Neilpang
commented
5 years ago try with --debug 2
Open weehong opened 5 years ago
Neilpang
commented
5 years ago try with --debug 2
weehong
commented
5 years ago @Neilpang
This is the output after running debug 2.
[Mon Dec 17 16:20:58 UTC 2018] Lets find script dir.
[Mon Dec 17 16:20:58 UTC 2018] _SCRIPT_='/root/.acme.sh/acme.sh'
[Mon Dec 17 16:20:58 UTC 2018] _script='/root/.acme.sh/acme.sh'
[Mon Dec 17 16:20:58 UTC 2018] _script_home='/root/.acme.sh'
[Mon Dec 17 16:20:58 UTC 2018] Using config home:/root/.acme.sh
[Mon Dec 17 16:20:58 UTC 2018] LE_WORKING_DIR='/root/.acme.sh'
https://github.com/Neilpang/acme.sh
v2.8.0
[Mon Dec 17 16:20:58 UTC 2018] _main_domain='dev.wispri.com'
[Mon Dec 17 16:20:58 UTC 2018] _alt_domains='no'
[Mon Dec 17 16:20:58 UTC 2018] Using config home:/root/.acme.sh
[Mon Dec 17 16:20:58 UTC 2018] ACME_DIRECTORY='https://acme-v01.api.letsencrypt. org/directory'
[Mon Dec 17 16:20:58 UTC 2018] _ACME_SERVER_HOST='acme-v01.api.letsencrypt.org'
[Mon Dec 17 16:20:58 UTC 2018] DOMAIN_PATH='/root/.acme.sh/dev.wispri.com'
[Mon Dec 17 16:20:58 UTC 2018] '/var/www/wispri/public/' does not contain 'dns'
[Mon Dec 17 16:20:58 UTC 2018] Using ACME_DIRECTORY: https://acme-v01.api.letsen crypt.org/directory
[Mon Dec 17 16:20:58 UTC 2018] _init api for server: https://acme-v01.api.letsen crypt.org/directory
[Mon Dec 17 16:20:58 UTC 2018] GET
[Mon Dec 17 16:20:58 UTC 2018] url='https://acme-v01.api.letsencrypt.org/directo ry'
[Mon Dec 17 16:20:58 UTC 2018] timeout=
[Mon Dec 17 16:20:58 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme .sh/http.header --trace-ascii /tmp/tmp.721ETqBkLF -g '
[Mon Dec 17 16:20:58 UTC 2018] ret='0'
[Mon Dec 17 16:20:58 UTC 2018] response='{
"key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"terms-of-service": "https://letsencrypt.org/documents/LE-SA-v1.2-November-1 5-2017.pdf",
"website": "https://letsencrypt.org"
},
"new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",
"new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",
"new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",
"revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert",
"y9OOeOsHDEs": "https://community.letsencrypt.org/t/adding-random-entries-to-t he-directory/33417"
}'
[Mon Dec 17 16:20:58 UTC 2018] ACME_KEY_CHANGE='https://acme-v01.api.letsencrypt .org/acme/key-change'
[Mon Dec 17 16:20:58 UTC 2018] ACME_NEW_AUTHZ='https://acme-v01.api.letsencrypt. org/acme/new-authz'
[Mon Dec 17 16:20:58 UTC 2018] ACME_NEW_ORDER='https://acme-v01.api.letsencrypt. org/acme/new-cert'
[Mon Dec 17 16:20:58 UTC 2018] ACME_NEW_ACCOUNT='https://acme-v01.api.letsencryp t.org/acme/new-reg'
[Mon Dec 17 16:20:58 UTC 2018] ACME_REVOKE_CERT='https://acme-v01.api.letsencryp t.org/acme/revoke-cert'
[Mon Dec 17 16:20:58 UTC 2018] ACME_AGREEMENT='https://letsencrypt.org/documents /LE-SA-v1.2-November-15-2017.pdf'
[Mon Dec 17 16:20:58 UTC 2018] ACME_NEW_NONCE
[Mon Dec 17 16:20:58 UTC 2018] ACME_VERSION
[Mon Dec 17 16:20:58 UTC 2018] Le_NextRenewTime
[Mon Dec 17 16:20:58 UTC 2018] _on_before_issue
[Mon Dec 17 16:20:58 UTC 2018] _chk_main_domain='dev.wispri.com'
[Mon Dec 17 16:20:58 UTC 2018] _chk_alt_domains
[Mon Dec 17 16:20:58 UTC 2018] '/var/www/wispri/public/' does not contain 'no'
[Mon Dec 17 16:20:58 UTC 2018] Le_LocalAddress
[Mon Dec 17 16:20:58 UTC 2018] d='dev.wispri.com'
[Mon Dec 17 16:20:58 UTC 2018] Check for domain='dev.wispri.com'
[Mon Dec 17 16:20:58 UTC 2018] _currentRoot='/var/www/wispri/public/'
[Mon Dec 17 16:20:58 UTC 2018] d
[Mon Dec 17 16:20:59 UTC 2018] '/var/www/wispri/public/' does not contain 'apach e'
[Mon Dec 17 16:20:59 UTC 2018] _saved_account_key_hash='Cw5zQ1eKg8RJoLWuV0Te/4J5 W3Y4jl3jB4xkBGuuQAg='
[Mon Dec 17 16:20:59 UTC 2018] _saved_account_key_hash is not changed, skip regi ster account.
