SuSaiGit
commented
3 years ago @Neilpang I believe this is a regression. The error is gone with acme.sh v2.8.8 https://codeload.github.com/acmesh-official/acme.sh/tar.gz/refs/tags/2.8.8
Open SuSaiGit opened 3 years ago
SuSaiGit
commented
3 years ago @Neilpang I believe this is a regression. The error is gone with acme.sh v2.8.8 https://codeload.github.com/acmesh-official/acme.sh/tar.gz/refs/tags/2.8.8
HQJaTu
commented
3 years ago It seems Sectigo broke their end. Certificate information from acme.zerossl.com:
Certificate information:
Cert doesn't match host acme.zerossl.com it was requested from
Cert not expired
Validity: 2021-06-18 00:00:00 - 2022-06-18 23:59:59
Subject:
serialNumber=04058690
jurisdictionCountryName=GB
countryName=GB
stateOrProvinceName=Manchester
localityName=Salford
organizationName=Sectigo Limited
commonName=acme.sectigo.com
Alternate names:
DNS-names: acme.sectigo.com, www.acme.sectigo.com
Verification: EVThe Common Name won't match requested hostname and acme.sh has no choice but to retry and eventually give up.
For sake of testing, I did try endpoint https://acme.sectigo.com/v2/DV90, but that did not end up well. It is not an ACME-server.
elyohan14
commented
3 years ago I have the same problem, https://acme.sectigo.com/v2/DV90 is not working
HQJaTu
commented
3 years ago Problem is sorted:
Certificate information:
Cert matches host acme.zerossl.com it was requested from
Cert not expired
Validity: 2020-07-01 00:00:00 - 2021-07-31 00:00:00
Subject:
Alternate names:
DNS-names: acme.sectigo.com, acme.trust-provider.com, acme.zerossl.com
Verification: DV
Serial #: 63085572757860609128096566398942474186
Signature algo: sha256
Public key (RSAPublicKey) SHA-1: 605948cdb900ba194be806e32b75b42e949830f3All good. Managed to request a certificate and was issued one ok.
If I'd guess, somebody simply installed wrong cert to the endpoint. The one installed currently looks completely different as it is issued by Sectigo RSA Domain Validation Secure Server CA. The bad one looked like corporate own one issued by Sectigo RSA Extended Validation Secure Server CA.
ayn
commented
3 years ago @Neilpang I believe this is a regression. The error is gone with acme.sh v2.8.8 https://codeload.github.com/acmesh-official/acme.sh/tar.gz/refs/tags/2.8.8
yup, reverting to 2.8.8 works great.
Neilpang
commented
3 years ago please upgrade to the latest code. it's fixed.
acme.sh --upgrade
Steps to reproduce
This command was working just a couple of days ago. Now it constantly returns exit code 3. ./acme.sh --renew --dns -d "*.example.com" --yes-I-know-dns-manual-mode-enough-go-ahead-please --force --debug 2
Debug log
