout [Tue Oct 31 12:46:37 GMT 2017] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/acme.shwefADf24sf.1509425196.tmp ' [Tue Oct 31 12:46:38 GMT 2017] ret='0' [Tue Oct 31 12:46:38 GMT 2017] _headers='HTTP/1.1 200 OK Server: nginx Content-Type: application/json Content-Length: 561 Replay-Nonce: xrpu07Tb0S45xqU9yVCLlmxr3ryF0MihG8_x_DIuXgA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 Expires: Tue, 31 Oct 2017 04:46:38 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 31 Oct 2017 04:46:38 GMT Connection: keep-alive ' [Tue Oct 31 12:46:38 GMT 2017] _CACHED_NONCE='xrpu07Tb0S45xqU9yVCLlmxr3ryF0MihG8_x_DIuXgA' [Tue Oct 31 12:46:38 GMT 2017] nonce='xrpu07Tb0S45xqU9yVCLlmxr3ryF0MihG8_x_DIuXgA' [Tue Oct 31 12:46:39 GMT 2017] POST [Tue Oct 31 12:46:39 GMT 2017] url='https://acme-v01.api.letsencrypt.org/acme/new-authz' [Tue Oct 31 12:46:39 GMT 2017] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "7OSqwy473PmSAvDXLELvXhLskZEhayWYmJsnogIyfuJH0mXFLLtPbe9XkvCja67gzjlI5oId-_zwXsH_Cq3cPwv6zg-cL3ZGVWB15jijYfy3O_9vUedunMc mcQL5W4a_DzpzL8ygdVSob3ZE2c_HDIeAk8AA66vz2le3GsZhH_XHQCczMaNKkGwlYie1RUFmuG6KVtAsujLGqgxibXX4-y_c1CMSsT9BX18cY7aQEQ3hh48DbxQLgsstMwls_wcKxIpZ6qSPmRIUaYngUUVgRIYNP8ddkuZizLZXKCBUS0nJYOGNAvhUjo4PyQMWUA3swlPzwYZY4bH6JjjiUKih5w"} }, "protected": "eyJub25jZSI6ICJ4cnB1MDdUYjBTNDV4cVU5eVZDTGxteHIzcnlGME1paEc4X3hfREl1WGdBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctYXV0aHoiLCAiYWxnIjogIlJTMjU2IiwgImp3ayI6IHsiZSI6ICJBUUFCIiwg Imt0eSI6ICJSU0EiLCAibiI6ICI3T1Nxd3k0NzNQbVNBdkRYTEVMdlhoTHNrWkVoYXlXWW1Kc25vZ0l5ZnVKSDBtWEZMTHRQYmU5WGt2Q2phNjdnempsSTVvSWQtX3p3WHNIX0NxM2NQd3Y2emctY0wzWkdWV0IxNWppallmeTNPXzl2VWVkdW5NY21jUUw1VzRhX0R6cHpMOHlnZFZTb2IzWkUyY19IR EllQWs4QUE2NnZ6MmxlM0dzWmhIX1hIUUNjek1hTktrR3dsWWllMVJVRm11RzZLVnRBc3VqTEdxZ3hpYlhYNC15X2MxQ01Tc1Q5QlgxOGNZN2FRRVEzaGg0OERieFFMZ3NzdE13bHNfd2NLeElwWjZxU1BtUklVYVluZ1VVVmdSSVlOUDhkZGt1Wml6TFpYS0NCVVMwbkpZT0dOQXZoVWpvNFB5UU1XVU Ezc3dsUHp3WVpZNGJINkpqamlVS2loNXcifX0", "payload": "eyJyZXNvdXJjZSI6ICJuZXctYXV0aHoiLCAiaWRlbnRpZmllciI6IHsidHlwZSI6ICJkbnMiLCAidmFsdWUiOiAiaXRhbGtob21lLmFzdXNjb21tLmNvbSJ9fQ", "signature": "MFsbzSqzA4445Y1XvgXvB_Lz4HRM8bkHCD EsxOS05zz_H3j10Sx0uCnYG5QA5tVA7Ijb9MMD9q8LaJ8QpwSnvr4Cjm6APcfZhIQH0BOzEXlFkpcRSuOSWsRNZap_pjRKGzY4B6bbsdH6NuM52_oemSlHk-o8EsNeZU8Vc3JctvrGL9JIHEigNXlC4i1b-CBQXGav7f2hbym3kzgV72lXWubta5ITu3x62Wo97MxOvjd1raERWMEIDRrVHJI1kLekCaK 2eXix9dfB2H5Ss2qCXr7dyBMucQNdzBdWS0aubSC_zdct3EWqNlBCviqINBkqWAKx0MvQuGFuRPfFvEBcug"}' [Tue Oct 31 12:46:40 GMT 2017] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/acme.shwefADf24sf.1509425199.tmp ' [Tue Oct 31 12:46:42 GMT 2017] _ret='0' [Tue Oct 31 12:46:42 GMT 2017] original='{ "identifier": { "type": "dns", "value": "example.com" }, "status": "pending", "expires": "2017-11-07T04:46:41.52147853Z", "challenges": [ { "type": "tls-sni-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055787", "token": "RLBQqLC3qxZtVANpAiR8SH8M23NfxlpF-Jv1svtzvG8" }, { "type": "dns-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055792", "token": "hewAJlnjZ-xt4aLK-MG2ayyYCwJDDGQvgMMuF9quJHg" }, { "type": "http-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055799", "token": "HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4" } ], "combinations": [ [ 0 ], [ 1 ], [ 2 ] ] }' [Tue Oct 31 12:46:42 GMT 2017] responseHeaders='HTTP/1.1 100 Continue Expires: Tue, 31 Oct 2017 04:46:41 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache
HTTP/1.1 201 Created Server: nginx Content-Type: application/json Content-Length: 1009 Boulder-Requester: 23516711 Link: https://acme-v01.api.letsencrypt.org/acme/new-cert;rel="next" Location: https://acme-v01.api.letsencrypt.org/acme/authz/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g Replay-Nonce: 9TruwNnnFS6sWEfgA4AEHF-w2eGI2g4EVqFNIz_yaF4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 Expires: Tue, 31 Oct 2017 04:46:41 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 31 Oct 2017 04:46:41 GMT Connection: keep-alive ' [Tue Oct 31 12:46:42 GMT 2017] response='{"identifier":{"type":"dns","value":"example.com"},"status":"pending","expires":"2017-11-07T04:46:41.52147853Z","challenges":[{"type":"tls-sni-01","status":"pending","uri":" https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055787","token":"RLBQqLC3qxZtVANpAiR8SH8M23NfxlpF-Jv1svtzvG8"},{"type":"dns-01","status":"pending","uri":"https://acme-v01.ap i.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055792","token":"hewAJlnjZ-xt4aLK-MG2ayyYCwJDDGQvgMMuF9quJHg"},{"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/ acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055799","token":"HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4"}],"combinations":[[0],[1],[2]]}' [Tue Oct 31 12:46:42 GMT 2017] code='201' [Tue Oct 31 12:46:43 GMT 2017] The new-authz request is ok. [Tue Oct 31 12:46:43 GMT 2017] entry='"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055799","token":"HfRhr-ZPrRUpy3fBk5czRkrHquX H6ekgFeK0UJkDxl4"' [Tue Oct 31 12:46:43 GMT 2017] token='HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4' [Tue Oct 31 12:46:44 GMT 2017] uri='https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055799' [Tue Oct 31 12:46:44 GMT 2017] keyauthorization='HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4.7rKx6-FFCWdtU2Gmv5HLWXyRrZ5iIsOHj4HqoToONH0' [Tue Oct 31 12:46:44 GMT 2017] dvlist='example.com#HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4.7rKx6-FFCWdtU2Gmv5HLWXyRrZ5iIsOHj4HqoToONH0#https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_p Uj51hj4833auBEd9nZ5g/2351055799#http-01#no' [Tue Oct 31 12:46:44 GMT 2017] vlist='example.com#HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4.7rKx6-FFCWdtU2Gmv5HLWXyRrZ5iIsOHj4HqoToONH0#https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pU j51hj4833auBEd9nZ5g/2351055799#http-01#no,' [Tue