search

acmesh-official / acme.sh

A pure Unix shell script implementing ACME client protocol
https://acme.sh
GNU General Public License v3.0
38.41k stars 4.89k forks source link

"Verify error:Invalid response" encountered while issuing SSL cert in standalone mode #2170

Open 171621 opened 5 years ago

171621 commented 5 years ago

Hello,

Recently while I was issuing SSL cert on a VPS (CentOS 7, KVM) in standalone mode I encountered "Verify error:Invalid response" issue, it said:

domain address:Verify error:Invalid response from http://domain address/.well-known/acme-challenge/B8UxZ0yN4pSdYIXjCG-5Tm_-eTSuD96YUxM0MbfX_yQ [103.117.102.98]:

Below is my --debug 2 log:

[root@host-2019317585 ~]# ~/.acme.sh/acme.sh --issue -d domain address --standalone -k ec-256 --force --debug 2
[Mon Mar 18 06:36:36 EDT 2019] Lets find script dir.
[Mon Mar 18 06:36:36 EDT 2019] _SCRIPT_='/root/.acme.sh/acme.sh'
[Mon Mar 18 06:36:36 EDT 2019] _script='/root/.acme.sh/acme.sh'
[Mon Mar 18 06:36:36 EDT 2019] _script_home='/root/.acme.sh'
[Mon Mar 18 06:36:36 EDT 2019] Using config home:/root/.acme.sh
[Mon Mar 18 06:36:36 EDT 2019] LE_WORKING_DIR='/root/.acme.sh'
https://github.com/Neilpang/acme.sh
v2.8.1
[Mon Mar 18 06:36:36 EDT 2019] _main_domain='domain address'
[Mon Mar 18 06:36:36 EDT 2019] _alt_domains='no'
[Mon Mar 18 06:36:36 EDT 2019] Using config home:/root/.acme.sh
[Mon Mar 18 06:36:36 EDT 2019] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Mon Mar 18 06:36:36 EDT 2019] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Mon Mar 18 06:36:36 EDT 2019] DOMAIN_PATH='/root/.acme.sh/domain address_ecc'
[Mon Mar 18 06:36:36 EDT 2019] 'no' does not contain 'dns'
[Mon Mar 18 06:36:36 EDT 2019] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Mon Mar 18 06:36:36 EDT 2019] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Mon Mar 18 06:36:36 EDT 2019] GET
[Mon Mar 18 06:36:36 EDT 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Mar 18 06:36:36 EDT 2019] timeout=
[Mon Mar 18 06:36:36 EDT 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.l8fLu2n4pT  -g '
[Mon Mar 18 06:36:37 EDT 2019] ret='0'
[Mon Mar 18 06:36:37 EDT 2019] response='{
  "HjtR5asLmHc": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}'
[Mon Mar 18 06:36:37 EDT 2019] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Mon Mar 18 06:36:37 EDT 2019] ACME_NEW_AUTHZ
[Mon Mar 18 06:36:37 EDT 2019] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Mon Mar 18 06:36:37 EDT 2019] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Mon Mar 18 06:36:37 EDT 2019] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Mon Mar 18 06:36:37 EDT 2019] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Mon Mar 18 06:36:37 EDT 2019] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Mon Mar 18 06:36:37 EDT 2019] ACME_VERSION='2'
[Mon Mar 18 06:36:37 EDT 2019] Le_NextRenewTime
[Mon Mar 18 06:36:37 EDT 2019] _on_before_issue
[Mon Mar 18 06:36:37 EDT 2019] _chk_main_domain='domain address'
[Mon Mar 18 06:36:37 EDT 2019] _chk_alt_domains
[Mon Mar 18 06:36:37 EDT 2019] 'no' contains 'no'
[Mon Mar 18 06:36:37 EDT 2019] Le_LocalAddress
[Mon Mar 18 06:36:37 EDT 2019] d='domain address'
[Mon Mar 18 06:36:37 EDT 2019] Check for domain='domain address'
[Mon Mar 18 06:36:37 EDT 2019] _currentRoot='no'
[Mon Mar 18 06:36:37 EDT 2019] Standalone mode.
[Mon Mar 18 06:36:37 EDT 2019] _checkport='80'
[Mon Mar 18 06:36:37 EDT 2019] _checkaddr
[Mon Mar 18 06:36:37 EDT 2019] Using: ss
[Mon Mar 18 06:36:37 EDT 2019] d
[Mon Mar 18 06:36:37 EDT 2019] 'no' does not contain 'apache'
[Mon Mar 18 06:36:37 EDT 2019] _saved_account_key_hash='n2QTj/ctnPUpUDvNhEvBn4zUYHW2uM6yWM2VmM8W5YY='
[Mon Mar 18 06:36:37 EDT 2019] _saved_account_key_hash is not changed, skip register account.