[Wed Jul 28 20:52:10 UTC 2021] Lets find script dir. [Wed Jul 28 20:52:10 UTC 2021] SCRIPT='./acme.sh' [Wed Jul 28 20:52:10 UTC 2021] _script='/opt/automation/atlas.release.deploy/acme.sh/acme.sh' [Wed Jul 28 20:52:10 UTC 2021] _script_home='/opt/automation/atlas.release.deploy/acme.sh' [Wed Jul 28 20:52:10 UTC 2021] Using default home:/root/.acme.sh [Wed Jul 28 20:52:10 UTC 2021] Using config home:/root/.acme.sh [Wed Jul 28 20:52:10 UTC 2021] LE_WORKING_DIR='/root/.acme.sh' [Wed Jul 28 20:52:10 UTC 2021] Running cmd: renew [Wed Jul 28 20:52:10 UTC 2021] Using config home:/root/.acme.sh [Wed Jul 28 20:52:10 UTC 2021] default_acme_server [Wed Jul 28 20:52:10 UTC 2021] ACME_DIRECTORY='https://acme.zerossl.com/v2/DV90' [Wed Jul 28 20:52:10 UTC 2021] _ACME_SERVER_HOST='acme.zerossl.com' [Wed Jul 28 20:52:10 UTC 2021] _ACME_SERVER_PATH='v2/DV90' [Wed Jul 28 20:52:10 UTC 2021] DOMAIN_PATH='/root/.acme.sh/.example.com' [Wed Jul 28 20:52:10 UTC 2021] Le_API='https://acme.zerossl.com/v2/DV90' [Wed Jul 28 20:52:10 UTC 2021] Using config home:/root/.acme.sh [Wed Jul 28 20:52:10 UTC 2021] ACME_DIRECTORY='https://acme.zerossl.com/v2/DV90' [Wed Jul 28 20:52:10 UTC 2021] _ACME_SERVER_HOST='acme.zerossl.com' [Wed Jul 28 20:52:10 UTC 2021] _ACME_SERVER_PATH='v2/DV90' [Wed Jul 28 20:52:10 UTC 2021] _init api for server: https://acme.zerossl.com/v2/DV90 [Wed Jul 28 20:52:10 UTC 2021] Retrying GET [Wed Jul 28 20:52:10 UTC 2021] GET [Wed Jul 28 20:52:10 UTC 2021] url='https://acme.zerossl.com/v2/DV90' [Wed Jul 28 20:52:10 UTC 2021] timeout= [Wed Jul 28 20:52:10 UTC 2021] displayError='1' [Wed Jul 28 20:52:10 UTC 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.WLlwNJsfPH -g ' [Wed Jul 28 20:52:10 UTC 2021] ret='0' [Wed Jul 28 20:52:10 UTC 2021] _hcode='0' [Wed Jul 28 20:52:10 UTC 2021] response='{ "newNonce": "https://acme.zerossl.com/v2/DV90/newNonce", "newAccount": "https://acme.zerossl.com/v2/DV90/newAccount", "newOrder": "https://acme.zerossl.com/v2/DV90/newOrder", "revokeCert": "https://acme.zerossl.com/v2/DV90/revokeCert", "keyChange": "https://acme.zerossl.com/v2/DV90/keyChange", "meta": { "termsOfService": "https://secure.trust-provider.com/repository/docs/Legacy/20201020_Certificate_Subscriber_Agreement_v_2_4_click.pdf", "website": "https://zerossl.com", "caaIdentities": ["sectigo.com", "trust-provider.com", "usertrust.com", "comodoca.com", "comodo.com"], "externalAccountRequired": true } }' [Wed Jul 28 20:52:10 UTC 2021] ACME_KEY_CHANGE='https://acme.zerossl.com/v2/DV90/keyChange' [Wed Jul 28 20:52:10 UTC 2021] ACME_NEW_AUTHZ [Wed Jul 28 20:52:10 UTC 2021] ACME_NEW_ORDER='https://acme.zerossl.com/v2/DV90/newOrder' [Wed Jul 28 20:52:10 UTC 2021] ACME_NEW_ACCOUNT='https://acme.zerossl.com/v2/DV90/newAccount' [Wed Jul 28 20:52:10 UTC 2021] ACME_REVOKE_CERT='https://acme.zerossl.com/v2/DV90/revokeCert' [Wed Jul 28 20:52:10 UTC 