search

acmesh-official / acme.sh

A pure Unix shell script implementing ACME client protocol
https://acme.sh
GNU General Public License v3.0
38.81k stars 4.92k forks source link

error: Create new order error. Le_OrderFinalize not found. #2733

Open zhang007z opened 4 years ago

zhang007z commented 4 years ago

[root@zhang007z1 ~]# ~/.acme.sh/acme.sh --issue --dns dns_cf -d yudanzzy.vofvendetta.xyz [Thu Feb 13 17:34:14 CST 2020] Single domain='yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:34:14 CST 2020] Getting domain auth token for each domain [Thu Feb 13 17:34:16 CST 2020] Create new order error. Le_OrderFinalize not found. { "type": "urn:ietf:params:acme:error:rateLimited", "detail": "Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/", "status": 429 } [Thu Feb 13 17:34:16 CST 2020] Please check log file for more details: /root/.acme.sh/acme.sh.log [root@zhang007z1 ~]#

-------------------------------------------------debug 2 verison------------------------------------------ [root@zhang007z1 ~]# ~/.acme.sh/acme.sh --issue --dns dns_cf -d yudanzzy.vofvendetta.xyz --debug 2 > debug2.txt [Thu Feb 13 17:33:10 CST 2020] Lets find script dir. [Thu Feb 13 17:33:10 CST 2020] SCRIPT='/root/.acme.sh/acme.sh' [Thu Feb 13 17:33:10 CST 2020] _script='/root/.acme.sh/acme.sh' [Thu Feb 13 17:33:10 CST 2020] _script_home='/root/.acme.sh' [Thu Feb 13 17:33:10 CST 2020] Using config home:/root/.acme.sh [Thu Feb 13 17:33:10 CST 2020] LE_WORKING_DIR='/root/.acme.sh' [Thu Feb 13 17:33:10 CST 2020] Running cmd: issue [Thu Feb 13 17:33:10 CST 2020] _main_domain='yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:33:10 CST 2020] _alt_domains='no' [Thu Feb 13 17:33:10 CST 2020] Using config home:/root/.acme.sh [Thu Feb 13 17:33:10 CST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Thu Feb 13 17:33:10 CST 2020] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org' [Thu Feb 13 17:33:10 CST 2020] DOMAIN_PATH='/root/.acme.sh/yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:33:10 CST 2020] 'dns_cf' does not contain 'dns' [Thu Feb 13 17:33:10 CST 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory [Thu Feb 13 17:33:10 CST 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory [Thu Feb 13 17:33:10 CST 2020] GET [Thu Feb 13 17:33:10 CST 2020] url='https://acme-v02.api.letsencrypt.org/directory' [Thu Feb 13 17:33:10 CST 2020] timeout= [Thu Feb 13 17:33:10 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.gGJnr8Yrb6 -g ' [Thu Feb 13 17:33:11 CST 2020] ret='0' [Thu Feb 13 17:33:11 CST 2020] response='{ "ayfDfdGX-tU": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" }' [Thu Feb 13 17:33:11 CST 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change' [Thu Feb 13 17:33:11 CST 2020] ACME_NEW_AUTHZ [Thu Feb 13 17:33:11 CST 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order' [Thu Feb 13 17:33:11 CST 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct' [Thu Feb 13 17:33:11 CST 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert' [Thu Feb 13 17:33:11 CST 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf' [Thu Feb 13 17:33:11 CST 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Thu Feb 13 17:33:11 CST 2020] ACME_VERSION='2' [Thu Feb 13 17:33:11 CST 2020] Le_NextRenewTime [Thu Feb 13 17:33:11 CST 2020] _on_before_issue [Thu Feb 13 17:33:11 CST 2020] _chk_main_domain='yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:33:11 CST 2020] _chk_alt_domains [Thu Feb 13 17:33:11 CST 2020] 'dns_cf' does not contain 'no' [Thu Feb 13 17:33:11 CST 2020] Le_LocalAddress [Thu Feb 13 17:33:11 CST 2020] d='yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:33:11 CST 2020] Check for domain='yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:33:11 CST 2020] _currentRoot='dns_cf' [Thu Feb 13 17:33:11 CST 2020] d [Thu Feb 13 17:33:11 CST 2020] 'dns_cf' does not contain 'apache' [Thu Feb 13 17:33:11 CST 2020] _saved_account_key_hash='3IZRAOBTzd+3Q66BwMBLb7FYkP+xSH/kczjLvdhCTPE=' [Thu Feb 13 17:33:11 CST 2020] _saved_account_key_hash is not changed, skip register account. [Thu Feb 13 17:33:11 CST 2020] Read key length: [Thu Feb 13 17:33:11 CST 2020] _createcsr [Thu Feb 13 17:33:11 CST 2020] domain='yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:33:11 CST 2020] domainlist [Thu Feb 13 17:33:11 CST 2020] csrkey='/root/.acme.sh/yudanzzy.vofvendetta.xyz/yudanzzy.vofvendetta.xyz.key' [Thu Feb 13 17:33:11 CST 2020] csr='/root/.acme.sh/yudanzzy.vofvendetta.xyz/yudanzzy.vofvendetta.xyz.csr' [Thu Feb 13 17:33:11 CST 2020] csrconf='/root/.acme.sh/yudanzzy.vofvendetta.xyz/yudanzzy.vofvendetta.xyz.csr.conf' [Thu Feb 13 17:33:11 CST 2020] _is_idn_d='yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:33:11 CST 2020] _idn_temp [Thu Feb 13 17:33:11 CST 2020] _is_idn_d='yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:33:11 CST 2020] _idn_temp [Thu Feb 13 17:33:11 CST 2020] _csr_cn='yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:33:11 CST 2020] _is_idn_d='yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:33:11 CST 2020] _idn_temp [Thu Feb 13 17:33:11 CST 2020] d [Thu Feb 13 17:33:11 CST 2020] _identifiers='{"type":"dns","value":"yudanzzy.vofvendetta.xyz"}' [Thu Feb 13 17:33:11 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Thu Feb 13 17:33:11 CST 2020] payload='{"identifiers": [{"type":"dns","value":"yudanzzy.vofvendetta.xyz"}]}' [Thu Feb 13 17:33:11 CST 2020] RSA key [Thu Feb 13 17:33:11 CST 2020] Get nonce with HEAD. ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Thu Feb 13 17:33:11 CST 2020] HEAD [Thu Feb 13 17:33:11 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Thu Feb 13 17:33:11 CST 2020] body [Thu Feb 13 17:33:11 CST 2020] _postContentType='application/jose+json' [Thu Feb 13 17:33:11 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.4U365krCH0 -g -I ' [Thu Feb 13 17:33:12 CST 2020] _ret='0' [Thu Feb 13 17:33:12 CST 2020] _headers='HTTP/1.1 200 OK Server: nginx Date: Thu, 13 Feb 2020 09:33:12 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Replay-Nonce: 0001soh9THgyWH5DyVs92MVR3IXMGSVxJuFZEF6kYTGF9yc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 ' [Thu Feb 13 17:33:12 CST 2020] _CACHED_NONCE='0001soh9THgyWH5DyVs92MVR3IXMGSVxJuFZEF6kYTGF9yc' [Thu Feb 13 17:33:12 CST 2020] nonce='0001soh9THgyWH5DyVs92MVR3IXMGSVxJuFZEF6kYTGF9yc' [Thu Feb 13 17:33:12 CST 2020] POST [Thu Feb 13 17:33:12 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Thu Feb 13 17:33:12 CST 2020] body='{"protected": "eyJub25jZSI6ICIwMDAxc29oOVRIZ3lXSDVEeVZzOTJNVlIzSVhNR1NWeEp1RlpFRjZrWVRHRjl5YyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC83NzkxNzc5NiJ9", "payload": "eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6Inl1ZGFuenp5LnZvZnZlbmRldHRhLnh5eiJ9XX0", "signature": "tveTQ8fx0i9rx6oc-ghc-0WogRchpN4Ua36NW7hsfd20HOQorGmXj_OpYgkKhj6v9sK1kucalj8FUxgAVLlcuxMHuebVb4k6BcGuN-Bt0X-Nb3PovLKjwSqJGqbMjqJBwvMymagAs4vFrEUPi4q6RbOb84VVEW5sKoVpgjddJl14rrEpnamzIIW0GYUGs-UnRhnoqznwjTJb-9_jAuExYtYXtw0hB_OBUgeFOsStnWuOUHahzSLO7zLVPqTVLTaSlqEZwumQ0GqOI5jreCYntSwr-lZJODlO9EeA9dAgK64UiYEIplmoD1BSoQ93GAxl_QjWgmc8TIVOVJZ1aw6zDQ"}' [Thu Feb 13 17:33:12 CST 2020] _postContentType='application/jose+json' [Thu Feb 13 17:33:12 CST 2020] Http already initialized. [Thu Feb 13 17:33:12 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.4U365krCH0 -g ' [Thu Feb 13 17:33:14 CST 2020] _ret='0' [Thu Feb 13 17:33:14 CST 2020] responseHeaders='HTTP/1.1 201 Created Server: nginx Date: Thu, 13 Feb 2020 09:33:14 GMT Content-Type: application/json Content-Length: 354 Connection: keep-alive Boulder-Requester: 77917796 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/77917796/2318291955 Replay-Nonce: 0101pWlPHiacTAEKphJLgoq-pW6JtkBlh3DnZHV3JbJgVv0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 ' [Thu Feb 13 17:33:14 CST 2020] code='201' [Thu Feb 13 17:33:14 CST 2020] original='{ "status": "pending", "expires": "2020-02-20T09:33:14.099599123Z", "identifiers": [ { "type": "dns", "value": "yudanzzy.vofvendetta.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/2793738212" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/77917796/2318291955" }' [Thu Feb 13 17:33:14 CST 2020] response='{"status":"pending","expires":"2020-02-20T09:33:14.099599123Z","identifiers":[{"type":"dns","value":"yudanzzy.vofvendetta.xyz"}],"authorizations":["https://acme-v02.api.letsencrypt.org/acme/authz-v3/2793738212"],"finalize":"https://acme-v02.api.letsencrypt.org/acme/finalize/77917796/2318291955"}' [Thu Feb 13 17:33:14 CST 2020] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/77917796/2318291955' [Thu Feb 13 17:33:14 CST 2020] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/77917796/2318291955' [Thu Feb 13 17:33:14 CST 2020] _authorizations_seg='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2793738212' [Thu Feb 13 17:33:14 CST 2020] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2793738212' [Thu Feb 13 17:33:14 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2793738212' [Thu Feb 13 17:33:14 CST 2020] payload [Thu Feb 13 17:33:14 CST 2020] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key [Thu Feb 13 17:33:14 CST 2020] Use _CACHED_NONCE='0101pWlPHiacTAEKphJLgoq-pW6JtkBlh3DnZHV3JbJgVv0' [Thu Feb 13 17:33:14 CST 2020] nonce='0101pWlPHiacTAEKphJLgoq-pW6JtkBlh3DnZHV3JbJgVv0' [Thu Feb 13 17:33:14 CST 2020] POST [Thu Feb 13 17:33:14 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2793738212' [Thu Feb 13 17:33:14 CST 2020] body='{"protected": "eyJub25jZSI6ICIwMTAxcFdsUEhpYWNUQUVLcGhKTGdvcS1wVzZKdGtCbGgzRG5aSFYzSmJKZ1Z2MCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjc5MzczODIxMiIsICJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzc5MTc3OTYifQ", "payload": "", "signature": "Z8aumnWkJI2FE_JgJbC5FlI210-045jVoraJzqbtma4n0DPYvckAxcAru8wpb9qo2Pfbq5ZyJAZsn_1V1hgG6nMnFCbKhMMN2hOheT1JFgNkLHbbqKTwb232gS62bPMsCHyPQk6jc2gDa11vNOT-VPgmufAoJs9G8T-jf9ihvKQpOrtEJDGBrQDYGv-ItexL34ogBg-KNknRDv_2cby3EqUKsPJF_cWws035jE6Yodu5JujD2S1_GqOImSCxRlQSHdjmDufSkyzZrmFSQDtlbuJAS5Fqqlh5Vd17bFDYvdKn7niVpt56NO4a3XBY93m95HEtxmGDKEXr2yFQAGX4Ng"}' [Thu Feb 13 17:33:14 CST 2020] _postContentType='application/jose+json' [Thu Feb 13 17:33:14 CST 2020] Http already