[Mon Mar 18 06:36:37 EDT 2019] Read key length:ec-256
[Mon Mar 18 06:36:37 EDT 2019] _createcsr
[Mon Mar 18 06:36:37 EDT 2019] domain='domain address'
[Mon Mar 18 06:36:37 EDT 2019] domainlist
[Mon Mar 18 06:36:37 EDT 2019] csrkey='/root/.acme.sh/domain address_ecc/domain address.key'
[Mon Mar 18 06:36:37 EDT 2019] csr='/root/.acme.sh/domain address_ecc/domain address.csr'
[Mon Mar 18 06:36:37 EDT 2019] csrconf='/root/.acme.sh/domain address_ecc/domain address.csr.conf'
[Mon Mar 18 06:36:37 EDT 2019] Single domain='domain address'
[Mon Mar 18 06:36:37 EDT 2019] _is_idn_d='domain address'
[Mon Mar 18 06:36:37 EDT 2019] _idn_temp
[Mon Mar 18 06:36:37 EDT 2019] _csr_cn='domain address'
[Mon Mar 18 06:36:37 EDT 2019] Getting domain auth token for each domain
[Mon Mar 18 06:36:37 EDT 2019] d
[Mon Mar 18 06:36:37 EDT 2019] _identifiers='{"type":"dns","value":"domain address"}'
[Mon Mar 18 06:36:37 EDT 2019] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Mon Mar 18 06:36:37 EDT 2019] payload='{"identifiers": [{"type":"dns","value":"domain address"}]}'
[Mon Mar 18 06:36:37 EDT 2019] RSA key
[Mon Mar 18 06:36:37 EDT 2019] Get nonce with HEAD. ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Mon Mar 18 06:36:37 EDT 2019] HEAD
[Mon Mar 18 06:36:37 EDT 2019] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Mon Mar 18 06:36:37 EDT 2019] body
[Mon Mar 18 06:36:37 EDT 2019] _postContentType='application/jose+json'
[Mon Mar 18 06:36:37 EDT 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.FaK9yQsEve  -g '
[Mon Mar 18 06:36:38 EDT 2019] _ret='0'
[Mon Mar 18 06:36:38 EDT 2019] _headers='HTTP/1.1 200 OK
Server: nginx
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: t97xKXM8V3qVzLnbGuh9Rn_B4KG0z5FCSYA2KTgd2ls
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Content-Length: 0
Expires: Mon, 18 Mar 2019 10:36:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 18 Mar 2019 10:36:38 GMT
Connection: keep-alive
'
[Mon Mar 18 06:36:38 EDT 2019] _CACHED_NONCE='t97xKXM8V3qVzLnbGuh9Rn_B4KG0z5FCSYA2KTgd2ls'
[Mon Mar 18 06:36:38 EDT 2019] nonce='t97xKXM8V3qVzLnbGuh9Rn_B4KG0z5FCSYA2KTgd2ls'
[Mon Mar 18 06:36:38 EDT 2019] POST
[Mon Mar 18 06:36:38 EDT 2019] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Mon Mar 18 06:36:38 EDT 2019] body='{"protected": "eyJub25jZSI6ICJ0OTd4S1hNOFYzcVZ6TG5iR3VoOVJuX0I0S0cwejVGQ1NZQTJLVGdkMmxzIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIiLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzUzNDkyMzc2In0", "payload": "eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6ImRtLnNhbG1vbmVsbGEuaWN1In1dfQ", "signature": "dgGHT8P7lmZmcbvpxgL9iuTbFIt5Qyuysod4jNUzn6S8UTXPBNUB6cZ3nHK8-i_6FqVIWv7De3eM0prCvC16zMLqmhuw4vr9OajIOsGxoFykihsTBLgHHLzNttRheBNrIZY7siNkeCMwwEiAxWCvwHpoZZWI8vtX-mLfUy90HlcXpM52ryyZ_g1dsC3Dm3mcUbZ2qU8VkWDhjcTK-NNVs4Gypbv_J3h3-NKUvjAiF58T6UxkZ1VpDw3GzQ2RRFG9LFZo1p-5PzQtI4Npneo6nP6nWAYXNRCnXLwkcCXsQSom9tYEYkJOUEpCoYDPPwsAj4-Lbs6dC6wgLdzXuAvLCQ"}'
[Mon Mar 18 06:36:38 EDT 2019] _postContentType='application/jose+json'
[Mon Mar 18 06:36:38 EDT 2019] Http already initialized.
[Mon Mar 18 06:36:38 EDT 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.FaK9yQsEve  -g '
[Mon Mar 18 06:36:38 EDT 2019] _ret='0'
[Mon Mar 18 06:36:38 EDT 2019] responseHeaders='HTTP/1.1 201 Created
Server: nginx
Content-Type: application/json
Content-Length: 376
Boulder-Requester: 53492376
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/53492376/360263085
Replay-Nonce: mH83rbOH6OSGOa7omN3foeUFtT0Tycai5_AXsBogU8c
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Mon, 18 Mar 2019 10:36:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 18 Mar 2019 10:36:38 GMT
Connection: keep-alive
'
[Mon Mar 18 06:36:38 EDT 2019] code='201'
[Mon Mar 18 06:36:38 EDT 2019] original='{
  "status": "pending",
  "expires": "2019-03-25T10:36:38.313492446Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "domain address"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/53492376/360263085"
}'
[Mon Mar 18 06:36:38 EDT 2019] response='{"status":"pending","expires":"2019-03-25T10:36:38.313492446Z","identifiers":[{"type":"dns","value":"domain address"}],"authorizations":["https://acme-v02.api.letsencrypt.org/acme/authz/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs"],"finalize":"https://acme-v02.api.letsencrypt.org/acme/finalize/53492376/360263085"}'