Oct 31 12:46:45 GMT 2017] ok, let's start to verify [Tue Oct 31 12:46:45 GMT 2017] Verifying:example.com [Tue Oct 31 12:46:45 GMT 2017] d='example.com' [Tue Oct 31 12:46:45 GMT 2017] keyauthorization='HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4.7rKx6-FFCWdtU2Gmv5HLWXyRrZ5iIsOHj4HqoToONH0' [Tue Oct 31 12:46:45 GMT 2017] uri='https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055799' [Tue Oct 31 12:46:46 GMT 2017] _currentRoot='no' [Tue Oct 31 12:46:46 GMT 2017] Standalone mode server [Tue Oct 31 12:46:46 GMT 2017] ncaddr [Tue Oct 31 12:46:46 GMT 2017] startserver: 18814 [Tue Oct 31 12:46:47 GMT 2017] Le_HTTPPort='8080' [Tue Oct 31 12:46:47 GMT 2017] Le_Listen_V4 [Tue Oct 31 12:46:47 GMT 2017] Le_Listen_V6 [Tue Oct 31 12:46:47 GMT 2017] _NC='socat' [Tue Oct 31 12:46:48 GMT 2017] serverproc='20621' [Tue Oct 31 12:46:48 GMT 2017] tigger domain validation. [Tue Oct 31 12:46:49 GMT 2017] _t_url='https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055799' [Tue Oct 31 12:46:49 GMT 2017] _t_key_authz='HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4.7rKx6-FFCWdtU2Gmv5HLWXyRrZ5iIsOHj4HqoToONH0' [Tue Oct 31 12:46:49 GMT 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055799' [Tue Oct 31 12:46:49 GMT 2017] payload='{"resource": "challenge", "keyAuthorization": "HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4.7rKx6-FFCWdtU2Gmv5HLWXyRrZ5iIsOHj4HqoToONH0"}' [Tue Oct 31 12:46:49 GMT 2017] Use cached jwk for file: /root/.acme.sh/ca/acme-v01.api.letsencrypt.org/account.key [Tue Oct 31 12:46:49 GMT 2017] Use _CACHED_NONCE='9TruwNnnFS6sWEfgA4AEHF-w2eGI2g4EVqFNIz_yaF4' [Tue Oct 31 12:46:50 GMT 2017] nonce='9TruwNnnFS6sWEfgA4AEHF-w2eGI2g4EVqFNIz_yaF4' [Tue Oct 31 12:46:51 GMT 2017] POST [Tue Oct 31 12:46:51 GMT 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055799' [Tue Oct 31 12:46:51 GMT 2017] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "7OSqwy473PmSAvDXLELvXhLskZEhayWYmJsnogIyfuJH0mXFLLtPbe9XkvCja67gzjlI5oId-_zwXsH_Cq3cPwv6zg-cL3ZGVWB15jijYfy3O_9vUedunMc mcQL5W4a_DzpzL8ygdVSob3ZE2c_HDIeAk8AA66vz2le3GsZhH_XHQCczMaNKkGwlYie1RUFmuG6KVtAsujLGqgxibXX4-y_c1CMSsT9BX18cY7aQEQ3hh48DbxQLgsstMwls_wcKxIpZ6qSPmRIUaYngUUVgRIYNP8ddkuZizLZXKCBUS0nJYOGNAvhUjo4PyQMWUA3swlPzwYZY4bH6JjjiUKih5w"} }, "protected": "eyJub25jZSI6ICI5VHJ1d05ubkZTNnNXRWZnQTRBRUhGLXcyZUdJMmc0RVZxRk5Jel95YUY0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UvbHktSVdzRmJ6aU14cC1Zb1VvY3BkX3BVajUxaGo0ODMzYXVCRWQ5 blo1Zy8yMzUxMDU1Nzk5IiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAiN09TcXd5NDczUG1TQXZEWExFTHZYaExza1pFaGF5V1ltSnNub2dJeWZ1SkgwbVhGTEx0UGJlOVhrdkNqYTY3Z3pqbEk1b0lkLV96d1hzSF9DcTNjUHd2NnpnLWNMM 1pHVldCMTVqaWpZZnkzT185dlVlZHVuTWNtY1FMNVc0YV9EenB6TDh5Z2RWU29iM1pFMmNfSERJZUFrOEFBNjZ2ejJsZTNHc1poSF9YSFFDY3pNYU5La0d3bFlpZTFSVUZtdUc2S1Z0QXN1akxHcWd4aWJYWDQteV9jMUNNU3NUOUJYMThjWTdhUUVRM2hoNDhEYnhRTGdzc3RNd2xzX3djS3hJcFo2cV