initialized. [Thu Feb 13 17:33:14 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.4U365krCH0 -g ' [Thu Feb 13 17:33:15 CST 2020] _ret='0' [Thu Feb 13 17:33:15 CST 2020] responseHeaders='HTTP/1.1 200 OK Server: nginx Date: Thu, 13 Feb 2020 09:33:15 GMT Content-Type: application/json Content-Length: 802 Connection: keep-alive Boulder-Requester: 77917796 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Replay-Nonce: 00026aTfKIIcY-BNXyHpIJhjohpYOAwEB0oWB8V6QtmcRns X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 ' [Thu Feb 13 17:33:15 CST 2020] code='200' [Thu Feb 13 17:33:15 CST 2020] original='{ "identifier": { "type": "dns", "value": "yudanzzy.vofvendetta.xyz" }, "status": "pending", "expires": "2020-02-20T09:33:14Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/mmbXqQ", "token": "NgGk4A0puzC7B9WkoUVGFA8o-LsEMcWlBlGjqYI3Q" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/a7vRxA", "token": "NgGk4A0puzC7B9WkoUVGFA8o-LsEMcWlBlGjqYI3Q" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/GQVRDQ", "token": "NgGk4A0puzC7B9WkoUVGFA8o-LsEMcWlBlGjqYI3Q" } ] }' [Thu Feb 13 17:33:15 CST 2020] response='{"identifier":{"type":"dns","value":"yudanzzy.vofvendetta.xyz"},"status":"pending","expires":"2020-02-20T09:33:14Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/mmbXqQ","token":"NgGk4_A0puzC7B9WkoUVGFA8o_-LsEMcWlBlGjqYI3Q"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/a7vRxA","token":"NgGk4_A0puzC7B9WkoUVGFA8o_-LsEMcWlBlGjqYI3Q"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/GQVRDQ","token":"NgGk4_A0puzC7B9WkoUVGFA8o_-LsEMcWlBlGjqYI3Q"}]}' [Thu Feb 13 17:33:15 CST 2020] response='{"identifier":{"type":"dns","value":"yudanzzy.vofvendetta.xyz"},"status":"pending","expires":"2020-02-20T09:33:14Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/mmbXqQ","token":"NgGk4_A0puzC7B9WkoUVGFA8o_-LsEMcWlBlGjqYI3Q"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/a7vRxA","token":"NgGk4_A0puzC7B9WkoUVGFA8o_-LsEMcWlBlGjqYI3Q"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/GQVRDQ","token":"NgGk4_A0puzC7B9WkoUVGFA8o_-LsEMcWlBlGjqYI3Q"}]}' [Thu Feb 13 17:33:15 CST 2020] _d='yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:33:15 CST 2020] _authorizations_map='yudanzzy.vofvendetta.xyz,{"identifier":{"type":"dns","value":"yudanzzy.vofvendetta.xyz"},"status":"pending","expires":"2020-02-20T09:33:14Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/mmbXqQ","token":"NgGk4_A0puzC7B9WkoUVGFA8o_-LsEMcWlBlGjqYI3Q"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/a7vRxA","token":"NgGk4_A0puzC7B9WkoUVGFA8o_-LsEMcWlBlGjqYI3Q"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/GQVRDQ","token":"NgGk4_A0puzC7B9WkoUVGFA8o_-LsEMcWlBlGjqYI3Q"}]} ' [Thu Feb 13 17:33:15 CST 2020] d='yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:33:15 CST 2020] _w='dns_cf' [Thu Feb 13 17:33:15 CST 2020] _currentRoot='dns_cf' [Thu Feb 13 17:33:15 CST 2020] _is_idn_d='yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:33:15 CST 2020] _idn_temp [Thu Feb 13 17:33:15 CST 2020] _candindates='yudanzzy.vofvendetta.xyz,{"identifier":{"type":"dns","value":"yudanzzy.vofvendetta.xyz"},"status":"pending","expires":"2020-02-20T09:33:14Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/mmbXqQ","token":"NgGk4_A0puzC7B9WkoUVGFA8o_-LsEMcWlBlGjqYI3Q"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/a7vRxA","token":"NgGk4_A0puzC7B9WkoUVGFA8o_-LsEMcWlBlGjqYI3Q"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/GQVRDQ","token":"NgGk4_A0puzC7B9WkoUVGFA8o_-LsEMcWlBlGjqYI3Q"}]}' [Thu Feb 13 17:33:15 CST 2020] response='{"identifier":{"type":"dns","value":"yudanzzy.vofvendetta.xyz"},"status":"pending","expires":"2020-02-20T09:33:14Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/mmbXqQ","token":"NgGk4_A0puzC7B9WkoUVGFA8o_-LsEMcWlBlGjqYI3Q"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/a7vRxA","token":"NgGk4_A0puzC7B9WkoUVGFA8o_-LsEMcWlBlGjqYI3Q"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/GQVRDQ","token":"NgGk4_A0puzC7B9WkoUVGFA8o_-LsEMcWlBlGjqYI3Q"}]}' [Thu Feb 13 17:33:15 CST 2020] entry='"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/a7vRxA","token":"NgGk4_A0puzC7B9WkoUVGFA8o_-LsEMcWlBlGjqYI3Q"' [Thu Feb 13 17:33:15 CST 2020] token='NgGk4A0puzC7B9WkoUVGFA8o-LsEMcWlBlGjqYI3Q' [Thu Feb 13 17:33:15 CST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/a7vRxA' [Thu Feb 13 17:33:15 CST 2020] keyauthorization='NgGk4A0puzC7B9WkoUVGFA8o-LsEMcWlBlGjqYI3Q.QfL_XTbufctsTU6JLcnVgd2n5FvVWJ2VSDQcX8zFgiM' [Thu Feb 13 17:33:15 CST 2020] dvlist='yudanzzy.vofvendetta.xyz#NgGk4A0puzC7B9WkoUVGFA8o-LsEMcWlBlGjqYI3Q.QfL_XTbufctsTU6JLcnVgd2n5FvVWJ2VSDQcX8zFgiM#https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/a7vRxA#dns-01#dns_cf' [Thu Feb 13 17:33:15 CST 2020] d [Thu Feb 13 17:33:15 CST 2020] vlist='yudanzzy.vofvendetta.xyz#NgGk4A0puzC7B9WkoUVGFA8o-LsEMcWlBlGjqYI3Q.QfL_XTbufctsTU6JLcnVgd2n5FvVWJ2VSDQcX8zFgiM#https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/a7vRxA#dns-01#dns_cf,' [Thu Feb 13 17:33:15 CST 2020] d='yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:33:15 