Can't Issue Wildcard Certificate with root domain (Multi-Domain Certificate)

[Hossy]

Steps to reproduce

--issue --dns dns_nsone -d '*.domain.tld' -d 'domain.tld' --debug 2

[Wed Oct  5 18:43:24 CDT 2022] Using CA: https://acme.zerossl.com/v2/DV90
[Wed Oct  5 18:43:24 CDT 2022] Multi domain='DNS:*.jhtest.taillight.xyz,DNS:jhtest.taillight.xyz'
[Wed Oct  5 18:43:24 CDT 2022] Getting domain auth token for each domain
[Wed Oct  5 18:43:36 CDT 2022] Getting webroot for domain='*.jhtest.taillight.xyz'
[Wed Oct  5 18:43:36 CDT 2022] Getting webroot for domain='jhtest.taillight.xyz'
[Wed Oct  5 18:43:37 CDT 2022] Adding txt value: r8jbK2cd-TqbS7vOentXkMnRWU3BfwWkp1D2uo3PlHI for domain:  _acme-challenge.jhtest.taillight.xyz
[Wed Oct  5 18:43:37 CDT 2022] Adding record
[Wed Oct  5 18:43:38 CDT 2022] Added
[Wed Oct  5 18:43:38 CDT 2022] The txt record is added: Success.
[Wed Oct  5 18:43:38 CDT 2022] Adding txt value: Xh5p5VQulUAPTt5FKCZG_36bIWfSJUbv-CygXP_cd-Q for domain:  _acme-challenge.jhtest.taillight.xyz
[Wed Oct  5 18:43:39 CDT 2022] Adding record
[Wed Oct  5 18:43:40 CDT 2022] Add txt record error.
[Wed Oct  5 18:43:40 CDT 2022] Error add txt for domain:_acme-challenge.jhtest.taillight.xyz
[Wed Oct  5 18:43:40 CDT 2022] Please check log file for more details: /acme.sh/acme.sh.log
[Wed Oct  5 18:43:44 CDT 2022] Removing DNS records.
[Wed Oct  5 18:43:44 CDT 2022] Removing txt: r8jbK2cd-TqbS7vOentXkMnRWU3BfwWkp1D2uo3PlHI for domain: _acme-challenge.jhtest.taillight.xyz
[Wed Oct  5 18:43:45 CDT 2022] Removed: Success