[Mon Dec 17 16:20:59 UTC 2018] Read key length:
[Mon Dec 17 16:20:59 UTC 2018] _createcsr
[Mon Dec 17 16:20:59 UTC 2018] domain='dev.wispri.com'
[Mon Dec 17 16:20:59 UTC 2018] domainlist
[Mon Dec 17 16:20:59 UTC 2018] csrkey='/root/.acme.sh/dev.wispri.com/dev.wispri. com.key'
[Mon Dec 17 16:20:59 UTC 2018] csr='/root/.acme.sh/dev.wispri.com/dev.wispri.com .csr'
[Mon Dec 17 16:20:59 UTC 2018] csrconf='/root/.acme.sh/dev.wispri.com/dev.wispri .com.csr.conf'
[Mon Dec 17 16:20:59 UTC 2018] Single domain='dev.wispri.com'
[Mon Dec 17 16:20:59 UTC 2018] _is_idn_d='dev.wispri.com'
[Mon Dec 17 16:20:59 UTC 2018] _idn_temp
[Mon Dec 17 16:20:59 UTC 2018] _csr_cn='dev.wispri.com'
[Mon Dec 17 16:20:59 UTC 2018] Getting domain auth token for each domain
[Mon Dec 17 16:20:59 UTC 2018] d='dev.wispri.com'
[Mon Dec 17 16:20:59 UTC 2018] Getting webroot for domain='dev.wispri.com'
[Mon Dec 17 16:20:59 UTC 2018] _w='/var/www/wispri/public/'
[Mon Dec 17 16:20:59 UTC 2018] _currentRoot='/var/www/wispri/public/'
[Mon Dec 17 16:20:59 UTC 2018] Getting new-authz for domain='dev.wispri.com'
[Mon Dec 17 16:20:59 UTC 2018] _init api for server: https://acme-v01.api.letsen crypt.org/directory
[Mon Dec 17 16:20:59 UTC 2018] Try new-authz for the 0 time.
[Mon Dec 17 16:20:59 UTC 2018] _is_idn_d='dev.wispri.com'
[Mon Dec 17 16:20:59 UTC 2018] _idn_temp
[Mon Dec 17 16:20:59 UTC 2018] url='https://acme-v01.api.letsencrypt.org/acme/ne w-authz'
[Mon Dec 17 16:20:59 UTC 2018] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "dev.wispri.com"}}'
[Mon Dec 17 16:20:59 UTC 2018] RSA key
[Mon Dec 17 16:20:59 UTC 2018] Get nonce with GET. ACME_DIRECTORY='https://acme- v01.api.letsencrypt.org/directory'
[Mon Dec 17 16:20:59 UTC 2018] GET
[Mon Dec 17 16:20:59 UTC 2018] url='https://acme-v01.api.letsencrypt.org/directo ry'
[Mon Dec 17 16:20:59 UTC 2018] timeout=
[Mon Dec 17 16:20:59 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme .sh/http.header --trace-ascii /tmp/tmp.p3tik70euk -g '
[Mon Dec 17 16:20:59 UTC 2018] ret='0'
[Mon Dec 17 16:20:59 UTC 2018] _headers='HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Content-Length: 658
Replay-Nonce: 8KbYMZNMjDhl1tTHwsfu_SL6x9ZV9v9XmSO9GtW15x0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Mon, 17 Dec 2018 16:20:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 17 Dec 2018 16:20:59 GMT
Connection: keep-alive
'
[Mon Dec 17 16:20:59 UTC 2018] _CACHED_NONCE='8KbYMZNMjDhl1tTHwsfu_SL6x9ZV9v9XmS O9GtW15x0'
[Mon Dec 17 16:20:59 UTC 2018] nonce='8KbYMZNMjDhl1tTHwsfu_SL6x9ZV9v9XmSO9GtW15x 0'
[Mon Dec 17 16:20:59 UTC 2018] POST
[Mon Dec 17 16:20:59 UTC 2018] _post_url='https://acme-v01.api.letsencrypt.org/a cme/new-authz'
[Mon Dec 17 16:20:59 UTC 2018] body='{"header": {"alg": "RS256", "jwk": {"e": "A QAB", "kty": "RSA", "n": "naTViPIoxXDuk9VewwM8sR0BH4GtrDSKstdfdMXfgGCduzoBoRHwmy E50Etapj-IgKy5O72KZhQCxvP4P0NcMzE4gnT-Ga6P-97waFUHw2MhTj7DguuLNvwb0ti1b0oMmBdcFV Jhdo0sQUQM8kkdEaGMbeXZlHiqREQ-KqnvQ5qDqZ8SBH96MT_2vwQ8x1bRI3ejgbfrSWQn7Suv8tT3ar hKoWcbaaP4GyfvTEcbPZpx9jHiF5DWDYvDA7DNH076UCyr7UgpvysIPSAu-SL0ICCWLNGxQ3b-4GUZ8S 38ZZC4bfLHoJfgbGR69Re-lerI8DnTsGHNo5UrHhzmF3RTTw"}}, "protected": "eyJub25jZSI6I CI4S2JZTVpOTWpEaGwxdFRId3NmdV9TTDZ4OVpWOXY5WG1TTzlHdFcxNXgwIiwgInVybCI6ICJodHRwc zovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctYXV0aHoiLCAiYWxnIjogIlJTM jU2IiwgImp3ayI6IHsiZSI6ICJBUUFCIiwgImt0eSI6ICJSU0EiLCAibiI6ICJuYVRWaVBJb3hYRHVrO VZld3dNOHNSMEJINEd0ckRTS3N0ZGZkTVhmZ0dDZHV6b0JvUkh3bXlFNTBFdGFwai1JZ0t5NU83Mktaa