search

acmesh-official / acme.sh

A pure Unix shell script implementing ACME client protocol
https://acme.sh
GNU General Public License v3.0
38.58k stars 4.91k forks source link

Invalid response from acme-challenge when registering new subdomain #3298

Open hitchhooker opened 3 years ago

hitchhooker commented 3 years ago

I am struggling big time with registering subdomains one at the time and keep facing the same error when trying to get the certificates made with acme.sh. for some reason when im registering new subdomain problem is that i get invalid response from another subdomain/.well-known/acme-challenge/243zlowXzeKyUw_FRpgVlMCyaq2Ar0XiKukugV458SA

Steps to reproduce

root@vmi342841:/etc/letsencrypt# acme.sh --issue --domain skb.rotko.net --webroot /var/www/skb.rotko.net/
[Wed 09 Dec 2020 06:18:58 PM CET] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Wed 09 Dec 2020 06:18:58 PM CET] Single domain='skb.rotko.net'
[Wed 09 Dec 2020 06:18:58 PM CET] Getting domain auth token for each domain
[Wed 09 Dec 2020 06:19:01 PM CET] Getting webroot for domain='skb.rotko.net'
[Wed 09 Dec 2020 06:19:01 PM CET] Verifying: skb.rotko.net
[Wed 09 Dec 2020 06:19:05 PM CET] skb.rotko.net:Verify error:Invalid response from https://cbreeze.rotko.net/.well-known/acme-challenge/243zlowXzeKyUw_FRpgVlMCyaq2Ar0XiKukugV458SA [207.180.199.117]:
[Wed 09 Dec 2020 06:19:05 PM CET] Please add '--debug' or '--log' to check more details.
[Wed 09 Dec 2020 06:19:05 PM CET] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
root@vmi342841:/etc/nginx/sites-available# acme.sh --issue --domain skb.rotko.net --webroot /var/www/skb.rotko.net
[Wed 09 Dec 2020 06:26:29 PM CET] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Wed 09 Dec 2020 06:26:29 PM CET] Single domain='skb.rotko.net'
[Wed 09 Dec 2020 06:26:29 PM CET] Getting domain auth token for each domain
[Wed 09 Dec 2020 06:26:31 PM CET] Create new order error. Le_OrderFinalize not found. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}
[Wed 09 Dec 2020 06:26:31 PM CET] Please add '--debug' or '--log' to check more details.
[Wed 09 Dec 2020 06:26:31 PM CET] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh

nginx -T to show my nginx settings and Debug log

root@vmi342841:/etc/nginx/sites-available# nginx -T
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# configuration file /etc/nginx/nginx.conf:
user www-data;
worker_processes auto;
include /etc/nginx/modules-enabled/*.conf;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    ##
    # PageSpeed Settings
    ##

    #pagespeed on;
    #pagespeed FileCachePath /var/ngx_pagespeed_cache;
    #pagespeed EnableCachePurge on;
    #pagespeed PurgeMethod PURGE;

    ##
    # Access/Error Log Settings
    ##

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;
    error_log /var/log/nginx/error.log;

    ##
    # Http Core Module Settings
    ##

    sendfile        on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout  65;
    types_hash_max_size 2048;
    client_max_body_size 150M;

    ##
    # Gzip Settings
    ##

#    pagespeed FetchWithGzip off;
#    pagespeed HttpCacheCompressionLevel 0;
    #gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/x-font-ttf application/x-web-app-manifest+json application/xml+rss text/javascript image/svg+xml image/x-icon;

    ##
    # Brotli Settings
    ##

    brotli on;
    brotli_comp_level 6;
    brotli_static on;
    brotli_types application/octec-stream text/xml image/svg+xml application/x-font-ttf image/vnd.microsoft.icon application/x-font-opentype application/json font/eot application/vnd.ms-fontobject application/javascript font/otf application/xml application/xhtml+xml text/javascript application/x-javascript text/plain application/x-font-trutype application/xml+rss image/x-icon font/opentype text/css image/x-win-bitmap application/x-web-app-manifest+json;

    ##
    # SSL Configuration
    ##

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

    ##
    # FastCGI Cache Settings
    ##

    fastcgi_cache_path /etc/nginx-cache levels=1:2 keys_zone=phpcache:100m inactive=60m;
    fastcgi_cache_key "$scheme$request_method$host$request_uri";
    fastcgi_ignore_headers Cache-Control Expires;

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;

}
# configuration file /etc/nginx/mime.types:

types {
    text/html                                        html htm shtml;
    text/css                                         css;
    text/xml                                         xml;
    image/gif                                        gif;
    image/jpeg                                       jpeg jpg;
    application/javascript                           js;
    application/atom+xml                             atom;
    application/rss+xml                              rss;

    text/mathml                                      mml;
    text/plain                                       txt;
    text/vnd.sun.j2me.app-descriptor                 jad;
    text/vnd.wap.wml                                 wml;
    text/x-component                                 htc;

    image/png                                        png;
    image/svg+xml                                    svg svgz;
    image/tiff                                       tif tiff;
    image/vnd.wap.wbmp                               wbmp;
    image/webp                                       webp;
    image/x-icon                                     ico;
    image/x-jng                                      jng;
    image/x-ms-bmp                                   bmp;

    font/woff                                        woff;
    font/woff2                                       woff2;

    application/java-archive                         jar war ear;
    application/json                                 json;
    application/mac-binhex40                         hqx;
    application/msword                               doc;
    application/pdf                                  pdf;
    application/postscript                           ps eps ai;
    application/rtf                                  rtf;
    application/vnd.apple.mpegurl                    m3u8;
    application/vnd.google-earth.kml+xml             kml;
    application/vnd.google-earth.kmz                 kmz;
    application/vnd.ms-excel                         xls;
    application/vnd.ms-fontobject                    eot;
    application/vnd.ms-powerpoint                    ppt;
    application/vnd.oasis.opendocument.graphics      odg;
    application/vnd.oasis.opendocument.presentation  odp;
    application/vnd.oasis.opendocument.spreadsheet   ods;
    application/vnd.oasis.opendocument.text          odt;
    application/vnd.openxmlformats-officedocument.presentationml.presentation
                                                     pptx;
    application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
                                                     xlsx;
    application/vnd.openxmlformats-officedocument.wordprocessingml.document
                                                     docx;
    application/vnd.wap.wmlc                         wmlc;
    application/x-7z-compressed                      7z;
    application/x-cocoa                              cco;
    application/x-java-archive-diff                  jardiff;
    application/x-java-jnlp-file                     jnlp;
    application/x-makeself                           run;
    application/x-perl                               pl pm;
    application/x-pilot                              prc pdb;
    application/x-rar-compressed                     rar;
    application/x-redhat-package-manager             rpm;
    application/x-sea                                sea;
    application/x-shockwave-flash                    swf;
    application/x-stuffit                            sit;
    application/x-tcl                                tcl tk;
    application/x-x509-ca-cert                       der pem crt;
    application/x-xpinstall                          xpi;
    application/xhtml+xml                            xhtml;
    application/xspf+xml                             xspf;
    application/zip                                  zip;

    application/octet-stream                         bin exe dll;
    application/octet-stream                         deb;
    application/octet-stream                         dmg;
    application/octet-stream                         iso img;
    application/octet-stream                         msi msp msm;

    audio/midi                                       mid midi kar;
    audio/mpeg                                       mp3;
    audio/ogg                                        ogg;
    audio/x-m4a                                      m4a;
    audio/x-realaudio                                ra;

    video/3gpp                                       3gpp 3gp;
    video/mp2t                                       ts;
    video/mp4                                        mp4;
    video/mpeg                                       mpeg mpg;
    video/quicktime                                  mov;
    video/webm                                       webm;
    video/x-flv                                      flv;
    video/x-m4v                                      m4v;
    video/x-mng                                      mng;
    video/x-ms-asf                                   asx asf;
    video/x-ms-wmv                                   wmv;
    video/x-msvideo                                  avi;
}