Debug log

/ # --issue --dns dns_nsone -d '*.domain.tld' -d 'domain.tld' --debug 2
[Wed Oct  5 18:22:16 CDT 2022] Lets find script dir.
[Wed Oct  5 18:22:16 CDT 2022] _SCRIPT_='/root/.acme.sh/acme.sh'
[Wed Oct  5 18:22:16 CDT 2022] _script='/root/.acme.sh/acme.sh'
[Wed Oct  5 18:22:16 CDT 2022] _script_home='/root/.acme.sh'
[Wed Oct  5 18:22:16 CDT 2022] Using default home:/root/.acme.sh
[Wed Oct  5 18:22:16 CDT 2022] Using config home:/acme.sh
[Wed Oct  5 18:22:16 CDT 2022] LE_WORKING_DIR='/root/.acme.sh'
https://github.com/acmesh-official/acme.sh
v3.0.5
[Wed Oct  5 18:22:16 CDT 2022] Running cmd: issue
[Wed Oct  5 18:22:16 CDT 2022] _main_domain='*.domain.tld'
[Wed Oct  5 18:22:16 CDT 2022] _alt_domains='domain.tld'
[Wed Oct  5 18:22:16 CDT 2022] Using config home:/acme.sh
[Wed Oct  5 18:22:16 CDT 2022] default_acme_server
[Wed Oct  5 18:22:16 CDT 2022] ACME_DIRECTORY='https://acme.zerossl.com/v2/DV90'
[Wed Oct  5 18:22:16 CDT 2022] _ACME_SERVER_HOST='acme.zerossl.com'
[Wed Oct  5 18:22:16 CDT 2022] _ACME_SERVER_PATH='v2/DV90'
[Wed Oct  5 18:22:16 CDT 2022] DOMAIN_PATH='/acme.sh/*.domain.tld'
[Wed Oct  5 18:22:16 CDT 2022] 'dns_nsone' does not contain 'dns'
[Wed Oct  5 18:22:16 CDT 2022] Using ACME_DIRECTORY: https://acme.zerossl.com/v2/DV90
[Wed Oct  5 18:22:16 CDT 2022] _init api for server: https://acme.zerossl.com/v2/DV90
[Wed Oct  5 18:22:16 CDT 2022] GET
[Wed Oct  5 18:22:16 CDT 2022] url='https://acme.zerossl.com/v2/DV90'
[Wed Oct  5 18:22:16 CDT 2022] timeout=
[Wed Oct  5 18:22:16 CDT 2022] _CURL='curl --silent --dump-header /acme.sh/http.header  -L  --trace-ascii /tmp/tmp.COFAIGLTay '
[Wed Oct  5 18:22:18 CDT 2022] ret='0'
[Wed Oct  5 18:22:18 CDT 2022] response='{
  "newNonce": "https://acme.zerossl.com/v2/DV90/newNonce",
  "newAccount": "https://acme.zerossl.com/v2/DV90/newAccount",
  "newOrder": "https://acme.zerossl.com/v2/DV90/newOrder",
  "revokeCert": "https://acme.zerossl.com/v2/DV90/revokeCert",
  "keyChange": "https://acme.zerossl.com/v2/DV90/keyChange",
  "meta": {
    "termsOfService": "https://secure.trust-provider.com/repository/docs/Legacy/20221001_Certificate_Subscriber_Agreement_v_2_5_click.pdf",
    "website": "https://zerossl.com",
    "caaIdentities": ["sectigo.com", "trust-provider.com", "usertrust.com", "comodoca.com", "comodo.com"],
    "externalAccountRequired": true
  }
}'
[Wed Oct  5 18:22:18 CDT 2022] ACME_KEY_CHANGE='https://acme.zerossl.com/v2/DV90/keyChange'
[Wed Oct  5 18:22:18 CDT 2022] ACME_NEW_AUTHZ
[Wed Oct  5 18:22:18 CDT 2022] ACME_NEW_ORDER='https://acme.zerossl.com/v2/DV90/newOrder'
[Wed Oct  5 18:22:18 CDT 2022] ACME_NEW_ACCOUNT='https://acme.zerossl.com/v2/DV90/newAccount'
[Wed Oct  5 18:22:18 CDT 2022] ACME_REVOKE_CERT='https://acme.zerossl.com/v2/DV90/revokeCert'
[Wed Oct  5 18:22:18 CDT 2022] ACME_AGREEMENT='https://secure.trust-provider.com/repository/docs/Legacy/20221001_Certificate_Subscriber_Agreement_v_2_5_click.pdf'
[Wed Oct  5 18:22:18 CDT 2022] ACME_NEW_NONCE='https://acme.zerossl.com/v2/DV90/newNonce'
[Wed Oct  5 18:22:18 CDT 2022] Using CA: https://acme.zerossl.com/v2/DV90
[Wed Oct  5 18:22:18 CDT 2022] _on_before_issue
[Wed Oct  5 18:22:18 CDT 2022] _chk_main_domain='*.domain.tld'
[Wed Oct  5 18:22:18 CDT 2022] _chk_alt_domains='domain.tld'
[Wed Oct  5 18:22:18 CDT 2022] 'dns_nsone' does not contain 'no'
[Wed Oct  5 18:22:18 CDT 2022] Le_LocalAddress
[Wed Oct  5 18:22:18 CDT 2022] d='*.domain.tld'
[Wed Oct  5 18:22:18 CDT 2022] Check for domain='*.domain.tld'
[Wed Oct  5 18:22:18 CDT 2022] _currentRoot='dns_nsone'
[Wed Oct  5 18:22:18 CDT 2022] d='domain.tld'
[Wed Oct  5 18:22:18 CDT 2022] Check for domain='domain.tld'
[Wed Oct  5 18:22:18 CDT 2022] _currentRoot='dns_nsone'
[Wed Oct  5 18:22:18 CDT 2022] d
[Wed Oct  5 18:22:18 CDT 2022] 'dns_nsone' does not contain 'apache'
[Wed Oct  5 18:22:18 CDT 2022] _saved_account_key_hash='F/47Vb5l/vHR2b0dA20RTFQO6oZwKAJ0VJ94kq4slBU='
[Wed Oct  5 18:22:18 CDT 2022] _saved_account_key_hash is not changed, skip register account.
[Wed Oct  5 18:22:18 CDT 2022] Read key length:2048
[Wed Oct  5 18:22:18 CDT 2022] Creating domain key
[Wed Oct  5 18:22:18 CDT 2022] Using config home:/acme.sh
[Wed Oct  5 18:22:18 CDT 2022] ACME_DIRECTORY='https://acme.zerossl.com/v2/DV90'
[Wed Oct  5 18:22:18 CDT 2022] _ACME_SERVER_HOST='acme.zerossl.com'
[Wed Oct  5 18:22:18 CDT 2022] _ACME_SERVER_PATH='v2/DV90'
[Wed Oct  5 18:22:18 CDT 2022] _createkey for file:/acme.sh/*.domain.tld/*.domain.tld.key
[Wed Oct  5 18:22:18 CDT 2022] Use length 2048
[Wed Oct  5 18:22:18 CDT 2022] Using RSA: 2048
[Wed Oct  5 18:22:18 CDT 2022] The domain key is here: /acme.sh/*.domain.tld/*.domain.tld.key
[Wed Oct  5 18:22:18 CDT 2022] _createcsr
[Wed Oct  5 18:22:18 CDT 2022] domain='*.domain.tld'
[Wed Oct  5 18:22:18 CDT 2022] domainlist='domain.tld'
[Wed Oct  5 18:22:18 CDT 2022] csrkey='/acme.sh/*.domain.tld/*.domain.tld.key'
[Wed Oct  5 18:22:18 CDT 2022] csr='/acme.sh/*.domain.tld/*.domain.tld.csr'
[Wed Oct  5 18:22:18 CDT 2022] csrconf='/acme.sh/*.domain.tld/*.domain.tld.csr.conf'
[Wed Oct  5 18:22:18 CDT 2022] _is_idn_d='domain.tld'
[Wed Oct  5 18:22:18 CDT 2022] _idn_temp
[Wed Oct  5 18:22:18 CDT 2022] domainlist='domain.tld'
