search

acmesh-official / acme.sh

A pure Unix shell script implementing ACME client protocol
https://acme.sh
GNU General Public License v3.0
38.94k stars 4.94k forks source link

invalid domain error #1409

Closed AnyMoe closed 4 years ago

AnyMoe commented 6 years ago

Steps to reproduce

 acme.sh --issue --dns dns_nsone -d mydomain.moe -d *.mydomain.com --debug 2

Debug log

[Sun Mar 18 12:33:20 CST 2018] Lets find script dir.
[Sun Mar 18 12:33:20 CST 2018] _SCRIPT_='/home/mine/.acme.sh/acme.sh'
[Sun Mar 18 12:33:20 CST 2018] _script='/home/mine/.acme.sh/acme.sh'
[Sun Mar 18 12:33:20 CST 2018] _script_home='/home/mine/.acme.sh'
[Sun Mar 18 12:33:20 CST 2018] Using config home:/home/mine/.acme.sh
[Sun Mar 18 12:33:20 CST 2018] LE_WORKING_DIR='/home/mine/.acme.sh'
https://github.com/Neilpang/acme.sh
v2.7.8
[Sun Mar 18 12:33:20 CST 2018] _main_domain='mydomain.com'
[Sun Mar 18 12:33:20 CST 2018] _alt_domains='*.mydomain.com'
[Sun Mar 18 12:33:20 CST 2018] Using config home:/home/mine/.acme.sh
[Sun Mar 18 12:33:20 CST 2018] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Sun Mar 18 12:33:20 CST 2018] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Sun Mar 18 12:33:20 CST 2018] DOMAIN_PATH='/home/mine/.acme.sh/mydomain.com'
[Sun Mar 18 12:33:20 CST 2018] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Sun Mar 18 12:33:20 CST 2018] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Sun Mar 18 12:33:20 CST 2018] GET
[Sun Mar 18 12:33:20 CST 2018] url='https://acme-v02.api.letsencrypt.org/directory'
[Sun Mar 18 12:33:20 CST 2018] timeout=
[Sun Mar 18 12:33:20 CST 2018] _CURL='curl -L --silent --dump-header /home/mine/.acme.sh/http.header  --trace-ascii /                                                                   tmp/tmp.Gdt4t6uJiN  -g '
[Sun Mar 18 12:33:20 CST 2018] ret='0'
[Sun Mar 18 12:33:20 CST 2018] response='{
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "oVPEw0bkYZc": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}'
[Sun Mar 18 12:33:20 CST 2018] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Sun Mar 18 12:33:20 CST 2018] ACME_NEW_AUTHZ
[Sun Mar 18 12:33:20 CST 2018] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Sun Mar 18 12:33:20 CST 2018] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Sun Mar 18 12:33:20 CST 2018] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Sun Mar 18 12:33:20 CST 2018] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Sun Mar 18 12:33:20 CST 2018] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Sun Mar 18 12:33:20 CST 2018] ACME_VERSION='2'
[Sun Mar 18 12:33:20 CST 2018] Le_NextRenewTime
[Sun Mar 18 12:33:20 CST 2018] _on_before_issue
[Sun Mar 18 12:33:20 CST 2018] _chk_main_domain='mydomain.com'
[Sun Mar 18 12:33:20 CST 2018] _chk_alt_domains='*.mydomain.com'
[Sun Mar 18 12:33:20 CST 2018] 'dns_nsone' does not contain 'no'
[Sun Mar 18 12:33:20 CST 2018] Le_LocalAddress
[Sun Mar 18 12:33:20 CST 2018] d='mydomain.com'
[Sun Mar 18 12:33:20 CST 2018] Check for domain='mydomain.com'
[Sun Mar 18 12:33:20 CST 2018] _currentRoot='dns_nsone'
[Sun Mar 18 12:33:20 CST 2018] d='*.mydomain.com'
[Sun Mar 18 12:33:20 CST 2018] Check for domain='*.mydomain.com'
[Sun Mar 18 12:33:20 CST 2018] _currentRoot='dns_nsone'
[Sun Mar 18 12:33:20 CST 2018] d
[Sun Mar 18 12:33:20 CST 2018] 'dns_nsone' does not contain 'apache'
[Sun Mar 18 12:33:20 CST 2018] _saved_account_key_hash='f6lw6VdPAI0XI1V3lbwGLoOiyfcuYsX0v+06//ENzDo='
[Sun Mar 18 12:33:21 CST 2018] _saved_account_key_hash is not changed, skip register account.