FFDeHZQNFAwTmNNekU0Z25ULUdhNlAtOTd3YUZVSHcyTWhUajdEZ3V1TE52d2IwdGkxYjBvTW1CZGNGV kpoZG8wc1FVUU04a2tkRWFHTWJlWFpsSGlxUkVRLUtxbnZRNXFEcVo4U0JIOTZNVF8ydndROHgxYlJJM 2VqZ2JmclNXUW43U3V2OHRUM2FyaEtvV2NiYWFQNEd5ZnZURWNiUFpweDlqSGlGNURXRFl2REE3RE5IM Dc2VUN5cjdVZ3B2eXNJUFNBdS1TTDBJQ0NXTE5HeFEzYi00R1VaOFMzOFpaQzRiZkxIb0pmZ2JHUjY5U mUtbGVySThEblRzR0hObzVVckhoem1GM1JUVHcifX0", "payload": "eyJyZXNvdXJjZSI6ICJuZXc tYXV0aHoiLCAiaWRlbnRpZmllciI6IHsidHlwZSI6ICJkbnMiLCAidmFsdWUiOiAiZGV2Lndpc3ByaS5 jb20ifX0", "signature": "XbcDiEM-e_f55jXAsiX2dGhABFlPkzU3U4dNPx9QwS5FRP2vyhit3bh Q5cRLOhhxKr8pfYq8Q3rd8bce8U7jt3hBXbuajGuvtE15KLSbnCphZKGSrzuGLA3XlJERd2xMw_9QvDm Hn2G-7gwXTKa7nyRr5UT42TZyuFNLyWW4JsHDOJ66PMzNSuKTA0p4bNK2PH8qrl3ogpGU-Vc-bM6764n bycTVshd4qNLo4y5L_oiHkY5-0bkN-BSES_Tkgz5dLvMaxIE45gmmBtxTKtvgY9rK6u1TJag0m6a8Zft WSjb15wpt99k5xtKOdirbTXWTeOzPgM5FUaKsxePO0hWCoA"}'
[Mon Dec 17 16:20:59 UTC 2018] _postContentType='application/jose+json'
[Mon Dec 17 16:20:59 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme .sh/http.header --trace-ascii /tmp/tmp.56U6Hl0VSe -g '
[Mon Dec 17 16:20:59 UTC 2018] _ret='0'
[Mon Dec 17 16:20:59 UTC 2018] original='{
"identifier": {
"type": "dns",
"value": "dev.wispri.com"
},
"status": "pending",
"expires": "2018-12-24T16:20:59Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/81trfzG7hfXlcQ tgUx2BQxieVBbBrqrl2C2z82A89F8/10433336884",
"token": "R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc"
},
{
"type": "tls-alpn-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/81trfzG7hfXlcQ tgUx2BQxieVBbBrqrl2C2z82A89F8/10433336885",
"token": "-G3meTlEp_rctCAgVSblzdPsJllcJq65zoXaJTjxGL0"
},
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/81trfzG7hfXlcQ tgUx2BQxieVBbBrqrl2C2z82A89F8/10433336886",
"token": "hRf9jNGwiddDmjJHVBb09N1LBUz6w7fz3S87Ikoreuk"
}
],
"combinations": [
[
2
],
[
0
],
[
1
]
]
}'
[Mon Dec 17 16:20:59 UTC 2018] responseHeaders='HTTP/1.1 100 Continue
Expires: Mon, 17 Dec 2018 16:20:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
HTTP/1.1 201 Created
Server: nginx
Content-Type: application/json
Content-Length: 996
Boulder-Requester: 47827007
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Location: https://acme-v01.api.letsencrypt.org/acme/authz/81trfzG7hfXlcQtgUx2BQx ieVBbBrqrl2C2z82A89F8
Replay-Nonce: teM79oJGuslx85t3zo90GAPrA17vOUZPaA5LpLT-yl4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Mon, 17 Dec 2018 16:20:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 17 Dec 2018 16:20:59 GMT
Connection: keep-alive
'
[Mon Dec 17 16:20:59 UTC 2018] response='{"identifier":{"type":"dns","value":"de v.wispri.com"},"status":"pending","expires":"2018-12-24T16:20:59Z","challenges": [{"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.or g/acme/challenge/81trfzG7hfXlcQtgUx2BQxieVBbBrqrl2C2z82A89F8/10433336884","token ":"R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc"},{"type":"tls-alpn-01","status": "pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/81trfzG7hfX lcQtgUx2BQxieVBbBrqrl2C2z82A89F8/10433336885","token":"-G3meTlEp_rctCAgVSblzdPsJ llcJq65zoXaJTjxGL0"},{"type":"dns-01","status":"pending","uri":"https://acme-v01 .api.letsencrypt.org/acme/challenge/81trfzG7hfXlcQtgUx2BQxieVBbBrqrl2C2z82A89F8/ 10433336886","token":"hRf9jNGwiddDmjJHVBb09N1LBUz6w7fz3S87Ikoreuk"}],"combinatio ns":[[2],[0],[1]]}'
[Mon Dec 17 16:20:59 UTC 2018] code='201'
[Mon Dec 17 16:20:59 UTC 2018] The new-authz request is ok.