[Wed Oct  5 18:22:18 CDT 2022] seg='acme.sh'
[Wed Oct  5 18:22:18 CDT 2022] _is_idn_d='*.domain.tld'
[Wed Oct  5 18:22:18 CDT 2022] _idn_temp
[Wed Oct  5 18:22:18 CDT 2022] seg='**redacted**'
[Wed Oct  5 18:22:19 CDT 2022] Multi domain='DNS:*.domain.tld,DNS:domain.tld'
[Wed Oct  5 18:22:19 CDT 2022] _is_idn_d='*.domain.tld'
[Wed Oct  5 18:22:19 CDT 2022] _idn_temp
[Wed Oct  5 18:22:19 CDT 2022] _csr_cn='*.domain.tld'
[Wed Oct  5 18:22:19 CDT 2022] seg='acme.sh'
[Wed Oct  5 18:22:19 CDT 2022] Getting domain auth token for each domain
[Wed Oct  5 18:22:19 CDT 2022] seg='acme.sh'
[Wed Oct  5 18:22:19 CDT 2022] _is_idn_d='*.domain.tld'
[Wed Oct  5 18:22:19 CDT 2022] _idn_temp
[Wed Oct  5 18:22:19 CDT 2022] d='domain.tld'
[Wed Oct  5 18:22:19 CDT 2022] seg='**redacted**'
[Wed Oct  5 18:22:19 CDT 2022] _is_idn_d='domain.tld'
[Wed Oct  5 18:22:19 CDT 2022] _idn_temp
[Wed Oct  5 18:22:19 CDT 2022] d
[Wed Oct  5 18:22:19 CDT 2022] _identifiers='{"type":"dns","value":"*.domain.tld"},{"type":"dns","value":"domain.tld"}'
[Wed Oct  5 18:22:19 CDT 2022] _notBefore
[Wed Oct  5 18:22:19 CDT 2022] _notAfter
[Wed Oct  5 18:22:19 CDT 2022] url='https://acme.zerossl.com/v2/DV90/newOrder'
[Wed Oct  5 18:22:19 CDT 2022] payload='{"identifiers": [{"type":"dns","value":"*.domain.tld"},{"type":"dns","value":"domain.tld"}]}'
[Wed Oct  5 18:22:19 CDT 2022] RSA key
[Wed Oct  5 18:22:19 CDT 2022] Get nonce with HEAD. ACME_NEW_NONCE='https://acme.zerossl.com/v2/DV90/newNonce'
[Wed Oct  5 18:22:19 CDT 2022] HEAD
[Wed Oct  5 18:22:19 CDT 2022] _post_url='https://acme.zerossl.com/v2/DV90/newNonce'
[Wed Oct  5 18:22:19 CDT 2022] body
[Wed Oct  5 18:22:19 CDT 2022] _postContentType='application/jose+json'
[Wed Oct  5 18:22:19 CDT 2022] _CURL='curl --silent --dump-header /acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Mo4RpgoiQf  -I  '
[Wed Oct  5 18:22:21 CDT 2022] _ret='0'
[Wed Oct  5 18:22:21 CDT 2022] _headers='HTTP/2 200 
server: nginx
date: Wed, 05 Oct 2022 23:22:21 GMT
content-type: application/octet-stream
replay-nonce: vAilVMy6EOSvdRo-mqNtbK9W9cfanUz2ib-TBX5yruw
cache-control: max-age=-1
access-control-allow-origin: *
link: <https://acme.zerossl.com/v2/DV90>;rel="index"
strict-transport-security: max-age=15552000
'
[Wed Oct  5 18:22:21 CDT 2022] _CACHED_NONCE='vAilVMy6EOSvdRo-mqNtbK9W9cfanUz2ib-TBX5yruw'
[Wed Oct  5 18:22:21 CDT 2022] nonce='vAilVMy6EOSvdRo-mqNtbK9W9cfanUz2ib-TBX5yruw'
[Wed Oct  5 18:22:21 CDT 2022] POST
[Wed Oct  5 18:22:21 CDT 2022] _post_url='https://acme.zerossl.com/v2/DV90/newOrder'
[Wed Oct  5 18:22:21 CDT 2022] body='{"protected": "eyJub25jZSI6ICJ2QWlsVk15NkVPU3ZkUm8tbXFOdGJLOVc5Y2ZhblV6MmliLVRCWDV5cnV3IiwgInVybCI6ICJodHRwczovL2FjbWUuemVyb3NzbC5jb20vdjIvRFY5MC9uZXdPcmRlciIsICJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS56ZXJvc3NsLmNvbS92Mi9EVjkwL2FjY291bnQvOGJMTm14ZjAwQU5aVVFjSXQ1eElQUSJ9", "payload": "eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6Iiouamh0ZXN0LnRhaWxsaWdodC54eXoifSx7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6ImpodGVzdC50YWlsbGlnaHQueHl6In1dfQ", "signature": "wRtEFaV7kf6W6z4RWTN2CD2vYcEM1cb9Ph2z9Mn9oyC8_FxRSpI8O4D000bs1-L8KSzhTXQNKBYXMu2ILLwpyrhE_Glwp4OAQpwn_tSesNY3AkeApT7KHfSp8XAqxlZG2GYE236nRvf2OJqMZG13r-tgfRbYcjo6d49CtRQixOx2QFV6W0TnyR64D8vzWMUrFRq43wOd1e5wns6TdT82PjRKmU4KjBrDJxqjrdXVvaVh3g40s3kJxj4Sr90tFEZhntN4EbLcEuLHKcZdbw_XC_pYXKdgteXAMHoHkiB3tj37-oR5ukEnD5B4NBC2T8tlGn_GsyCBIDqdYKwELQoG1g"}'
[Wed Oct  5 18:22:21 CDT 2022] _postContentType='application/jose+json'
[Wed Oct  5 18:22:21 CDT 2022] Http already initialized.
[Wed Oct  5 18:22:21 CDT 2022] _CURL='curl --silent --dump-header /acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Mo4RpgoiQf '
[Wed Oct  5 18:22:23 CDT 2022] _ret='0'
[Wed Oct  5 18:22:23 CDT 2022] responseHeaders='HTTP/2 201 
server: nginx
date: Wed, 05 Oct 2022 23:22:23 GMT
content-type: application/json
content-length: 394
status: 
replay-nonce: -BXgUaU7qv0zciD9Smiclmaiz7JvcqPVAimsv3d49BY
cache-control: max-age=0, no-cache, no-store
access-control-allow-origin: *
location: https://acme.zerossl.com/v2/DV90/order/4YdwMxKiJeoTZL-CCtbcvA
cache-control: max-age=-1
strict-transport-security: max-age=15552000
'
[Wed Oct  5 18:22:23 CDT 2022] code='201'
[Wed Oct  5 18:22:23 CDT 2022] original='{"status":"pending","expires":"2023-01-03T23:22:23Z","identifiers":[{"type":"dns","value":"*.domain.tld"},{"type":"dns","value":"domain.tld"}],"authorizations":["https://acme.zerossl.com/v2/DV90/authz/OBykxtptGcRS4rYKWxKe6A","https://acme.zerossl.com/v2/DV90/authz/iW2zRdd-DCFrzR3991jCaQ"],"finalize":"https://acme.zerossl.com/v2/DV90/order/4YdwMxKiJeoTZL-CCtbcvA/finalize"}'
[Wed Oct  5 18:22:23 CDT 2022] response='{"status":"pending","expires":"2023-01-03T23:22:23Z","identifiers":[{"type":"dns","value":"*.domain.tld"},{"type":"dns","value":"domain.tld"}],"authorizations":["https://acme.zerossl.com/v2/DV90/authz/OBykxtptGcRS4rYKWxKe6A","https://acme.zerossl.com/v2/DV90/authz/iW2zRdd-DCFrzR3991jCaQ"],"finalize":"https://acme.zerossl.com/v2/DV90/order/4YdwMxKiJeoTZL-CCtbcvA/finalize"}'
[Wed Oct  5 18:22:23 CDT 2022] Le_LinkOrder='https://acme.zerossl.com/v2/DV90/order/4YdwMxKiJeoTZL-CCtbcvA'