CST 2020] _d_alias [Thu Feb 13 17:33:15 CST 2020] txtdomain='_acme-challenge.yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:33:15 CST 2020] txt='066_wW5AbpBFQXHBOPYSa86t7n9vFJWOqc95FpqBi6c' [Thu Feb 13 17:33:15 CST 2020] d_api='/root/.acme.sh/dnsapi/dns_cf.sh' [Thu Feb 13 17:33:15 CST 2020] dns_entry='yudanzzy.vofvendetta.xyz,_acme-challenge.yudanzzy.vofvendetta.xyz,,dns_cf,066_wW5AbpBFQXHBOPYSa86t7n9vFJWOqc95FpqBi6c,/root/.acme.sh/dnsapi/dns_cf.sh' [Thu Feb 13 17:33:15 CST 2020] Found domain api file: /root/.acme.sh/dnsapi/dns_cf.sh [Thu Feb 13 17:33:15 CST 2020] First detect the root zone [Thu Feb 13 17:33:15 CST 2020] h='_acme-challenge.yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:33:15 CST 2020] zones?name=_acme-challenge.yudanzzy.vofvendetta.xyz&account.id=f1f37af9b05f41f86aa340b32147dd29 [Thu Feb 13 17:33:15 CST 2020] GET [Thu Feb 13 17:33:15 CST 2020] url='https://api.cloudflare.com/client/v4/zones?name=_acme-challenge.yudanzzy.vofvendetta.xyz&account.id=f1f37af9b05f41f86aa340b32147dd29' [Thu Feb 13 17:33:15 CST 2020] timeout= [Thu Feb 13 17:33:15 CST 2020] Http already initialized. [Thu Feb 13 17:33:15 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.4U365krCH0 -g ' [Thu Feb 13 17:33:16 CST 2020] ret='0' [Thu Feb 13 17:33:16 CST 2020] response='{"success":false,"errors":[{"code":6003,"message":"Invalid request headers","error_chain":[{"code":6111,"message":"Invalid format for Authorization header"}]}],"messages":[],"result":null}' [Thu Feb 13 17:33:16 CST 2020] h='yudanzzy.vofvendetta.xyz' [Thu Feb 13 17:33:16 CST 2020] zones?name=yudanzzy.vofvendetta.xyz&account.id=f1f37af9b05f41f86aa340b32147dd29 [Thu Feb 13 17:33:16 CST 2020] GET [Thu Feb 13 17:33:16 CST 2020] url='https://api.cloudflare.com/client/v4/zones?name=yudanzzy.vofvendetta.xyz&account.id=f1f37af9b05f41f86aa340b32147dd29' [Thu Feb 13 17:33:16 CST 2020] timeout= [Thu Feb 13 17:33:16 CST 2020] Http already initialized. [Thu Feb 13 17:33:16 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.4U365krCH0 -g ' [Thu Feb 13 17:33:16 CST 2020] ret='0' [Thu Feb 13 17:33:16 CST 2020] response='{"success":false,"errors":[{"code":6003,"message":"Invalid request headers","error_chain":[{"code":6111,"message":"Invalid format for Authorization header"}]}],"messages":[],"result":null}' [Thu Feb 13 17:33:16 CST 2020] h='vofvendetta.xyz' [Thu Feb 13 17:33:16 CST 2020] zones?name=vofvendetta.xyz&account.id=f1f37af9b05f41f86aa340b32147dd29 [Thu Feb 13 17:33:16 CST 2020] GET [Thu Feb 13 17:33:16 CST 2020] url='https://api.cloudflare.com/client/v4/zones?name=vofvendetta.xyz&account.id=f1f37af9b05f41f86aa340b32147dd29' [Thu Feb 13 17:33:16 CST 2020] timeout= [Thu Feb 13 17:33:16 CST 2020] Http already initialized. [Thu Feb 13 17:33:16 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.4U365krCH0 -g ' [Thu Feb 13 17:33:17 CST 2020] ret='0' [Thu Feb 13 17:33:17 CST 2020] response='{"success":false,"errors":[{"code":6003,"message":"Invalid request headers","error_chain":[{"code":6111,"message":"Invalid format for Authorization header"}]}],"messages":[],"result":null}' [Thu Feb 13 17:33:17 CST 2020] h='xyz' [Thu Feb 13 17:33:17 CST 2020] zones?name=xyz&account.id=f1f37af9b05f41f86aa340b32147dd29 [Thu Feb 13 17:33:17 CST 2020] GET [Thu Feb 13 17:33:17 CST 2020] url='https://api.cloudflare.com/client/v4/zones?name=xyz&account.id=f1f37af9b05f41f86aa340b32147dd29' [Thu Feb 13 17:33:17 CST 2020] timeout= [Thu Feb 13 17:33:17 CST 2020] Http already initialized. [Thu Feb 13 17:33:17 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.4U365krCH0 -g ' [Thu Feb 13 17:33:18 CST 2020] ret='0' [Thu Feb 13 17:33:18 CST 2020] response='{"success":false,"errors":[{"code":6003,"message":"Invalid request headers","error_chain":[{"code":6111,"message":"Invalid format for Authorization header"}]}],"messages":[],"result":null}' [Thu Feb 13 17:33:18 CST 2020] h [Thu Feb 13 17:33:18 CST 2020] invalid domain [Thu Feb 13 17:33:18 CST 2020] Error add txt for domain:_acme-challenge.yudanzzy.vofvendetta.xyz [Thu Feb 13 17:33:18 CST 2020] _on_issue_err [Thu Feb 13 17:33:18 CST 2020] Please check log file for more details: /root/.acme.sh/acme.sh.log [Thu Feb 13 17:33:18 CST 2020] _chk_vlist='yudanzzy.vofvendetta.xyz#NgGk4A0puzC7B9WkoUVGFA8o-LsEMcWlBlGjqYI3Q.QfL_XTbufctsTU6JLcnVgd2n5FvVWJ2VSDQcX8zFgiM#https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/a7vRxA#dns-01#dns_cf,' [Thu Feb 13 17:33:18 CST 2020] start to deactivate authz [Thu Feb 13 17:33:18 CST 2020] Trigger domain validation. [Thu Feb 13 17:33:18 CST 2020] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/a7vRxA' [Thu Feb 13 17:33:18 CST 2020] _t_key_authz='NgGk4A0puzC7B9WkoUVGFA8o-LsEMcWlBlGjqYI3Q.QfL_XTbufctsTU6JLcnVgd2n5FvVWJ2VSDQcX8zFgiM' [Thu Feb 13 17:33:18 CST 2020] _t_vtype [Thu Feb 13 17:33:18 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/a7vRxA' [Thu Feb 13 17:33:18 CST 2020] payload='{}' [Thu Feb 13 17:33:18 CST 2020] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key [Thu Feb 13 17:33:18 CST 2020] Use _CACHED_NONCE='00026aTfKIIcY-BNXyHpIJhjohpYOAwEB0oWB8V6QtmcRns' [Thu