# configuration file /etc/nginx/conf.d/tf-webp.conf:
#THEMIFY BEGIN
#Conditional variables to check if a browser support webp
map $http_accept $webp_ext {
    default "";
    "~*webp" ".webp";
}
#THEMIFY END
# configuration file /etc/nginx/sites-enabled/cbreeze.rotko.net:
server {
  #root traffic from unsecure http to https
        listen 80;      #listen ipv4 port 80
        listen [::]:80; #listen ipv6 port 80
        server_name cbreeze.rotko.net;
        return 301 https://cbreeze.rotko.net$request_uri;
}

server {
        server_name cbreeze.rotko.net; # Replace with your domain name
        include /etc/nginx/snippets/https-cbreeze.conf;
        include /etc/nginx/snippets/tf-server-webp.conf;

        root /var/www/cbreeze.net/web; # Replace with your document root
        index index.php index.htm index.html;

        location = /favicon.ico {
        log_not_found off;
        access_log off;
        }

        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }

        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires max;
                log_not_found off;
        }

        # Prevent PHP scripts from being executed inside the uploads folder.
        location ~* /app/uploads/.*.php$ {
                deny all;
        }

        location ~ \.php$ {
        include /etc/nginx/snippets/fastcgi-php.conf;
        }

        location / {
                try_files $uri $uri/ /index.php?$args;
        }
}

# configuration file /etc/nginx/snippets/https-cbreeze.conf:
listen 443 ssl http2;
listen [::]:443 ssl http2;
# RSA
ssl_certificate /etc/letsencrypt/cbreeze.rotko.net/fullchain.cer;
ssl_certificate_key /etc/letsencrypt/cbreeze.rotko.net/cbreeze.rotko.net.key;
# configuration file /etc/nginx/snippets/tf-server-webp.conf:
#BEGIN THEMIFY: rewrite rules for webp
location ~* ^(/.+)\.(png|jpeg|jpg|gif){
        add_header Vary "Accept";
        add_header Cache-Control "public, no-transform";
        set $img_path $1;
        try_files $img_path$webp_ext $uri =404;
}
#END THEMIFY: rewrite rules for webp

# configuration file /etc/nginx/snippets/fastcgi-php.conf:
#split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+\.php)(/.+)$;

# Check that the PHP script exists before passing it
try_files $fastcgi_script_name =404;

# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;

fastcgi_index index.php;
include fastcgi_params;

##
# FastCGI PHP connection
##
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_read_timeout 300;

##
# FastCGI Cache --> not needed because we are using superior PageSpeed module in nginx
##
#fastcgi_cache phpcache;
#fastcgi_cache_valid 200 60m;
#fastcgi_cache_methods GET HEAD;
#add_header X-Fastcgi-Cache $upstream_cache_status;
# configuration file /etc/nginx/fastcgi_params:
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  REQUEST_SCHEME     $scheme;
fastcgi_param  HTTPS              $https if_not_empty;

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

# configuration file /etc/nginx/sites-enabled/cvmaker.app:
server {
  #root traffic from unsecure http to https
        listen 80;      #listen ipv4 port 80
        listen [::]:80; #listen ipv6 port 80

        server_name www.cvmaker.app cvmaker.app;
        return 301 https://cvmaker.app$request_uri;
}

server {
        server_name cvmaker.app; # Replace with your domain name
        include /etc/nginx/snippets/https-cvmaker.conf;

        root /var/www/cvmaker.app; # Replace with your document root
        index index.html;

    }

# configuration file /etc/nginx/snippets/https-cvmaker.conf:
listen 443 ssl http2;
listen [::]:443 ssl http2;
# RSA
ssl_certificate /etc/letsencrypt/cvmaker.app/fullchain.cer;
ssl_certificate_key /etc/letsencrypt/cvmaker.app/cvmaker.app.key;
# configuration file /etc/nginx/sites-enabled/cvmaker.me:
server {
  #root traffic from unsecure http to https
        listen 80;      #listen ipv4 port 80
        listen [::]:80; #listen ipv6 port 80

        server_name www.cvmaker.me cvmaker.me;
        return 301 https://cvmaker.me$request_uri;
}

server {
        server_name cvmaker.me; # Replace with your domain name
        include /etc/nginx/snippets/https-cvmakerme.conf;

        root /var/www/cvmaker.me; # Replace with your document root
        index index.html;

    }

# configuration file /etc/nginx/snippets/https-cvmakerme.conf:
listen 443 ssl http2;
listen [::]:443 ssl http2;
# RSA
ssl_certificate /etc/letsencrypt/cvmaker.me/fullchain.cer;
ssl_certificate_key /etc/letsencrypt/cvmaker.me/cvmaker.me.key;
# configuration file /etc/nginx/sites-enabled/insoft.rotko.net:
server {
  #root traffic from unsecure http to https
        listen 80;      #listen ipv4 port 80
        listen [::]:80; #listen ipv6 port 80
        server_name insoft.rotko.net;
        return 301 https://insoft.rotko.net$request_uri;
}

server {
        server_name insoft.rotko.net; # Replace with your domain name
        include /etc/nginx/snippets/https-insoft.conf;

        root /var/www/insoft.rotko.net/public; # Replace with your document root
                index index.php index.htm index.html;

        location = /favicon.ico {
        log_not_found off;
        access_log off;
        }

        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }

        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires max;
                log_not_found off;
        }

        # Prevent PHP scripts from being executed inside the uploads folder.
        location ~* /app/uploads/.*.php$ {
                deny all;
        }

        location ~ \.php$ {
        include /etc/nginx/snippets/fastcgi-php.conf;
        }

        location / {
                try_files $uri $uri/ /index.php?$args;
        }
}

# configuration file /etc/nginx/snippets/https-insoft.conf:
listen 443 ssl http2;
listen [::]:443 ssl http2;
# RSA
ssl_certificate /etc/letsencrypt/insoft.rotko.net/fullchain.cer;
ssl_certificate_key /etc/letsencrypt/insoft.rotko.net/insoft.rotko.net.key;
# configuration file /etc/nginx/sites-enabled/neurovidas.com:
upstream php {
        server unix:/tmp/php-cgi.socket;
        server 127.0.0.1:9000;
}

server {
  #root traffic from unsecure http to https
        listen 80;      #listen ipv4 port 80
        listen [::]:80; #listen ipv6 port 80

        server_name neurovidas.com www.neurovidas.com;
        return 301 https://neurovidas.com$request_uri;
}

server {
        server_name neurovidas.com; # Replace with your domain name
        include /etc/nginx/snippets/https-neurovidas.conf;

        root /var/www/neurovidas.com/web;
        index index.php index.htm index.html;

        location = /favicon.ico {
        log_not_found off;
        access_log off;
        }