[Mon Dec 17 16:20:59 UTC 2018] entry='"type":"http-01","status":"pending","uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/81trfzG7hfXlcQtgUx2BQxieVBb Brqrl2C2z82A89F8/10433336884","token":"R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9Bb Cc"'
[Mon Dec 17 16:20:59 UTC 2018] token='R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbC c'
[Mon Dec 17 16:20:59 UTC 2018] uri='https://acme-v01.api.letsencrypt.org/acme/ch allenge/81trfzG7hfXlcQtgUx2BQxieVBbBrqrl2C2z82A89F8/10433336884'
[Mon Dec 17 16:20:59 UTC 2018] keyauthorization='R5DtTDVvgMh912bpxC3H5jQo1ZVD57b KvK8M6T9BbCc.JrwsH2US-zlrrDmFpA_uZxw4YiPCAPncp572OtsuGxA'
[Mon Dec 17 16:20:59 UTC 2018] dvlist='dev.wispri.com#R5DtTDVvgMh912bpxC3H5jQo1Z VD57bKvK8M6T9BbCc.JrwsH2US-zlrrDmFpA_uZxw4YiPCAPncp572OtsuGxA#https://acme-v01.a pi.letsencrypt.org/acme/challenge/81trfzG7hfXlcQtgUx2BQxieVBbBrqrl2C2z82A89F8/10 433336884#http-01#/var/www/wispri/public/'
[Mon Dec 17 16:20:59 UTC 2018] d
[Mon Dec 17 16:20:59 UTC 2018] vlist='dev.wispri.com#R5DtTDVvgMh912bpxC3H5jQo1ZV D57bKvK8M6T9BbCc.JrwsH2US-zlrrDmFpA_uZxw4YiPCAPncp572OtsuGxA#https://acme-v01.ap i.letsencrypt.org/acme/challenge/81trfzG7hfXlcQtgUx2BQxieVBbBrqrl2C2z82A89F8/104 33336884#http-01#/var/www/wispri/public/,'
[Mon Dec 17 16:20:59 UTC 2018] d='dev.wispri.com'
[Mon Dec 17 16:20:59 UTC 2018] ok, let's start to verify
[Mon Dec 17 16:20:59 UTC 2018] Verifying:dev.wispri.com
[Mon Dec 17 16:20:59 UTC 2018] d='dev.wispri.com'
[Mon Dec 17 16:20:59 UTC 2018] keyauthorization='R5DtTDVvgMh912bpxC3H5jQo1ZVD57b KvK8M6T9BbCc.JrwsH2US-zlrrDmFpA_uZxw4YiPCAPncp572OtsuGxA'
[Mon Dec 17 16:21:00 UTC 2018] uri='https://acme-v01.api.letsencrypt.org/acme/ch allenge/81trfzG7hfXlcQtgUx2BQxieVBbBrqrl2C2z82A89F8/10433336884'
[Mon Dec 17 16:21:00 UTC 2018] _currentRoot='/var/www/wispri/public/'
[Mon Dec 17 16:21:00 UTC 2018] wellknown_path='/var/www/wispri/public//.well-kno wn/acme-challenge'
[Mon Dec 17 16:21:00 UTC 2018] writing token:R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8 M6T9BbCc to /var/www/wispri/public//.well-known/acme-challenge/R5DtTDVvgMh912bpx C3H5jQo1ZVD57bKvK8M6T9BbCc
[Mon Dec 17 16:21:00 UTC 2018] Changing owner/group of .well-known to root:root
[Mon Dec 17 16:21:00 UTC 2018] tigger domain validation.