Feb 13 17:33:18 CST 2020] nonce='00026aTfKIIcY-BNXyHpIJhjohpYOAwEB0oWB8V6QtmcRns' [Thu Feb 13 17:33:18 CST 2020] POST [Thu Feb 13 17:33:18 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/a7vRxA' [Thu Feb 13 17:33:18 CST 2020] body='{"protected": "eyJub25jZSI6ICIwMDAyNmFUZktJSWNZLUJOWHlIcElKaGpvaHBZT0F3RUIwb1dCOFY2UXRtY1JucyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMjc5MzczODIxMi9hN3ZSeEEiLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0Lzc3OTE3Nzk2In0", "payload": "e30", "signature": "X-Pa2zHkard7UTQP4MjAsM1v2tbD8bObeEuTr7oW58gNmNPjwTQFMaXYJHJ7-RUQpaaeApyp6FZfJMKgDL2ZzXVBmwQef987_hXO46M4mwqqEJg99qCWdtP8jPzQwu1ipaf6Ywzj34Utc7RUqv56tgSYcSRF_goYUUSLgbo3bHinxguEAwxq2bCYFQXqyqGAQfyaJPHIkxI_E0kfcsPFlvl3jAMTGjhOX5S5Ue63COxfNYaKoJi-BQ8IjnYvC2jMk0KMrpStGVNAeCQJ9aT8xSaAmt_iMkzO_4Pu5a61bcaTnPOo8w4xvwTKd0er5QAxu_snNfScuHqxe6afDOOIpA"}' [Thu Feb 13 17:33:18 CST 2020] _postContentType='application/jose+json' [Thu Feb 13 17:33:18 CST 2020] Http already initialized. [Thu Feb 13 17:33:18 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.4U365krCH0 -g ' [Thu Feb 13 17:33:19 CST 2020] _ret='0' [Thu Feb 13 17:33:19 CST 2020] responseHeaders='HTTP/1.1 200 OK Server: nginx Date: Thu, 13 Feb 2020 09:33:19 GMT Content-Type: application/json Content-Length: 184 Connection: keep-alive Boulder-Requester: 77917796 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Link: https://acme-v02.api.letsencrypt.org/acme/authz-v3/2793738212;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/a7vRxA Replay-Nonce: 0001_t5BHT1JtPstqLVDyVSGoW9ERumc7gOdaT0ZaBmV-Dc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 ' [Thu Feb 13 17:33:19 CST 2020] code='200' [Thu Feb 13 17:33:19 CST 2020] original='{ "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/a7vRxA", "token": "NgGk4A0puzC7B9WkoUVGFA8o-LsEMcWlBlGjqYI3Q" }' [Thu Feb 13 17:33:19 CST 2020] response='{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2793738212/a7vRxA","token":"NgGk4_A0puzC7B9WkoUVGFA8o_-LsEMcWlBlGjqYI3Q"}' [Thu Feb 13 17:33:19 CST 2020] socat doesn't exists. [Thu Feb 13 17:33:19 CST 2020] Diagnosis versions: openssl:openssl OpenSSL 1.0.2k-fips 26 Jan 2017 apache: apache doesn't exists. nginx: nginx doesn't exists. socat: [Thu Feb 13 17:33:19 CST 2020] pid [Thu Feb 13 17:33:19 CST 2020] No need to restore nginx, skip. [Thu Feb 13 17:33:19 CST 2020] _clearupdns [Thu Feb 13 17:33:19 CST 2020] dns_entries [Thu Feb 13 17:33:19 CST 2020] skip dns. [root@zhang007z1 ~]#

zhang007z commented 4 years ago

command: ~/.acme.sh/acme.sh --issue --dns dns_cf -d yudanzzy.vofvendetta.xyz \ --server https://acme-v02.api.letsencrypt.org/directory \ --webroot /usr/share/nginx/html/ --debug 2 ~/.acme.sh/acme.sh --installcert -d yudanzzy.vofvendetta.xyz \ --key-file /usr/src/trojan-cert/private.key \ --fullchain-file /usr/src/trojan-cert/fullchain.cer \ --reloadcmd "systemctl force-reload nginx.service" ---------------------------------------------main error-------------------------------------------- [Thu Feb 13 20:06:36 CST 2020] invalid domain [Thu Feb 13 20:06:36 CST 2020] Error add txt for domain:_acme-challenge.yudanzzy.vofvendetta.xyz [Thu Feb 13 20:06:36 CST 2020] _on_issue_err [Thu Feb 13 20:06:36 CST 2020] Please check log file for more details: /root/.acme.sh/acme.sh.log ---------------------------------------------------debug 2--------------------------------------------- [Thu Feb 13 20:06:27 CST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Thu Feb 13 20:06:27 CST 2020] Installing to /root/.acme.sh [Thu Feb 13 20:06:27 CST 2020] Installed to /root/.acme.sh/acme.sh [Thu Feb 13 20:06:27 CST 2020] Using config home:/root/.acme.sh [Thu Feb 13 20:06:27 CST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Thu Feb 13 20:06:27 CST 2020] Using sed -i [Thu Feb 13 20:06:27 CST 2020] Found profile: /root/.bashrc [Thu Feb 13 20:06:27 CST 2020] Installing alias to '/root/.bashrc' [Thu Feb 13 20:06:27 CST 2020] OK, Close and reopen your terminal to start using acme.sh [Thu Feb 13 20:06:27 CST 2020] Installing alias to '/root/.cshrc' [Thu Feb 13 20:06:27 CST 2020] Using sed -i [Thu Feb 13 20:06:27 CST 2020] Installing alias to '/root/.tcshrc' [Thu Feb 13 20:06:27 CST 2020] Using config home:/root/.acme.sh [Thu Feb 13 20:06:27 CST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Thu Feb 13 20:06:27 CST 2020] Installing cron job [Thu Feb 13 20:06:27 CST 2020] Good, bash is found, so change the shebang to use bash as preferred. [Thu Feb 13 20:06:27 CST 2020] OK [Thu Feb 13 20:06:27 CST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Thu Feb 13 20:06:27 CST 2020] GET [Thu Feb 13 20:06:27 CST 2020] url='https://api.github.com/repos/acmesh-official/acme.sh/git/refs/heads/master' [Thu Feb 13 20:06:27 CST 2020] timeout= [Thu Feb 13 20:06:27 CST 2020] _CURL='curl -L --silent --dump-header /tmp/tmp.UWRTe4wQBO -g ' [Thu Feb 13 20:06:28 CST 2020] ret='0' [Thu Feb 13 20:06:29 CST 2020] Using server: https://acme-v02.api.letsencrypt.org/directory [Thu Feb 13 20:06:29 CST 2020] Running cmd: issue [Thu Feb 13 20:06:29 CST 