[Sun Mar 18 12:33:21 CST 2018] Read key length:
[Sun Mar 18 12:33:21 CST 2018] _createcsr
[Sun Mar 18 12:33:21 CST 2018] domain='mydomain.com'
[Sun Mar 18 12:33:21 CST 2018] domainlist='*.mydomain.com'
[Sun Mar 18 12:33:21 CST 2018] csrkey='/home/mine/.acme.sh/mydomain.com/mydomain.com.key'
[Sun Mar 18 12:33:21 CST 2018] csr='/home/mine/.acme.sh/mydomain.com/mydomain.com.csr'
[Sun Mar 18 12:33:21 CST 2018] csrconf='/home/mine/.acme.sh/mydomain.com/mydomain.com.csr.conf'
[Sun Mar 18 12:33:21 CST 2018] _is_idn_d='*.mydomain.com'
[Sun Mar 18 12:33:21 CST 2018] _idn_temp
[Sun Mar 18 12:33:21 CST 2018] domainlist='*.mydomain.com'
[Sun Mar 18 12:33:21 CST 2018] Multi domain='DNS:mydomain.com,DNS:*.mydomain.com'
[Sun Mar 18 12:33:21 CST 2018] _is_idn_d='mydomain.com'
[Sun Mar 18 12:33:21 CST 2018] _idn_temp
[Sun Mar 18 12:33:21 CST 2018] _csr_cn='mydomain.com'
[Sun Mar 18 12:33:21 CST 2018] Getting domain auth token for each domain
[Sun Mar 18 12:33:21 CST 2018] d='*.mydomain.com'
[Sun Mar 18 12:33:21 CST 2018] d
[Sun Mar 18 12:33:21 CST 2018] _identifiers='{"type":"dns","value":"mydomain.com"},{"type":"dns","value":"*.mydomain.com"}'
[Sun Mar 18 12:33:21 CST 2018] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Sun Mar 18 12:33:21 CST 2018] payload='{"identifiers": [{"type":"dns","value":"mydomain.com"},{"type":"dns","value":"*.mydomain.com                                                                   "}]}'
[Sun Mar 18 12:33:21 CST 2018] RSA key
[Sun Mar 18 12:33:21 CST 2018] Get nonce. ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Sun Mar 18 12:33:21 CST 2018] HEAD
[Sun Mar 18 12:33:21 CST 2018] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Sun Mar 18 12:33:21 CST 2018] body
[Sun Mar 18 12:33:21 CST 2018] _CURL='curl -L --silent --dump-header /home/mine/.acme.sh/http.header  --trace-ascii /                                                                   tmp/tmp.HyoOlnXILn  -g  -H "Content-Type: application/jose+json" '
[Sun Mar 18 12:33:22 CST 2018] _ret='0'
[Sun Mar 18 12:33:22 CST 2018] _headers='HTTP/1.1 204 No Content
Server: nginx
Replay-Nonce: Qg6fwr0cq5IWvFWq7pR9ttgzyD4icLo2E9WIbRQz5nA
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sun, 18 Mar 2018 04:33:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 18 Mar 2018 04:33:21 GMT
Connection: keep-alive
'
[Sun Mar 18 12:33:22 CST 2018] _CACHED_NONCE='Qg6fwr0cq5IWvFWq7pR9ttgzyD4icLo2E9WIbRQz5nA'
[Sun Mar 18 12:33:22 CST 2018] nonce='Qg6fwr0cq5IWvFWq7pR9ttgzyD4icLo2E9WIbRQz5nA'
[Sun Mar 18 12:33:22 CST 2018] POST
[Sun Mar 18 12:33:22 CST 2018] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Sun Mar 18 12:33:22 CST 2018] body='{"protected": "eyJub25jZSI6ICJRZzZmd3IwY3E1SVd2RldxN3BSOXR0Z3p5RDRpY0xvMkU5V0liUlF6NW                                                                   5BIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIiLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJo                                                                   dHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzMxMzMxNTEyIn0", "payload": "eyJpZGVudGlmaWVycyI6IFt7InR5cGUi                                                                   OiJkbnMiLCJ2YWx1ZSI6ImFueS5tb2UifSx7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6IiouYW55Lm1vZSJ9XX0", "signature": "XKbHSJ67nyo07YrdDMqvT6                                                                   qpM9ZvZJXe7WhoxUAsqVuJhgZK72NgQDpEpbl5XNW0KQ6HCVjdQizUNZNYbsCWOlVVqSyfg9bfKoI1EVqF2whGCnaZOSiCXSTc3uItXPHSxxWCMSsyc_W6GvXM                                                                   vtQESO1bAeAfmHsGrZebY6jHVnkAaUK6tz2-ii6F_hMwuj3-eUI-D_t0S7A6W1iC__yOME-e7EROp5Ux3lBejAAjhTFEYugc1knVw_nnrvh5AlDIqRYgfv5KNj                                                                   MAnFpqsg4HIv_1GdNiMEEVPZm5MyOs6ueLci7tf-9rditJot7DN89EemeJu4_lFxnSwPpDElacVA"}'
[Sun Mar 18 12:33:22 CST 2018] Http already initialized.