[Mon Dec 17 16:21:00 UTC 2018] _t_url='https://acme-v01.api.letsencrypt.org/acme /challenge/81trfzG7hfXlcQtgUx2BQxieVBbBrqrl2C2z82A89F8/10433336884'
[Mon Dec 17 16:21:00 UTC 2018] _t_key_authz='R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8 M6T9BbCc.JrwsH2US-zlrrDmFpA_uZxw4YiPCAPncp572OtsuGxA'
[Mon Dec 17 16:21:00 UTC 2018] url='https://acme-v01.api.letsencrypt.org/acme/ch allenge/81trfzG7hfXlcQtgUx2BQxieVBbBrqrl2C2z82A89F8/10433336884'
[Mon Dec 17 16:21:00 UTC 2018] payload='{"resource": "challenge", "keyAuthorizat ion": "R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc.JrwsH2US-zlrrDmFpA_uZxw4YiPCA Pncp572OtsuGxA"}'
[Mon Dec 17 16:21:00 UTC 2018] Use cached jwk for file: /root/.acme.sh/ca/acme-v 01.api.letsencrypt.org/account.key
[Mon Dec 17 16:21:00 UTC 2018] Use _CACHED_NONCE='teM79oJGuslx85t3zo90GAPrA17vOU ZPaA5LpLT-yl4'
[Mon Dec 17 16:21:00 UTC 2018] nonce='teM79oJGuslx85t3zo90GAPrA17vOUZPaA5LpLT-yl 4'
[Mon Dec 17 16:21:00 UTC 2018] POST
[Mon Dec 17 16:21:00 UTC 2018] _post_url='https://acme-v01.api.letsencrypt.org/a cme/challenge/81trfzG7hfXlcQtgUx2BQxieVBbBrqrl2C2z82A89F8/10433336884'
[Mon Dec 17 16:21:00 UTC 2018] body='{"header": {"alg": "RS256", "jwk": {"e": "A QAB", "kty": "RSA", "n": "naTViPIoxXDuk9VewwM8sR0BH4GtrDSKstdfdMXfgGCduzoBoRHwmy E50Etapj-IgKy5O72KZhQCxvP4P0NcMzE4gnT-Ga6P-97waFUHw2MhTj7DguuLNvwb0ti1b0oMmBdcFV Jhdo0sQUQM8kkdEaGMbeXZlHiqREQ-KqnvQ5qDqZ8SBH96MT_2vwQ8x1bRI3ejgbfrSWQn7Suv8tT3ar hKoWcbaaP4GyfvTEcbPZpx9jHiF5DWDYvDA7DNH076UCyr7UgpvysIPSAu-SL0ICCWLNGxQ3b-4GUZ8S 38ZZC4bfLHoJfgbGR69Re-lerI8DnTsGHNo5UrHhzmF3RTTw"}}, "protected": "eyJub25jZSI6I CJ0ZU03OW9KR3VzbHg4NXQzem85MEdBUHJBMTd2T1VaUGFBNUxwTFQteWw0IiwgInVybCI6ICJodHRwc zovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UvODF0cmZ6RzdoZlhsY 1F0Z1V4MkJReGllVkJiQnJxcmwyQzJ6ODJBODlGOC8xMDQzMzMzNjg4NCIsICJhbGciOiAiUlMyNTYiL CAiandrIjogeyJlIjogIkFRQUIiLCAia3R5IjogIlJTQSIsICJuIjogIm5hVFZpUElveFhEdWs5VmV3d 004c1IwQkg0R3RyRFNLc3RkZmRNWGZnR0NkdXpvQm9SSHdteUU1MEV0YXBqLUlnS3k1TzcyS1poUUN4d lA0UDBOY016RTRnblQtR2E2UC05N3dhRlVIdzJNaFRqN0RndXVMTnZ3YjB0aTFiMG9NbUJkY0ZWSmhkb zBzUVVRTThra2RFYUdNYmVYWmxIaXFSRVEtS3FudlE1cURxWjhTQkg5Nk1UXzJ2d1E4eDFiUkkzZWpnY mZyU1dRbjdTdXY4dFQzYXJoS29XY2JhYVA0R3lmdlRFY2JQWnB4OWpIaUY1RFdEWXZEQTdETkgwNzZVQ 3lyN1VncHZ5c0lQU0F1LVNMMElDQ1dMTkd4UTNiLTRHVVo4UzM4WlpDNGJmTEhvSmZnYkdSNjlSZS1sZ XJJOERuVHNHSE5vNVVySGh6bUYzUlRUdyJ9fQ", "payload": "eyJyZXNvdXJjZSI6ICJjaGFsbGVu Z2UiLCAia2V5QXV0aG9yaXphdGlvbiI6ICJSNUR0VERWdmdNaDkxMmJweEMzSDVqUW8xWlZENTdiS3ZL OE02VDlCYkNjLkpyd3NIMlVTLXpscnJEbUZwQV91Wnh3NFlpUENBUG5jcDU3Mk90c3VHeEEifQ", "si gnature": "ReTcEap1fcuEQaL5Chi_93CtVa6nevG653VHSh41T5wjKu2svn6nv2AUrfZFEfvsyxx6P grHXMP7lwLUQGvA2JynIUv4aMkVhCMKrIssYn9VKtKBEJkxpK8ByqyWSvWmscLi-22jjXllxXHa6wzoY pywq5EWxAwpqMbXyz4nr4zoWxwKKtYlTRXDEu0Jg7qx7Peh_euvXTLJbERH5d99gZxA2MVU-p3QwuCMx DauwM_xO9dJYmpkQpyoDkAV3YugHXcFR1DWCpPFHlS-iWh0lxpOduWFfi8Ol9nhmj8N5z9eeyEJVlVTK 6vOkT-U7ev81NS6vjWCF7Uvz0G3bKO3NQ"}'
[Mon Dec 17 16:21:00 UTC 2018] _postContentType='application/jose+json'
[Mon Dec 17 16:21:00 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme .sh/http.header --trace-ascii /tmp/tmp.rjk1T9zGNq -g '
[Mon Dec 17 16:21:00 UTC 2018] _ret='0'
[Mon Dec 17 16:21:00 UTC 2018] original='{
"type": "http-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/81trfzG7hfXlcQtgUx 2BQxieVBbBrqrl2C2z82A89F8/10433336884",
"token": "R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc",
"keyAuthorization": "R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc.JrwsH2US-zlrr DmFpA_uZxw4YiPCAPncp572OtsuGxA"
}'
[Mon Dec 17 16:21:00 UTC 2018] responseHeaders='HTTP/1.1 100 Continue
Expires: Mon, 17 Dec 2018 16:21:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
HTTP/1.1 202 Accepted
Server: nginx
Content-Type: application/json
Content-Length: 337
Boulder-Requester: 47827007
Link: <https://acme-v01.api.letsencrypt.org/acme/authz/81trfzG7hfXlcQtgUx2BQxieV BbBrqrl2C2z82A89F8>;rel="up"
Location: https://acme-v01.api.letsencrypt.org/acme/challenge/81trfzG7hfXlcQtgUx 2BQxieVBbBrqrl2C2z82A89F8/10433336884
Replay-Nonce: UuZfMSb-RizFwStHFv8tpkeVag3Ub984rhJByVUwv3U