2021] ACME_AGREEMENT='https://secure.trust-provider.com/repository/docs/Legacy/20201020_Certificate_Subscriber_Agreement_v_2_4_click.pdf' [Wed Jul 28 20:52:10 UTC 2021] ACME_NEW_NONCE='https://acme.zerossl.com/v2/DV90/newNonce' [Wed Jul 28 20:52:10 UTC 2021] _main_domain='.example.com' [Wed Jul 28 20:52:10 UTC 2021] _alt_domains='no' [Wed Jul 28 20:52:10 UTC 2021] 'dns' contains 'dns' [Wed Jul 28 20:52:10 UTC 2021] Using ACME_DIRECTORY: https://acme.zerossl.com/v2/DV90 [Wed Jul 28 20:52:10 UTC 2021] _init api for server: https://acme.zerossl.com/v2/DV90 [Wed Jul 28 20:52:10 UTC 2021] Le_NextRenewTime='1632598048' [Wed Jul 28 20:52:10 UTC 2021] _on_before_issue [Wed Jul 28 20:52:10 UTC 2021] _chk_main_domain='.example.com' [Wed Jul 28 20:52:10 UTC 2021] _chk_alt_domains [Wed Jul 28 20:52:10 UTC 2021] 'dns' does not contain 'no' [Wed Jul 28 20:52:10 UTC 2021] Le_LocalAddress [Wed Jul 28 20:52:10 UTC 2021] d='.example.com' [Wed Jul 28 20:52:10 UTC 2021] Check for domain='.example.com' [Wed Jul 28 20:52:10 UTC 2021] _currentRoot='dns' [Wed Jul 28 20:52:10 UTC 2021] d [Wed Jul 28 20:52:10 UTC 2021] 'dns' does not contain 'apache' [Wed Jul 28 20:52:10 UTC 2021] _saved_account_key_hash='dzX/oZQoVBfFOaMRK82EvJOV8z55xn7VEJOQZmbuKi0=' [Wed Jul 28 20:52:10 UTC 2021] _saved_account_key_hash is not changed, skip register account. [Wed Jul 28 20:52:10 UTC 2021] Read key length: [Wed Jul 28 20:52:10 UTC 2021] _createcsr [Wed Jul 28 20:52:10 UTC 2021] domain='.example.com' [Wed Jul 28 20:52:10 UTC 2021] domainlist [Wed Jul 28 20:52:10 UTC 2021] csrkey='/root/.acme.sh/.example.com/.example.com.key' [Wed Jul 28 20:52:10 UTC 2021] csr='/root/.acme.sh/.example.com/.example.com.csr' [Wed Jul 28 20:52:10 UTC 2021] csrconf='/root/.acme.sh/.example.com/.example.com.csr.conf' [Wed Jul 28 20:52:10 UTC 2021] _is_idn_d='.example.com' [Wed Jul 28 20:52:10 UTC 2021] _idn_temp [Wed Jul 28 20:52:10 UTC 2021] _is_idn_d='.example.com' [Wed Jul 28 20:52:10 UTC 2021] _idn_temp [Wed Jul 28 20:52:10 UTC 2021] _csr_cn='.example.com' [Wed Jul 28 20:52:10 UTC 2021] ok, let's start to verify [Wed Jul 28 20:52:10 UTC 2021] d='.example.com' [Wed Jul 28 20:52:10 UTC 2021] keyauthorization='**' [Wed Jul 28 20:52:10 UTC 2021] uri='https://acme.zerossl.com/v2/DV90/chall/G8ZUfdiPo2pJT6HEHQFTDQ' [Wed Jul 28 20:52:10 UTC 2021] _currentRoot='dns' [Wed Jul 28 20:52:10 UTC 2021] Trigger domain validation. [Wed Jul 28 20:52:10 UTC 2021] _t_url='https://acme.zerossl.com/v2/DV90/chall/G8ZUfdiPo2pJT6HEHQFTDQ' [Wed Jul 28 20:52:10 UTC 2021] _t_key_authz='**' [Wed Jul 28 20:52:10 UTC 2021] _t_vtype='dns-01' [Wed Jul 28 20:52:10 UTC 2021] url='https://acme.zerossl.com/v2/DV90/chall/G8ZUfdiPo2pJT6HEHQFTDQ' [Wed Jul 28 20:52:10 UTC 2021] payload='{}' [Wed Jul 28 20:52:10 UTC 