        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }

        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires max;
                log_not_found off;
        }

        # Prevent PHP scripts from being executed inside the uploads folder.
        location ~* /app/uploads/.*.php$ {
                deny all;
        }

        location ~ \.php$ {
        include /etc/nginx/snippets/fastcgi-php.conf;
        }

        location / {
                try_files $uri $uri/ /index.php?$args;
        }
}

# configuration file /etc/nginx/snippets/https-neurovidas.conf:
listen 443 ssl http2;
listen [::]:443 ssl http2;
# RSA
ssl_certificate /etc/letsencrypt/neurovidas.com/fullchain.cer;
ssl_certificate_key /etc/letsencrypt/neurovidas.com/neurovidas.com.key;
# configuration file /etc/nginx/sites-enabled/ride.co:
server {
  #root traffic from unsecure http to https
        listen 80;      #listen ipv4 port 80
        listen [::]:80; #listen ipv6 port 80

        server_name ride.co www.ride.co;
        return 301 https://ride.co$request_uri;
}

server {
        server_name ride.co; # Replace with your domain name
        include /etc/nginx/snippets/https-ride.conf;

        root /var/www/ride.co; # Replace with your document root
        index index.html;
    }
# configuration file /etc/nginx/snippets/https-ride.conf:
listen 443 ssl http2;
listen [::]:443 ssl http2;
# RSA
ssl_certificate /etc/letsencrypt/ride.co/fullchain.cer;
ssl_certificate_key /etc/letsencrypt/ride.co/ride.co.key;
# configuration file /etc/nginx/sites-enabled/rotko.net:
server {
  #root traffic from unsecure http to https
        listen 80;      #listen ipv4 port 80
        listen [::]:80; #listen ipv6 port 80

        server_name rotko.net www.rotko.net;
        return 301 https://rotko.net$request_uri;
}

server {
        server_name rotko.net; # Replace with your domain name
        include /etc/nginx/snippets/https-rotko.conf;

        root /var/www/rotko.net; # Replace with your document root
        index index.html;