Expires: Mon, 17 Dec 2018 16:21:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 17 Dec 2018 16:21:00 GMT
Connection: keep-alive
'
[Mon Dec 17 16:21:00 UTC 2018] response='{"type":"http-01","status":"pending","u ri":"https://acme-v01.api.letsencrypt.org/acme/challenge/81trfzG7hfXlcQtgUx2BQxi eVBbBrqrl2C2z82A89F8/10433336884","token":"R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6 T9BbCc","keyAuthorization":"R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc.JrwsH2US -zlrrDmFpA_uZxw4YiPCAPncp572OtsuGxA"}'
[Mon Dec 17 16:21:00 UTC 2018] code='202'
[Mon Dec 17 16:21:00 UTC 2018] sleep 2 secs to verify
[Mon Dec 17 16:21:02 UTC 2018] checking
[Mon Dec 17 16:21:02 UTC 2018] GET
[Mon Dec 17 16:21:02 UTC 2018] url='https://acme-v01.api.letsencrypt.org/acme/ch allenge/81trfzG7hfXlcQtgUx2BQxieVBbBrqrl2C2z82A89F8/10433336884'
[Mon Dec 17 16:21:02 UTC 2018] timeout=
[Mon Dec 17 16:21:02 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme .sh/http.header --trace-ascii /tmp/tmp.vPh05PDJT5 -g '
[Mon Dec 17 16:21:02 UTC 2018] ret='0'
[Mon Dec 17 16:21:02 UTC 2018] original='{
"type": "http-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/81trfzG7hfXlcQtgUx 2BQxieVBbBrqrl2C2z82A89F8/10433336884",
"token": "R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc"
}'
[Mon Dec 17 16:21:02 UTC 2018] response='{"type":"http-01","status":"pending","u ri":"https://acme-v01.api.letsencrypt.org/acme/challenge/81trfzG7hfXlcQtgUx2BQxi eVBbBrqrl2C2z82A89F8/10433336884","token":"R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6 T9BbCc"}'
[Mon Dec 17 16:21:02 UTC 2018] Pending
[Mon Dec 17 16:21:02 UTC 2018] sleep 2 secs to verify
[Mon Dec 17 16:21:04 UTC 2018] checking
[Mon Dec 17 16:21:04 UTC 2018] GET
[Mon Dec 17 16:21:04 UTC 2018] url='https://acme-v01.api.letsencrypt.org/acme/challenge/81trfzG7hfXlcQtgUx2BQxieVBbBrqrl2C2z82A89F8/10433336884'
[Mon Dec 17 16:21:04 UTC 2018] timeout=
[Mon Dec 17 16:21:04 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.5UW1rWj3C8 -g '
[Mon Dec 17 16:21:04 UTC 2018] ret='0'
[Mon Dec 17 16:21:04 UTC 2018] original='{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:acme:error:unauthorized",
"detail": "Invalid response from http://dev.wispri.com/.well-known/acme-challenge/R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eNot Found\u003c/h1\u003e\\n\u003cp\"",
"status": 403
},
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/81trfzG7hfXlcQtgUx2BQxieVBbBrqrl2C2z82A89F8/10433336884",
"token": "R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc",
"validationRecord": [
{
"url": "http://dev.wispri.com/.well-known/acme-challenge/R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc",
"hostname": "dev.wispri.com",
"port": "80",
"addressesResolved": [
"142.93.242.110"
],
"addressUsed": "142.93.242.110"
}
]
}'
[Mon Dec 17 16:21:04 UTC 2018] response='{"type":"http-01","status":"invalid","error":{"type":"urn:acme:error:unauthorized","detail":"Invalid response from http://dev.wispri.com/.well-known/acme-challenge/R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eNot Found\u003c/h1\u003e\\n\u003cp\"","status": 403},"uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/81trfzG7hfXlcQtgUx2BQxieVBbBrqrl2C2z82A89F8/10433336884","token":"R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc","validationRecord":[{"url":"http://dev.wispri.com/.well-known/acme-challenge/R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc","hostname":"dev.wispri.com","port":"80","addressesResolved":["142.93.242.110"],"addressUsed":"142.93.242.110"}]}'
[Mon Dec 17 16:21:05 UTC 2018] error='"error":{"type":"urn:acme:error:unauthorized","detail":"Invalid response from http://dev.wispri.com/.well-known/acme-challenge/R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc: '
[Mon Dec 17 16:21:05 UTC 2018] errordetail='Invalid response from http://dev.wispri.com/.well-known/acme-challenge/R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc: '
[Mon Dec 17 16:21:05 UTC 2018] dev.wispri.com:Verify error:Invalid response from http://dev.wispri.com/.well-known/acme-challenge/R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc:
[Mon Dec 17 16:21:05 UTC 2018] Debug: get token url.