2021] RSA key [Wed Jul 28 20:52:10 UTC 2021] Get nonce with HEAD. ACME_NEW_NONCE='https://acme.zerossl.com/v2/DV90/newNonce' [Wed Jul 28 20:52:10 UTC 2021] Retrying post [Wed Jul 28 20:52:10 UTC 2021] HEAD [Wed Jul 28 20:52:10 UTC 2021] _post_url='https://acme.zerossl.com/v2/DV90/newNonce' [Wed Jul 28 20:52:10 UTC 2021] body [Wed Jul 28 20:52:10 UTC 2021] _postContentType='application/jose+json' [Wed Jul 28 20:52:10 UTC 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.BspdD1mQwu -g -I ' [Wed Jul 28 20:52:10 UTC 2021] _ret='0' [Wed Jul 28 20:52:10 UTC 2021] _hcode='0' [Wed Jul 28 20:52:10 UTC 2021] _headers='HTTP/2 200 server: nginx date: Wed, 28 Jul 2021 20:52:10 GMT content-type: application/octet-stream replay-nonce: ** cache-control: max-age=-1 access-control-allow-origin: * link: https://acme.zerossl.com/v2/DV90;rel="index" strict-transport-security: max-age=15552000 ' [Wed Jul 28 20:52:10 UTC 2021] _CACHED_NONCE='**' [Wed Jul 28 20:52:10 UTC 2021] nonce='**' [Wed Jul 28 20:52:10 UTC 2021] Retrying post [Wed Jul 28 20:52:10 UTC 2021] POST [Wed Jul 28 20:52:10 UTC 2021] _post_url='https://acme.zerossl.com/v2/DV90/chall/G8ZUfdiPo2pJT6HEHQFTDQ' [Wed Jul 28 20:52:10 UTC 2021] body='{"protected": "**"}' [Wed Jul 28 20:52:10 UTC 2021] _postContentType='application/jose+json' [Wed Jul 28 20:52:10 UTC 2021] Http already initialized. [Wed Jul 28 20:52:10 UTC 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.BspdD1mQwu -g ' [Wed Jul 28 20:52:10 UTC 2021] _ret='0' [Wed Jul 28 20:52:10 UTC 2021] _hcode='0' [Wed Jul 28 20:52:10 UTC 2021] responseHeaders='HTTP/2 200 server: nginx date: Wed, 28 Jul 2021 20:52:10 GMT content-type: application/json content-length: 163 replay-nonce: JZRdK3Jm5VaD_0jwFll6M2Th3bHWJpcWglQ7y6OW1RQ cache-control: max-age=-1 access-control-allow-origin: * link: https://acme.zerossl.com/v2/DV90;rel="index" link: https://acme.zerossl.com/v2/DV90/authz/nkr93hHb0-DSAjfOOXp8hQ;rel="up" retry-after: 10 strict-transport-security: max-age=15552000 ' [Wed Jul 28 20:52:10 UTC 2021] code='200' [Wed Jul 28 20:52:10 UTC 2021] original='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/G8ZUfdiPo2pJT6HEHQFTDQ","status":"processing","token":"**"}' [Wed Jul 28 20:52:10 UTC 2021] response='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/G8ZUfdiPo2pJT6HEHQFTDQ","status":"processing","token":"**"}' [Wed Jul 28 20:52:10 UTC 2021] trigger validation code: 200 [Wed Jul 28 20:52:10 UTC 2021] original='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/G8ZUfdiPo2pJT6HEHQFTDQ","status":"processing","token":"**"}' [Wed Jul 28 20:52:10 UTC 2021] response='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/G8ZUfdiPo2pJT6HEHQFTDQ","status":"processing","token":"**"}' [Wed Jul 28 20:52:10 UTC 