[Mon Mar 18 06:36:38 EDT 2019] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/53492376/360263085'
[Mon Mar 18 06:36:38 EDT 2019] _authorizations_seg='https://acme-v02.api.letsencrypt.org/acme/authz/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs'
[Mon Mar 18 06:36:38 EDT 2019] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs'
[Mon Mar 18 06:36:38 EDT 2019] url='https://acme-v02.api.letsencrypt.org/acme/authz/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs'
[Mon Mar 18 06:36:38 EDT 2019] payload
[Mon Mar 18 06:36:38 EDT 2019] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Mon Mar 18 06:36:38 EDT 2019] Use _CACHED_NONCE='mH83rbOH6OSGOa7omN3foeUFtT0Tycai5_AXsBogU8c'
[Mon Mar 18 06:36:38 EDT 2019] nonce='mH83rbOH6OSGOa7omN3foeUFtT0Tycai5_AXsBogU8c'
[Mon Mar 18 06:36:38 EDT 2019] POST
[Mon Mar 18 06:36:38 EDT 2019] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs'
[Mon Mar 18 06:36:38 EDT 2019] body='{"protected": "eyJub25jZSI6ICJtSDgzcmJPSDZPU0dPYTdvbU4zZm9lVUZ0VDBUeWNhaTVfQVhzQm9nVThjIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei9JXy0xV3dEcnJSMHlONjk1bjhWekJ0X2V4clZfem51NkM1M0lQVjRoeGJzIiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC81MzQ5MjM3NiJ9", "payload": "", "signature": "tNWLJz3MjNKS77AmQRJ8BC5dGNV6YLvoP3pTL-DZUSV6PVUt3oLuawmQjEUj3z0kLtld_IdY6WLH7bbakZT7SlAOiGw1Z4tHzZVUJ8kX1AZPZy1a6EBCcLHn7kb-0zT4fYDCQdPFuZsLawLdmPUf0z1bcuKqmqp6JOeAqKNGOBzogvwIZodmddnrzgytuHSlLawX9DbcoTclPcGsWl2mR7gQveBB1yLJglLFVDNHIXgwQ0ADWPzf9TmWi1vFYb5evaozEal9m4B3iSooU7NHMjTQHPBzi55KIj4gTeY4-ZZkHbJswzURhyyqeeRdmbDWFQvW-SfXI2nlABzNwpR1wQ"}'
[Mon Mar 18 06:36:38 EDT 2019] _postContentType='application/jose+json'
[Mon Mar 18 06:36:38 EDT 2019] Http already initialized.
[Mon Mar 18 06:36:38 EDT 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.FaK9yQsEve  -g '
[Mon Mar 18 06:36:38 EDT 2019] _ret='0'
[Mon Mar 18 06:36:38 EDT 2019] responseHeaders='HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Content-Length: 912
Boulder-Requester: 53492376
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: rsSNOVYhziWucb--rGIRJrEsv9RiHbY-EytCRZi9KIg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Mon, 18 Mar 2019 10:36:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 18 Mar 2019 10:36:38 GMT
Connection: keep-alive
'
[Mon Mar 18 06:36:38 EDT 2019] code='200'
[Mon Mar 18 06:36:38 EDT 2019] original='{
  "identifier": {
    "type": "dns",
    "value": "domain address"
  },
  "status": "pending",
  "expires": "2019-03-25T10:36:38Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251",
      "token": "gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986252",
      "token": "XkQbEYON9WffQ8t49xlkYIcJtZ2gbzRbFLfIJSMFhME"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986253",
      "token": "Mg_xricCZDuuD6d4_QCmhGJqFSNzQjV9wfh-7la9HR8"
    }
  ]
}'
[Mon Mar 18 06:36:38 EDT 2019] response='{"identifier":{"type":"dns","value":"domain address"},"status":"pending","expires":"2019-03-25T10:36:38Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251","token":"gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986252","token":"XkQbEYON9WffQ8t49xlkYIcJtZ2gbzRbFLfIJSMFhME"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986253","token":"Mg_xricCZDuuD6d4_QCmhGJqFSNzQjV9wfh-7la9HR8"}]}'
[Mon Mar 18 06:36:38 EDT 2019] response='{"identifier":{"type":"dns","value":"domain address"},"status":"pending","expires":"2019-03-25T10:36:38Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251","token":"gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986252","token":"XkQbEYON9WffQ8t49xlkYIcJtZ2gbzRbFLfIJSMFhME"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986253","token":"Mg_xricCZDuuD6d4_QCmhGJqFSNzQjV9wfh-7la9HR8"}]}'
[Mon Mar 18 06:36:38 EDT 2019] _d='domain address'
[Mon Mar 18 06:36:38 EDT 2019] _authorizations_map='domain address,{"identifier":{"type":"dns","value":"domain address"},"status":"pending","expires":"2019-03-25T10:36:38Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251","token":"gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986252","token":"XkQbEYON9WffQ8t49xlkYIcJtZ2gbzRbFLfIJSMFhME"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986253","token":"Mg_xricCZDuuD6d4_QCmhGJqFSNzQjV9wfh-7la9HR8"}]}
'
[Mon Mar 18 06:36:38 EDT 2019] d='domain address'
[Mon Mar 18 06:36:38 EDT 2019] Getting webroot for domain='domain address'
[Mon Mar 18 06:36:38 EDT 2019] _w='no'