[Wed Oct  5 18:22:23 CDT 2022] Le_OrderFinalize='https://acme.zerossl.com/v2/DV90/order/4YdwMxKiJeoTZL-CCtbcvA/finalize'
[Wed Oct  5 18:22:23 CDT 2022] _authorizations_seg='https://acme.zerossl.com/v2/DV90/authz/OBykxtptGcRS4rYKWxKe6A,https://acme.zerossl.com/v2/DV90/authz/iW2zRdd-DCFrzR3991jCaQ'
[Wed Oct  5 18:22:23 CDT 2022] _authz_url='https://acme.zerossl.com/v2/DV90/authz/OBykxtptGcRS4rYKWxKe6A'
[Wed Oct  5 18:22:23 CDT 2022] url='https://acme.zerossl.com/v2/DV90/authz/OBykxtptGcRS4rYKWxKe6A'
[Wed Oct  5 18:22:23 CDT 2022] payload
[Wed Oct  5 18:22:23 CDT 2022] Use cached jwk for file: /acme.sh/ca/acme.zerossl.com/v2/DV90/account.key
[Wed Oct  5 18:22:23 CDT 2022] Use _CACHED_NONCE='-BXgUaU7qv0zciD9Smiclmaiz7JvcqPVAimsv3d49BY'
[Wed Oct  5 18:22:23 CDT 2022] nonce='-BXgUaU7qv0zciD9Smiclmaiz7JvcqPVAimsv3d49BY'
[Wed Oct  5 18:22:23 CDT 2022] POST
[Wed Oct  5 18:22:23 CDT 2022] _post_url='https://acme.zerossl.com/v2/DV90/authz/OBykxtptGcRS4rYKWxKe6A'
[Wed Oct  5 18:22:23 CDT 2022] body='{"protected": "eyJub25jZSI6ICItQlhnVWFVN3F2MHpjaUQ5U21pY2xtYWl6N0p2Y3FQVkFpbXN2M2Q0OUJZIiwgInVybCI6ICJodHRwczovL2FjbWUuemVyb3NzbC5jb20vdjIvRFY5MC9hdXRoei9PQnlreHRwdEdjUlM0cllLV3hLZTZBIiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLnplcm9zc2wuY29tL3YyL0RWOTAvYWNjb3VudC84YkxObXhmMDBBTlpVUWNJdDV4SVBRIn0", "payload": "", "signature": "cgNaIec_zViwU_FLpfCBbQUukwialuAI9ByT1f7apuvdq5ooSDNFAsYXKcslkaRK0HiJ671tBfettIBnuvV2FZFDvLbgb29qaVXAhWrbN3HcNlVPbsIOMJXvr_A8XasqkySQujrgJLoOFvhAYWiLhdszTU4I6AMalmT8CzdNnSDVf-HjVVAmoQhJUe94ZKxwqrbiat7adfVqw7t5hnSsOdqjnh0znjabTE7ITBIEKEZA6t6Udh1lJQVVdk74BGht06rOXlqhFbPvmFTUHq8DvQZ2-P-wCykIrguDgQjt2jEC_kdQfDc6FwkiHiJ1_Z5YncChVS8719ZnJ6pHt78ceQ"}'
[Wed Oct  5 18:22:23 CDT 2022] _postContentType='application/jose+json'
[Wed Oct  5 18:22:23 CDT 2022] Http already initialized.
[Wed Oct  5 18:22:23 CDT 2022] _CURL='curl --silent --dump-header /acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Mo4RpgoiQf '
[Wed Oct  5 18:22:24 CDT 2022] _ret='0'
[Wed Oct  5 18:22:24 CDT 2022] responseHeaders='HTTP/2 200 
server: nginx
date: Wed, 05 Oct 2022 23:22:24 GMT
content-type: application/json
content-length: 304
replay-nonce: jJEirpSSYZ25V8Q7XYAfriDwRfJfj7s1bW-C7L8XXM4
cache-control: max-age=-1
access-control-allow-origin: *
link: <https://acme.zerossl.com/v2/DV90>;rel="index"
retry-after: 5
strict-transport-security: max-age=15552000
'
[Wed Oct  5 18:22:24 CDT 2022] code='200'
[Wed Oct  5 18:22:24 CDT 2022] original='{"identifier":{"type":"dns","value":"domain.tld"},"status":"pending","expires":"2022-11-04T23:22:23Z","challenges":[{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/q0kEWBO6W001lLvXshskLw","status":"pending","token":"sfWI6YLBY-QgVbXvB6O7k89dYcmL4QlDFiD0Io-qrVs"}],"wildcard":true}'
[Wed Oct  5 18:22:24 CDT 2022] response='{"identifier":{"type":"dns","value":"domain.tld"},"status":"pending","expires":"2022-11-04T23:22:23Z","challenges":[{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/q0kEWBO6W001lLvXshskLw","status":"pending","token":"sfWI6YLBY-QgVbXvB6O7k89dYcmL4QlDFiD0Io-qrVs"}],"wildcard":true}'
[Wed Oct  5 18:22:24 CDT 2022] response='{"identifier":{"type":"dns","value":"domain.tld"},"status":"pending","expires":"2022-11-04T23:22:23Z","challenges":[{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/q0kEWBO6W001lLvXshskLw","status":"pending","token":"sfWI6YLBY-QgVbXvB6O7k89dYcmL4QlDFiD0Io-qrVs"}],"wildcard":true}'
[Wed Oct  5 18:22:24 CDT 2022] _d='*.domain.tld'
[Wed Oct  5 18:22:24 CDT 2022] _authz_url='https://acme.zerossl.com/v2/DV90/authz/iW2zRdd-DCFrzR3991jCaQ'
[Wed Oct  5 18:22:24 CDT 2022] url='https://acme.zerossl.com/v2/DV90/authz/iW2zRdd-DCFrzR3991jCaQ'
[Wed Oct  5 18:22:24 CDT 2022] payload
[Wed Oct  5 18:22:24 CDT 2022] Use cached jwk for file: /acme.sh/ca/acme.zerossl.com/v2/DV90/account.key
[Wed Oct  5 18:22:24 CDT 2022] Use _CACHED_NONCE='jJEirpSSYZ25V8Q7XYAfriDwRfJfj7s1bW-C7L8XXM4'
[Wed Oct  5 18:22:24 CDT 2022] nonce='jJEirpSSYZ25V8Q7XYAfriDwRfJfj7s1bW-C7L8XXM4'
[Wed Oct  5 18:22:25 CDT 2022] POST
[Wed Oct  5 18:22:25 CDT 2022] _post_url='https://acme.zerossl.com/v2/DV90/authz/iW2zRdd-DCFrzR3991jCaQ'
[Wed Oct  5 18:22:25 CDT 2022] body='{"protected": "eyJub25jZSI6ICJqSkVpcnBTU1laMjVWOFE3WFlBZnJpRHdSZkpmajdzMWJXLUM3TDhYWE00IiwgInVybCI6ICJodHRwczovL2FjbWUuemVyb3NzbC5jb20vdjIvRFY5MC9hdXRoei9pVzJ6UmRkLURDRnJ6UjM5OTFqQ2FRIiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLnplcm9zc2wuY29tL3YyL0RWOTAvYWNjb3VudC84YkxObXhmMDBBTlpVUWNJdDV4SVBRIn0", "payload": "", "signature": "gfFI880l7qk_P3PYQqRWVLtIQL4Ma2Xw09fI0cn0NifrMwEfLhI-7ZsuHfI6LwXZBHuBUEF3TSawTH-C7GtGuYKNfNZsCK7eJ0jMjWRiPST0k_ApT5R25EPdIM8Te1MavLDAHvg7E0dsuFHKWlINM63EYNESrB_2RSC25AY-lhzMviXn4yUhXZYU-U0Jide75NvdE7dWwq1rXTEAasxX7pYmqtkBYY7T6aqpCGhqwJtyHZtFUSvN1RhU-hOREGSm25NCIM07p-nhlJuJ2pvacOkNaRWIH84UDvh75CRIQlbQU28bhgfk7ptxFgerw_y_BX9Tb4J-xI7fuA5qMEybgg"}'
[Wed Oct  5 18:22:25 CDT 2022] _postContentType='application/jose+json'
[Wed Oct  5 18:22:25 CDT 2022] Http already initialized.
[Wed Oct  5 18:22:25 CDT 2022] _CURL='curl --silent --dump-header /acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Mo4RpgoiQf '
[Wed Oct  5 18:22:26 CDT 2022] _ret='0'
[Wed Oct  5 18:22:26 CDT 2022] responseHeaders='HTTP/2 200 
server: nginx