2020] _main_domain='yudanzzy.vofvendetta.xyz' [Thu Feb 13 20:06:29 CST 2020] _alt_domains='no' [Thu Feb 13 20:06:29 CST 2020] Using config home:/root/.acme.sh [Thu Feb 13 20:06:29 CST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Thu Feb 13 20:06:29 CST 2020] DOMAIN_PATH='/root/.acme.sh/yudanzzy.vofvendetta.xyz' [Thu Feb 13 20:06:29 CST 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory [Thu Feb 13 20:06:29 CST 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory [Thu Feb 13 20:06:29 CST 2020] GET [Thu Feb 13 20:06:29 CST 2020] url='https://acme-v02.api.letsencrypt.org/directory' [Thu Feb 13 20:06:29 CST 2020] timeout= [Thu Feb 13 20:06:29 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.UqneHYyIrA -g ' [Thu Feb 13 20:06:30 CST 2020] ret='0' [Thu Feb 13 20:06:30 CST 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change' [Thu Feb 13 20:06:30 CST 2020] ACME_NEW_AUTHZ [Thu Feb 13 20:06:30 CST 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order' [Thu Feb 13 20:06:30 CST 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct' [Thu Feb 13 20:06:30 CST 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert' [Thu Feb 13 20:06:30 CST 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf' [Thu Feb 13 20:06:30 CST 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Thu Feb 13 20:06:30 CST 2020] ACME_VERSION='2' [Thu Feb 13 20:06:30 CST 2020] Le_NextRenewTime [Thu Feb 13 20:06:30 CST 2020] _on_before_issue [Thu Feb 13 20:06:30 CST 2020] _chk_main_domain='yudanzzy.vofvendetta.xyz' [Thu Feb 13 20:06:30 CST 2020] _chk_alt_domains [Thu Feb 13 20:06:30 CST 2020] Le_LocalAddress [Thu Feb 13 20:06:30 CST 2020] d='yudanzzy.vofvendetta.xyz' [Thu Feb 13 20:06:30 CST 2020] Check for domain='yudanzzy.vofvendetta.xyz' [Thu Feb 13 20:06:30 CST 2020] _currentRoot='dns_cf' [Thu Feb 13 20:06:30 CST 2020] d [Thu Feb 13 20:06:30 CST 2020] _saved_account_key_hash is not changed, skip register account. [Thu Feb 13 20:06:30 CST 2020] Read key length: [Thu Feb 13 20:06:30 CST 2020] _createcsr [Thu Feb 13 20:06:30 CST 2020] Single domain='yudanzzy.vofvendetta.xyz' [Thu Feb 13 20:06:30 CST 2020] Getting domain auth token for each domain [Thu Feb 13 20:06:30 CST 2020] d [Thu Feb 13 20:06:30 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Thu Feb 13 20:06:30 CST 2020] payload='{"identifiers": [{"type":"dns","value":"yudanzzy.vofvendetta.xyz"}]}' [Thu Feb 13 20:06:30 CST 2020] RSA key [Thu Feb 13 20:06:30 CST 2020] HEAD [Thu Feb 13 20:06:30 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Thu Feb 13 20:06:30 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.VOvG6ooSGK -g -I ' [Thu Feb 13 20:06:31 CST 2020] _ret='0' [Thu Feb 13 20:06:31 CST 2020] POST [Thu Feb 13 20:06:31 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Thu Feb 13 20:06:31 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.VOvG6ooSGK -g ' [Thu Feb 13 20:06:33 CST 2020] _ret='0' [Thu Feb 13 20:06:33 CST 2020] code='201' [Thu Feb 13 20:06:33 CST 2020] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/77917796/2319336493' [Thu Feb 13 20:06:33 CST 2020] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/77917796/2319336493' [Thu Feb 13 20:06:33 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2795594188' [Thu Feb 13 20:06:33 CST 2020] payload [Thu Feb 13 20:06:33 CST 2020] POST [Thu Feb 13 20:06:33 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2795594188' [Thu Feb 13 20:06:33 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.VOvG6ooSGK -g ' [Thu Feb 13 20:06:34 CST 2020] _ret='0' [Thu Feb 13 20:06:34 CST 2020] code='200' [Thu Feb 13 20:06:34 CST 2020] d='yudanzzy.vofvendetta.xyz' [Thu Feb 13 20:06:34 CST 2020] Getting webroot for domain='yudanzzy.vofvendetta.xyz' [Thu Feb 13 20:06:34 CST 2020] _w='dns_cf' [Thu Feb 13 20:06:34 CST 2020] _currentRoot='dns_cf' [Thu Feb 13 20:06:34 CST 2020] entry='"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2795594188/BkXmwQ","token":"ZxwVZJv55tUYM86r9A2y4leNbY-EUPQfZlWc1--wsyI"' [Thu Feb 13 20:06:34 CST 2020] token='ZxwVZJv55tUYM86r9A2y4leNbY-EUPQfZlWc1--wsyI' [Thu Feb 13 20:06:34 CST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2795594188/BkXmwQ' [Thu Feb 13 20:06:34 CST 2020] keyauthorization='ZxwVZJv55tUYM86r9A2y4leNbY-EUPQfZlWc1--wsyI.QfL_XTbufctsTU6JLcnVgd2n5FvVWJ2VSDQcX8zFgiM' [Thu Feb 13 20:06:34 CST 2020] dvlist='yudanzzy.vofvendetta.xyz#ZxwVZJv55tUYM86r9A2y4leNbY-EUPQfZlWc1--wsyI.QfL_XTbufctsTU6JLcnVgd2n5FvVWJ2VSDQcX8zFgiM#https://acme-v02.api.letsencrypt.org/acme/chall-v3/2795594188/BkXmwQ#dns-01#dns_cf' [Thu Feb 13 20:06:34 CST 2020] d [Thu Feb 13 20:06:34 CST 2020] vlist='yudanzzy.vofvendetta.xyz#ZxwVZJv55tUYM86r9A2y4leNbY-EUPQfZlWc1--wsyI.QfL_XTbufctsTU6JLcnVgd2n5FvVWJ2VSDQcX8zFgiM#https://acme-v02.api.letsencrypt.org/acme/chall-v3/2795594188/BkXmwQ#dns-01#dns_cf,' [Thu Feb 13 20:06:34 CST 2020] d='yudanzzy.vofvendetta.xyz' [Thu Feb 13 20:06:34 CST 2020] _d_alias [Thu Feb 13 20:06:34 CST 2020] txtdomain='_acme-challenge.yudanzzy.vofvendetta.xyz' [Thu Feb 13 20:06:34 CST 2020] txt='Xs8-pI0ocy4WxpvUf4nGxHjirbSlha44rhR0l6I2_jI' [Thu