2021] status='processing' [Wed Jul 28 20:52:10 UTC 2021] sleep 2 secs to verify again [Wed Jul 28 20:52:12 UTC 2021] checking [Wed Jul 28 20:52:12 UTC 2021] url='https://acme.zerossl.com/v2/DV90/chall/G8ZUfdiPo2pJT6HEHQFTDQ' [Wed Jul 28 20:52:12 UTC 2021] payload [Wed Jul 28 20:52:12 UTC 2021] Use cached jwk for file: /root/.acme.sh/ca/acme.zerossl.com/v2/DV90/account.key [Wed Jul 28 20:52:12 UTC 2021] Use _CACHED_NONCE='JZRdK3Jm5VaD_0jwFll6M2Th3bHWJpcWglQ7y6OW1RQ' [Wed Jul 28 20:52:12 UTC 2021] nonce='JZRdK3Jm5VaD_0jwFll6M2Th3bHWJpcWglQ7y6OW1RQ' [Wed Jul 28 20:52:12 UTC 2021] Retrying post [Wed Jul 28 20:52:12 UTC 2021] POST [Wed Jul 28 20:52:12 UTC 2021] _post_url='https://acme.zerossl.com/v2/DV90/chall/G8ZUfdiPo2pJT6HEHQFTDQ' [Wed Jul 28 20:52:12 UTC 2021] body='{"protected": "**", "payload": "", "signature": "**"}' [Wed Jul 28 20:52:12 UTC 2021] _postContentType='application/jose+json' [Wed Jul 28 20:52:12 UTC 2021] Http already initialized. [Wed Jul 28 20:52:12 UTC 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.BspdD1mQwu -g ' [Wed Jul 28 20:52:13 UTC 2021] _ret='0' [Wed Jul 28 20:52:13 UTC 2021] _hcode='0' [Wed Jul 28 20:52:13 UTC 2021] responseHeaders='HTTP/2 200 server: nginx date: Wed, 28 Jul 2021 20:52:13 GMT content-type: application/json content-length: 193 replay-nonce: bAV-cI7X9Wz-MFj6DqWQrHZ51u8YX_1FBMg0IEOus_I cache-control: max-age=-1 access-control-allow-origin: * link: https://acme.zerossl.com/v2/DV90;rel="index" link: https://acme.zerossl.com/v2/DV90/authz/nkr93hHb0-DSAjfOOXp8hQ;rel="up" retry-after: 10 strict-transport-security: max-age=15552000 ' [Wed Jul 28 20:52:13 UTC 2021] code='200' [Wed Jul 28 20:52:13 UTC 2021] original='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/G8ZUfdiPo2pJT6HEHQFTDQ","status":"valid","validated":"2021-07-28T20:52:11Z","token":"**"}' [Wed Jul 28 20:52:13 UTC 2021] response='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/G8ZUfdiPo2pJT6HEHQFTDQ","status":"valid","validated":"2021-07-28T20:52:11Z","token":"**"}' [Wed Jul 28 20:52:13 UTC 2021] original='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/G8ZUfdiPo2pJT6HEHQFTDQ","status":"valid","validated":"2021-07-28T20:52:11Z","token":"**"}' [Wed Jul 28 20:52:13 UTC 2021] response='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/G8ZUfdiPo2pJT6HEHQFTDQ","status":"valid","validated":"2021-07-28T20:52:11Z","token":"**"}' [Wed Jul 28 20:52:13 UTC 2021] status='valid' [Wed Jul 28 20:52:13 UTC 2021] pid [Wed Jul 28 20:52:13 UTC 2021] Skip for removelevel: [Wed Jul 28 20:52:13 UTC 2021] pid [Wed Jul 28 20:52:13 UTC 2021] No need to restore nginx, skip. [Wed Jul 28 20:52:13 UTC 2021] _clearupdns [Wed Jul 28 20:52:13 UTC 2021] dns_entries [Wed Jul 28 20:52:13 UTC 2021] skip dns. [Wed Jul 28 20:52:13 