[Sun Mar 18 12:33:22 CST 2018] _CURL='curl -L --silent --dump-header /home/mine/.acme.sh/http.header  --trace-ascii /                                                                   tmp/tmp.HyoOlnXILn  -g  -H "Content-Type: application/jose+json" '
[Sun Mar 18 12:33:23 CST 2018] _ret='0'
[Sun Mar 18 12:33:23 CST 2018] original='{
  "status": "pending",
  "expires": "2018-03-25T04:33:22.654970382Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "*.mydomain.com"
    },
    {
      "type": "dns",
      "value": "mydomain.com"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V6Ui143h59xSgkRE",
    "https://acme-v02.api.letsencrypt.org/acme/authz/-4C1-11z4c8yQY46gMsMl9aFXAOik1PzPrvyBFRg-ZQ"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/31331512/60059"
}'
[Sun Mar 18 12:33:23 CST 2018] responseHeaders='HTTP/1.1 201 Created
Server: nginx
Content-Type: application/json
Content-Length: 522
Boulder-Requester: 31331512
Location: https://acme-v02.api.letsencrypt.org/acme/order/31331512/60059
Replay-Nonce: f4CP8pJ97sgENVjhVzcmRiRm_sL8cmCdUOcl0no5Huo
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sun, 18 Mar 2018 04:33:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 18 Mar 2018 04:33:22 GMT
Connection: keep-alive
'
[Sun Mar 18 12:33:23 CST 2018] response='{"status":"pending","expires":"2018-03-25T04:33:22.654970382Z","identifiers":[{"t                                                                   ype":"dns","value":"*.mydomain.com"},{"type":"dns","value":"mydomain.com"}],"authorizations":["https://acme-v02.api.letsencrypt.org/                                                                   acme/authz/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V6Ui143h59xSgkRE","https://acme-v02.api.letsencrypt.org/acme/authz/-4C1-11z4c8yQY46g                                                                   MsMl9aFXAOik1PzPrvyBFRg-ZQ"],"finalize":"https://acme-v02.api.letsencrypt.org/acme/finalize/31331512/60059"}'
[Sun Mar 18 12:33:23 CST 2018] code='201'
[Sun Mar 18 12:33:23 CST 2018] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/31331512/60059'
[Sun Mar 18 12:33:23 CST 2018] _authorizations_seg='https://acme-v02.api.letsencrypt.org/acme/authz/_MvR_BT1CH8lFSwAUKBnB-                                                                   q6ZE9V6Ui143h59xSgkRE,https://acme-v02.api.letsencrypt.org/acme/authz/-4C1-11z4c8yQY46gMsMl9aFXAOik1PzPrvyBFRg-ZQ'
[Sun Mar 18 12:33:23 CST 2018] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V6Ui                                                                   143h59xSgkRE'
[Sun Mar 18 12:33:23 CST 2018] GET
[Sun Mar 18 12:33:23 CST 2018] url='https://acme-v02.api.letsencrypt.org/acme/authz/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V6Ui143h59x                                                                   SgkRE'
[Sun Mar 18 12:33:23 CST 2018] timeout=
[Sun Mar 18 12:33:23 CST 2018] Http already initialized.
[Sun Mar 18 12:33:23 CST 2018] _CURL='curl -L --silent --dump-header /home/mine/.acme.sh/http.header  --trace-ascii /                                                                   tmp/tmp.HyoOlnXILn  -g '
[Sun Mar 18 12:33:23 CST 2018] ret='0'
[Sun Mar 18 12:33:23 CST 2018] response='{"identifier":{"type":"dns","value":"mydomain.com"},"status":"pending","expires":"2018                                                                   -03-25T04:33:22Z","challenges":[{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall                                                                   enge/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V6Ui143h59xSgkRE/3860888946","token":"CXoHgD1RxM6HTjDpT21LU-fga1GfTdoSGoOqzFWUEeE"}],"wild                                                                   card": true}'
[Sun Mar 18 12:33:23 CST 2018] _d='*.mydomain.com'
[Sun Mar 18 12:33:23 CST 2018] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz/-4C1-11z4c8yQY46gMsMl9aFXAOik1P                                                                   zPrvyBFRg-ZQ'
[Sun Mar 18 12:33:23 CST 2018] GET
[Sun Mar 18 12:33:23 CST 2018] url='https://acme-v02.api.letsencrypt.org/acme/authz/-4C1-11z4c8yQY46gMsMl9aFXAOik1PzPrvyBF                                                                   Rg-ZQ'
[Sun Mar 18 12:33:23 CST 2018] timeout=
[Sun Mar 18 12:33:23 CST 2018] Http already initialized.