NQbVJJVWFZbmdVVVZnUklZTlA4ZGRrdVppekxaWEtDQlVTMG5KWU9HTkF2aFVqbzRQeVFNV1VBM3N3bFB6d1laWTRiSDZKamppVUtpaDV3In19", "payload": "eyJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLCAia2V5QXV0aG9yaXphdGlvbiI6ICJIZlJoci1aUHJSVXB5M2ZCazVjelJrckhxdVhI NmVrZ0ZlSzBVSmtEeGw0LjdyS3g2LUZGQ1dkdFUyR212NUhMV1h5UnJaNWlJc09IajRIcW9Ub09OSDAifQ", "signature": "IAhH-f9J-tyJMYziDRyIeTFG-_mdq-AfnelN4JezBvN78O2jWpX5LdWSUIUrc_qpzoql5bsdJIOtgqS8tMsejndZSMFpDLi5aN-RRKxM63Z9t_y5-VNIhoL3CORQ1k UohuIGsMxIG27t7sO0eLGpYrCGaTVgJJCPDGJT6umtJbzVuNfBAvdxsRZdYOt_EYaZBDP0aMTNPhGT8AEc7aYIfqJBChmcEdtMUo8GLtDLgwmKCSRGrExuaJDYhZJ7z0A5xwLarAaBWLY8ZZJHpYRwqZhGK5618AWZOpoSO7yq3u7i3pfkQT27Qac-HP4mXQ9SJYIHlz_HdEfze1GESv6UiQ"}' [Tue Oct 31 12:46:51 GMT 2017] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/acme.shwefADf24sf.1509425211.tmp ' [Tue Oct 31 12:46:53 GMT 2017] _ret='0' [Tue Oct 31 12:46:54 GMT 2017] original='{ "type": "http-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055799", "token": "HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4", "keyAuthorization": "HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4.7rKx6-FFCWdtU2Gmv5HLWXyRrZ5iIsOHj4HqoToONH0" }' [Tue Oct 31 12:46:54 GMT 2017] responseHeaders='HTTP/1.1 100 Continue Expires: Tue, 31 Oct 2017 04:46:53 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache
HTTP/1.1 202 Accepted Server: nginx Content-Type: application/json Content-Length: 336 Boulder-Requester: 23516711 Link: https://acme-v01.api.letsencrypt.org/acme/authz/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g;rel="up" Location: https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055799 Replay-Nonce: 88sOqsfGBFMkhtfhK6qzp0qWBAYNXbpySs1O2HF4uiE Expires: Tue, 31 Oct 2017 04:46:53 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 31 Oct 2017 04:46:53 GMT Connection: keep-alive ' [Tue Oct 31 12:46:54 GMT 2017] response='{"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055799","token":"HfRhr-ZPrRUpy3fBk5czRkr HquXH6ekgFeK0UJkDxl4","keyAuthorization":"HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4.7rKx6-FFCWdtU2Gmv5HLWXyRrZ5iIsOHj4HqoToONH0"}' [Tue Oct 31 12:46:55 GMT 2017] code='202' [Tue Oct 31 12:46:55 GMT 2017] sleep 2 secs to verify [Tue Oct 31 12:46:57 GMT 2017] checking [Tue Oct 31 12:46:57 GMT 2017] GET [Tue Oct 31 12:46:58 GMT 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055799' [Tue Oct 31 12:46:58 GMT 2017] timeout [Tue Oct 31 12:46:59 GMT 2017] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/acme.shwefADf24sf.1509425218.tmp ' [Tue Oct 31 12:47:00 GMT 2017] ret='0' [Tue Oct 31 12:47:00 GMT 2017] original='{ "type": "http-01", "status": "invalid", "error": { "type": "urn:acme:error:connection", "detail": "Fetching http://example.com/.well-known/acme-challenge/HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4: Timeout", "status": 400 }, "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055799", "token": "HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4", "keyAuthorization": "HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4.7rKx6-FFCWdtU2Gmv5HLWXyRrZ5iIsOHj4HqoToONH0", "validationRecord": [ { "url": "http://example.com/.well-known/acme-challenge/HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4", "hostname": "example.com", "port": "80", "addressesResolved": [ "1.36.31.126" ], "addressUsed": "1.36.31.126", "addressesTried": [] } ] }' [Tue Oct 31 12:47:00 GMT 2017] response='{"type":"http-01","status":"invalid","error":{"type":"urn:acme:error:connection","detail":"Fetching http://example.com/.well-known/acme-challenge/HfRhr-ZPrRUpy3fBk5czRkrHquX H6ekgFeK0UJkDxl4: Timeout","status": 400},"uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055799","token":"HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4","keyAuthorizat ion":"HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4.7rKx6-FFCWdtU2Gmv5HLWXyRrZ5iIsOHj4HqoToONH0","validationRecord":[{"url":"http://example.com/.well-known/acme-challenge/HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4", "hostname":"example.com","port":"80","addressesResolved":["1.36.31.126"],"addressUsed":"1.36.31.126","addressesTried":[]}]}' [Tue Oct 31 12:47:00 GMT 2017] error='"error":{"type":"urn:acme:error:connection","detail":"Fetching http://example.com/.well-known/acme-challenge/HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4: Timeout","status": 400 ' [Tue Oct 31 12:47:00 GMT 2017] errordetail='Fetching http://example.com/.well-known/acme-challenge/HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4: Timeout' [Tue Oct 31 12:47:01 GMT 2017] example.com:Verify error:Fetching http://example.com/.well-known/acme-challenge/HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4: Timeout [Tue Oct 31 12:47:01 GMT 2017] Debug: get token url. [Tue Oct 31 12:47:01 GMT 2017] GET [Tue Oct 31 12:47:01 GMT 2017] url='http://example.com/.well-known/acme-challenge/HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4' [Tue Oct 31 12:47:01 GMT 2017] timeout='1' [Tue Oct 31 12:47:02 GMT 2017] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/acme.shwefADf24sf.1509425222.tmp --connect-timeout 1' [Tue Oct 31 12:47:02 GMT 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 7 [Tue Oct 31 12:47:02 GMT 2017] Here is the curl dump log: [Tue Oct 31 12:47:02 GMT 2017] == Info: Trying 1.36.31.126... == Info: TCP_NODELAY set == Info: connect to 1.36.31.126 port 80 failed: Connection refused == Info: Failed to connect to example.com port 80: Connection refused == Info: Closing connection 0 [Tue Oct 31 12:47:03 GMT 2017] ret='7' [Tue Oct 31 12:47:03 GMT 2017] Skip for removelevel: [Tue Oct 31 12:47:03 GMT 2017] pid='20621' [Tue Oct 31 12:47:03 GMT 2017] No need to restore nginx, skip. [Tue Oct 31 12:47:03 GMT 2017] _clearupdns [Tue Oct 31 12:47:03 GMT 2017] skip dns. [Tue Oct 31 12:47:03 GMT 2017] _on_issue_err [Tue Oct 31 12:47:04 GMT 2017] Please add '--debug' or '--log' to check more details. [Tue Oct 31 12:47:04 GMT 2017] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh [Tue Oct 31 12:47:04 GMT 2017] _chk_vlist='example.com#HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4.7rKx6-FFCWdtU2Gmv5HLWXyRrZ5iIsOHj4HqoToONH0#https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUoc pd_pUj51hj4833auBEd9nZ5g/2351055799#http-01#no,' [Tue Oct 31 12:47:04 GMT 2017] start to deactivate authz [Tue Oct 31 12:47:04 GMT 2017] tigger domain validation. [Tue Oct 31 12:47:05 GMT 2017] _t_url='https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055799' [Tue Oct 31 12:47:05 GMT 2017] _t_key_authz='HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4.7rKx6-FFCWdtU2Gmv5HLWXyRrZ5iIsOHj4HqoToONH0' [Tue Oct 31 12:47:05 GMT 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055799' [Tue Oct 31 12:47:05 GMT 2017] payload='{"resource": "challenge", "keyAuthorization": "HfRhr-ZPrRUpy3fBk5czRkrHquXH6ekgFeK0UJkDxl4.7rKx6-FFCWdtU2Gmv5HLWXyRrZ5iIsOHj4HqoToONH0"}' [Tue Oct 31 12:47:05 GMT 2017] Use cached jwk for file: /root/.acme.sh/ca/acme-v01.api.letsencrypt.org/account.key [Tue Oct 31 12:47:06 GMT 2017] Use _CACHED_NONCE='88sOqsfGBFMkhtfhK6qzp0qWBAYNXbpySs1O2HF4uiE' [Tue Oct 31 12:47:06 GMT 2017] nonce='88sOqsfGBFMkhtfhK6qzp0qWBAYNXbpySs1O2HF4uiE' [Tue Oct 31 12:47:07 GMT 2017] POST [Tue Oct 31 12:47:07 GMT 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/ly-IWsFbziMxp-YoUocpd_pUj51hj4833auBEd9nZ5g/2351055799' [Tue Oct 31 12:47:07 GMT 2017] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "7OSqwy473PmSAvDXLELvXhLskZEhayWYmJsnogIyfuJH0mXFLLtPbe9XkvCja67gzjlI5oId-_zwXsH_Cq3cPwv6zg-cL3ZGVWB15jijYfy3O_9vUedunMc mcQL5W4a_DzpzL8ygdVSob3ZE2c_HDIeAk8AA66vz2le3GsZhH_XHQCczMaNKkGwlYie1RUFmuG6KVtAsujLGqgxibXX4-y_c1CMSsT9BX18cY7aQEQ3hh48DbxQLgsstMwls_wcKxIpZ6qSPmRIUaYngUUVgRIYNP8ddkuZizLZXKCBUS0nJYOGNAvhUjo4PyQMWUA3swlPzwYZY4bH6JjjiUKih5w"} }, "protected": "eyJub25jZSI6ICI4OHNPcXNmR0JGTWtodGZoSzZxenAwcVdCQVlOWGJweVNzMU8ySEY0dWlFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UvbHktSVdzRmJ6aU14cC1Zb1VvY3BkX3BVajUxaGo0ODMzYXVCRWQ5 blo1Zy8yMzUxMDU1Nzk5IiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAiN09TcXd5NDczUG1TQXZEWExFTHZYaExza1pFaGF5V1ltSnNub2dJeWZ1SkgwbVhGTEx0UGJlOVhrdkNqYTY3Z3pqbEk1b0lkLV96d1hzSF9DcTNjUHd2NnpnLWNMM 1pHVldCMTVqaWpZZnkzT185dlVlZHVuTWNtY1FMNVc0YV9EenB6TDh5Z2RWU29iM1pFMmNfSERJZUFrOEFBNjZ2ejJsZTNHc1poSF9YSFFDY3pNYU5La0d3bFlpZTFSVUZtdUc2S1Z0QXN1akxHcWd4aWJYWDQteV9jMUNNU3NUOUJYMThjWTdhUUVRM2hoNDhEYnhRTGdzc3RNd2xzX3djS3hJcFo2cV NQbVJJVWFZbmdVVVZnUklZTlA4ZGRrdVppekxaWEtDQlVTMG5KWU9HTkF2aFVqbzRQeVFNV1VBM3N3bFB6d1laWTRiSDZKamppVUtpaDV3In19", "payload": "eyJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLCAia2V5QXV0aG9yaXphdGlvbiI6ICJIZlJoci1aUHJSVXB5M2ZCazVjelJrckhxdVhI