UTC 2021] i='2' [Wed Jul 28 20:52:13 UTC 2021] j='16' [Wed Jul 28 20:52:13 UTC 2021] url [Wed Jul 28 20:52:13 UTC 2021] payload='{"csr": "**"}' [Wed Jul 28 20:52:13 UTC 2021] Use cached jwk for file: /root/.acme.sh/ca/acme.zerossl.com/v2/DV90/account.key [Wed Jul 28 20:52:13 UTC 2021] Use _CACHED_NONCE='bAV-cI7X9Wz-MFj6DqWQrHZ51u8YX_1FBMg0IEOus_I' [Wed Jul 28 20:52:13 UTC 2021] nonce='bAV-cI7X9Wz-MFj6DqWQrHZ51u8YX_1FBMg0IEOus_I' [Wed Jul 28 20:52:13 UTC 2021] Retrying post [Wed Jul 28 20:52:13 UTC 2021] POST [Wed Jul 28 20:52:13 UTC 2021] _post_url [Wed Jul 28 20:52:13 UTC 2021] body='{"protected": "**", "payload": "**", "signature": "**"}' [Wed Jul 28 20:52:13 UTC 2021] _postContentType='application/jose+json' [Wed Jul 28 20:52:13 UTC 2021] Http already initialized. [Wed Jul 28 20:52:13 UTC 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.BspdD1mQwu -g ' [Wed Jul 28 20:52:13 UTC 2021] Here is the curl dump log: [Wed Jul 28 20:52:13 UTC 2021] == Info: malformed
== Info: Closing connection -1
[Wed Jul 28 20:52:13 UTC 2021] _ret='3'
[Wed Jul 28 20:52:13 UTC 2021] _hcode='3'
[Wed Jul 28 20:52:14 UTC 2021] Retrying post
[Wed Jul 28 20:52:14 UTC 2021] POST
[Wed Jul 28 20:52:14 UTC 2021] _post_url
[Wed Jul 28 20:52:14 UTC 2021] body='{"protected": "**", "payload": "**", "signature": "**"}'
[Wed Jul 28 20:52:14 UTC 2021] _postContentType='application/jose+json'
[Wed Jul 28 20:52:14 UTC 2021] Http already initialized.
[Wed Jul 28 20:52:14 UTC 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.BspdD1mQwu -g '
[Wed Jul 28 20:52:14 UTC 2021] Here is the curl dump log:
[Wed Jul 28 20:52:14 UTC 2021] == Info: malformed
== Info: Closing connection -1
[Wed Jul 28 20:52:14 UTC 2021] _ret='3'
[Wed Jul 28 20:52:14 UTC 2021] _hcode='3'
[Wed Jul 28 20:52:15 UTC 2021] Retrying post
[Wed Jul 28 20:52:15 UTC 2021] POST
[Wed Jul 28 20:52:15 UTC 2021] _post_url
[Wed Jul 28 20:52:15 UTC 2021] body='{"protected": "**", "payload": "**", "signature": "**"}'
[Wed Jul 28 20:52:15 UTC 2021] _postContentType='application/jose+json'
[Wed Jul 28 20:52:15 UTC 2021] Http already initialized.
[Wed Jul 28 20:52:15 UTC 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.BspdD1mQwu -g '
[Wed Jul 28 20:52:15 UTC 2021] Here is the curl dump log:
[Wed Jul 28 20:52:15 UTC 2021] == Info: malformed
== Info: Closing connection -1
[Wed Jul 28 20:52:15 UTC 2021] _ret='3'
[Wed Jul 28 20:52:15 UTC 2021] _hcode='3'
[Wed Jul 28 20:52:16 UTC 2021] Retrying post
[Wed Jul 28 20:52:16 UTC 2021] POST
[Wed Jul 28 20:52:16 UTC 2021] _post_url
[Wed Jul 28 20:52:16 UTC 2021] body='{"protected": "**", "payload": "**", "signature": "**"}'
[Wed Jul 28 20:52:16 UTC 2021] _postContentType='application/jose+json'
[Wed Jul 28 20:52:16 UTC 2021] Http already initialized.