[Sun Mar 18 12:33:23 CST 2018] _CURL='curl -L --silent --dump-header /home/mine/.acme.sh/http.header  --trace-ascii /                                                                   tmp/tmp.HyoOlnXILn  -g '
[Sun Mar 18 12:33:24 CST 2018] ret='0'
[Sun Mar 18 12:33:24 CST 2018] response='{"identifier":{"type":"dns","value":"mydomain.com"},"status":"pending","expires":"2018                                                                   -03-25T04:33:22Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chal                                                                   lenge/-4C1-11z4c8yQY46gMsMl9aFXAOik1PzPrvyBFRg-ZQ/3860888950","token":"fzRgXbDhy2_ZRxyG7gPtMEN6DuM_pVHjvhePKxwGIqE"},{"typ                                                                   e":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/-4C1-11z4c8yQY46gMsMl9aFXAOik1Pz                                                                   PrvyBFRg-ZQ/3860888951","token":"mMvUAOObfazUlYEL04Ij7tb4dzBcwQijsOcCSmcu7h0"}]}'
[Sun Mar 18 12:33:24 CST 2018] _d='mydomain.com'
[Sun Mar 18 12:33:24 CST 2018] _authorizations_map='mydomain.com,{"identifier":{"type":"dns","value":"mydomain.com"},"status":"pendi                                                                   ng","expires":"2018-03-25T04:33:22Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsen                                                                   crypt.org/acme/challenge/-4C1-11z4c8yQY46gMsMl9aFXAOik1PzPrvyBFRg-ZQ/3860888950","token":"fzRgXbDhy2_ZRxyG7gPtMEN6DuM_pVHj                                                                   vhePKxwGIqE"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/-4C1-11z4c8yQ                                                                   Y46gMsMl9aFXAOik1PzPrvyBFRg-ZQ/3860888951","token":"mMvUAOObfazUlYEL04Ij7tb4dzBcwQijsOcCSmcu7h0"}]}
*.mydomain.com,{"identifier":{"type":"dns","value":"mydomain.com"},"status":"pending","expires":"2018-03-25T04:33:22Z","challenges":                                                                   [{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/_MvR_BT1CH8lFSwAUKBnB-q6ZE                                                                   9V6Ui143h59xSgkRE/3860888946","token":"CXoHgD1RxM6HTjDpT21LU-fga1GfTdoSGoOqzFWUEeE"}],"wildcard": true}
'
[Sun Mar 18 12:33:24 CST 2018] d='mydomain.com'
[Sun Mar 18 12:33:24 CST 2018] Getting webroot for domain='mydomain.com'
[Sun Mar 18 12:33:24 CST 2018] _w='dns_nsone'
[Sun Mar 18 12:33:24 CST 2018] _currentRoot='dns_nsone'
[Sun Mar 18 12:33:24 CST 2018] response='{"identifier":{"type":"dns","value":"mydomain.com"},"status":"pending","expires":"2018                                                                   -03-25T04:33:22Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chal                                                                   lenge/-4C1-11z4c8yQY46gMsMl9aFXAOik1PzPrvyBFRg-ZQ/3860888950","token":"fzRgXbDhy2_ZRxyG7gPtMEN6DuM_pVHjvhePKxwGIqE"},{"typ                                                                   e":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/-4C1-11z4c8yQY46gMsMl9aFXAOik1Pz                                                                   PrvyBFRg-ZQ/3860888951","token":"mMvUAOObfazUlYEL04Ij7tb4dzBcwQijsOcCSmcu7h0"}]}'
[Sun Mar 18 12:33:24 CST 2018] entry='"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/                                                                   challenge/-4C1-11z4c8yQY46gMsMl9aFXAOik1PzPrvyBFRg-ZQ/3860888951","token":"mMvUAOObfazUlYEL04Ij7tb4dzBcwQijsOcCSmcu7h0"'
[Sun Mar 18 12:33:24 CST 2018] token='mMvUAOObfazUlYEL04Ij7tb4dzBcwQijsOcCSmcu7h0'
[Sun Mar 18 12:33:24 CST 2018] uri='https://acme-v02.api.letsencrypt.org/acme/challenge/-4C1-11z4c8yQY46gMsMl9aFXAOik1PzPr                                                                   vyBFRg-ZQ/3860888951'
[Sun Mar 18 12:33:24 CST 2018] keyauthorization='mMvUAOObfazUlYEL04Ij7tb4dzBcwQijsOcCSmcu7h0.ZSMVVMw1oioGK32bjsU0KDO0dtFCr                                                                   qTqiU1oz7yBJkg'
[Sun Mar 18 12:33:24 CST 2018] dvlist='mydomain.com#mMvUAOObfazUlYEL04Ij7tb4dzBcwQijsOcCSmcu7h0.ZSMVVMw1oioGK32bjsU0KDO0dtFCrqT                                                                   qiU1oz7yBJkg#https://acme-v02.api.letsencrypt.org/acme/challenge/-4C1-11z4c8yQY46gMsMl9aFXAOik1PzPrvyBFRg-ZQ/3860888951#dn                                                                   s-01#dns_nsone'