date: Wed, 05 Oct 2022 23:22:26 GMT
content-type: application/json
content-length: 450
replay-nonce: kVpyrFaUqjFjRKlcwWcetV6OoXu1iBAJHmhzpft7mXM
cache-control: max-age=-1
access-control-allow-origin: *
link: <https://acme.zerossl.com/v2/DV90>;rel="index"
retry-after: 5
strict-transport-security: max-age=15552000
'
[Wed Oct  5 18:22:26 CDT 2022] code='200'
[Wed Oct  5 18:22:26 CDT 2022] original='{"identifier":{"type":"dns","value":"domain.tld"},"status":"pending","expires":"2022-11-04T23:22:23Z","challenges":[{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/9OOQ_7RRD_iA_tysFnIRsg","status":"pending","token":"SvR8A7WUbOxT7-kC1TCylCHjiztWVmKp7hVb-3KNZjY"},{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/TbAJQPrA1X0Hgx1pit-Y_A","status":"pending","token":"BbQ51fhSPzA2OojbJjHW4Um8mH9fXekoopeNf6mo-zE"}]}'
[Wed Oct  5 18:22:26 CDT 2022] response='{"identifier":{"type":"dns","value":"domain.tld"},"status":"pending","expires":"2022-11-04T23:22:23Z","challenges":[{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/9OOQ_7RRD_iA_tysFnIRsg","status":"pending","token":"SvR8A7WUbOxT7-kC1TCylCHjiztWVmKp7hVb-3KNZjY"},{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/TbAJQPrA1X0Hgx1pit-Y_A","status":"pending","token":"BbQ51fhSPzA2OojbJjHW4Um8mH9fXekoopeNf6mo-zE"}]}'
[Wed Oct  5 18:22:26 CDT 2022] response='{"identifier":{"type":"dns","value":"domain.tld"},"status":"pending","expires":"2022-11-04T23:22:23Z","challenges":[{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/9OOQ_7RRD_iA_tysFnIRsg","status":"pending","token":"SvR8A7WUbOxT7-kC1TCylCHjiztWVmKp7hVb-3KNZjY"},{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/TbAJQPrA1X0Hgx1pit-Y_A","status":"pending","token":"BbQ51fhSPzA2OojbJjHW4Um8mH9fXekoopeNf6mo-zE"}]}'
[Wed Oct  5 18:22:26 CDT 2022] _d='domain.tld'
[Wed Oct  5 18:22:26 CDT 2022] _authorizations_map='domain.tld,{"identifier":{"type":"dns","value":"domain.tld"},"status":"pending","expires":"2022-11-04T23:22:23Z","challenges":[{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/9OOQ_7RRD_iA_tysFnIRsg","status":"pending","token":"SvR8A7WUbOxT7-kC1TCylCHjiztWVmKp7hVb-3KNZjY"},{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/TbAJQPrA1X0Hgx1pit-Y_A","status":"pending","token":"BbQ51fhSPzA2OojbJjHW4Um8mH9fXekoopeNf6mo-zE"}]}
*.domain.tld,{"identifier":{"type":"dns","value":"domain.tld"},"status":"pending","expires":"2022-11-04T23:22:23Z","challenges":[{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/q0kEWBO6W001lLvXshskLw","status":"pending","token":"sfWI6YLBY-QgVbXvB6O7k89dYcmL4QlDFiD0Io-qrVs"}],"wildcard":true}
'
[Wed Oct  5 18:22:26 CDT 2022] d='*.domain.tld'
[Wed Oct  5 18:22:26 CDT 2022] Getting webroot for domain='*.domain.tld'
[Wed Oct  5 18:22:26 CDT 2022] _w='dns_nsone'
[Wed Oct  5 18:22:26 CDT 2022] _currentRoot='dns_nsone'
[Wed Oct  5 18:22:26 CDT 2022] _is_idn_d='*.domain.tld'
[Wed Oct  5 18:22:26 CDT 2022] _idn_temp
[Wed Oct  5 18:22:26 CDT 2022] _candidates='*.domain.tld,{"identifier":{"type":"dns","value":"domain.tld"},"status":"pending","expires":"2022-11-04T23:22:23Z","challenges":[{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/q0kEWBO6W001lLvXshskLw","status":"pending","token":"sfWI6YLBY-QgVbXvB6O7k89dYcmL4QlDFiD0Io-qrVs"}],"wildcard":true}'
[Wed Oct  5 18:22:26 CDT 2022] response='{"identifier":{"type":"dns","value":"domain.tld"},"status":"pending","expires":"2022-11-04T23:22:23Z","challenges":[{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/q0kEWBO6W001lLvXshskLw","status":"pending","token":"sfWI6YLBY-QgVbXvB6O7k89dYcmL4QlDFiD0Io-qrVs"}],"wildcard":true}'
[Wed Oct  5 18:22:26 CDT 2022] entry='"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/q0kEWBO6W001lLvXshskLw","status":"pending","token":"sfWI6YLBY-QgVbXvB6O7k89dYcmL4QlDFiD0Io-qrVs"'
[Wed Oct  5 18:22:26 CDT 2022] token='sfWI6YLBY-QgVbXvB6O7k89dYcmL4QlDFiD0Io-qrVs'
[Wed Oct  5 18:22:26 CDT 2022] uri='https://acme.zerossl.com/v2/DV90/chall/q0kEWBO6W001lLvXshskLw'
[Wed Oct  5 18:22:26 CDT 2022] keyauthorization='sfWI6YLBY-QgVbXvB6O7k89dYcmL4QlDFiD0Io-qrVs.kjiY7oF6h3VV6YxhkdIW70H55Oo7rI2SE8DE_uGvNzo'
[Wed Oct  5 18:22:26 CDT 2022] dvlist='*.domain.tld#sfWI6YLBY-QgVbXvB6O7k89dYcmL4QlDFiD0Io-qrVs.kjiY7oF6h3VV6YxhkdIW70H55Oo7rI2SE8DE_uGvNzo#https://acme.zerossl.com/v2/DV90/chall/q0kEWBO6W001lLvXshskLw#dns-01#dns_nsone'
[Wed Oct  5 18:22:26 CDT 2022] d='domain.tld'
[Wed Oct  5 18:22:26 CDT 2022] Getting webroot for domain='domain.tld'
[Wed Oct  5 18:22:26 CDT 2022] _w='dns_nsone'
[Wed Oct  5 18:22:26 CDT 2022] _currentRoot='dns_nsone'
[Wed Oct  5 18:22:26 CDT 2022] _is_idn_d='domain.tld'
[Wed Oct  5 18:22:26 CDT 2022] _idn_temp
[Wed Oct  5 18:22:26 CDT 2022] _candidates='domain.tld,{"identifier":{"type":"dns","value":"domain.tld"},"status":"pending","expires":"2022-11-04T23:22:23Z","challenges":[{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/9OOQ_7RRD_iA_tysFnIRsg","status":"pending","token":"SvR8A7WUbOxT7-kC1TCylCHjiztWVmKp7hVb-3KNZjY"},{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/TbAJQPrA1X0Hgx1pit-Y_A","status":"pending","token":"BbQ51fhSPzA2OojbJjHW4Um8mH9fXekoopeNf6mo-zE"}]}'