NmVrZ0ZlSzBVSmtEeGw0LjdyS3g2LUZGQ1dkdFUyR212NUhMV1h5UnJaNWlJc09IajRIcW9Ub09OSDAifQ", "signature": "r8qOdykCpDbhyR_U46s-8BPHeW3iPe2HPrezzZsTF5SwxeUKrGKhtfj1LQndUcl_MQnvfs-_yU7A0A-JdIP34P6RjCnQhnqCLUGrWqHBVp_76i6FIzQUhOAfeB1-uR jRvwsX1asCbYYVr_nTE3bCNu0cBuk8YIImXwZdd7yC4ElqFfg7M8XE70AvSx8uUQtTtdjgjzF2W77R8p4_nnCUpvIeY2J7pKQYCo7vLfNBNkmFsfg5m57TXeUodeAu3etym6r2zekNWNEFd1JTVHnkOG2zg_pC55R9be39zAaeBJK0GkojJFu22ZpocnSCqVtbcEcwVxb5nHfXArP8Cg27zA"}' [Tue Oct 31 12:47:07 GMT 2017] Http already initialized. [Tue Oct 31 12:47:07 GMT 2017] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/acme.shwefADf24sf.1509425222.tmp ' [Tue Oct 31 12:47:09 GMT 2017] _ret='0' [Tue Oct 31 12:47:09 GMT 2017] original='{ "type": "urn:acme:error:malformed", "detail": "Unable to update challenge :: The challenge is not pending.", "status": 400 }' [Tue Oct 31 12:47:09 GMT 2017] responseHeaders='HTTP/1.1 100 Continue Expires: Tue, 31 Oct 2017 04:47:08 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache
HTTP/1.1 400 Bad Request Server: nginx Content-Type: application/problem+json Content-Length: 132 Boulder-Requester: 23516711 Replay-Nonce: A9LSqvSiA64-vThINrAFYQa2Ajpdln-M0YSgmzGu3XQ Expires: Tue, 31 Oct 2017 04:47:09 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 31 Oct 2017 04:47:09 GMT Connection: close ' [Tue Oct 31 12:47:10 GMT 2017] response='{"type":"urn:acme:error:malformed","detail":"Unable to update challenge :: The challenge is not pending.","status": 400}' [Tue Oct 31 12:47:10 GMT 2017] code='400' [Tue Oct 31 12:47:11 GMT 2017] Diagnosis versions: openssl:openssl OpenSSL 1.0.2l 25 May 2017 apache: apache doesn't exists. nginx: nginx doesn't exists. socat: socat by Gerhard Rieger and contributors - see www.dest-unreach.org Usage: socat [options]
options:
-V print version and feature information to stdout, and exit
-h|-? print a help text describing command line options and addresses
-hh like -h, plus a list of all common address option names
-hhh like -hh, plus a list of all available address option names
-d increase verbosity (use up to 4 times; 2 are recommended)
-D analyze file descriptors before loop
-ly[facility] log to syslog, using facility (default is daemon)
-lf log to file
-ls log to stderr (default if no other log)
-lm[facility] mixed log mode (stderr during initialization, then syslog)
-lp set the program name used for logging
-lu use microseconds for logging timestamps
-lh add hostname to log messages
-v verbose data traffic, text
-x verbose data traffic, hexadecimal
-b set data buffer size (8192)
-s sloppy (continue on error)
-t wait seconds before closing second channel
-T total inactivity timeout in seconds
-u unidirectional mode (left to right)
-U unidirectional mode (right to left)
-g do not check option groups
-L try to obtain lock, or fail
-W try to obtain lock, or wait
-4 prefer IPv4 if version is not explicitly specified
-6 prefer IPv6 if version is not explicitly specified
bi-address:
pipe[,] groups=FD,FIFO
!!