        location /grif {
                autoindex on;
        }
    }

# configuration file /etc/nginx/snippets/https-rotko.conf:
listen 443 ssl http2;
listen [::]:443 ssl http2;
# RSA
ssl_certificate /etc/letsencrypt/rotko.net/fullchain.cer;
ssl_certificate_key /etc/letsencrypt/rotko.net/rotko.net.key;
root@vmi342841:/etc/nginx/sites-available# acme.sh --issue --domain skb.rotko.net --webroot /var/www/skb.rotko.net/
[Wed 09 Dec 2020 06:20:35 PM CET] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Wed 09 Dec 2020 06:20:35 PM CET] Single domain='skb.rotko.net'
[Wed 09 Dec 2020 06:20:36 PM CET] Getting domain auth token for each domain
[Wed 09 Dec 2020 06:20:38 PM CET] Getting webroot for domain='skb.rotko.net'
[Wed 09 Dec 2020 06:20:38 PM CET] Verifying: skb.rotko.net
^C
root@vmi342841:/etc/nginx/sites-available# acme.sh --issue --domain skb.rotko.net --webroot /var/www/skb.rotko.net/ --de
bug 2
[Wed 09 Dec 2020 06:20:47 PM CET] Lets find script dir.
[Wed 09 Dec 2020 06:20:47 PM CET] _SCRIPT_='/etc/letsencrypt/acme.sh'
[Wed 09 Dec 2020 06:20:47 PM CET] _script='/etc/letsencrypt/acme.sh'
[Wed 09 Dec 2020 06:20:47 PM CET] _script_home='/etc/letsencrypt'
[Wed 09 Dec 2020 06:20:47 PM CET] Using config home:/etc/letsencrypt
[Wed 09 Dec 2020 06:20:47 PM CET] LE_WORKING_DIR='/etc/letsencrypt'
https://github.com/acmesh-official/acme.sh
v2.8.8
[Wed 09 Dec 2020 06:20:47 PM CET] Running cmd: issue
[Wed 09 Dec 2020 06:20:47 PM CET] _main_domain='skb.rotko.net'
[Wed 09 Dec 2020 06:20:47 PM CET] _alt_domains='no'
[Wed 09 Dec 2020 06:20:47 PM CET] Using config home:/etc/letsencrypt
[Wed 09 Dec 2020 06:20:47 PM CET] default_acme_server
[Wed 09 Dec 2020 06:20:47 PM CET] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Wed 09 Dec 2020 06:20:47 PM CET] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Wed 09 Dec 2020 06:20:47 PM CET] DOMAIN_PATH='/etc/letsencrypt/skb.rotko.net'
[Wed 09 Dec 2020 06:20:47 PM CET] '/var/www/skb.rotko.net/' does not contain 'dns'
[Wed 09 Dec 2020 06:20:47 PM CET] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Wed 09 Dec 2020 06:20:47 PM CET] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Wed 09 Dec 2020 06:20:47 PM CET] GET
[Wed 09 Dec 2020 06:20:47 PM CET] url='https://acme-v02.api.letsencrypt.org/directory'
[Wed 09 Dec 2020 06:20:47 PM CET] timeout=
[Wed 09 Dec 2020 06:20:47 PM CET] _CURL='curl -L --silent --dump-header /etc/letsencrypt/http.header  --trace-ascii /tmp/tmp.zJykY3Al38  -g '
[Wed 09 Dec 2020 06:20:48 PM CET] ret='0'
[Wed 09 Dec 2020 06:20:48 PM CET] response='{
  "HIJcF01n6A8": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}'
[Wed 09 Dec 2020 06:20:48 PM CET] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Wed 09 Dec 2020 06:20:48 PM CET] ACME_NEW_AUTHZ
[Wed 09 Dec 2020 06:20:48 PM CET] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Wed 09 Dec 2020 06:20:48 PM CET] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Wed 09 Dec 2020 06:20:48 PM CET] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Wed 09 Dec 2020 06:20:48 PM CET] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Wed 09 Dec 2020 06:20:48 PM CET] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Wed 09 Dec 2020 06:20:48 PM CET] ACME_VERSION='2'
[Wed 09 Dec 2020 06:20:48 PM CET] Le_NextRenewTime
[Wed 09 Dec 2020 06:20:48 PM CET] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Wed 09 Dec 2020 06:20:48 PM CET] _on_before_issue
[Wed 09 Dec 2020 06:20:48 PM CET] _chk_main_domain='skb.rotko.net'
[Wed 09 Dec 2020 06:20:48 PM CET] _chk_alt_domains
[Wed 09 Dec 2020 06:20:48 PM CET] '/var/www/skb.rotko.net/' does not contain 'no'
[Wed 09 Dec 2020 06:20:48 PM CET] Le_LocalAddress
[Wed 09 Dec 2020 06:20:48 PM CET] d='skb.rotko.net'
[Wed 09 Dec 2020 06:20:48 PM CET] Check for domain='skb.rotko.net'
[Wed 09 Dec 2020 06:20:48 PM CET] _currentRoot='/var/www/skb.rotko.net/'
[Wed 09 Dec 2020 06:20:48 PM CET] d
[Wed 09 Dec 2020 06:20:48 PM CET] '/var/www/skb.rotko.net/' does not contain 'apache'
[Wed 09 Dec 2020 06:20:48 PM CET] _saved_account_key_hash='PpB2y+bsB8TxnTYKkv5a+0qdRjrrDhBnpC8skcNTmYE='
[Wed 09 Dec 2020 06:20:48 PM CET] _saved_account_key_hash is not changed, skip register account.
[Wed 09 Dec 2020 06:20:48 PM CET] Read key length:
[Wed 09 Dec 2020 06:20:48 PM CET] _createcsr
[Wed 09 Dec 2020 06:20:48 PM CET] domain='skb.rotko.net'
[Wed 09 Dec 2020 06:20:48 PM CET] domainlist
[Wed 09 Dec 2020 06:20:48 PM CET] csrkey='/etc/letsencrypt/skb.rotko.net/skb.rotko.net.key'
[Wed 09 Dec 2020 06:20:48 PM CET] csr='/etc/letsencrypt/skb.rotko.net/skb.rotko.net.csr'
[Wed 09 Dec 2020 06:20:48 PM CET] csrconf='/etc/letsencrypt/skb.rotko.net/skb.rotko.net.csr.conf'
[Wed 09 Dec 2020 06:20:48 PM CET] Single domain='skb.rotko.net'
[Wed 09 Dec 2020 06:20:48 PM CET] _is_idn_d='skb.rotko.net'
[Wed 09 Dec 2020 06:20:48 PM CET] _idn_temp
[Wed 09 Dec 2020 06:20:48 PM CET] _is_idn_d='skb.rotko.net'
[Wed 09 Dec 2020 06:20:48 PM CET] _idn_temp
[Wed 09 Dec 2020 06:20:48 PM CET] _csr_cn='skb.rotko.net'
[Wed 09 Dec 2020 06:20:48 PM CET] Getting domain auth token for each domain
[Wed 09 Dec 2020 06:20:48 PM CET] _is_idn_d='skb.rotko.net'
[Wed 09 Dec 2020 06:20:48 PM CET] _idn_temp
[Wed 09 Dec 2020 06:20:48 PM CET] d
[Wed 09 Dec 2020 06:20:48 PM CET] _identifiers='{"type":"dns","value":"skb.rotko.net"}'
[Wed 09 Dec 2020 06:20:48 PM CET] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Wed 09 Dec 2020 06:20:48 PM CET] payload='{"identifiers": [{"type":"dns","value":"skb.rotko.net"}]}'
[Wed 09 Dec 2020 06:20:48 PM CET] RSA key
[Wed 09 Dec 2020 06:20:48 PM CET] Get nonce with HEAD. ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Wed 09 Dec 2020 06:20:48 PM CET] HEAD
[Wed 09 Dec 2020 06:20:48 PM CET] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Wed 09 Dec 2020 06:20:48 PM CET] body
[Wed 09 Dec 2020 06:20:48 PM CET] _postContentType='application/jose+json'
[Wed 09 Dec 2020 06:20:48 PM CET] _CURL='curl -L --silent --dump-header /etc/letsencrypt/http.header  --trace-ascii /tmp/tmp.jTDqhK4WXL  -g  -I  '
[Wed 09 Dec 2020 06:20:49 PM CET] _ret='0'
[Wed 09 Dec 2020 06:20:49 PM CET] _headers='HTTP/2 200
server: nginx
date: Wed, 09 Dec 2020 17:20:49 GMT
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0004m0cyDU3OlBUn030AUBiVAVRnisx-uYgvmH-Sqgjrm4I