[Mon Mar 18 06:36:38 EDT 2019] _currentRoot='no'
[Mon Mar 18 06:36:38 EDT 2019] response='{"identifier":{"type":"dns","value":"domain address"},"status":"pending","expires":"2019-03-25T10:36:38Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251","token":"gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986252","token":"XkQbEYON9WffQ8t49xlkYIcJtZ2gbzRbFLfIJSMFhME"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986253","token":"Mg_xricCZDuuD6d4_QCmhGJqFSNzQjV9wfh-7la9HR8"}]}'
[Mon Mar 18 06:36:39 EDT 2019] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251","token":"gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY"'
[Mon Mar 18 06:36:39 EDT 2019] token='gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY'
[Mon Mar 18 06:36:39 EDT 2019] uri='https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251'
[Mon Mar 18 06:36:39 EDT 2019] keyauthorization='gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY.HVi42WCRyFggQJc-_pAbH07tCPp1BNMTuOlbxmHxYCU'
[Mon Mar 18 06:36:39 EDT 2019] dvlist='domain address#gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY.HVi42WCRyFggQJc-_pAbH07tCPp1BNMTuOlbxmHxYCU#https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251#http-01#no'
[Mon Mar 18 06:36:39 EDT 2019] d
[Mon Mar 18 06:36:39 EDT 2019] vlist='domain address#gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY.HVi42WCRyFggQJc-_pAbH07tCPp1BNMTuOlbxmHxYCU#https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251#http-01#no,'
[Mon Mar 18 06:36:39 EDT 2019] d='domain address'
[Mon Mar 18 06:36:39 EDT 2019] ok, let's start to verify
[Mon Mar 18 06:36:39 EDT 2019] Verifying: domain address
[Mon Mar 18 06:36:39 EDT 2019] d='domain address'
[Mon Mar 18 06:36:39 EDT 2019] keyauthorization='gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY.HVi42WCRyFggQJc-_pAbH07tCPp1BNMTuOlbxmHxYCU'
[Mon Mar 18 06:36:39 EDT 2019] uri='https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251'
[Mon Mar 18 06:36:39 EDT 2019] _currentRoot='no'
[Mon Mar 18 06:36:39 EDT 2019] Standalone mode server
[Mon Mar 18 06:36:39 EDT 2019] content='gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY.HVi42WCRyFggQJc-_pAbH07tCPp1BNMTuOlbxmHxYCU'
[Mon Mar 18 06:36:39 EDT 2019] ncaddr
[Mon Mar 18 06:36:39 EDT 2019] startserver: 25153
[Mon Mar 18 06:36:39 EDT 2019] Le_HTTPPort='80'
[Mon Mar 18 06:36:39 EDT 2019] Le_Listen_V4
[Mon Mar 18 06:36:39 EDT 2019] Le_Listen_V6
[Mon Mar 18 06:36:39 EDT 2019] _content_len='87'
[Mon Mar 18 06:36:39 EDT 2019] _NC='socat -d -d -v TCP-LISTEN:80,crlf,reuseaddr,fork'
2019/03/18 06:36:39 socat[25980] N listening on AF=2 0.0.0.0:80
[Mon Mar 18 06:36:40 EDT 2019] serverproc='25980'
[Mon Mar 18 06:36:40 EDT 2019] Trigger domain validation.
[Mon Mar 18 06:36:40 EDT 2019] _t_url='https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251'
[Mon Mar 18 06:36:40 EDT 2019] _t_key_authz='gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY.HVi42WCRyFggQJc-_pAbH07tCPp1BNMTuOlbxmHxYCU'
[Mon Mar 18 06:36:40 EDT 2019] _t_vtype='http-01'
[Mon Mar 18 06:36:40 EDT 2019] url='https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251'
[Mon Mar 18 06:36:40 EDT 2019] payload='{}'
[Mon Mar 18 06:36:40 EDT 2019] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Mon Mar 18 06:36:40 EDT 2019] Use _CACHED_NONCE='rsSNOVYhziWucb--rGIRJrEsv9RiHbY-EytCRZi9KIg'
[Mon Mar 18 06:36:40 EDT 2019] nonce='rsSNOVYhziWucb--rGIRJrEsv9RiHbY-EytCRZi9KIg'
[Mon Mar 18 06:36:40 EDT 2019] POST
[Mon Mar 18 06:36:40 EDT 2019] _post_url='https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251'
[Mon Mar 18 06:36:40 EDT 2019] body='{"protected": "eyJub25jZSI6ICJyc1NOT1ZZaHppV3VjYi0tckdJUkpyRXN2OVJpSGJZLUV5dENSWmk5S0lnIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UvSV8tMVd3RHJyUjB5TjY5NW44VnpCdF9leHJWX3pudTZDNTNJUFY0aHhicy8xMzc3Nzk4NjI1MSIsICJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNTM0OTIzNzYifQ", "payload": "e30", "signature": "rGPFpDmlmE2LXFKCCLRRXtYHgfepGwGkUqyRbbyqMyGyQYfzAZ_d5U5F1UzhgeWZMK_c-4BA5DA8xdHmFRVnoGB6ZxCcAs5wrvNgT6sHBYK90M2wIXLyHfkFj-22NWI8ekOrjb9kvaq_DScArfaAP1DlC96gYJ3FRRo5ExW5zh7WSqMzeo6ts_NjT86hz2Vmbb2vA2N_bnoS82r7ZAZza04mBN43yhJlYlqZlgWulL-4hJKRhSvsMgvfSBgMIOQ1tdNGIoYziwN69tI_pRBnwGfMTYsobbmRzx9hOyfmeKnztKAVcljgMl8R9CyF4QGFB_ks47Be2LScwy8mHLVUNg"}'
[Mon Mar 18 06:36:40 EDT 2019] _postContentType='application/jose+json'
[Mon Mar 18 06:36:40 EDT 2019] Http already initialized.