single-address:
[,]
address-head:
abstract-client: groups=FD,SOCKET,RETRY,UNIX
abstract-connect: groups=FD,SOCKET,RETRY,UNIX
abstract-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,UNIX
abstract-recv: groups=FD,SOCKET,RETRY,UNIX
abstract-recvfrom: groups=FD,SOCKET,CHILD,RETRY,UNIX
abstract-sendto: groups=FD,SOCKET,RETRY,UNIX
create: groups=FD,REG,NAMED
exec: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
fd: groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
gopen: groups=FD,FIFO,CHR,BLK,REG,SOCKET,NAMED,OPEN,TERMIOS,UNIX
interface: groups=FD,SOCKET
ip-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6
ip-recv: groups=FD,SOCKET,RANGE,IP4,IP6
ip-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6
ip-sendto:: groups=FD,SOCKET,IP4,IP6
ip4-datagram:: groups=FD,SOCKET,RANGE,IP4
ip4-recv: groups=FD,SOCKET,RANGE,IP4
ip4-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4
ip4-sendto:: groups=FD,SOCKET,IP4
ip6-datagram:: groups=FD,SOCKET,RANGE,IP6
ip6-recv: groups=FD,SOCKET,RANGE,IP6
ip6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6
ip6-sendto:: groups=FD,SOCKET,IP6
open: groups=FD,FIFO,CHR,BLK,REG,NAMED,OPEN,TERMIOS
openssl:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,OPENSSL
openssl-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP,OPENSSL
pipe: groups=FD,FIFO,NAMED,OPEN
proxy::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,HTTP
pty groups=FD,NAMED,TERMIOS,PTY
sctp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,SCTP
sctp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,SCTP
sctp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,SCTP
sctp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,SCTP
sctp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,SCTP
sctp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,SCTP
socket-connect::: groups=FD,SOCKET,CHILD,RETRY
socket-datagram:::: groups=FD,SOCKET,RANGE
socket-listen::: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE
socket-recv:::: groups=FD,SOCKET,RANGE
socket-recvfrom:::: groups=FD,SOCKET,CHILD,RANGE
socket-sendto:::: groups=FD,SOCKET
socks4::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
socks4a::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
stderr groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdin groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdio groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdout groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
system: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
tcp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP
tcp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP
tcp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,TCP
tcp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,TCP
tcp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,TCP
tcp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,TCP
tun[:/] groups=FD,CHR,NAMED,OPEN,INTERFACE
udp-connect:: groups=FD,SOCKET,IP4,IP6,UDP
udp-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
udp-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,IP6,UDP
udp-recv: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
udp-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6,UDP
udp-sendto:: groups=FD,SOCKET,IP4,IP6,UDP
udp4-connect:: groups=FD,SOCKET,IP4,UDP
udp4-datagram:: groups=FD,SOCKET,RANGE,IP4,UDP
udp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,UDP
udp4-recv: groups=FD,SOCKET,RANGE,IP4,UDP
udp4-recvfrom:: groups=FD,SOCKET,CHILD,RANGE,IP4,UDP
udp4-sendto:: groups=FD,SOCKET,IP4,UDP
udp6-connect:: groups=FD,SOCKET,IP6,UDP
udp6-datagram:: groups=FD,SOCKET,RANGE,IP6,UDP
udp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP6,UDP
udp6-recv: groups=FD,SOCKET,RANGE,IP6,UDP
udp6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6,UDP
udp6-sendto:: groups=FD,SOCKET,IP6,UDP
unix-client: groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-connect: groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-listen: groups=FD,SOCKET,NAMED,LISTEN,CHILD,RETRY,UNIX
unix-recv: groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-recvfrom: groups=FD,SOCKET,NAMED,CHILD,RETRY,UNIX
unix-sendto: groups=FD,SOCKET,NAMED,RETRY,UNIX