[Wed Oct  5 18:22:26 CDT 2022] response='{"identifier":{"type":"dns","value":"domain.tld"},"status":"pending","expires":"2022-11-04T23:22:23Z","challenges":[{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/9OOQ_7RRD_iA_tysFnIRsg","status":"pending","token":"SvR8A7WUbOxT7-kC1TCylCHjiztWVmKp7hVb-3KNZjY"},{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/TbAJQPrA1X0Hgx1pit-Y_A","status":"pending","token":"BbQ51fhSPzA2OojbJjHW4Um8mH9fXekoopeNf6mo-zE"}]}'
[Wed Oct  5 18:22:26 CDT 2022] entry='"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/TbAJQPrA1X0Hgx1pit-Y_A","status":"pending","token":"BbQ51fhSPzA2OojbJjHW4Um8mH9fXekoopeNf6mo-zE"'
[Wed Oct  5 18:22:26 CDT 2022] token='BbQ51fhSPzA2OojbJjHW4Um8mH9fXekoopeNf6mo-zE'
[Wed Oct  5 18:22:26 CDT 2022] uri='https://acme.zerossl.com/v2/DV90/chall/TbAJQPrA1X0Hgx1pit-Y_A'
[Wed Oct  5 18:22:26 CDT 2022] keyauthorization='BbQ51fhSPzA2OojbJjHW4Um8mH9fXekoopeNf6mo-zE.kjiY7oF6h3VV6YxhkdIW70H55Oo7rI2SE8DE_uGvNzo'
[Wed Oct  5 18:22:26 CDT 2022] dvlist='domain.tld#BbQ51fhSPzA2OojbJjHW4Um8mH9fXekoopeNf6mo-zE.kjiY7oF6h3VV6YxhkdIW70H55Oo7rI2SE8DE_uGvNzo#https://acme.zerossl.com/v2/DV90/chall/TbAJQPrA1X0Hgx1pit-Y_A#dns-01#dns_nsone'
[Wed Oct  5 18:22:26 CDT 2022] d
[Wed Oct  5 18:22:26 CDT 2022] vlist='*.domain.tld#sfWI6YLBY-QgVbXvB6O7k89dYcmL4QlDFiD0Io-qrVs.kjiY7oF6h3VV6YxhkdIW70H55Oo7rI2SE8DE_uGvNzo#https://acme.zerossl.com/v2/DV90/chall/q0kEWBO6W001lLvXshskLw#dns-01#dns_nsone,domain.tld#BbQ51fhSPzA2OojbJjHW4Um8mH9fXekoopeNf6mo-zE.kjiY7oF6h3VV6YxhkdIW70H55Oo7rI2SE8DE_uGvNzo#https://acme.zerossl.com/v2/DV90/chall/TbAJQPrA1X0Hgx1pit-Y_A#dns-01#dns_nsone,'
[Wed Oct  5 18:22:26 CDT 2022] d='*.domain.tld'
[Wed Oct  5 18:22:26 CDT 2022] _d_alias
[Wed Oct  5 18:22:26 CDT 2022] txtdomain='_acme-challenge.domain.tld'
[Wed Oct  5 18:22:26 CDT 2022] txt='ZN5XwCpSBLWb6DmiOTCn1c7uPDa0vrTZayjWIHEtDTI'
[Wed Oct  5 18:22:26 CDT 2022] d_api='/root/.acme.sh/dnsapi/dns_nsone.sh'
[Wed Oct  5 18:22:26 CDT 2022] dns_entry='domain.tld,_acme-challenge.domain.tld,,dns_nsone,ZN5XwCpSBLWb6DmiOTCn1c7uPDa0vrTZayjWIHEtDTI,/root/.acme.sh/dnsapi/dns_nsone.sh'
[Wed Oct  5 18:22:26 CDT 2022] Found domain api file: /root/.acme.sh/dnsapi/dns_nsone.sh
[Wed Oct  5 18:22:26 CDT 2022] Adding txt value: ZN5XwCpSBLWb6DmiOTCn1c7uPDa0vrTZayjWIHEtDTI for domain:  _acme-challenge.domain.tld
[Wed Oct  5 18:22:26 CDT 2022] First detect the root zone
[Wed Oct  5 18:22:26 CDT 2022] zones
[Wed Oct  5 18:22:26 CDT 2022] GET
[Wed Oct  5 18:22:26 CDT 2022] url='https://api.nsone.net/v1/zones'
[Wed Oct  5 18:22:26 CDT 2022] timeout=
[Wed Oct  5 18:22:26 CDT 2022] Http already initialized.
[Wed Oct  5 18:22:26 CDT 2022] _CURL='curl --silent --dump-header /acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Mo4RpgoiQf '
[Wed Oct  5 18:22:26 CDT 2022] ret='0'
[Wed Oct  5 18:22:26 CDT 2022] response='**redacted**'
[Wed Oct  5 18:22:26 CDT 2022] h='domain.tld'
[Wed Oct  5 18:22:26 CDT 2022] h='**redacted**'
[Wed Oct  5 18:22:26 CDT 2022] _sub_domain='_acme-challenge.**redacted**'
[Wed Oct  5 18:22:26 CDT 2022] _domain='**redacted**'
[Wed Oct  5 18:22:26 CDT 2022] Getting txt records
[Wed Oct  5 18:22:26 CDT 2022] zones/**redacted**
[Wed Oct  5 18:22:26 CDT 2022] GET
[Wed Oct  5 18:22:26 CDT 2022] url='https://api.nsone.net/v1/zones/**redacted**'
[Wed Oct  5 18:22:26 CDT 2022] timeout=
[Wed Oct  5 18:22:26 CDT 2022] Http already initialized.
[Wed Oct  5 18:22:26 CDT 2022] _CURL='curl --silent --dump-header /acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Mo4RpgoiQf '
[Wed Oct  5 18:22:27 CDT 2022] ret='0'
[Wed Oct  5 18:22:27 CDT 2022] response='**redacted**'
[Wed Oct  5 18:22:27 CDT 2022] count='0'
[Wed Oct  5 18:22:27 CDT 2022] Adding record
[Wed Oct  5 18:22:27 CDT 2022] zones/**redacted**/_acme-challenge.domain.tld/TXT
[Wed Oct  5 18:22:27 CDT 2022] data='{"answers":[{"answer":["ZN5XwCpSBLWb6DmiOTCn1c7uPDa0vrTZayjWIHEtDTI"]}],"type":"TXT","domain":"_acme-challenge.domain.tld","zone":"**redacted**","ttl":0}'
[Wed Oct  5 18:22:27 CDT 2022] PUT
[Wed Oct  5 18:22:27 CDT 2022] _post_url='https://api.nsone.net/v1/zones/**redacted**/_acme-challenge.domain.tld/TXT'
[Wed Oct  5 18:22:27 CDT 2022] body='{"answers":[{"answer":["ZN5XwCpSBLWb6DmiOTCn1c7uPDa0vrTZayjWIHEtDTI"]}],"type":"TXT","domain":"_acme-challenge.domain.tld","zone":"**redacted**","ttl":0}'
[Wed Oct  5 18:22:27 CDT 2022] _postContentType
[Wed Oct  5 18:22:27 CDT 2022] Http already initialized.
[Wed Oct  5 18:22:27 CDT 2022] _CURL='curl --silent --dump-header /acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Mo4RpgoiQf '
[Wed Oct  5 18:22:28 CDT 2022] _ret='0'
[Wed Oct  5 18:22:28 CDT 2022] response='{"customer":7765,"domain":"_acme-challenge.domain.tld","zone":"**redacted**","updated_at":1665012148,"created_at":1665012148,"use_client_subnet":true,"answers":[{"answer":["ZN5XwCpSBLWb6DmiOTCn1c7uPDa0vrTZayjWIHEtDTI"],"id":"633e11b42d7d1000881e8547"}],"id":"633e11b42d7d10302c589452","regions":{},"meta":{},"tier":1,"zone_name":"**redacted**","type":"TXT","networks":[0]}'
[Wed Oct  5 18:22:28 CDT 2022] Added
[Wed Oct  5 18:22:28 CDT 2022] The txt record is added: Success.
[Wed Oct  5 18:22:28 CDT 2022] domain.tld,_acme-challenge.domain.tld,,dns_nsone,ZN5XwCpSBLWb6DmiOTCn1c7uPDa0vrTZayjWIHEtDTI,/root/.acme.sh/dnsapi/dns_nsone.sh