Feb 13 20:06:34 CST 2020] d_api='/root/.acme.sh/dnsapi/dns_cf.sh' [Thu Feb 13 20:06:34 CST 2020] Found domain api file: /root/.acme.sh/dnsapi/dns_cf.sh [Thu Feb 13 20:06:34 CST 2020] Adding txt value: Xs8-pI0ocy4WxpvUf4nGxHjirbSlha44rhR0l6I2_jI for domain: _acme-challenge.yudanzzy.vofvendetta.xyz [Thu Feb 13 20:06:34 CST 2020] First detect the root zone [Thu Feb 13 20:06:34 CST 2020] h='_acme-challenge.yudanzzy.vofvendetta.xyz' [Thu Feb 13 20:06:34 CST 2020] zones?name=_acme-challenge.yudanzzy.vofvendetta.xyz&account.id=f1f37af9b05f41f86aa340b32147dd29 [Thu Feb 13 20:06:34 CST 2020] GET [Thu Feb 13 20:06:34 CST 2020] url='https://api.cloudflare.com/client/v4/zones?name=_acme-challenge.yudanzzy.vofvendetta.xyz&account.id=f1f37af9b05f41f86aa340b32147dd29' [Thu Feb 13 20:06:34 CST 2020] timeout= [Thu Feb 13 20:06:34 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.VOvG6ooSGK -g ' [Thu Feb 13 20:06:34 CST 2020] ret='0' [Thu Feb 13 20:06:34 CST 2020] h='yudanzzy.vofvendetta.xyz' [Thu Feb 13 20:06:34 CST 2020] zones?name=yudanzzy.vofvendetta.xyz&account.id=f1f37af9b05f41f86aa340b32147dd29 [Thu Feb 13 20:06:34 CST 2020] GET [Thu Feb 13 20:06:34 CST 2020] url='https://api.cloudflare.com/client/v4/zones?name=yudanzzy.vofvendetta.xyz&account.id=f1f37af9b05f41f86aa340b32147dd29' [Thu Feb 13 20:06:34 CST 2020] timeout= [Thu Feb 13 20:06:34 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.VOvG6ooSGK -g ' [Thu Feb 13 20:06:35 CST 2020] ret='0' [Thu Feb 13 20:06:35 CST 2020] h='vofvendetta.xyz' [Thu Feb 13 20:06:35 CST 2020] zones?name=vofvendetta.xyz&account.id=f1f37af9b05f41f86aa340b32147dd29 [Thu Feb 13 20:06:35 CST 2020] GET [Thu Feb 13 20:06:35 CST 2020] url='https://api.cloudflare.com/client/v4/zones?name=vofvendetta.xyz&account.id=f1f37af9b05f41f86aa340b32147dd29' [Thu Feb 13 20:06:35 CST 2020] timeout= [Thu Feb 13 20:06:35 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.VOvG6ooSGK -g ' [Thu Feb 13 20:06:36 CST 2020] ret='0' [Thu Feb 13 20:06:36 CST 2020] h='xyz' [Thu Feb 13 20:06:36 CST 2020] zones?name=xyz&account.id=f1f37af9b05f41f86aa340b32147dd29 [Thu Feb 13 20:06:36 CST 2020] GET [Thu Feb 13 20:06:36 CST 2020] url='https://api.cloudflare.com/client/v4/zones?name=xyz&account.id=f1f37af9b05f41f86aa340b32147dd29' [Thu Feb 13 20:06:36 CST 2020] timeout= [Thu Feb 13 20:06:36 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.VOvG6ooSGK -g ' [Thu Feb 13 20:06:36 CST 2020] ret='0' [Thu Feb 13 20:06:36 CST 2020] h [Thu Feb 13 20:06:36 CST 2020] invalid domain [Thu Feb 13 20:06:36 CST 2020] Error add txt for domain:_acme-challenge.yudanzzy.vofvendetta.xyz [Thu Feb 13 20:06:36 CST 2020] _on_issue_err [Thu Feb 13 20:06:36 CST 2020] Please check log file for more details: /root/.acme.sh/acme.sh.log [Thu Feb 13 20:06:36 CST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2795594188/BkXmwQ' [Thu Feb 13 20:06:36 CST 2020] payload='{}' [Thu Feb 13 20:06:36 CST 2020] POST [Thu Feb 13 20:06:36 CST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2795594188/BkXmwQ' [Thu Feb 13 20:06:36 CST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.VOvG6ooSGK -g ' [Thu Feb 13 20:06:38 CST 2020] _ret='0' [Thu Feb 13 20:06:38 CST 2020] code='200' [Thu Feb 13 20:06:38 CST 2020] Diagnosis versions: openssl:openssl OpenSSL 1.0.2k-fips 26 Jan 2017 apache: apache doesn't exists. nginx: nginx version: nginx/1.16.1 built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC) built with OpenSSL 1.0.2k-fips 26 Jan 2017 TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie' socat: socat by Gerhard Rieger and contributors - see www.dest-unreach.org Usage: socat [options] options: -V print version and feature information to stdout, and exit -h|-? print a help text describing command line options and addresses -hh like -h, plus a list of all common address option names -hhh like -hh, plus a list of all available address option names -d increase verbosity (use up to 4 times; 2 are recommended) -D analyze file descriptors before loop -ly[facility] log to syslog, using facility (default is daemon) -lf log to file -ls log to stderr (default if no other log) -lm[facility] mixed log mode (stderr during initialization, then syslog) -lp set the program name used for logging -lu use microseconds for logging timestamps -lh add hostname to log messages -v verbose data traffic, text -x verbose data traffic, hexadecimal -b set data buffer size (8192) -s sloppy (continue on error) -t wait seconds before closing second channel -T total inactivity timeout in seconds -u unidirectional mode (left to right) -U unidirectional mode (right to left) -g do not check option groups -L try to obtain lock, or fail -W try to obtain lock, or wait -4 prefer IPv4 if version is not explicitly specified -6 prefer IPv6 if version is not explicitly specified bi-address: pipe[,] groups=FD,FIFO