[Wed Jul 28 20:52:16 UTC 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.BspdD1mQwu -g '
[Wed Jul 28 20:52:16 UTC 2021] Here is the curl dump log:
[Wed Jul 28 20:52:16 UTC 2021] == Info: malformed
== Info: Closing connection -1
[Wed Jul 28 20:52:16 UTC 2021] _ret='3'
[Wed Jul 28 20:52:16 UTC 2021] _hcode='3'
[Wed Jul 28 20:52:17 UTC 2021] Retrying post
[Wed Jul 28 20:52:17 UTC 2021] POST
[Wed Jul 28 20:52:17 UTC 2021] _post_url
[Wed Jul 28 20:52:17 UTC 2021] body='{"protected": "**", "payload": "**", "signature": "**"}'
[Wed Jul 28 20:52:17 UTC 2021] _postContentType='application/jose+json'
[Wed Jul 28 20:52:17 UTC 2021] Http already initialized.
[Wed Jul 28 20:52:17 UTC 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.BspdD1mQwu -g '
[Wed Jul 28 20:52:17 UTC 2021] Here is the curl dump log:
[Wed Jul 28 20:52:17 UTC 2021] == Info: malformed
== Info: Closing connection -1
[Wed Jul 28 20:52:17 UTC 2021] _ret='3'
[Wed Jul 28 20:52:17 UTC 2021] _hcode='3'
[Wed Jul 28 20:52:18 UTC 2021] Retrying post
[Wed Jul 28 20:52:18 UTC 2021] POST
[Wed Jul 28 20:52:18 UTC 2021] _post_url
[Wed Jul 28 20:52:18 UTC 2021] body='{"protected": "**", "payload": "**", "signature": "**"}'
[Wed Jul 28 20:52:18 UTC 2021] _postContentType='application/jose+json'
[Wed Jul 28 20:52:18 UTC 2021] Http already initialized.
[Wed Jul 28 20:52:18 UTC 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.BspdD1mQwu -g '
[Wed Jul 28 20:52:18 UTC 2021] Here is the curl dump log:
[Wed Jul 28 20:52:18 UTC 2021] == Info: malformed
== Info: Closing connection -1
[Wed Jul 28 20:52:18 UTC 2021] _ret='3'
[Wed Jul 28 20:52:18 UTC 2021] _hcode='3'
[Wed Jul 28 20:52:19 UTC 2021] Retrying post
[Wed Jul 28 20:52:19 UTC 2021] POST
[Wed Jul 28 20:52:19 UTC 2021] _post_url
[Wed Jul 28 20:52:19 UTC 2021] body='{"protected": "**", "payload": "**", "signature": "**"}'
[Wed Jul 28 20:52:19 UTC 2021] _postContentType='application/jose+json'
[Wed Jul 28 20:52:19 UTC 2021] Http already initialized.
[Wed Jul 28 20:52:19 UTC 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.BspdD1mQwu -g '
[Wed Jul 28 20:52:19 UTC 2021] Here is the curl dump log:
[Wed Jul 28 20:52:19 UTC 2021] == Info: malformed
== Info: Closing connection -1
[Wed Jul 28 20:52:19 UTC 2021] _ret='3'
[Wed Jul 28 20:52:19 UTC 2021] _hcode='3'
[Wed Jul 28 20:52:20 UTC 2021] Retrying post
[Wed Jul 28 20:52:20 UTC 2021] POST
[Wed Jul 28 20:52:20 UTC 2021] _post_url
[Wed Jul 28 20:52:20 UTC 2021] body='{"protected": "**", "payload": "**", "signature": "**"}'
[Wed Jul 28 20:52:20 UTC 2021] _postContentType='application/jose+json'
[Wed Jul 28 20:52:20 UTC 2021] Http already initialized.