[Mon Mar 18 06:36:40 EDT 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.FaK9yQsEve  -g '
[Mon Mar 18 06:36:40 EDT 2019] _ret='0'
[Mon Mar 18 06:36:40 EDT 2019] responseHeaders='HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Content-Length: 224
Boulder-Requester: 53492376
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Link: <https://acme-v02.api.letsencrypt.org/acme/authz/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251
Replay-Nonce: 3HTsNldmkN3ItdhmYJCDYCTDGqUSZUjC9V-SaeQ5XiY
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Mon, 18 Mar 2019 10:36:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 18 Mar 2019 10:36:40 GMT
Connection: keep-alive
'
[Mon Mar 18 06:36:40 EDT 2019] code='200'
[Mon Mar 18 06:36:40 EDT 2019] original='{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251",
  "token": "gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY"
}'
[Mon Mar 18 06:36:40 EDT 2019] response='{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251","token":"gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY"}'
[Mon Mar 18 06:36:40 EDT 2019] trigger validation code: 200
[Mon Mar 18 06:36:40 EDT 2019] sleep 2 secs to verify
[Mon Mar 18 06:36:42 EDT 2019] checking
[Mon Mar 18 06:36:42 EDT 2019] url='https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251'
[Mon Mar 18 06:36:42 EDT 2019] payload
[Mon Mar 18 06:36:42 EDT 2019] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Mon Mar 18 06:36:42 EDT 2019] Use _CACHED_NONCE='3HTsNldmkN3ItdhmYJCDYCTDGqUSZUjC9V-SaeQ5XiY'
[Mon Mar 18 06:36:42 EDT 2019] nonce='3HTsNldmkN3ItdhmYJCDYCTDGqUSZUjC9V-SaeQ5XiY'
[Mon Mar 18 06:36:42 EDT 2019] POST
[Mon Mar 18 06:36:42 EDT 2019] _post_url='https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251'
[Mon Mar 18 06:36:42 EDT 2019] body='{"protected": "eyJub25jZSI6ICIzSFRzTmxkbWtOM0l0ZGhtWUpDRFlDVERHcVVTWlVqQzlWLVNhZVE1WGlZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UvSV8tMVd3RHJyUjB5TjY5NW44VnpCdF9leHJWX3pudTZDNTNJUFY0aHhicy8xMzc3Nzk4NjI1MSIsICJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNTM0OTIzNzYifQ", "payload": "", "signature": "H2eBiBtCgOrzZJ489FkTaKBWmnGuCvVb_cotaAeHfIIP9suveMmBx6jPazMre56jMvIo_OaSfoJNVH9dD8-OmEGziAxOidOOMpzDln_C9jHjWvnmUDtYIXwEEIyJuHVyRfMiqeJg3O-Sr_c0HdEnJB-cvBjg_DjUWViiWIGupHHAHRdplOynbvxCJdHZ5WQ4DGfBRQ4-YvtT-wlA5D8kh18DXuCQYXyhCLLhpHR0mDAkFoUf0Zw6gKsnaIQoanSgALgJmkunMxTG_CIO_db3b5N0eRE6SHw6adykQgngq2vOzRJP-s9ejMCS4ns-MmD_hGMCxKCjXbYYCd4QlitX-A"}'
[Mon Mar 18 06:36:42 EDT 2019] _postContentType='application/jose+json'
[Mon Mar 18 06:36:42 EDT 2019] Http already initialized.
[Mon Mar 18 06:36:42 EDT 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.FaK9yQsEve  -g '
[Mon Mar 18 06:36:43 EDT 2019] _ret='0'
[Mon Mar 18 06:36:43 EDT 2019] responseHeaders='HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Content-Length: 1055
Boulder-Requester: 53492376
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Link: <https://acme-v02.api.letsencrypt.org/acme/authz/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251
Replay-Nonce: e9plnO48w8KMbTJHskBWeDPiQ3iRcX2ORgFM78LlA-4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Mon, 18 Mar 2019 10:36:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 18 Mar 2019 10:36:43 GMT
Connection: keep-alive
'
[Mon Mar 18 06:36:43 EDT 2019] code='200'
[Mon Mar 18 06:36:43 EDT 2019] original='{
  "type": "http-01",
  "status": "invalid",
  "error": {
    "type": "urn:ietf:params:acme:error:unauthorized",
    "detail": "Invalid response from http://domain address/.well-known/acme-challenge/gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY [103.117.102.98]: \"\u003chtml\u003e\\r\\n\u003chead\u003e\u003ctitle\u003e404 Not Found\u003c/title\u003e\u003c/head\u003e\\r\\n\u003cbody\u003e\\r\\n\u003ccenter\u003e\u003ch1\u003e404 Not Found\u003c/h1\u003e\u003c/center\u003e\\r\\n\u003chr\u003e\u003ccenter\u003enginx/1.15.9\u003c/ce\"",
    "status": 403
  },
  "url": "https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251",
  "token": "gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY",
  "validationRecord": [
    {
      "url": "http://domain address/.well-known/acme-challenge/gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY",
      "hostname": "domain address",
      "port": "80",
      "addressesResolved": [
        "103.117.102.98"
      ],
      "addressUsed": "103.117.102.98"
    }
  ]
}'
[Mon Mar 18 06:36:43 EDT 2019] response='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from http://domain address/.well-known/acme-challenge/gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY [103.117.102.98]: \"\u003chtml\u003e\\r\\n\u003chead\u003e\u003ctitle\u003e404 Not Found\u003c/title\u003e\u003c/head\u003e\\r\\n\u003cbody\u003e\\r\\n\u003ccenter\u003e\u003ch1\u003e404 Not Found\u003c/h1\u003e\u003c/center\u003e\\r\\n\u003chr\u003e\u003ccenter\u003enginx/1.15.9\u003c/ce\"","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251","token":"gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY","validationRecord":[{"url":"http://domain address/.well-known/acme-challenge/gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY","hostname":"domain address","port":"80","addressesResolved":["103.117.102.98"],"addressUsed":"103.117.102.98"}]}'