[Sun Mar 18 12:33:24 CST 2018] d='*.mydomain.com'
[Sun Mar 18 12:33:24 CST 2018] Getting webroot for domain='*.mydomain.com'
[Sun Mar 18 12:33:24 CST 2018] _w='dns_nsone'
[Sun Mar 18 12:33:24 CST 2018] _currentRoot='dns_nsone'
[Sun Mar 18 12:33:24 CST 2018] response='{"identifier":{"type":"dns","value":"mydomain.com"},"status":"pending","expires":"2018                                                                   -03-25T04:33:22Z","challenges":[{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall                                                                   enge/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V6Ui143h59xSgkRE/3860888946","token":"CXoHgD1RxM6HTjDpT21LU-fga1GfTdoSGoOqzFWUEeE"}],"wild                                                                   card": true}'
[Sun Mar 18 12:33:24 CST 2018] entry='"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/                                                                   challenge/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V6Ui143h59xSgkRE/3860888946","token":"CXoHgD1RxM6HTjDpT21LU-fga1GfTdoSGoOqzFWUEeE"'
[Sun Mar 18 12:33:24 CST 2018] token='CXoHgD1RxM6HTjDpT21LU-fga1GfTdoSGoOqzFWUEeE'
[Sun Mar 18 12:33:24 CST 2018] uri='https://acme-v02.api.letsencrypt.org/acme/challenge/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V6Ui143                                                                   h59xSgkRE/3860888946'
[Sun Mar 18 12:33:24 CST 2018] keyauthorization='CXoHgD1RxM6HTjDpT21LU-fga1GfTdoSGoOqzFWUEeE.ZSMVVMw1oioGK32bjsU0KDO0dtFCr                                                                   qTqiU1oz7yBJkg'
[Sun Mar 18 12:33:24 CST 2018] dvlist='*.mydomain.com#CXoHgD1RxM6HTjDpT21LU-fga1GfTdoSGoOqzFWUEeE.ZSMVVMw1oioGK32bjsU0KDO0dtFCr                                                                   qTqiU1oz7yBJkg#https://acme-v02.api.letsencrypt.org/acme/challenge/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V6Ui143h59xSgkRE/3860888946#                                                                   dns-01#dns_nsone'
[Sun Mar 18 12:33:24 CST 2018] d
[Sun Mar 18 12:33:24 CST 2018] vlist='mydomain.com#mMvUAOObfazUlYEL04Ij7tb4dzBcwQijsOcCSmcu7h0.ZSMVVMw1oioGK32bjsU0KDO0dtFCrqTq                                                                   iU1oz7yBJkg#https://acme-v02.api.letsencrypt.org/acme/challenge/-4C1-11z4c8yQY46gMsMl9aFXAOik1PzPrvyBFRg-ZQ/3860888951#dns                                                                   -01#dns_nsone,*.mydomain.com#CXoHgD1RxM6HTjDpT21LU-fga1GfTdoSGoOqzFWUEeE.ZSMVVMw1oioGK32bjsU0KDO0dtFCrqTqiU1oz7yBJkg#https://ac                                                                   me-v02.api.letsencrypt.org/acme/challenge/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V6Ui143h59xSgkRE/3860888946#dns-01#dns_nsone,'
[Sun Mar 18 12:33:24 CST 2018] d='mydomain.com'
[Sun Mar 18 12:33:24 CST 2018] _d_alias
[Sun Mar 18 12:33:24 CST 2018] txtdomain='_acme-challenge.mydomain.com'
[Sun Mar 18 12:33:24 CST 2018] txt='31epyukjvt2nB5ndQF7Tdy0ZjYWbEwspieVzuYqn2Bw'
[Sun Mar 18 12:33:24 CST 2018] d_api='/home/mine/.acme.sh/dnsapi/dns_nsone.sh'
[Sun Mar 18 12:33:24 CST 2018] Found domain api file: /home/mine/.acme.sh/dnsapi/dns_nsone.sh
[Sun Mar 18 12:33:24 CST 2018] First detect the root zone
[Sun Mar 18 12:33:24 CST 2018] zones
[Sun Mar 18 12:33:24 CST 2018] GET
[Sun Mar 18 12:33:24 CST 2018] url='https://api.nsone.net/v1/zones'
[Sun Mar 18 12:33:24 CST 2018] timeout=
[Sun Mar 18 12:33:24 CST 2018] Http already initialized.
[Sun Mar 18 12:33:24 CST 2018] _CURL='curl -L --silent --dump-header /home/mine/.acme.sh/http.header  --trace-ascii /                                                                   tmp/tmp.HyoOlnXILn  -g '
[Sun Mar 18 12:33:26 CST 2018] ret='0'
[Sun Mar 18 12:33:26 CST 2018] response='{"message":"Unauthorized"}'
[Sun Mar 18 12:33:26 CST 2018] h='mydomain.com'
[Sun Mar 18 12:33:26 CST 2018] h='com'
[Sun Mar 18 12:33:26 CST 2018] h
[Sun Mar 18 12:33:26 CST 2018] invalid domain
[Sun Mar 18 12:33:26 CST 2018] Error add txt for domain:_acme-challenge.mydomain.com
[Sun Mar 18 12:33:26 CST 2018] pid
[Sun Mar 18 12:33:26 CST 2018] No need to restore nginx, skip.
[Sun Mar 18 12:33:26 CST 2018] _clearupdns
[Sun Mar 18 12:33:26 CST 2018] skip dns.