[Wed Jul 28 20:52:20 UTC 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.BspdD1mQwu -g '
[Wed Jul 28 20:52:20 UTC 2021] Here is the curl dump log:
[Wed Jul 28 20:52:20 UTC 2021] == Info: malformed
== Info: Closing connection -1
[Wed Jul 28 20:52:20 UTC 2021] _ret='3'
[Wed Jul 28 20:52:20 UTC 2021] _hcode='3'
[Wed Jul 28 20:52:21 UTC 2021] Retrying post
[Wed Jul 28 20:52:21 UTC 2021] POST
[Wed Jul 28 20:52:21 UTC 2021] _post_url
[Wed Jul 28 20:52:21 UTC 2021] body='{"protected": "**", "payload": "**", "signature": "**"}'
[Wed Jul 28 20:52:21 UTC 2021] _postContentType='application/jose+json'
[Wed Jul 28 20:52:21 UTC 2021] Http already initialized.
[Wed Jul 28 20:52:21 UTC 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.BspdD1mQwu -g '
[Wed Jul 28 20:52:21 UTC 2021] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 3
[Wed Jul 28 20:52:21 UTC 2021] Here is the curl dump log:
[Wed Jul 28 20:52:21 UTC 2021] == Info: malformed
== Info: Closing connection -1
[Wed Jul 28 20:52:21 UTC 2021] _ret='3'
[Wed Jul 28 20:52:21 UTC 2021] _hcode='3'
[Wed Jul 28 20:52:22 UTC 2021] responseHeaders
[Wed Jul 28 20:52:22 UTC 2021] code
[Wed Jul 28 20:52:22 UTC 2021] original
[Wed Jul 28 20:52:22 UTC 2021] response
[Wed Jul 28 20:52:22 UTC 2021] Sign failed, finalize code is not 200.
[Wed Jul 28 20:52:22 UTC 2021]
[Wed Jul 28 20:52:22 UTC 2021] _on_issue_err
[Wed Jul 28 20:52:22 UTC 2021] Please add '--debug' or '--log' to check more details.
[Wed Jul 28 20:52:22 UTC 2021] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
[Wed Jul 28 20:52:22 UTC 2021] _chk_vlist
[Wed Jul 28 20:52:22 UTC 2021] 'dns' contains 'dns'
[Wed Jul 28 20:52:22 UTC 2021] The dns manual mode can not renew automatically, you must issue it again manually. You'd better use the other modes instead.
[Wed Jul 28 20:52:22 UTC 2021] socat doesn't exist.
[Wed Jul 28 20:52:22 UTC 2021] Diagnosis versions:
openssl:openssl
OpenSSL 1.1.1 11 Sep 2018
apache:
apache doesn't exist.
nginx:
nginx doesn't exist.
socat:
stderr_lines:
stdout: |-
https://github.com/acmesh-official/acme.sh
v3.0.0
[Wed Jul 28 20:52:10 UTC 2021] Renew: '.example.com'
[Wed Jul 28 20:52:10 UTC 2021] Using CA: https://acme.zerossl.com/v2/DV90
[Wed Jul 28 20:52:10 UTC 2021] Single domain='.example.com'
[Wed Jul 28 20:52:10 UTC 2021] Getting domain auth token for each domain
[Wed Jul 28 20:52:10 UTC 2021] Verifying: *.example.com
[Wed Jul 28 20:52:10 UTC 2021] Processing, The CA is processing your order, please just wait. (1/30)
[Wed Jul 28 20:52:13 UTC 2021] Success
[Wed Jul 28 20:52:13 UTC 2021] Verify finished, start to sign.
[Wed Jul 28 20:52:13 UTC 2021] Lets finalize the order.
[Wed Jul 28 20:52:13 UTC 2021] Le_OrderFinalize