[Mon Mar 18 06:36:43 EDT 2019] original='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from http://domain address/.well-known/acme-challenge/gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY [103.117.102.98]: \"\u003chtml\u003e\\r\\n\u003chead\u003e\u003ctitle\u003e404 Not Found\u003c/title\u003e\u003c/head\u003e\\r\\n\u003cbody\u003e\\r\\n\u003ccenter\u003e\u003ch1\u003e404 Not Found\u003c/h1\u003e\u003c/center\u003e\\r\\n\u003chr\u003e\u003ccenter\u003enginx/1.15.9\u003c/ce\"","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251","token":"gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY","validationRecord":[{"url":"http://domain address/.well-known/acme-challenge/gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY","hostname":"domain address","port":"80","addressesResolved":["103.117.102.98"],"addressUsed":"103.117.102.98"}]}'
[Mon Mar 18 06:36:43 EDT 2019] response='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from http://domain address/.well-known/acme-challenge/gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY [103.117.102.98]: \"\u003chtml\u003e\\r\\n\u003chead\u003e\u003ctitle\u003e404 Not Found\u003c/title\u003e\u003c/head\u003e\\r\\n\u003cbody\u003e\\r\\n\u003ccenter\u003e\u003ch1\u003e404 Not Found\u003c/h1\u003e\u003c/center\u003e\\r\\n\u003chr\u003e\u003ccenter\u003enginx/1.15.9\u003c/ce\"","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251","token":"gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY","validationRecord":[{"url":"http://domain address/.well-known/acme-challenge/gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY","hostname":"domain address","port":"80","addressesResolved":["103.117.102.98"],"addressUsed":"103.117.102.98"}]}'
[Mon Mar 18 06:36:43 EDT 2019] error='"error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from http://domain address/.well-known/acme-challenge/gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY [103.117.102.98]: '
[Mon Mar 18 06:36:43 EDT 2019] errordetail='Invalid response from http://domain address/.well-known/acme-challenge/gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY [103.117.102.98]: '
[Mon Mar 18 06:36:43 EDT 2019] domain address:Verify error:Invalid response from http://domain address/.well-known/acme-challenge/gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY [103.117.102.98]: 
[Mon Mar 18 06:36:43 EDT 2019] Debug: get token url.
[Mon Mar 18 06:36:43 EDT 2019] GET
[Mon Mar 18 06:36:43 EDT 2019] url='http://domain address/.well-known/acme-challenge/gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY'
[Mon Mar 18 06:36:43 EDT 2019] timeout=1
[Mon Mar 18 06:36:43 EDT 2019] Http already initialized.
[Mon Mar 18 06:36:43 EDT 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.FaK9yQsEve  -g  --connect-timeout 1'
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.15.9</center>
</body>
</html>
[Mon Mar 18 06:36:43 EDT 2019] ret='0'
[Mon Mar 18 06:36:43 EDT 2019] Skip for removelevel:
[Mon Mar 18 06:36:43 EDT 2019] pid='25980'
2019/03/18 06:36:43 socat[25980] N socat_signal(): handling signal 15
2019/03/18 06:36:43 socat[25980] W exiting on signal 15
2019/03/18 06:36:43 socat[25980] N socat_signal(): finishing signal 15
2019/03/18 06:36:43 socat[25980] N exit(143)
[Mon Mar 18 06:36:43 EDT 2019] No need to restore nginx, skip.
[Mon Mar 18 06:36:43 EDT 2019] _clearupdns
[Mon Mar 18 06:36:43 EDT 2019] dns_entries
[Mon Mar 18 06:36:43 EDT 2019] skip dns.
[Mon Mar 18 06:36:43 EDT 2019] _on_issue_err
[Mon Mar 18 06:36:43 EDT 2019] Please check log file for more details: /root/.acme.sh/acme.sh.log
[Mon Mar 18 06:36:43 EDT 2019] _chk_vlist='domain address#gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY.HVi42WCRyFggQJc-_pAbH07tCPp1BNMTuOlbxmHxYCU#https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251#http-01#no,'
[Mon Mar 18 06:36:43 EDT 2019] start to deactivate authz
[Mon Mar 18 06:36:43 EDT 2019] Trigger domain validation.
[Mon Mar 18 06:36:43 EDT 2019] _t_url='https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251'
[Mon Mar 18 06:36:43 EDT 2019] _t_key_authz='gCq2H6QFcJcQZVwSG_B24eQlmrBM77optKLNnscPwzY.HVi42WCRyFggQJc-_pAbH07tCPp1BNMTuOlbxmHxYCU'
[Mon Mar 18 06:36:43 EDT 2019] _t_vtype
[Mon Mar 18 06:36:43 EDT 2019] url='https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251'
[Mon Mar 18 06:36:43 EDT 2019] payload='{}'
[Mon Mar 18 06:36:43 EDT 2019] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Mon Mar 18 06:36:43 EDT 2019] Use _CACHED_NONCE='e9plnO48w8KMbTJHskBWeDPiQ3iRcX2ORgFM78LlA-4'
[Mon Mar 18 06:36:43 EDT 2019] nonce='e9plnO48w8KMbTJHskBWeDPiQ3iRcX2ORgFM78LlA-4'
[Mon Mar 18 06:36:43 EDT 2019] POST
[Mon Mar 18 06:36:43 EDT 2019] _post_url='https://acme-v02.api.letsencrypt.org/acme/challenge/I_-1WwDrrR0yN695n8VzBt_exrV_znu6C53IPV4hxbs/13777986251'
[Mon Mar 18 06:36:43 EDT 2019] body='{"protected": "eyJub25jZSI6ICJlOXBsbk80OHc4S01iVEpIc2tCV2VEUGlRM2lSY1gyT1JnRk03OExsQS00IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UvSV8tMVd3RHJyUjB5TjY5NW44VnpCdF9leHJWX3pudTZDNTNJUFY0aHhicy8xMzc3Nzk4NjI1MSIsICJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNTM0OTIzNzYifQ", "payload": "e30", "signature": "N-8slLhJbUHRygHZ3hl1ZeG3A9QpDClUK-hvmSG4HjZpUKF-IKTk_ZhZjnR-ek_A8E1XWhqfhJZI-OCPoLEeV_5ky8Tuep9m2ab64Vvz99H5mM83d7mEMsr3zKo8hMr7ywoLVRLHhw_6YWV4GnFrwyvxsQZ6fJoM-VftgXlDENrmpb59wx1WWDFPerQYGks3_xDpMimUrJM9G4DxkFKGTlri_hibc82VsCHGh9yJRAihLyyJmnx1AbHoiZNm4jP6uhnnQbeh3aUqhxEo7OueYUlbJJQAyYVXanj-zL399DevB-MEwjiIxwLeIdJjZCQa2rYmhF3Nh6yfYVZN1rYXDw"}'
[Mon Mar 18 06:36:43 EDT 2019] _postContentType='application/jose+json'
[Mon Mar 18 06:36:43 EDT 2019] Http already initialized.