[Sun Mar 18 12:33:26 CST 2018] _on_issue_err
[Sun Mar 18 12:33:26 CST 2018] Please add '--debug' or '--log' to check more details.
[Sun Mar 18 12:33:26 CST 2018] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
[Sun Mar 18 12:33:26 CST 2018] _chk_vlist='mydomain.com#mMvUAOObfazUlYEL04Ij7tb4dzBcwQijsOcCSmcu7h0.ZSMVVMw1oioGK32bjsU0KDO0dtF                                                                   CrqTqiU1oz7yBJkg#https://acme-v02.api.letsencrypt.org/acme/challenge/-4C1-11z4c8yQY46gMsMl9aFXAOik1PzPrvyBFRg-ZQ/386088895                                                                   1#dns-01#dns_nsone,*.mydomain.com#CXoHgD1RxM6HTjDpT21LU-fga1GfTdoSGoOqzFWUEeE.ZSMVVMw1oioGK32bjsU0KDO0dtFCrqTqiU1oz7yBJkg#https                                                                   ://acme-v02.api.letsencrypt.org/acme/challenge/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V6Ui143h59xSgkRE/3860888946#dns-01#dns_nsone,'
[Sun Mar 18 12:33:26 CST 2018] start to deactivate authz
[Sun Mar 18 12:33:26 CST 2018] tigger domain validation.
[Sun Mar 18 12:33:26 CST 2018] _t_url='https://acme-v02.api.letsencrypt.org/acme/challenge/-4C1-11z4c8yQY46gMsMl9aFXAOik1P                                                                   zPrvyBFRg-ZQ/3860888951'
[Sun Mar 18 12:33:26 CST 2018] _t_key_authz='mMvUAOObfazUlYEL04Ij7tb4dzBcwQijsOcCSmcu7h0.ZSMVVMw1oioGK32bjsU0KDO0dtFCrqTqi                                                                   U1oz7yBJkg'
[Sun Mar 18 12:33:26 CST 2018] url='https://acme-v02.api.letsencrypt.org/acme/challenge/-4C1-11z4c8yQY46gMsMl9aFXAOik1PzPr                                                                   vyBFRg-ZQ/3860888951'
[Sun Mar 18 12:33:26 CST 2018] payload='{"keyAuthorization": "mMvUAOObfazUlYEL04Ij7tb4dzBcwQijsOcCSmcu7h0.ZSMVVMw1oioGK32b                                                                   jsU0KDO0dtFCrqTqiU1oz7yBJkg"}'
[Sun Mar 18 12:33:26 CST 2018] Use cached jwk for file: /home/mine/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.k                                                                   ey
[Sun Mar 18 12:33:26 CST 2018] Use _CACHED_NONCE='f4CP8pJ97sgENVjhVzcmRiRm_sL8cmCdUOcl0no5Huo'
[Sun Mar 18 12:33:26 CST 2018] nonce='f4CP8pJ97sgENVjhVzcmRiRm_sL8cmCdUOcl0no5Huo'
[Sun Mar 18 12:33:26 CST 2018] POST
[Sun Mar 18 12:33:26 CST 2018] _post_url='https://acme-v02.api.letsencrypt.org/acme/challenge/-4C1-11z4c8yQY46gMsMl9aFXAOi                                                                   k1PzPrvyBFRg-ZQ/3860888951'
[Sun Mar 18 12:33:26 CST 2018] body='{"protected": "eyJub25jZSI6ICJmNENQOHBKOTdzZ0VOVmpoVnpjbVJpUm1fc0w4Y21DZFVPY2wwbm81SH                                                                   VvIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UvLTRDMS0xMXo0Yzh5UVk0NmdNc01sOWFGWEFP                                                                   aWsxUHpQcnZ5QkZSZy1aUS8zODYwODg4OTUxIiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2                                                                   FjbWUvYWNjdC8zMTMzMTUxMiJ9", "payload": "eyJrZXlBdXRob3JpemF0aW9uIjogIm1NdlVBT09iZmF6VWxZRUwwNElqN3RiNGR6QmN3UWlqc09jQ1NtY                                                                   3U3aDAuWlNNVlZNdzFvaW9HSzMyYmpzVTBLRE8wZHRGQ3JxVHFpVTFvejd5QkprZyJ9", "signature": "kY2Wk8fKKpNzZ2BsTbXhl-x_Gw0S9JjXr8m4d-                                                                   s_pkvVUaW19Nma5JPXBE61AbgG4y6e7DQdEwCcJPV53WdreqR-fbjNTXNRC27ZPuNbUR4GqMa93mIogVpFfi7s-avWef5J02LAe_B46Yv1cqRZf5Uh5a_E-osD                                                                   fF9PHqxrtkyX5KgO9D_z7uiPkK803qCYDOFy0__xzXMOrtTN1FpneitIu4z9j49mLC1y3g89BH_sSI5S6zGE1gL9ircJ__B8TNiy8Jth9JN26_uDGGaZ4BH0vM                                                                   TEAYlL0vb-Y02mAwRCps7Yx4bfHycR6ZTg_IBVCQx_0-wGJ-jtJgc-s4kIdg"}'
[Sun Mar 18 12:33:26 CST 2018] Http already initialized.
