githkg
commented
5 years ago Just found that the error occurred only if the current working folder is the same as the config folder (.i.e. ~/.acme.sh), but normal for others folders.
Open githkg opened 5 years ago
githkg
commented
5 years ago Just found that the error occurred only if the current working folder is the same as the config folder (.i.e. ~/.acme.sh), but normal for others folders.
githkg
commented
5 years ago [root@server05 acme]# ./acme.sh --staging --issue -d mydomain.com -d .mydomain.com --dns --yes-I-know-dns-manual-mode-enough-go-ahead-please [Fri Oct 5 11:34:50 HKT 2018] Using stage ACME_DIRECTORY: https://acme-staging-v02.api.letsencrypt.org/directory [Fri Oct 5 11:34:50 HKT 2018] Multi domain='DNS:mydomain.com,DNS:.mydomain.com' [Fri Oct 5 11:34:51 HKT 2018] Getting domain auth token for each domain [Fri Oct 5 11:34:53 HKT 2018] Getting webroot for domain='mydomain.com' [Fri Oct 5 11:34:53 HKT 2018] Getting webroot for domain='.mydomain.com' [Fri Oct 5 11:34:53 HKT 2018] Add the following TXT record: [Fri Oct 5 11:34:53 HKT 2018] Domain: '_acme-challenge.mydomain.com' [Fri Oct 5 11:34:53 HKT 2018] TXT value: 'z60TpZBFHjovabBLUvuhiPP4TKP_Q8qqLQWERI03srk' [Fri Oct 5 11:34:53 HKT 2018] Please be aware that you prepend _acme-challenge. before your domain [Fri Oct 5 11:34:53 HKT 2018] so the resulting subdomain will be: _acme-challenge.mydomain.com [Fri Oct 5 11:34:53 HKT 2018] Add the following TXT record: [Fri Oct 5 11:34:53 HKT 2018] Domain: '_acme-challenge.mydomain.com' [Fri Oct 5 11:34:53 HKT 2018] TXT value: 'uR-0l890nQB2i4w6G17IRaFp8fLDl9j3w8VWCQeNQuY' [Fri Oct 5 11:34:53 HKT 2018] Please be aware that you prepend _acme-challenge. before your domain [Fri Oct 5 11:34:53 HKT 2018] so the resulting subdomain will be: _acme-challenge.mydomain.com [Fri Oct 5 11:34:53 HKT 2018] Please add the TXT records to the domains, and re-run with --renew. [Fri Oct 5 11:34:53 HKT 2018] Please add '--debug' or '--log' to check more details. [Fri Oct 5 11:34:53 HKT 2018] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh [root@server05 acme]# cd ../.acme.sh [root@server05 .acme.sh]# ../acme/acme.sh --staging --issue -d mydomain.com -d .mydomain.com --dns --yes-I-know-dns-manual-mode-enough-go-ahead-please [Fri Oct 5 11:35:07 HKT 2018] Unknown parameter : host02.mydomain.com
FernandoMiguel
commented
5 years ago Was there an already existing folder that was used for host02 and could have a wrong config?
githkg
commented
5 years ago My test is going to create 4 wildcard cert. The sequence of creation is as follow :-
The acme.sh script is located at /root/acme.
Config folder of acme.sh is /root/.acme.sh (default).
The folder / files created by acme.sh will not be removed after creation. Therefore, the folder for host02.mydomain.com is exist before creation of certificate of mydomain.com.
If current folder is config folder of acme.sh, when running the acme.sh script for the above certificate, no error for the first 3 certificates, but error occurred for last (i.e. mydomain.com)
If current folder is any folder other than the config folder of acme.sh, no error for all the 4 certificates.
In the mean time, I will force myself not to change current folder to config folder of acme.sh script, and everything is normal.
Thank you.
greecemunky
commented
5 years ago *.mydomain.com may be getting expanded in the shell. Either escape the asterisk or wrap it all in single quotes.
e.g. ../acme/acme.sh --staging --issue -d mydomain.com -d \*.mydomain.com --dns --yes-I-know-dns-manual-mode-enough-go-ahead-please ../acme/acme.sh --staging --issue -d mydomain.com -d '*.mydomain.com' --dns --yes-I-know-dns-manual-mode-enough-go-ahead-please
Problem when issuing new certificate with acme.sh for the following pairs of wildcard domains
1) host01.mydomain.com, .host01.mydomain.com 2) host02.mydomain.com, .host02.mydomain.com 3) host03.mydomain.com, .host03.mydomain.com 4) mydomain.com, .mydomain.com
There is no problem with the first 3 pairs, but for the 4th pair, the following message appear :-
It is not a typing error, the 4th pair does not involve host02, but the error message is related to host02.
The error messge can be reproduce when issuing certificate of the above pairs of wildcard domains in the order as specified as above.
Steps to reproduce
Debug log