!! single-address: [,] address-head: abstract-client: groups=FD,SOCKET,RETRY,UNIX abstract-connect: groups=FD,SOCKET,RETRY,UNIX abstract-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,UNIX abstract-recv: groups=FD,SOCKET,RETRY,UNIX abstract-recvfrom: groups=FD,SOCKET,CHILD,RETRY,UNIX abstract-sendto: groups=FD,SOCKET,RETRY,UNIX create: groups=FD,REG,NAMED exec: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX fd: groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP gopen: groups=FD,FIFO,CHR,BLK,REG,SOCKET,NAMED,OPEN,TERMIOS,UNIX interface: groups=FD,SOCKET ip-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6 ip-recv: groups=FD,SOCKET,RANGE,IP4,IP6 ip-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6 ip-sendto:: groups=FD,SOCKET,IP4,IP6 ip4-datagram:: groups=FD,SOCKET,RANGE,IP4 ip4-recv: groups=FD,SOCKET,RANGE,IP4 ip4-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4 ip4-sendto:: groups=FD,SOCKET,IP4 ip6-datagram:: groups=FD,SOCKET,RANGE,IP6 ip6-recv: groups=FD,SOCKET,RANGE,IP6 ip6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6 ip6-sendto:: groups=FD,SOCKET,IP6 open: groups=FD,FIFO,CHR,BLK,REG,NAMED,OPEN,TERMIOS openssl:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,OPENSSL openssl-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP,OPENSSL pipe: groups=FD,FIFO,NAMED,OPEN proxy::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,HTTP pty groups=FD,NAMED,TERMIOS,PTY readline groups=FD,READLINE,TERMIOS sctp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,SCTP sctp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,SCTP sctp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,SCTP sctp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,SCTP sctp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,SCTP sctp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,SCTP socket-connect::: groups=FD,SOCKET,CHILD,RETRY socket-datagram:::: groups=FD,SOCKET,RANGE socket-listen::: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE socket-recv:::: groups=FD,SOCKET,RANGE socket-recvfrom:::: groups=FD,SOCKET,CHILD,RANGE socket-sendto:::: groups=FD,SOCKET socks4::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4 socks4a::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4 stderr groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP stdin groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP stdio groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP stdout groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP system: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX tcp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP tcp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP tcp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,TCP tcp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,TCP tcp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,TCP tcp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,TCP tun[:/] groups=FD,CHR,NAMED,OPEN,INTERFACE udp-connect:: groups=FD,SOCKET,IP4,IP6,UDP udp-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6,UDP udp-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,IP6,UDP udp-recv: groups=FD,SOCKET,RANGE,IP4,IP6,UDP udp-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6,UDP udp-sendto:: groups=FD,SOCKET,IP4,IP6,UDP udp4-connect:: groups=FD,SOCKET,IP4,UDP udp4-datagram:: groups=FD,SOCKET,RANGE,IP4,UDP udp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,UDP udp4-recv: groups=FD,SOCKET,RANGE,IP4,UDP udp4-recvfrom:: groups=FD,SOCKET,CHILD,RANGE,IP4,UDP udp4-sendto:: groups=FD,SOCKET,IP4,UDP udp6-connect:: groups=FD,SOCKET,IP6,UDP udp6-datagram:: groups=FD,SOCKET,RANGE,IP6,UDP udp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP6,UDP udp6-recv: groups=FD,SOCKET,RANGE,IP6,UDP udp6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6,UDP udp6-sendto:: groups=FD,SOCKET,IP6,UDP unix-client: groups=FD,SOCKET,NAMED,RETRY,UNIX unix-connect: groups=FD,SOCKET,NAMED,RETRY,UNIX unix-listen: groups=FD,SOCKET,NAMED,LISTEN,CHILD,RETRY,UNIX unix-recv: groups=FD,SOCKET,NAMED,RETRY,UNIX unix-recvfrom: groups=FD,SOCKET,NAMED,CHILD,RETRY,UNIX unix-sendto: groups=FD,SOCKET,NAMED,RETRY,UNIX [Thu Feb 13 20:06:38 CST 2020] pid [Thu Feb 13 20:06:38 CST 2020] No need to restore nginx, skip. [Thu Feb 13 20:06:38 CST 2020] _clearupdns [Thu Feb 13 20:06:38 CST 2020] dns_entries [Thu Feb 13 20:06:38 CST 2020] skip dns. [Thu Feb 13 20:06:38 CST 2020] Running cmd: installcert [Thu Feb 13 20:06:38 CST 2020] Using config home:/root/.acme.sh [Thu Feb 13 20:06:38 CST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Thu Feb 13 20:06:38 CST 2020] DOMAIN_PATH='/root/.acme.sh/yudanzzy.vofvendetta.xyz' [Thu Feb 13 20:06:38 CST 2020] Installing key to:/usr/src/trojan-cert/private.key [Thu Feb 13 20:06:38 CST 2020] Installing full chain to:/usr/src/trojan-cert/fullchain.cer
Neilpang commented 4 years ago

更新到最新版:

acme.sh --upgrade -f --auto-upgrade
troyfontaine commented 4 years ago

I ran into this recently when I didn't think too hard about switching to the new API tokens-and started having this problem. Based on the wiki I had to update my ~/.acme.sh/account.conf to replace the SAVED_CF_Email to SAVED_CF_Account_ID and entered my Cloudflare Account ID (you can find that on the Overview page for a domain in your Cloudflare dashboard).