[Sun Mar 18 12:33:26 CST 2018] _CURL='curl -L --silent --dump-header /home/mine/.acme.sh/http.header  --trace-ascii /                                                                   tmp/tmp.HyoOlnXILn  -g  -H "Content-Type: application/jose+json" '
[Sun Mar 18 12:33:27 CST 2018] _ret='0'
[Sun Mar 18 12:33:27 CST 2018] original='{
  "type": "dns-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/challenge/-4C1-11z4c8yQY46gMsMl9aFXAOik1PzPrvyBFRg-ZQ/3860888951",
  "token": "mMvUAOObfazUlYEL04Ij7tb4dzBcwQijsOcCSmcu7h0"
}'
[Sun Mar 18 12:33:27 CST 2018] responseHeaders='HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Content-Length: 222
Boulder-Requester: 31331512
Link: <https://acme-v02.api.letsencrypt.org/acme/authz/-4C1-11z4c8yQY46gMsMl9aFXAOik1PzPrvyBFRg-ZQ>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/challenge/-4C1-11z4c8yQY46gMsMl9aFXAOik1PzPrvyBFRg-ZQ/3860888951
Replay-Nonce: KzgKIwtprUOh0OJJXbyRLf9ug1W2GDzRWvlhzp-2EEE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sun, 18 Mar 2018 04:33:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 18 Mar 2018 04:33:27 GMT
Connection: keep-alive
'
[Sun Mar 18 12:33:27 CST 2018] response='{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/a                                                                   cme/challenge/-4C1-11z4c8yQY46gMsMl9aFXAOik1PzPrvyBFRg-ZQ/3860888951","token":"mMvUAOObfazUlYEL04Ij7tb4dzBcwQijsOcCSmcu7h0                                                                   "}'
[Sun Mar 18 12:33:27 CST 2018] code='200'
[Sun Mar 18 12:33:27 CST 2018] tigger domain validation.
[Sun Mar 18 12:33:27 CST 2018] _t_url='https://acme-v02.api.letsencrypt.org/acme/challenge/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V6Ui                                                                   143h59xSgkRE/3860888946'
[Sun Mar 18 12:33:27 CST 2018] _t_key_authz='CXoHgD1RxM6HTjDpT21LU-fga1GfTdoSGoOqzFWUEeE.ZSMVVMw1oioGK32bjsU0KDO0dtFCrqTqi                                                                   U1oz7yBJkg'
[Sun Mar 18 12:33:27 CST 2018] url='https://acme-v02.api.letsencrypt.org/acme/challenge/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V6Ui143                                                                   h59xSgkRE/3860888946'
[Sun Mar 18 12:33:27 CST 2018] payload='{"keyAuthorization": "CXoHgD1RxM6HTjDpT21LU-fga1GfTdoSGoOqzFWUEeE.ZSMVVMw1oioGK32b                                                                   jsU0KDO0dtFCrqTqiU1oz7yBJkg"}'
[Sun Mar 18 12:33:27 CST 2018] Use cached jwk for file: /home/mine/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.k                                                                   ey
[Sun Mar 18 12:33:27 CST 2018] Use _CACHED_NONCE='KzgKIwtprUOh0OJJXbyRLf9ug1W2GDzRWvlhzp-2EEE'
[Sun Mar 18 12:33:27 CST 2018] nonce='KzgKIwtprUOh0OJJXbyRLf9ug1W2GDzRWvlhzp-2EEE'
[Sun Mar 18 12:33:27 CST 2018] POST
[Sun Mar 18 12:33:27 CST 2018] _post_url='https://acme-v02.api.letsencrypt.org/acme/challenge/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V                                                                   6Ui143h59xSgkRE/3860888946'
[Sun Mar 18 12:33:27 CST 2018] body='{"protected": "eyJub25jZSI6ICJLemdLSXd0cHJVT2gwT0pKWGJ5UkxmOXVnMVcyR0R6Uld2bGh6cC0yRU                                                                   VFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UvX012Ul9CVDFDSDhsRlN3QVVLQm5CLXE2WkU5                                                                   VjZVaTE0M2g1OXhTZ2tSRS8zODYwODg4OTQ2IiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2                                                                   FjbWUvYWNjdC8zMTMzMTUxMiJ9", "payload": "eyJrZXlBdXRob3JpemF0aW9uIjogIkNYb0hnRDFSeE02SFRqRHBUMjFMVS1mZ2ExR2ZUZG9TR29PcXpGV                                                                   1VFZUUuWlNNVlZNdzFvaW9HSzMyYmpzVTBLRE8wZHRGQ3JxVHFpVTFvejd5QkprZyJ9", "signature": "W-MKkFA0cIYMbEBlg89qKfuNUNivg6TAMhgZHp                                                                   VZLUDabU9EAExos0H1idrwf7XS1FmSPS3fLNx72LVeiwLI7EX-evzrHM4PNvfv3LWtvMBaWuNHermUcVDRYHatGpuRmNwC0uHUwIlw7RUA_v5lj4glMWNWzZ1F                                                                   No1WxGe9ZLZGthHC0DSFf5_zq9pY0YWiA9DIC6ueKRpH3GdvhS8KvCXRatt19JbVjETsqk9nniwTuKdjiKVE8pbhYPkrOfW2a3Fm3y6QHOr9hPsXwIY947hT6D                                                                   sWN0-NiAZ-bbONS6AhHRob8HtvOwqXGyzeP-Gkd5iNpVmpWJF0dUmucEWSqQ"}'
[Sun Mar 18 12:33:27 CST 2018] Http already initialized.