[Wed Oct  5 18:22:28 CDT 2022] d='domain.tld'
[Wed Oct  5 18:22:28 CDT 2022] _d_alias
[Wed Oct  5 18:22:28 CDT 2022] txtdomain='_acme-challenge.domain.tld'
[Wed Oct  5 18:22:28 CDT 2022] txt='s3iOmeKn606ItZW5Cj5vuzoH4AqqfpIr-L68v2lS6GM'
[Wed Oct  5 18:22:28 CDT 2022] d_api='/root/.acme.sh/dnsapi/dns_nsone.sh'
[Wed Oct  5 18:22:28 CDT 2022] dns_entry='domain.tld,_acme-challenge.domain.tld,,dns_nsone,s3iOmeKn606ItZW5Cj5vuzoH4AqqfpIr-L68v2lS6GM,/root/.acme.sh/dnsapi/dns_nsone.sh'
[Wed Oct  5 18:22:28 CDT 2022] Found domain api file: /root/.acme.sh/dnsapi/dns_nsone.sh
[Wed Oct  5 18:22:28 CDT 2022] Adding txt value: s3iOmeKn606ItZW5Cj5vuzoH4AqqfpIr-L68v2lS6GM for domain:  _acme-challenge.domain.tld
[Wed Oct  5 18:22:28 CDT 2022] First detect the root zone
[Wed Oct  5 18:22:28 CDT 2022] zones
[Wed Oct  5 18:22:28 CDT 2022] GET
[Wed Oct  5 18:22:28 CDT 2022] url='https://api.nsone.net/v1/zones'
[Wed Oct  5 18:22:28 CDT 2022] timeout=
[Wed Oct  5 18:22:28 CDT 2022] Http already initialized.
[Wed Oct  5 18:22:28 CDT 2022] _CURL='curl --silent --dump-header /acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Mo4RpgoiQf '
[Wed Oct  5 18:22:28 CDT 2022] ret='0'
[Wed Oct  5 18:22:28 CDT 2022] response='**redacted**'
[Wed Oct  5 18:22:28 CDT 2022] h='domain.tld'
[Wed Oct  5 18:22:28 CDT 2022] h='**redacted**'
[Wed Oct  5 18:22:28 CDT 2022] _sub_domain='_acme-challenge.**redacted**'
[Wed Oct  5 18:22:28 CDT 2022] _domain='**redacted**'
[Wed Oct  5 18:22:28 CDT 2022] Getting txt records
[Wed Oct  5 18:22:28 CDT 2022] zones/**redacted**
[Wed Oct  5 18:22:28 CDT 2022] GET
[Wed Oct  5 18:22:28 CDT 2022] url='https://api.nsone.net/v1/zones/**redacted**'
[Wed Oct  5 18:22:28 CDT 2022] timeout=
[Wed Oct  5 18:22:28 CDT 2022] Http already initialized.
[Wed Oct  5 18:22:28 CDT 2022] _CURL='curl --silent --dump-header /acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Mo4RpgoiQf '
[Wed Oct  5 18:22:28 CDT 2022] ret='0'
[Wed Oct  5 18:22:28 CDT 2022] response='**redacted**'
[Wed Oct  5 18:22:28 CDT 2022] count='0'
[Wed Oct  5 18:22:28 CDT 2022] Adding record
[Wed Oct  5 18:22:28 CDT 2022] zones/**redacted**/_acme-challenge.domain.tld/TXT
[Wed Oct  5 18:22:28 CDT 2022] data='{"answers":[{"answer":["s3iOmeKn606ItZW5Cj5vuzoH4AqqfpIr-L68v2lS6GM"]}],"type":"TXT","domain":"_acme-challenge.domain.tld","zone":"**redacted**","ttl":0}'
[Wed Oct  5 18:22:28 CDT 2022] PUT
[Wed Oct  5 18:22:28 CDT 2022] _post_url='https://api.nsone.net/v1/zones/**redacted**/_acme-challenge.domain.tld/TXT'
[Wed Oct  5 18:22:28 CDT 2022] body='{"answers":[{"answer":["s3iOmeKn606ItZW5Cj5vuzoH4AqqfpIr-L68v2lS6GM"]}],"type":"TXT","domain":"_acme-challenge.domain.tld","zone":"**redacted**","ttl":0}'
[Wed Oct  5 18:22:28 CDT 2022] _postContentType
[Wed Oct  5 18:22:28 CDT 2022] Http already initialized.
[Wed Oct  5 18:22:28 CDT 2022] _CURL='curl --silent --dump-header /acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Mo4RpgoiQf '
[Wed Oct  5 18:22:30 CDT 2022] _ret='0'
[Wed Oct  5 18:22:30 CDT 2022] response='{"message":"record already exists"}'
[Wed Oct  5 18:22:30 CDT 2022] Add txt record error.
[Wed Oct  5 18:22:30 CDT 2022] Error add txt for domain:_acme-challenge.domain.tld
[Wed Oct  5 18:22:30 CDT 2022] _on_issue_err
[Wed Oct  5 18:22:30 CDT 2022] Please check log file for more details: /acme.sh/acme.sh.log
[Wed Oct  5 18:22:30 CDT 2022] _chk_vlist='*.domain.tld#sfWI6YLBY-QgVbXvB6O7k89dYcmL4QlDFiD0Io-qrVs.kjiY7oF6h3VV6YxhkdIW70H55Oo7rI2SE8DE_uGvNzo#https://acme.zerossl.com/v2/DV90/chall/q0kEWBO6W001lLvXshskLw#dns-01#dns_nsone,domain.tld#BbQ51fhSPzA2OojbJjHW4Um8mH9fXekoopeNf6mo-zE.kjiY7oF6h3VV6YxhkdIW70H55Oo7rI2SE8DE_uGvNzo#https://acme.zerossl.com/v2/DV90/chall/TbAJQPrA1X0Hgx1pit-Y_A#dns-01#dns_nsone,'
[Wed Oct  5 18:22:30 CDT 2022] start to deactivate authz
[Wed Oct  5 18:22:30 CDT 2022] Trigger domain validation.
[Wed Oct  5 18:22:30 CDT 2022] _t_url='https://acme.zerossl.com/v2/DV90/chall/q0kEWBO6W001lLvXshskLw'
[Wed Oct  5 18:22:30 CDT 2022] _t_key_authz='sfWI6YLBY-QgVbXvB6O7k89dYcmL4QlDFiD0Io-qrVs.kjiY7oF6h3VV6YxhkdIW70H55Oo7rI2SE8DE_uGvNzo'
[Wed Oct  5 18:22:30 CDT 2022] _t_vtype
[Wed Oct  5 18:22:30 CDT 2022] url='https://acme.zerossl.com/v2/DV90/chall/q0kEWBO6W001lLvXshskLw'
[Wed Oct  5 18:22:30 CDT 2022] payload='{}'
[Wed Oct  5 18:22:30 CDT 2022] Use cached jwk for file: /acme.sh/ca/acme.zerossl.com/v2/DV90/account.key
[Wed Oct  5 18:22:30 CDT 2022] Use _CACHED_NONCE='kVpyrFaUqjFjRKlcwWcetV6OoXu1iBAJHmhzpft7mXM'
[Wed Oct  5 18:22:30 CDT 2022] nonce='kVpyrFaUqjFjRKlcwWcetV6OoXu1iBAJHmhzpft7mXM'
[Wed Oct  5 18:22:30 CDT 2022] POST
[Wed Oct  5 18:22:30 CDT 2022] _post_url='https://acme.zerossl.com/v2/DV90/chall/q0kEWBO6W001lLvXshskLw'
[Wed Oct  5 18:22:30 CDT 2022] body='{"protected": "eyJub25jZSI6ICJrVnB5ckZhVXFqRmpSS2xjd1djZXRWNk9vWHUxaUJBSkhtaHpwZnQ3bVhNIiwgInVybCI6ICJodHRwczovL2FjbWUuemVyb3NzbC5jb20vdjIvRFY5MC9jaGFsbC9xMGtFV0JPNlcwMDFsTHZYc2hza0x3IiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLnplcm9zc2wuY29tL3YyL0RWOTAvYWNjb3VudC84YkxObXhmMDBBTlpVUWNJdDV4SVBRIn0", "payload": "e30", "signature": "W1ohXwLRZWKPVrW08gut7Ap8YGtJ106RSA2hfdy-IrWOdsHDP6QcXoTfXBTt7B4fT47QeoqNakXSDLHIXcJAzvo6RAjYI4W73EE8-rJhbOB2nW0ZSF3sqgYf9HB3LYxcQILRFc3Kye6CttkoJYjfg95iIO5FsdJV3G2HmTLrscQ9ed6DyUvI-KPZJ7cPWJi5shKk-SElaf6l9dnxiq_t9p3sGLbqv3nKfgKb6YoVcPJfgd1UGF12xiZ8nuoxIvYvLBdHkVKhQU11YU8BeLBVfHfcgmaXYoP4Lfu58XAsQJrvREkVH8faTyImgeiP2q9SeuXVCZqmO24kDQK6ZKl6bg"}'
[Wed Oct  5 18:22:30 CDT 2022] _postContentType='application/jose+json'
[Wed Oct  5 18:22:30 CDT 2022] Http already initialized.
[Wed Oct  5 18:22:30 CDT 2022] _CURL='curl --silent --dump-header /acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Mo4RpgoiQf '
[Wed Oct  5 18:22:31 CDT 2022] _ret='0'
[Wed Oct  5 18:22:31 CDT 2022] responseHeaders='HTTP/2 200 
server: nginx
date: Wed, 05 Oct 2022 23:22:31 GMT
content-type: application/json
content-length: 163
replay-nonce: HMLU6Wi1el4kFwL3WAsmMkeYmdOmVxIxu81pBOS2hPk
cache-control: max-age=-1
access-control-allow-origin: *
link: <https://acme.zerossl.com/v2/DV90>;rel="index"
link: <https://acme.zerossl.com/v2/DV90/authz/OBykxtptGcRS4rYKWxKe6A>;rel="up"
retry-after: 10
strict-transport-security: max-age=15552000
'
[Wed Oct  5 18:22:31 CDT 2022] code='200'
[Wed Oct  5 18:22:31 CDT 2022] original='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/q0kEWBO6W001lLvXshskLw","status":"processing","token":"sfWI6YLBY-QgVbXvB6O7k89dYcmL4QlDFiD0Io-qrVs"}'
[Wed Oct  5 18:22:31 CDT 2022] response='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/q0kEWBO6W001lLvXshskLw","status":"processing","token":"sfWI6YLBY-QgVbXvB6O7k89dYcmL4QlDFiD0Io-qrVs"}'
[Wed Oct  5 18:22:31 CDT 2022] Trigger domain validation.
[Wed Oct  5 18:22:31 CDT 2022] _t_url='https://acme.zerossl.com/v2/DV90/chall/TbAJQPrA1X0Hgx1pit-Y_A'
[Wed Oct  5 18:22:31 CDT 2022] _t_key_authz='BbQ51fhSPzA2OojbJjHW4Um8mH9fXekoopeNf6mo-zE.kjiY7oF6h3VV6YxhkdIW70H55Oo7rI2SE8DE_uGvNzo'
[Wed Oct  5 18:22:31 CDT 2022] _t_vtype
[Wed Oct  5 18:22:31 CDT 2022] url='https://acme.zerossl.com/v2/DV90/chall/TbAJQPrA1X0Hgx1pit-Y_A'
[Wed Oct  5 18:22:31 CDT 2022] payload='{}'
[Wed Oct  5 18:22:31 CDT 2022] Use cached jwk for file: /acme.sh/ca/acme.zerossl.com/v2/DV90/account.key
[Wed Oct  5 18:22:31 CDT 2022] Use _CACHED_NONCE='HMLU6Wi1el4kFwL3WAsmMkeYmdOmVxIxu81pBOS2hPk'
[Wed Oct  5 18:22:31 CDT 2022] nonce='HMLU6Wi1el4kFwL3WAsmMkeYmdOmVxIxu81pBOS2hPk'
[Wed Oct  5 18:22:31 CDT 2022] POST