[Mon Mar 18 06:36:43 EDT 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.FaK9yQsEve  -g '
[Mon Mar 18 06:36:44 EDT 2019] _ret='0'
[Mon Mar 18 06:36:44 EDT 2019] responseHeaders='HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: application/problem+json
Content-Length: 144
Boulder-Requester: 53492376
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: otCIhFbSuBl7-BQha4ZSRBRDdgV2Z3tlgOeSrPdTlnQ
Expires: Mon, 18 Mar 2019 10:36:44 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 18 Mar 2019 10:36:44 GMT
Connection: close
'
[Mon Mar 18 06:36:44 EDT 2019] code='400'
[Mon Mar 18 06:36:44 EDT 2019] original='{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Unable to update challenge :: authorization must be pending",
  "status": 400
}'
[Mon Mar 18 06:36:44 EDT 2019] response='{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Unable to update challenge :: authorization must be pending",
  "status": 400
}'
[Mon Mar 18 06:36:44 EDT 2019] Diagnosis versions: 
openssl:openssl
OpenSSL 1.0.2k-fips  26 Jan 2017
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
socat:
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
Usage:
socat [options] <bi-address> <bi-address>
   options:
      -V     print version and feature information to stdout, and exit
      -h|-?  print a help text describing command line options and addresses
      -hh    like -h, plus a list of all common address option names
      -hhh   like -hh, plus a list of all available address option names
      -d     increase verbosity (use up to 4 times; 2 are recommended)
      -D     analyze file descriptors before loop
      -ly[facility]  log to syslog, using facility (default is daemon)
      -lf<logfile>   log to file
      -ls            log to stderr (default if no other log)
      -lm[facility]  mixed log mode (stderr during initialization, then syslog)
      -lp<progname>  set the program name used for logging
      -lu            use microseconds for logging timestamps
      -lh            add hostname to log messages
      -v     verbose data traffic, text
      -x     verbose data traffic, hexadecimal
      -b<size_t>     set data buffer size (8192)
      -s     sloppy (continue on error)
      -t<timeout>    wait seconds before closing second channel
      -T<timeout>    total inactivity timeout in seconds
      -u     unidirectional mode (left to right)
      -U     unidirectional mode (right to left)
      -g     do not check option groups
      -L <lockfile>  try to obtain lock, or fail
      -W <lockfile>  try to obtain lock, or wait
      -4     prefer IPv4 if version is not explicitly specified
      -6     prefer IPv6 if version is not explicitly specified
   bi-address:
      pipe[,<opts>] groups=FD,FIFO
      <single-address>!!<single-address>
      <single-address>
   single-address:
      <address-head>[,<opts>]
   address-head:
      abstract-client:<filename>    groups=FD,SOCKET,RETRY,UNIX
      abstract-connect:<filename>   groups=FD,SOCKET,RETRY,UNIX
      abstract-listen:<filename>    groups=FD,SOCKET,LISTEN,CHILD,RETRY,UNIX
      abstract-recv:<filename>  groups=FD,SOCKET,RETRY,UNIX
      abstract-recvfrom:<filename>  groups=FD,SOCKET,CHILD,RETRY,UNIX
      abstract-sendto:<filename>    groups=FD,SOCKET,RETRY,UNIX
      create:<filename> groups=FD,REG,NAMED
      exec:<command-line>   groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
      fd:<num>  groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      gopen:<filename>  groups=FD,FIFO,CHR,BLK,REG,SOCKET,NAMED,OPEN,TERMIOS,UNIX
      interface:<interface> groups=FD,SOCKET
      ip-datagram:<host>:<protocol> groups=FD,SOCKET,RANGE,IP4,IP6
      ip-recv:<protocol>    groups=FD,SOCKET,RANGE,IP4,IP6
      ip-recvfrom:<protocol>    groups=FD,SOCKET,CHILD,RANGE,IP4,IP6
      ip-sendto:<host>:<protocol>   groups=FD,SOCKET,IP4,IP6
      ip4-datagram:<host>:<protocol>    groups=FD,SOCKET,RANGE,IP4
      ip4-recv:<protocol>   groups=FD,SOCKET,RANGE,IP4
      ip4-recvfrom:<protocol>   groups=FD,SOCKET,CHILD,RANGE,IP4
      ip4-sendto:<host>:<protocol>  groups=FD,SOCKET,IP4
      ip6-datagram:<host>:<protocol>    groups=FD,SOCKET,RANGE,IP6
      ip6-recv:<protocol>   groups=FD,SOCKET,RANGE,IP6
      ip6-recvfrom:<protocol>   groups=FD,SOCKET,CHILD,RANGE,IP6
      ip6-sendto:<host>:<protocol>  groups=FD,SOCKET,IP6
      open:<filename>   groups=FD,FIFO,CHR,BLK,REG,NAMED,OPEN,TERMIOS
      openssl:<host>:<port> groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,OPENSSL