[Sun Mar 18 12:33:27 CST 2018] _CURL='curl -L --silent --dump-header /home/mine/.acme.sh/http.header  --trace-ascii /                                                                   tmp/tmp.HyoOlnXILn  -g  -H "Content-Type: application/jose+json" '
[Sun Mar 18 12:33:28 CST 2018] _ret='0'
[Sun Mar 18 12:33:28 CST 2018] original='{
  "type": "dns-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/challenge/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V6Ui143h59xSgkRE/3860888946",
  "token": "CXoHgD1RxM6HTjDpT21LU-fga1GfTdoSGoOqzFWUEeE"
}'
[Sun Mar 18 12:33:28 CST 2018] responseHeaders='HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Content-Length: 222
Boulder-Requester: 31331512
Link: <https://acme-v02.api.letsencrypt.org/acme/authz/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V6Ui143h59xSgkRE>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/challenge/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V6Ui143h59xSgkRE/3860888946
Replay-Nonce: -VHDmkgZsxIRp5h6rH938xK-TdWb0EKRxJw8z8nVIA0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sun, 18 Mar 2018 04:33:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 18 Mar 2018 04:33:28 GMT
Connection: keep-alive
'
[Sun Mar 18 12:33:28 CST 2018] response='{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/a                                                                   cme/challenge/_MvR_BT1CH8lFSwAUKBnB-q6ZE9V6Ui143h59xSgkRE/3860888946","token":"CXoHgD1RxM6HTjDpT21LU-fga1GfTdoSGoOqzFWUEeE                                                                   "}'
[Sun Mar 18 12:33:28 CST 2018] code='200'
[Sun Mar 18 12:33:28 CST 2018] socat doesn't exists.
[Sun Mar 18 12:33:28 CST 2018] Diagnosis versions:
openssl:openssl
OpenSSL 1.0.2k-fips  26 Jan 2017
apache:
apache doesn't exists.
nginx:
nginx version: openresty/1.13.6.1
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC)
built with OpenSSL 1.0.2m  2 Nov 2017
TLS SNI support enabled
configure arguments: --prefix=/www/server/nginx/nginx --with-cc-opt=-O2 --add-module=../ngx_devel_kit-0.3.0 --add-module=.                                                                   ./echo-nginx-module-0.61 --add-module=../xss-nginx-module-0.05 --add-module=../ngx_coolkit-0.2rc3 --add-module=../set-misc                                                                   -nginx-module-0.31 --add-module=../form-input-nginx-module-0.12 --add-module=../encrypted-session-nginx-module-0.07 --add-                                                                   module=../srcache-nginx-module-0.31 --add-module=../ngx_lua-0.10.11 --add-module=../ngx_lua_upstream-0.07 --add-module=../                                                                   headers-more-nginx-module-0.33 --add-module=../array-var-nginx-module-0.05 --add-module=../memc-nginx-module-0.18 --add-mo                                                                   dule=../redis2-nginx-module-0.14 --add-module=../redis-nginx-module-0.3.7 --add-module=../rds-json-nginx-module-0.15 --add                                                                   -module=../rds-csv-nginx-module-0.08 --add-module=../ngx_stream_lua-0.0.3 --with-ld-opt='-Wl,-rpath,/www/server/nginx/luaj                                                                   it/lib -Wl,-E -ljemalloc' --user=www --group=www --with-openssl=/www/server/nginx/src/openssl --with-pcre=/www/server/ngin                                                                   x/src/pcre-8.40 --add-module=/www/server/nginx/src/ngx_cache_purge --with-http_stub_status_module --with-http_ssl_module -                                                                   -with-http_v2_module --with-http_gzip_static_module --with-http_gunzip_module --with-stream --with-stream_ssl_module --wit                                                                   h-ipv6 --with-http_sub_module --with-http_flv_module --with-http_addition_module --with-http_realip_module --with-http_mp4                                                                   _module --with-stream --with-stream_ssl_module
socat:
Neilpang commented 6 years ago 
[Sun Mar 18 12:33:26 CST 2018] response='{"message":"Unauthorized"}'