[Wed Oct  5 18:22:31 CDT 2022] _post_url='https://acme.zerossl.com/v2/DV90/chall/TbAJQPrA1X0Hgx1pit-Y_A'
[Wed Oct  5 18:22:31 CDT 2022] body='{"protected": "eyJub25jZSI6ICJITUxVNldpMWVsNGtGd0wzV0FzbU1rZVltZE9tVnhJeHU4MXBCT1MyaFBrIiwgInVybCI6ICJodHRwczovL2FjbWUuemVyb3NzbC5jb20vdjIvRFY5MC9jaGFsbC9UYkFKUVByQTFYMEhneDFwaXQtWV9BIiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLnplcm9zc2wuY29tL3YyL0RWOTAvYWNjb3VudC84YkxObXhmMDBBTlpVUWNJdDV4SVBRIn0", "payload": "e30", "signature": "Y9crLRSewhpXA9X6lu5cLmN-03IFbsq5oScXoMZ51-qEp0ACWoU7jQXwDKYMuKFq0Ueih4tAim8whMpqqk9A6Rj1AQ97ZXT16vpzzXao7G_JsugL5YOZGvTH-rb07d0IHze_n_44auGixufWCA3YNMljcOwI6pJ2WwFGhdUNSRDGXPN5d_7Y-5JyAfEc9ylSCSZgPcxeWhvtS3JGTB0xPqfzsszr_f-Fscq81WA6oYrsDNUOXeTIHEZK9WCyrE7rW0QitU1FHONR_7sIyC8Mk26Tabz4EcAIphs610Gyvb2ib2UWlCMj984S3ajP3uWciHMzj7bA95XG2xdedUigXQ"}'
[Wed Oct  5 18:22:31 CDT 2022] _postContentType='application/jose+json'
[Wed Oct  5 18:22:31 CDT 2022] Http already initialized.
[Wed Oct  5 18:22:31 CDT 2022] _CURL='curl --silent --dump-header /acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Mo4RpgoiQf '
[Wed Oct  5 18:22:32 CDT 2022] _ret='0'
[Wed Oct  5 18:22:32 CDT 2022] responseHeaders='HTTP/2 200 
server: nginx
date: Wed, 05 Oct 2022 23:22:32 GMT
content-type: application/json
content-length: 163
replay-nonce: uj166_FcdRUWO5Epq7ovzIwxdqzW__PXzuowe8wBVXs
cache-control: max-age=-1
access-control-allow-origin: *
link: <https://acme.zerossl.com/v2/DV90>;rel="index"
link: <https://acme.zerossl.com/v2/DV90/authz/iW2zRdd-DCFrzR3991jCaQ>;rel="up"
retry-after: 10
strict-transport-security: max-age=15552000
'
[Wed Oct  5 18:22:32 CDT 2022] code='200'
[Wed Oct  5 18:22:32 CDT 2022] original='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/TbAJQPrA1X0Hgx1pit-Y_A","status":"processing","token":"BbQ51fhSPzA2OojbJjHW4Um8mH9fXekoopeNf6mo-zE"}'
[Wed Oct  5 18:22:32 CDT 2022] response='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/TbAJQPrA1X0Hgx1pit-Y_A","status":"processing","token":"BbQ51fhSPzA2OojbJjHW4Um8mH9fXekoopeNf6mo-zE"}'
[Wed Oct  5 18:22:32 CDT 2022] Diagnosis versions: 
openssl:openssl
OpenSSL 1.1.1q  5 Jul 2022
apache:
apache doesn't exist.
nginx:
nginx doesn't exist.
socat:
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
socat version 1.7.4.2 on Nov  5 2021 20:38:01
   running on Linux version #1 SMP Fri Dec 6 15:49:49 UTC 2019, release 3.10.0-1062.9.1.el7.x86_64, machine x86_64
features:
  #define WITH_STDIO 1
  #define WITH_FDNUM 1
  #define WITH_FILE 1
  #define WITH_CREAT 1
  #define WITH_GOPEN 1
  #define WITH_TERMIOS 1
  #define WITH_PIPE 1
  #define WITH_UNIX 1
  #define WITH_ABSTRACT_UNIXSOCKET 1
  #define WITH_IP4 1
  #define WITH_IP6 1
  #define WITH_RAWIP 1
  #define WITH_GENERICSOCKET 1
  #define WITH_INTERFACE 1
  #define WITH_TCP 1
  #define WITH_UDP 1
  #define WITH_SCTP 1
  #define WITH_LISTEN 1
  #define WITH_SOCKS4 1
  #define WITH_SOCKS4A 1
  #define WITH_VSOCK 1
  #define WITH_PROXY 1
  #define WITH_SYSTEM 1
  #define WITH_EXEC 1
  #define WITH_READLINE 1
  #define WITH_TUN 1
  #define WITH_PTY 1
  #define WITH_OPENSSL 1
  #undef WITH_FIPS
  #undef WITH_LIBWRAP
  #define WITH_SYCLS 1
  #define WITH_FILAN 1
  #define WITH_RETRY 1
  #define WITH_MSGLEVEL 0 /*debug*/
[Wed Oct  5 18:22:32 CDT 2022] pid
[Wed Oct  5 18:22:32 CDT 2022] No need to restore nginx, skip.
[Wed Oct  5 18:22:32 CDT 2022] _clearupdns
[Wed Oct  5 18:22:32 CDT 2022] dns_entries='domain.tld,_acme-challenge.domain.tld,,dns_nsone,ZN5XwCpSBLWb6DmiOTCn1c7uPDa0vrTZayjWIHEtDTI,/root/.acme.sh/dnsapi/dns_nsone.sh
'
[Wed Oct  5 18:22:32 CDT 2022] Removing DNS records.
[Wed Oct  5 18:22:32 CDT 2022] d='domain.tld'
[Wed Oct  5 18:22:32 CDT 2022] txtdomain='_acme-challenge.domain.tld'
[Wed Oct  5 18:22:32 CDT 2022] aliasDomain='_acme-challenge.domain.tld'
[Wed Oct  5 18:22:32 CDT 2022] _currentRoot='dns_nsone'
[Wed Oct  5 18:22:32 CDT 2022] txt='ZN5XwCpSBLWb6DmiOTCn1c7uPDa0vrTZayjWIHEtDTI'
[Wed Oct  5 18:22:32 CDT 2022] d_api='/root/.acme.sh/dnsapi/dns_nsone.sh'
[Wed Oct  5 18:22:32 CDT 2022] Removing txt: ZN5XwCpSBLWb6DmiOTCn1c7uPDa0vrTZayjWIHEtDTI for domain: _acme-challenge.domain.tld
[Wed Oct  5 18:22:32 CDT 2022] First detect the root zone
[Wed Oct  5 18:22:32 CDT 2022] zones
[Wed Oct  5 18:22:32 CDT 2022] GET
[Wed Oct  5 18:22:32 CDT 2022] url='https://api.nsone.net/v1/zones'
[Wed Oct  5 18:22:32 CDT 2022] timeout=
[Wed Oct  5 18:22:32 CDT 2022] Http already initialized.
[Wed Oct  5 18:22:32 CDT 2022] _CURL='curl --silent --dump-header /acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Mo4RpgoiQf '
[Wed Oct  5 18:22:33 CDT 2022] ret='0'
[Wed Oct  5 18:22:33 CDT 2022] response='**redacted**'
[Wed Oct  5 18:22:33 CDT 2022] h='domain.tld'
[Wed Oct  5 18:22:33 CDT 2022] h='**redacted**'
[Wed Oct  5 18:22:33 CDT 2022] _sub_domain='_acme-challenge.**redacted**'
[Wed Oct  5 18:22:33 CDT 2022] _domain='**redacted**'
[Wed Oct  5 18:22:33 CDT 2022] Getting txt records
[Wed Oct  5 18:22:33 CDT 2022] zones/**redacted**/_acme-challenge.domain.tld/TXT
[Wed Oct  5 18:22:33 CDT 2022] GET
[Wed Oct  5 18:22:33 CDT 2022] url='https://api.nsone.net/v1/zones/**redacted**/_acme-challenge.domain.tld/TXT'
[Wed Oct  5 18:22:33 CDT 2022] timeout=
[Wed Oct  5 18:22:33 CDT 2022] Http already initialized.
[Wed Oct  5 18:22:33 CDT 2022] _CURL='curl --silent --dump-header /acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Mo4RpgoiQf '
[Wed Oct  5 18:22:33 CDT 2022] ret='0'
[Wed Oct  5 18:22:33 CDT 2022] response='{"domain":"_acme-challenge.domain.tld","zone":"**redacted**","updated_at":1665012148,"created_at":1665012148,"use_client_subnet":true,"answers":[{"answer":["ZN5XwCpSBLWb6DmiOTCn1c7uPDa0vrTZayjWIHEtDTI"],"id":"633e11b42d7d1000881e8547"}],"id":"633e11b42d7d10302c589452","regions":{},"meta":{},"filters":[],"tier":1,"zone_name":"**redacted**","type":"TXT","networks":[0]}'
[Wed Oct  5 18:22:33 CDT 2022] count='1'
[Wed Oct  5 18:22:33 CDT 2022] zones/**redacted**/_acme-challenge.domain.tld/TXT
[Wed Oct  5 18:22:33 CDT 2022] data
[Wed Oct  5 18:22:33 CDT 2022] DELETE
[Wed Oct  5 18:22:33 CDT 2022] _post_url='https://api.nsone.net/v1/zones/**redacted**/_acme-challenge.domain.tld/TXT'
[Wed Oct  5 18:22:33 CDT 2022] body
[Wed Oct  5 18:22:33 CDT 2022] _postContentType
[Wed Oct  5 18:22:33 CDT 2022] Http already initialized.
[Wed Oct  5 18:22:33 CDT 2022] _CURL='curl --silent --dump-header /acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Mo4RpgoiQf '
[Wed Oct  5 18:22:33 CDT 2022] _ret='0'
[Wed Oct  5 18:22:33 CDT 2022] response='{}'
[Wed Oct  5 18:22:33 CDT 2022] Removed: Success

[github-actions[bot]]

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.

[Hossy]

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.

I'm on the latest: v3.0.5

[begunfx]

Having the same problem. Running the latest v3.0.6 See #4644

[Neilpang]

please try with the latest code:

acme.sh --upgrade -b dev

[andrey-viber]

The same error for me, also on dev version

[andrey0001]

It's happened on dns_nsone when you use multi-domain with the same record. -d example.com -d *.example.com Second record cannot be create and received error:

Add txt record error.
Error add txt for domain:_acme-challenge.example.com
Please check log file for more details: /root/.acme.sh/acme.sh.log

Of course, when you start command second time, it works, because first domain already validated:

example.com is already verified, skip dns-01.

But question is - what will happen on renew?