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Wed 09 Dec 2020 06:20:49 PM CET] _CACHED_NONCE='0004m0cyDU3OlBUn030AUBiVAVRnisx-uYgvmH-Sqgjrm4I'
[Wed 09 Dec 2020 06:20:49 PM CET] nonce='0004m0cyDU3OlBUn030AUBiVAVRnisx-uYgvmH-Sqgjrm4I'
[Wed 09 Dec 2020 06:20:49 PM CET] POST
[Wed 09 Dec 2020 06:20:49 PM CET] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Wed 09 Dec 2020 06:20:49 PM CET] body='{"protected": "eyJub25jZSI6ICIwMDA0bTBjeURVM09sQlVuMDMwQVVCaVZBVlJuaXN4LXVZZ3ZtSC1TcWdqcm00SSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MTcwNTMzOCJ9", "payload": "eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6InNrYi5yb3Rrby5uZXQifV19", "signature": "I22gBKAZdYuL2I79MY6HOStfU4hMwVtDTtrndyi9KKUhCPRauL9eHKwExdkmRZA-bLSWSNmV6a1v1IgEpRV9Ye8PDLNHr_Zl5yY6aDFzliaCRHGBFe9Ue6cif-WZ8F9blAQPgG8fmByS4QYOXDKEQcGUdgiQ5BZBOnpUcvPzQz4dztQkio70IkEGzdSdL7LYj28UR7XFiYf39kdPpB6EuCH0w0qvgrHaEk1tbe72pmGcCjW4M-aB7Q2AtP36leBV6holFmEaNTw495Gvvpf836Ag_fpdjcYmbk7aHY5ySp7fGNU7r4CiIkYOAbytM9LBmU29bF_2aQ2uXXGJlTV5yw"}'
[Wed 09 Dec 2020 06:20:49 PM CET] _postContentType='application/jose+json'
[Wed 09 Dec 2020 06:20:49 PM CET] Http already initialized.
[Wed 09 Dec 2020 06:20:49 PM CET] _CURL='curl -L --silent --dump-header /etc/letsencrypt/http.header  --trace-ascii /tmp/tmp.jTDqhK4WXL  -g '
[Wed 09 Dec 2020 06:20:50 PM CET] _ret='0'
[Wed 09 Dec 2020 06:20:50 PM CET] responseHeaders='HTTP/2 201
server: nginx
date: Wed, 09 Dec 2020 17:20:50 GMT
content-type: application/json
content-length: 333
boulder-requester: 91705338
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
location: https://acme-v02.api.letsencrypt.org/acme/order/91705338/6651493443
replay-nonce: 0004Ygo26YH2j-5ZjES5v3EwkcXtFY3MT0sb0_o_8o3iOjc
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Wed 09 Dec 2020 06:20:50 PM CET] code='201'
[Wed 09 Dec 2020 06:20:50 PM CET] original='{
  "status": "pending",
  "expires": "2020-12-16T17:20:37Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "skb.rotko.net"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/9186503512"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/91705338/6651493443"
}'
[Wed 09 Dec 2020 06:20:50 PM CET] response='{"status":"pending","expires":"2020-12-16T17:20:37Z","identifiers":[{"type":"dns","value":"skb.rotko.net"}],"authorizations":["https://acme-v02.api.letsencrypt.org/acme/authz-v3/9186503512"],"finalize":"https://acme-v02.api.letsencrypt.org/acme/finalize/91705338/6651493443"}'
[Wed 09 Dec 2020 06:20:50 PM CET] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/91705338/6651493443'
[Wed 09 Dec 2020 06:20:50 PM CET] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/91705338/6651493443'
[Wed 09 Dec 2020 06:20:50 PM CET] _authorizations_seg='https://acme-v02.api.letsencrypt.org/acme/authz-v3/9186503512'
[Wed 09 Dec 2020 06:20:50 PM CET] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/9186503512'
[Wed 09 Dec 2020 06:20:50 PM CET] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/9186503512'
[Wed 09 Dec 2020 06:20:50 PM CET] payload
[Wed 09 Dec 2020 06:20:50 PM CET] Use cached jwk for file: /etc/letsencrypt/ca/acme-v02.api.letsencrypt.org/account.key
[Wed 09 Dec 2020 06:20:50 PM CET] Use _CACHED_NONCE='0004Ygo26YH2j-5ZjES5v3EwkcXtFY3MT0sb0_o_8o3iOjc'
[Wed 09 Dec 2020 06:20:50 PM CET] nonce='0004Ygo26YH2j-5ZjES5v3EwkcXtFY3MT0sb0_o_8o3iOjc'
[Wed 09 Dec 2020 06:20:50 PM CET] POST
[Wed 09 Dec 2020 06:20:50 PM CET] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/9186503512'
[Wed 09 Dec 2020 06:20:50 PM CET] body='{"protected": "eyJub25jZSI6ICIwMDA0WWdvMjZZSDJqLTVaakVTNXYzRXdrY1h0RlkzTVQwc2IwX29fOG8zaU9qYyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvOTE4NjUwMzUxMiIsICJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTE3MDUzMzgifQ", "payload": "", "signature": "mSDDdYVxPbefBhseiecUc-ylF8ttLQi9_DHViKWDVj9bfrCzRQkbsDgg7euZzu2NKL2S125Pt41Uyb73QgoVMLY_cIMx6vTVhSNX_IjjP4pQX00zkN_D2IRldiNNrx08it3ajBtrZQDg78UAJEheI9-PGu8iWnP8-qLeEpFNEESQ3YwB45PHMCBCzgw8X2KG7KAxOxVuN22LVKqizuohl53G1Tmy-Hd5G29KCqyBc1zaVP3pzcgkU_l9tJYfuxovNWp7nOZKxWpeHhieWKlcGCnNJsbO01KA_4uUExtnf0ZaKJl8l1tJpweb4E2yjbZS7mx9Eqfb5bnqa295523A_A"}'
[Wed 09 Dec 2020 06:20:50 PM CET] _postContentType='application/jose+json'
[Wed 09 Dec 2020 06:20:50 PM CET] Http already initialized.
[Wed 09 Dec 2020 06:20:50 PM CET] _CURL='curl -L --silent --dump-header /etc/letsencrypt/http.header  --trace-ascii /tmp/tmp.jTDqhK4WXL  -g '
[Wed 09 Dec 2020 06:20:51 PM CET] _ret='0'
[Wed 09 Dec 2020 06:20:51 PM CET] responseHeaders='HTTP/2 200
server: nginx
date: Wed, 09 Dec 2020 17:20:51 GMT
content-type: application/json
content-length: 791
boulder-requester: 91705338
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0003HvaJBtZUVeYgYZn7QNArIO26pT8hRlTAOo4vJlRwmXQ
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Wed 09 Dec 2020 06:20:51 PM CET] code='200'
[Wed 09 Dec 2020 06:20:51 PM CET] original='{
  "identifier": {
    "type": "dns",
    "value": "skb.rotko.net"
  },
  "status": "pending",
  "expires": "2020-12-16T17:20:37Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg",
      "token": "18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/QwEx3Q",
      "token": "18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/dztFzg",
      "token": "18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"
    }
  ]
}'
[Wed 09 Dec 2020 06:20:51 PM CET] response='{"identifier":{"type":"dns","value":"skb.rotko.net"},"status":"pending","expires":"2020-12-16T17:20:37Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/QwEx3Q","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/dztFzg","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"}]}'
[Wed 09 Dec 2020 06:20:51 PM CET] response='{"identifier":{"type":"dns","value":"skb.rotko.net"},"status":"pending","expires":"2020-12-16T17:20:37Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/QwEx3Q","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/dztFzg","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"}]}'
[Wed 09 Dec 2020 06:20:51 PM CET] _d='skb.rotko.net'
[Wed 09 Dec 2020 06:20:51 PM CET] _authorizations_map='skb.rotko.net,{"identifier":{"type":"dns","value":"skb.rotko.net"},"status":"pending","expires":"2020-12-16T17:20:37Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/QwEx3Q","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/dztFzg","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"}]}