[Mon Dec 17 16:21:05 UTC 2018] GET
[Mon Dec 17 16:21:05 UTC 2018] url='http://dev.wispri.com/.well-known/acme-challenge/R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc'
[Mon Dec 17 16:21:05 UTC 2018] timeout=1
[Mon Dec 17 16:21:05 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.GuvyybZgXB -g --connect-timeout 1'
[Mon Dec 17 16:21:08 UTC 2018] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 28
[Mon Dec 17 16:21:08 UTC 2018] Here is the curl dump log:
[Mon Dec 17 16:21:08 UTC 2018] == Info: Resolving timed out after 1000 milliseconds
== Info: Could not resolve host: dev.wispri.com
== Info: stopped the pause stream!
== Info: Closing connection 0
[Mon Dec 17 16:21:08 UTC 2018] ret='28'
[Mon Dec 17 16:21:08 UTC 2018] Debugging, skip removing: /var/www/wispri/public//.well-known/acme-challenge/R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc
[Mon Dec 17 16:21:08 UTC 2018] pid
[Mon Dec 17 16:21:08 UTC 2018] No need to restore nginx, skip.
[Mon Dec 17 16:21:08 UTC 2018] _clearupdns
[Mon Dec 17 16:21:08 UTC 2018] skip dns.
[Mon Dec 17 16:21:08 UTC 2018] _on_issue_err
[Mon Dec 17 16:21:08 UTC 2018] Please add '--debug' or '--log' to check more details.
[Mon Dec 17 16:21:08 UTC 2018] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
[Mon Dec 17 16:21:08 UTC 2018] _chk_vlist='dev.wispri.com#R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc.JrwsH2US-zlrrDmFpA_uZxw4YiPCAPncp572OtsuGxA#https://acme-v01.api.letsencrypt.org/acme/challenge/81trfzG7hfXlcQtgUx2BQxieVBbBrqrl2C2z82A89F8/10433336884#http-01#/var/www/wispri/public/,'
[Mon Dec 17 16:21:08 UTC 2018] start to deactivate authz
[Mon Dec 17 16:21:08 UTC 2018] tigger domain validation.
[Mon Dec 17 16:21:08 UTC 2018] _t_url='https://acme-v01.api.letsencrypt.org/acme/challenge/81trfzG7hfXlcQtgUx2BQxieVBbBrqrl2C2z82A89F8/10433336884'
[Mon Dec 17 16:21:08 UTC 2018] _t_key_authz='R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc.JrwsH2US-zlrrDmFpA_uZxw4YiPCAPncp572OtsuGxA'
[Mon Dec 17 16:21:08 UTC 2018] url='https://acme-v01.api.letsencrypt.org/acme/challenge/81trfzG7hfXlcQtgUx2BQxieVBbBrqrl2C2z82A89F8/10433336884'
[Mon Dec 17 16:21:08 UTC 2018] payload='{"resource": "challenge", "keyAuthorization": "R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc.JrwsH2US-zlrrDmFpA_uZxw4YiPCAPncp572OtsuGxA"}'
[Mon Dec 17 16:21:08 UTC 2018] Use cached jwk for file: /root/.acme.sh/ca/acme-v01.api.letsencrypt.org/account.key
[Mon Dec 17 16:21:08 UTC 2018] Use _CACHED_NONCE='UuZfMSb-RizFwStHFv8tpkeVag3Ub984rhJByVUwv3U'
[Mon Dec 17 16:21:08 UTC 2018] nonce='UuZfMSb-RizFwStHFv8tpkeVag3Ub984rhJByVUwv3U'
[Mon Dec 17 16:21:08 UTC 2018] POST
[Mon Dec 17 16:21:08 UTC 2018] _post_url='https://acme-v01.api.letsencrypt.org/acme/challenge/81trfzG7hfXlcQtgUx2BQxieVBbBrqrl2C2z82A89F8/10433336884'