      openssl-listen:<port> groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP,OPENSSL
      pipe:<filename>   groups=FD,FIFO,NAMED,OPEN
      proxy:<proxy-server>:<host>:<port>    groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,HTTP
      pty   groups=FD,NAMED,TERMIOS,PTY
      readline  groups=FD,READLINE,TERMIOS
      sctp-connect:<host>:<port>    groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,SCTP
      sctp-listen:<port>    groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,SCTP
      sctp4-connect:<host>:<port>   groups=FD,SOCKET,CHILD,RETRY,IP4,SCTP
      sctp4-listen:<port>   groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,SCTP
      sctp6-connect:<host>:<port>   groups=FD,SOCKET,CHILD,RETRY,IP6,SCTP
      sctp6-listen:<port>   groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,SCTP
      socket-connect:<domain>:<protocol>:<remote-address>   groups=FD,SOCKET,CHILD,RETRY
      socket-datagram:<domain>:<type>:<protocol>:<remote-address>   groups=FD,SOCKET,RANGE
      socket-listen:<domain>:<protocol>:<local-address> groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE
      socket-recv:<domain>:<type>:<protocol>:<local-address>    groups=FD,SOCKET,RANGE
      socket-recvfrom:<domain>:<type>:<protocol>:<local-address>    groups=FD,SOCKET,CHILD,RANGE
      socket-sendto:<domain>:<type>:<protocol>:<remote-address> groups=FD,SOCKET
      socks4:<socks-server>:<host>:<port>   groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
      socks4a:<socks-server>:<host>:<port>  groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
      stderr    groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      stdin groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      stdio groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      stdout    groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      system:<shell-command>    groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
      tcp-connect:<host>:<port> groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP
      tcp-listen:<port> groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP
      tcp4-connect:<host>:<port>    groups=FD,SOCKET,CHILD,RETRY,IP4,TCP
      tcp4-listen:<port>    groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,TCP
      tcp6-connect:<host>:<port>    groups=FD,SOCKET,CHILD,RETRY,IP6,TCP
      tcp6-listen:<port>    groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,TCP
      tun[:<ip-addr>/<bits>]    groups=FD,CHR,NAMED,OPEN,INTERFACE
      udp-connect:<host>:<port> groups=FD,SOCKET,IP4,IP6,UDP
      udp-datagram:<host>:<port>    groups=FD,SOCKET,RANGE,IP4,IP6,UDP
      udp-listen:<port> groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,IP6,UDP
      udp-recv:<port>   groups=FD,SOCKET,RANGE,IP4,IP6,UDP
      udp-recvfrom:<port>   groups=FD,SOCKET,CHILD,RANGE,IP4,IP6,UDP
      udp-sendto:<host>:<port>  groups=FD,SOCKET,IP4,IP6,UDP
      udp4-connect:<host>:<port>    groups=FD,SOCKET,IP4,UDP
      udp4-datagram:<remote-address>:<port> groups=FD,SOCKET,RANGE,IP4,UDP
      udp4-listen:<port>    groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,UDP
      udp4-recv:<port>  groups=FD,SOCKET,RANGE,IP4,UDP
      udp4-recvfrom:<host>:<port>   groups=FD,SOCKET,CHILD,RANGE,IP4,UDP
      udp4-sendto:<host>:<port> groups=FD,SOCKET,IP4,UDP
      udp6-connect:<host>:<port>    groups=FD,SOCKET,IP6,UDP
      udp6-datagram:<host>:<port>   groups=FD,SOCKET,RANGE,IP6,UDP
      udp6-listen:<port>    groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP6,UDP
      udp6-recv:<port>  groups=FD,SOCKET,RANGE,IP6,UDP
      udp6-recvfrom:<port>  groups=FD,SOCKET,CHILD,RANGE,IP6,UDP
      udp6-sendto:<host>:<port> groups=FD,SOCKET,IP6,UDP
      unix-client:<filename>    groups=FD,SOCKET,NAMED,RETRY,UNIX
      unix-connect:<filename>   groups=FD,SOCKET,NAMED,RETRY,UNIX
      unix-listen:<filename>    groups=FD,SOCKET,NAMED,LISTEN,CHILD,RETRY,UNIX
      unix-recv:<filename>  groups=FD,SOCKET,NAMED,RETRY,UNIX
      unix-recvfrom:<filename>  groups=FD,SOCKET,NAMED,CHILD,RETRY,UNIX
      unix-sendto:<filename>    groups=FD,SOCKET,NAMED,RETRY,UNIX`

I have never met with any error like this before. On my other CentOS 7 VPS it all went through with no issue. I have no clue what triggered this "no response" error. I guess something wrong with the port 80 on this VPS? Could anyone help take a look? Thanks a lot in advance!

171621 commented 5 years ago

OK I think I got it solved. It indeed was the port 80 issue, re-enabled port 80 TCP in firewall and its working now. Thanks!