'
[Wed 09 Dec 2020 06:20:51 PM CET] d='skb.rotko.net'
[Wed 09 Dec 2020 06:20:51 PM CET] Getting webroot for domain='skb.rotko.net'
[Wed 09 Dec 2020 06:20:51 PM CET] _w='/var/www/skb.rotko.net/'
[Wed 09 Dec 2020 06:20:51 PM CET] _currentRoot='/var/www/skb.rotko.net/'
[Wed 09 Dec 2020 06:20:51 PM CET] _is_idn_d='skb.rotko.net'
[Wed 09 Dec 2020 06:20:51 PM CET] _idn_temp
[Wed 09 Dec 2020 06:20:51 PM CET] _candidates='skb.rotko.net,{"identifier":{"type":"dns","value":"skb.rotko.net"},"status":"pending","expires":"2020-12-16T17:20:37Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/QwEx3Q","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/dztFzg","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"}]}'
[Wed 09 Dec 2020 06:20:51 PM CET] response='{"identifier":{"type":"dns","value":"skb.rotko.net"},"status":"pending","expires":"2020-12-16T17:20:37Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/QwEx3Q","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/dztFzg","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"}]}'
[Wed 09 Dec 2020 06:20:51 PM CET] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"'
[Wed 09 Dec 2020 06:20:51 PM CET] token='18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU'
[Wed 09 Dec 2020 06:20:51 PM CET] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg'
[Wed 09 Dec 2020 06:20:51 PM CET] keyauthorization='18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU.v5B0R0txPk1ca4VxyNIT_cW-xKstampPofp2WkIfQAM'
[Wed 09 Dec 2020 06:20:51 PM CET] dvlist='skb.rotko.net#18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU.v5B0R0txPk1ca4VxyNIT_cW-xKstampPofp2WkIfQAM#https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg#http-01#/var/www/skb.rotko.net/'
[Wed 09 Dec 2020 06:20:51 PM CET] d
[Wed 09 Dec 2020 06:20:51 PM CET] vlist='skb.rotko.net#18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU.v5B0R0txPk1ca4VxyNIT_cW-xKstampPofp2WkIfQAM#https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg#http-01#/var/www/skb.rotko.net/,'
[Wed 09 Dec 2020 06:20:51 PM CET] d='skb.rotko.net'
[Wed 09 Dec 2020 06:20:51 PM CET] ok, let's start to verify
[Wed 09 Dec 2020 06:20:51 PM CET] Verifying: skb.rotko.net
[Wed 09 Dec 2020 06:20:51 PM CET] d='skb.rotko.net'
[Wed 09 Dec 2020 06:20:51 PM CET] keyauthorization='18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU.v5B0R0txPk1ca4VxyNIT_cW-xKstampPofp2WkIfQAM'
[Wed 09 Dec 2020 06:20:51 PM CET] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg'
[Wed 09 Dec 2020 06:20:51 PM CET] _currentRoot='/var/www/skb.rotko.net/'
[Wed 09 Dec 2020 06:20:51 PM CET] wellknown_path='/var/www/skb.rotko.net//.well-known/acme-challenge'
[Wed 09 Dec 2020 06:20:51 PM CET] writing token:18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU to /var/www/skb.rotko.net//.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU
[Wed 09 Dec 2020 06:20:51 PM CET] Changing owner/group of .well-known to root:www-data
[Wed 09 Dec 2020 06:20:51 PM CET] Trigger domain validation.
[Wed 09 Dec 2020 06:20:51 PM CET] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg'
[Wed 09 Dec 2020 06:20:51 PM CET] _t_key_authz='18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU.v5B0R0txPk1ca4VxyNIT_cW-xKstampPofp2WkIfQAM'
[Wed 09 Dec 2020 06:20:51 PM CET] _t_vtype='http-01'
[Wed 09 Dec 2020 06:20:51 PM CET] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg'
[Wed 09 Dec 2020 06:20:51 PM CET] payload='{}'
[Wed 09 Dec 2020 06:20:51 PM CET] Use cached jwk for file: /etc/letsencrypt/ca/acme-v02.api.letsencrypt.org/account.key
[Wed 09 Dec 2020 06:20:51 PM CET] Use _CACHED_NONCE='0003HvaJBtZUVeYgYZn7QNArIO26pT8hRlTAOo4vJlRwmXQ'
[Wed 09 Dec 2020 06:20:51 PM CET] nonce='0003HvaJBtZUVeYgYZn7QNArIO26pT8hRlTAOo4vJlRwmXQ'
[Wed 09 Dec 2020 06:20:51 PM CET] POST
[Wed 09 Dec 2020 06:20:51 PM CET] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg'
[Wed 09 Dec 2020 06:20:51 PM CET] body='{"protected": "eyJub25jZSI6ICIwMDAzSHZhSkJ0WlVWZVlnWVpuN1FOQXJJTzI2cFQ4aFJsVEFPbzR2SmxSd21YUSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvOTE4NjUwMzUxMi9WREtZYmciLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzkxNzA1MzM4In0", "payload": "e30", "signature": "Mf6OPAJq3v4R6fHH94rZUUiOlG7gxjB8sCrOMeiN3sAyjK2QL1I7SQ9B9pm-mGbPHhw1hRrUy-mz6fetX-RxdwgFKIABZJU7Dobo_NkCvQelkHcS6hEujs6fkyX0CLEg97L1DtTRMLPIY8OF2gSfCgu_DoFl3E52tMEsKOpe1Jf6W3KSdsO-rKDyLiUDxPXx17P0kd-L930Vxqh0D3gdyqnLG5kXYmTA5Kp3qt_irkBTzyT3FdxMuV4dQuNqFOI4WrZr6VJZ1Py0m3PIO4qTdx6AaOegU29MybS7G2RoLetMgYVpgSS3eobP1DTXQIQEKQ84xx4R1lv3PErSVKxztw"}'
[Wed 09 Dec 2020 06:20:51 PM CET] _postContentType='application/jose+json'
[Wed 09 Dec 2020 06:20:51 PM CET] Http already initialized.
[Wed 09 Dec 2020 06:20:51 PM CET] _CURL='curl -L --silent --dump-header /etc/letsencrypt/http.header  --trace-ascii /tmp/tmp.jTDqhK4WXL  -g '
[Wed 09 Dec 2020 06:20:52 PM CET] _ret='0'
[Wed 09 Dec 2020 06:20:52 PM CET] responseHeaders='HTTP/2 200
server: nginx
date: Wed, 09 Dec 2020 17:20:52 GMT
content-type: application/json
content-length: 185
boulder-requester: 91705338
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
link: <https://acme-v02.api.letsencrypt.org/acme/authz-v3/9186503512>;rel="up"
location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg
replay-nonce: 0004ZEDgIfV0d7R2MjpMm32H93jQVr04w9xUFy9ZFPTTAjw
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Wed 09 Dec 2020 06:20:52 PM CET] code='200'
[Wed 09 Dec 2020 06:20:52 PM CET] original='{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg",
  "token": "18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"
}'
[Wed 09 Dec 2020 06:20:52 PM CET] response='{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU"}'
[Wed 09 Dec 2020 06:20:52 PM CET] trigger validation code: 200
[Wed 09 Dec 2020 06:20:52 PM CET] sleep 2 secs to verify
[Wed 09 Dec 2020 06:20:54 PM CET] checking
[Wed 09 Dec 2020 06:20:54 PM CET] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg'
[Wed 09 Dec 2020 06:20:54 PM CET] payload
[Wed 09 Dec 2020 06:20:54 PM CET] Use cached jwk for file: /etc/letsencrypt/ca/acme-v02.api.letsencrypt.org/account.key