[Mon Dec 17 16:21:08 UTC 2018] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "naTViPIoxXDuk9VewwM8sR0BH4GtrDSKstdfdMXfgGCduzoBoRHwmyE50Etapj-IgKy5O72KZhQCxvP4P0NcMzE4gnT-Ga6P-97waFUHw2MhTj7DguuLNvwb0ti1b0oMmBdcFVJhdo0sQUQM8kkdEaGMbeXZlHiqREQ-KqnvQ5qDqZ8SBH96MT_2vwQ8x1bRI3ejgbfrSWQn7Suv8tT3arhKoWcbaaP4GyfvTEcbPZpx9jHiF5DWDYvDA7DNH076UCyr7UgpvysIPSAu-SL0ICCWLNGxQ3b-4GUZ8S38ZZC4bfLHoJfgbGR69Re-lerI8DnTsGHNo5UrHhzmF3RTTw"}}, "protected": "eyJub25jZSI6ICJVdVpmTVNiLVJpekZ3U3RIRnY4dHBrZVZhZzNVYjk4NHJoSkJ5VlV3djNVIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UvODF0cmZ6RzdoZlhsY1F0Z1V4MkJReGllVkJiQnJxcmwyQzJ6ODJBODlGOC8xMDQzMzMzNjg4NCIsICJhbGciOiAiUlMyNTYiLCAiandrIjogeyJlIjogIkFRQUIiLCAia3R5IjogIlJTQSIsICJuIjogIm5hVFZpUElveFhEdWs5VmV3d004c1IwQkg0R3RyRFNLc3RkZmRNWGZnR0NkdXpvQm9SSHdteUU1MEV0YXBqLUlnS3k1TzcyS1poUUN4dlA0UDBOY016RTRnblQtR2E2UC05N3dhRlVIdzJNaFRqN0RndXVMTnZ3YjB0aTFiMG9NbUJkY0ZWSmhkbzBzUVVRTThra2RFYUdNYmVYWmxIaXFSRVEtS3FudlE1cURxWjhTQkg5Nk1UXzJ2d1E4eDFiUkkzZWpnYmZyU1dRbjdTdXY4dFQzYXJoS29XY2JhYVA0R3lmdlRFY2JQWnB4OWpIaUY1RFdEWXZEQTdETkgwNzZVQ3lyN1VncHZ5c0lQU0F1LVNMMElDQ1dMTkd4UTNiLTRHVVo4UzM4WlpDNGJmTEhvSmZnYkdSNjlSZS1sZXJJOERuVHNHSE5vNVVySGh6bUYzUlRUdyJ9fQ", "payload": "eyJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLCAia2V5QXV0aG9yaXphdGlvbiI6ICJSNUR0VERWdmdNaDkxMmJweEMzSDVqUW8xWlZENTdiS3ZLOE02VDlCYkNjLkpyd3NIMlVTLXpscnJEbUZwQV91Wnh3NFlpUENBUG5jcDU3Mk90c3VHeEEifQ", "signature": "YeYW6yZY0biKmxrhEzcYJ2VGwHuyByQ2TKf6hL6-HOnGyHXn9cseF2dTPhI_y-nqyePj2FSlM3Qf4nTmfOUtsprUfoiOkOakZAB_shydaeyO34GSSiEf0KRfa-2dU0whgJcY6d6FG8Evq_PZV6Y8-jJ1N07_QlboiZCDHzBvEJRhpL91LROcPRtRlw1HMllpDF57F883HckgEqvKPDuVkE_3TyDDQXVHgPeN2lesWC-TzqpI8xP9Vaz7eC4brEM1HC60D0dEyi71RF8-_0tHn4yBfzjSSxnNmEZ90hEdz3FgINHrIjvFy8oaOjVqlzLGfAWTtsjgThOjC6uZZ_cqXw"}'
[Mon Dec 17 16:21:08 UTC 2018] _postContentType='application/jose+json'
[Mon Dec 17 16:21:08 UTC 2018] Http already initialized.
[Mon Dec 17 16:21:08 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.GuvyybZgXB -g '
[Mon Dec 17 16:21:08 UTC 2018] _ret='0'
[Mon Dec 17 16:21:08 UTC 2018] original='{
"type": "urn:acme:error:malformed",
"detail": "Unable to update challenge :: authorization must be pending",
"status": 400
}'
[Mon Dec 17 16:21:08 UTC 2018] responseHeaders='HTTP/1.1 100 Continue
Expires: Mon, 17 Dec 2018 16:21:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: application/problem+json
Content-Length: 132
Boulder-Requester: 47827007
Replay-Nonce: cxOnV61JtWp73WVLBSDdSDOyJxNaAyOdVgdXNYryuTQ
Expires: Mon, 17 Dec 2018 16:21:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 17 Dec 2018 16:21:08 GMT
Connection: close
'
[Mon Dec 17 16:21:08 UTC 2018] response='{"type":"urn:acme:error:malformed","detail":"Unable to update challenge :: authorization must be pending","status": 400}'
[Mon Dec 17 16:21:08 UTC 2018] code='400'
[Mon Dec 17 16:21:08 UTC 2018] socat doesn't exists.
[Mon Dec 17 16:21:08 UTC 2018] Diagnosis versions:
openssl:openssl
OpenSSL 1.1.1 11 Sep 2018
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
socat:"error": {
"type": "urn:acme:error:unauthorized",
"detail": "Invalid response from http://dev.wispri.com/.well-known/acme-challenge/R5DtTDVvgMh912bpxC3H5jQo1ZVD57bKvK8M6T9BbCc: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eNot Found\u003c/h1\u003e\\n\u003cp\"",
"status": 403
},
Steps to reproduce
acme.sh --issue -d dev.wispri.com -w /var/www/wispri/public/ --debugDebug log
I tried to run this this command to issue a cert. But it fail after pending. I don't know what's the root cause. Can anyone please help me out?
Thanks.