[Wed 09 Dec 2020 06:20:54 PM CET] Use _CACHED_NONCE='0004ZEDgIfV0d7R2MjpMm32H93jQVr04w9xUFy9ZFPTTAjw'
[Wed 09 Dec 2020 06:20:54 PM CET] nonce='0004ZEDgIfV0d7R2MjpMm32H93jQVr04w9xUFy9ZFPTTAjw'
[Wed 09 Dec 2020 06:20:54 PM CET] POST
[Wed 09 Dec 2020 06:20:54 PM CET] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg'
[Wed 09 Dec 2020 06:20:54 PM CET] body='{"protected": "eyJub25jZSI6ICIwMDA0WkVEZ0lmVjBkN1IyTWpwTW0zMkg5M2pRVnIwNHc5eFVGeTlaRlBUVEFqdyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvOTE4NjUwMzUxMi9WREtZYmciLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzkxNzA1MzM4In0", "payload": "", "signature": "frTemgngBBg_kzC2-IUb8gfXJV8PN8gF0bi46cTD3sBZ2JxQiAcmzXqyjj3IO-I0NELUJFIhBNIdO9ZSZ0xt7O6t5ElOio_rDGi7PxuwjK_CvIXLdaiyAz8gSDvalSIoVq6u4ar18PuOcKgyMBJkjMJbIiNfuoE1COJ7oFqJUS7qonssYTneq_bGhOG2fAA1SyrSwiEa8dhr2DvraolJIWsyKTrwPRUSSR0o5Mo53FDHKZaroGrH6c2cz1t7qGTKZNl3lwLRJ4Vm6LotEM5Hs13F7QbEjRK5DPwmnNrQZ2JVMr2B8KX9s-5a6QSlpJH5uemAPOSKJJ5FLeF28fmijQ"}'
[Wed 09 Dec 2020 06:20:54 PM CET] _postContentType='application/jose+json'
[Wed 09 Dec 2020 06:20:54 PM CET] Http already initialized.
[Wed 09 Dec 2020 06:20:54 PM CET] _CURL='curl -L --silent --dump-header /etc/letsencrypt/http.header  --trace-ascii /tmp/tmp.jTDqhK4WXL  -g '
[Wed 09 Dec 2020 06:20:55 PM CET] _ret='0'
[Wed 09 Dec 2020 06:20:55 PM CET] responseHeaders='HTTP/2 200
server: nginx
date: Wed, 09 Dec 2020 17:20:55 GMT
content-type: application/json
content-length: 1238
boulder-requester: 91705338
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
link: <https://acme-v02.api.letsencrypt.org/acme/authz-v3/9186503512>;rel="up"
location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg
replay-nonce: 0003hH7wqqCTUdmWVpw2rqamY2WroMLB9puqZEnHbGCv7eU
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Wed 09 Dec 2020 06:20:55 PM CET] code='200'
[Wed 09 Dec 2020 06:20:55 PM CET] original='{
  "type": "http-01",
  "status": "invalid",
  "error": {
    "type": "urn:ietf:params:acme:error:unauthorized",
    "detail": "Invalid response from https://cbreeze.rotko.net/.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU [207.180.199.117]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-US\\\"\u003e\\n\u003chead\u003e\\n\\t    \u003cmeta charset=\\\"UTF-8\\\"\u003e\\n\\t    \u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, i\"",
    "status": 403
  },
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg",
  "token": "18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU",
  "validationRecord": [
    {
      "url": "http://skb.rotko.net/.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU",
      "hostname": "skb.rotko.net",
      "port": "80",
      "addressesResolved": [
        "207.180.199.117"
      ],
      "addressUsed": "207.180.199.117"
    },
    {
      "url": "https://cbreeze.rotko.net/.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU",
      "hostname": "cbreeze.rotko.net",
      "port": "443",
      "addressesResolved": [
        "207.180.199.117"
      ],
      "addressUsed": "207.180.199.117"
    }
  ]
}'
[Wed 09 Dec 2020 06:20:55 PM CET] response='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from https://cbreeze.rotko.net/.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU [207.180.199.117]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-US\\\"\u003e\\n\u003chead\u003e\\n\\t    \u003cmeta charset=\\\"UTF-8\\\"\u003e\\n\\t    \u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, i\"","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU","validationRecord":[{"url":"http://skb.rotko.net/.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU","hostname":"skb.rotko.net","port":"80","addressesResolved":["207.180.199.117"],"addressUsed":"207.180.199.117"},{"url":"https://cbreeze.rotko.net/.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU","hostname":"cbreeze.rotko.net","port":"443","addressesResolved":["207.180.199.117"],"addressUsed":"207.180.199.117"}]}'
[Wed 09 Dec 2020 06:20:55 PM CET] original='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from https://cbreeze.rotko.net/.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU [207.180.199.117]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-US\\\"\u003e\\n\u003chead\u003e\\n\\t    \u003cmeta charset=\\\"UTF-8\\\"\u003e\\n\\t    \u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, i\"","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU","validationRecord":[{"url":"http://skb.rotko.net/.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU","hostname":"skb.rotko.net","port":"80","addressesResolved":["207.180.199.117"],"addressUsed":"207.180.199.117"},{"url":"https://cbreeze.rotko.net/.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU","hostname":"cbreeze.rotko.net","port":"443","addressesResolved":["207.180.199.117"],"addressUsed":"207.180.199.117"}]}'
[Wed 09 Dec 2020 06:20:55 PM CET] response='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from https://cbreeze.rotko.net/.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU [207.180.199.117]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-US\\\"\u003e\\n\u003chead\u003e\\n\\t    \u003cmeta charset=\\\"UTF-8\\\"\u003e\\n\\t    \u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, i\"","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg","token":"18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU","validationRecord":[{"url":"http://skb.rotko.net/.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU","hostname":"skb.rotko.net","port":"80","addressesResolved":["207.180.199.117"],"addressUsed":"207.180.199.117"},{"url":"https://cbreeze.rotko.net/.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU","hostname":"cbreeze.rotko.net","port":"443","addressesResolved":["207.180.199.117"],"addressUsed":"207.180.199.117"}]}'
[Wed 09 Dec 2020 06:20:55 PM CET] error='"error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from https://cbreeze.rotko.net/.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU [207.180.199.117]: '
[Wed 09 Dec 2020 06:20:55 PM CET] errordetail='Invalid response from https://cbreeze.rotko.net/.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU [207.180.199.117]: '
[Wed 09 Dec 2020 06:20:55 PM CET] skb.rotko.net:Verify error:Invalid response from https://cbreeze.rotko.net/.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU [207.180.199.117]:
[Wed 09 Dec 2020 06:20:55 PM CET] Debug: get token url.
[Wed 09 Dec 2020 06:20:55 PM CET] GET
[Wed 09 Dec 2020 06:20:55 PM CET] url='http://skb.rotko.net/.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU'
[Wed 09 Dec 2020 06:20:55 PM CET] timeout=1
[Wed 09 Dec 2020 06:20:55 PM CET] Http already initialized.
[Wed 09 Dec 2020 06:20:55 PM CET] _CURL='curl -L --silent --dump-header /etc/letsencrypt/http.header  --trace-ascii /tmp/tmp.jTDqhK4WXL  -g  --connect-timeout 1'
[Wed 09 Dec 2020 06:21:00 PM CET] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 28
[Wed 09 Dec 2020 06:21:00 PM CET] Here is the curl dump log:
[Wed 09 Dec 2020 06:21:00 PM CET] == Info: Resolving timed out after 1000 milliseconds
== Info: Closing connection 0
[Wed 09 Dec 2020 06:21:00 PM CET] ret='28'
[Wed 09 Dec 2020 06:21:00 PM CET] Debugging, skip removing: /var/www/skb.rotko.net//.well-known/acme-challenge/18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU
[Wed 09 Dec 2020 06:21:00 PM CET] pid
[Wed 09 Dec 2020 06:21:00 PM CET] No need to restore nginx, skip.
[Wed 09 Dec 2020 06:21:00 PM CET] _clearupdns
[Wed 09 Dec 2020 06:21:00 PM CET] dns_entries
[Wed 09 Dec 2020 06:21:00 PM CET] skip dns.
[Wed 09 Dec 2020 06:21:00 PM CET] _on_issue_err
[Wed 09 Dec 2020 06:21:00 PM CET] Please add '--debug' or '--log' to check more details.
[Wed 09 Dec 2020 06:21:00 PM CET] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
[Wed 09 Dec 2020 06:21:00 PM CET] _chk_vlist='skb.rotko.net#18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU.v5B0R0txPk1ca4VxyNIT_cW-xKstampPofp2WkIfQAM#https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg#http-01#/var/www/skb.rotko.net/,'
[Wed 09 Dec 2020 06:21:00 PM CET] start to deactivate authz
[Wed 09 Dec 2020 06:21:00 PM CET] Trigger domain validation.
[Wed 09 Dec 2020 06:21:00 PM CET] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg'
[Wed 09 Dec 2020 06:21:00 PM CET] _t_key_authz='18Vte4b6w0wDyXHEc-bFt1_h5K4pACgKH-igplGDApU.v5B0R0txPk1ca4VxyNIT_cW-xKstampPofp2WkIfQAM'
[Wed 09 Dec 2020 06:21:00 PM CET] _t_vtype
[Wed 09 Dec 2020 06:21:00 PM CET] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg'
[Wed 09 Dec 2020 06:21:00 PM CET] payload='{}'
[Wed 09 Dec 2020 06:21:00 PM CET] Use cached jwk for file: /etc/letsencrypt/ca/acme-v02.api.letsencrypt.org/account.key
[Wed 09 Dec 2020 06:21:00 PM CET] Use _CACHED_NONCE='0003hH7wqqCTUdmWVpw2rqamY2WroMLB9puqZEnHbGCv7eU'
[Wed 09 Dec 2020 06:21:00 PM CET] nonce='0003hH7wqqCTUdmWVpw2rqamY2WroMLB9puqZEnHbGCv7eU'
[Wed 09 Dec 2020 06:21:00 PM CET] POST
[Wed 09 Dec 2020 06:21:00 PM CET] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/9186503512/VDKYbg'
[Wed 09 Dec 2020 06:21:00 PM CET] body='{"protected": "eyJub25jZSI6ICIwMDAzaEg3d3FxQ1RVZG1XVnB3MnJxYW1ZMldyb01MQjlwdXFaRW5IYkdDdjdlVSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvOTE4NjUwMzUxMi9WREtZYmciLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzkxNzA1MzM4In0", "payload": "e30", "signature": "CmpCP1GAiB9nRapUHMu9K62L4uShxxah3PjySKuNkm-DzuNfdeZT8G3UUQ_RL8Tra7Ixf-naqR8iccsF-8Z6dKxdSWxYOkrLMksdm1mGSx72_iwXcf3hyd_Xi2noQEPDvCtI7Ed1u490fEe0j1r3b_hB5exzps5RUWwYQRId-aBP35wQEW_uI8mQgDb0tOtnBR011uItyv4eUUoBhbQT6fvoc6CmReyY0QooUjSnjGsd0HBJKM8LWfEvTgPCVbDSXu63bSvVETFa0uH7j4LFvAX4ENG9tTj_beCjPoDzomRriF8SQ6jJDaH6jKj49LEHZb01wylTV6kMBBE-R88iPg"}'
[Wed 09 Dec 2020 06:21:00 PM CET] _postContentType='application/jose+json'
[Wed 09 Dec 2020 06:21:00 PM CET] Http already initialized.
[Wed 09 Dec 2020 06:21:00 PM CET] _CURL='curl -L --silent --dump-header /etc/letsencrypt/http.header  --trace-ascii /tmp/tmp.jTDqhK4WXL  -g '
[Wed 09 Dec 2020 06:21:01 PM CET] _ret='0'
[Wed 09 Dec 2020 06:21:01 PM CET] responseHeaders='HTTP/2 400
server: nginx
date: Wed, 09 Dec 2020 17:21:01 GMT
content-type: application/problem+json
content-length: 144
boulder-requester: 91705338
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0003PrfgwQr-J9j_SvXhHX7k7hZFhd9K94v_n00yD49MKlw
'
[Wed 09 Dec 2020 06:21:01 PM CET] code='400'
[Wed 09 Dec 2020 06:21:01 PM CET] original='{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Unable to update challenge :: authorization must be pending",
  "status": 400
}'
[Wed 09 Dec 2020 06:21:01 PM CET] response='{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Unable to update challenge :: authorization must be pending",
  "status": 400
}'
[Wed 09 Dec 2020 06:21:01 PM CET] Diagnosis versions:
openssl:openssl
OpenSSL 1.1.1g  21 Apr 2020
apache:
apache doesn't exist.
nginx:
nginx version: Tommi_Niemi nginx/1.19.1Ubuntu focal PHP 7.4.7
built by gcc 9.3.0 (Ubuntu 9.3.0-10ubuntu2)
built with OpenSSL 1.1.1f  31 Mar 2020 (running with OpenSSL 1.1.1g  21 Apr 2020)
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --add-module=/root/nginx-1.19.1/debian/modules/ngx_pagespeed --add-module=/root/nginx-1.19.1/debian/modules/ngx_brotli --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-g -O2 -fdebug-prefix-map=/root/nginx-1.19.1=. -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie'
socat:
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
socat version 1.7.3.3 on Oct 26 2019 17:42:04
   running on Linux version #52-Ubuntu SMP Thu Sep 10 10:58:49 UTC 2020, release 5.4.0-48-generic, machine x86_64
features:
  #define WITH_STDIO 1
  #define WITH_FDNUM 1
  #define WITH_FILE 1
  #define WITH_CREAT 1
  #define WITH_GOPEN 1
  #define WITH_TERMIOS 1
  #define WITH_PIPE 1
  #define WITH_UNIX 1
  #define WITH_ABSTRACT_UNIXSOCKET 1
  #define WITH_IP4 1
  #define WITH_IP6 1
  #define WITH_RAWIP 1
  #define WITH_GENERICSOCKET 1
  #define WITH_INTERFACE 1
  #define WITH_TCP 1
  #define WITH_UDP 1
  #define WITH_SCTP 1
  #define WITH_LISTEN 1
  #define WITH_SOCKS4 1
  #define WITH_SOCKS4A 1
  #define WITH_PROXY 1
  #define WITH_SYSTEM 1
  #define WITH_EXEC 1
  #undef WITH_READLINE
  #define WITH_TUN 1
  #define WITH_PTY 1
  #define WITH_OPENSSL 1
  #undef WITH_FIPS
  #define WITH_LIBWRAP 1
  #define WITH_SYCLS 1
  #define WITH_FILAN 1
  #define WITH_RETRY 1
  #define WITH_MSGLEVEL 0 /*debug*/
Juliaria08 commented 2 years ago

@hitchhooker See Let's Encrypt's Rate Limits, from your log "detail": "Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/ ",