Open bensonmcmoran opened 1 year ago
github-actions[bot]
commented
1 year ago Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.
crl0wryjr
commented
1 year ago Maybe not the same issue / solution for OP ... but then again, it's worth a shot.
This month the acme.sh script failed to auth and renew my certs w / Dynu. When I turned on --debug 2, I saw the following error: {“statusCode”:503,“type”:“Quota Exception”,“message”:“Failed.”} Turns out, with my free account on Dynu, I can only have a certain number of DNS entries and updating _acme-challenge somehow triggers the threshold. Late last month I added a bunch of entries to Dynu for testing ... so I deleted them, and now my renewal works.
Again, may not be the same issues ... but just in case. ---Rob
bensonmcmoran
commented
1 year ago Maybe not the same issue / solution for OP ... but then again, it's worth a shot.
This month the acme.sh script failed to auth and renew my certs w / Dynu. When I turned on --debug 2, I saw the following error: {“statusCode”:503,“type”:“Quota Exception”,“message”:“Failed.”} Turns out, with my free account on Dynu, I can only have a certain number of DNS entries and updating _acme-challenge somehow triggers the threshold. Late last month I added a bunch of entries to Dynu for testing ... so I deleted them, and now my renewal works.
Again, may not be the same issues ... but just in case. ---Rob
Thanks for the feedback Rob. I have a paid subscription to Dynu so I shouldn't be hitting any quotas.
Running acme.sh from a docker on Synology. Using a domain purchased from GoDaddy with nameservers pointed at Dynu for DNS records (paid subscription for Dynu). The issue certificate command appears to fail at the Dynu authentication check.
Steps to reproduce
Note: domain and API keys have been changed for security reasons,
export SYNO_Scheme="http"export SYNO_Hostname="localhost"export SYNO_Port="5000"export SYNO_Username='adminuser'export SYNO_Password='passwordforuserabove'export SYNO_Certificate="Description of Certificate"export SYNO_Create=1export Dynu_ClientId=74a068f7-6a8f-4cc5-b40d-b4f52c127bfcexport Dynu_Secret=UT3e7566WXXU6U7467f6526gffVX37acme.sh --upgrade --auto-upgradeacme.sh --set-default-ca --server letsencryptacme.sh --issue --dns dns_dynu -d mycustomdomain.net --debug 2Debug log
acme.sh --upgrade --auto-upgrade [Sun Apr 23 00:03:01 UTC 2023] Installing from online archive. [Sun Apr 23 00:03:01 UTC 2023] Downloading https://github.com/acmesh-official/acme.sh/archive/master.tar.gz [Sun Apr 23 00:03:02 UTC 2023] Extracting master.tar.gz [Sun Apr 23 00:03:02 UTC 2023] Using config home: /acme.sh [Sun Apr 23 00:03:02 UTC 2023] Installing to /root/.acme.sh [Sun Apr 23 00:03:02 UTC 2023] Installed to /root/.acme.sh/acme.sh [Sun Apr 23 00:03:03 UTC 2023] OK [Sun Apr 23 00:03:03 UTC 2023] Install success! [Sun Apr 23 00:03:03 UTC 2023] Upgrade success!
acme.sh --set-default-ca --server letsencrypt [Sun Apr 23 00:03:40 UTC 2023] Changed default CA to: https://acme-v02.api.letsencrypt.org/directory
acme.sh --issue --dns dns_dynu -d mycustomdomain.net --debug 2 [Sun Apr 23 00:12:09 UTC 2023] Lets find script dir. [Sun Apr 23 00:12:09 UTC 2023] SCRIPT='/usr/local/bin/acme.sh' [Sun Apr 23 00:12:09 UTC 2023] _script='/root/.acme.sh/acme.sh' [Sun Apr 23 00:12:09 UTC 2023] _script_home='/root/.acme.sh' [Sun Apr 23 00:12:09 UTC 2023] Using default home:/root/.acme.sh [Sun Apr 23 00:12:09 UTC 2023] Using config home:/acme.sh [Sun Apr 23 00:12:09 UTC 2023] LE_WORKING_DIR='/root/.acme.sh' https://github.com/acmesh-official/acme.sh v3.0.6 [Sun Apr 23 00:12:09 UTC 2023] Running cmd: issue [Sun Apr 23 00:12:09 UTC 2023] _main_domain='mycustomdomain.net' [Sun Apr 23 00:12:09 UTC 2023] _alt_domains='no' [Sun Apr 23 00:12:09 UTC 2023] Using config home:/acme.sh [Sun Apr 23 00:12:09 UTC 2023] default_acme_server='https://acme-v02.api.letsencrypt.org/directory' [Sun Apr 23 00:12:09 UTC 2023] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Sun Apr 23 00:12:09 UTC 2023] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org' [Sun Apr 23 00:12:09 UTC 2023] _ACME_SERVER_PATH='directory' [Sun Apr 23 00:12:09 UTC 2023] DOMAIN_PATH='/acme.sh/mycustomdomain.net_ecc' [Sun Apr 23 00:12:09 UTC 2023] 'dns_dynu' does not contain 'dns' [Sun Apr 23 00:12:09 UTC 2023] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory [Sun Apr 23 00:12:09 UTC 2023] _init api for server: https://acme-v02.api.letsencrypt.org/directory [Sun Apr 23 00:12:09 UTC 2023] GET [Sun Apr 23 00:12:09 UTC 2023] url='https://acme-v02.api.letsencrypt.org/directory' [Sun Apr 23 00:12:09 UTC 2023] timeout= [Sun Apr 23 00:12:09 UTC 2023] _CURL='curl --silent --dump-header /acme.sh/http.header -L --trace-ascii /tmp/tmp.fO9YXdCble -g ' [Sun Apr 23 00:12:09 UTC 2023] ret='0' [Sun Apr 23 00:12:09 UTC 2023] response='{ "R8xhfIGyZx4": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" }' [Sun Apr 23 00:12:09 UTC 2023] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change' [Sun Apr 23 00:12:09 UTC 2023] ACME_NEW_AUTHZ [Sun Apr 23 00:12:09 UTC 2023] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order' [Sun Apr 23 00:12:09 UTC 2023] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct' [Sun Apr 23 00:12:09 UTC 2023] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert' [Sun Apr 23 00:12:09 UTC 2023] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf' [Sun Apr 23 00:12:09 UTC 2023] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Sun Apr 23 00:12:09 UTC 2023] Using CA: https://acme-v02.api.letsencrypt.org/directory [Sun Apr 23 00:12:09 UTC 2023] _on_before_issue [Sun Apr 23 00:12:09 UTC 2023] _chk_main_domain='mycustomdomain.net' [Sun Apr 23 00:12:09 UTC 2023] _chk_alt_domains [Sun Apr 23 00:12:09 UTC 2023] 'dns_dynu' does not contain 'no' [Sun Apr 23 00:12:09 UTC 2023] Le_LocalAddress [Sun Apr 23 00:12:09 UTC 2023] d='mycustomdomain.net' [Sun Apr 23 00:12:09 UTC 2023] Check for domain='mycustomdomain.net' [Sun Apr 23 00:12:09 UTC 2023] _currentRoot='dns_dynu' [Sun Apr 23 00:12:09 UTC 2023] d [Sun Apr 23 00:12:09 UTC 2023] 'dns_dynu' does not contain 'apache' [Sun Apr 23 00:12:09 UTC 2023] config file is empty, can not read CA_KEY_HASH [Sun Apr 23 00:12:09 UTC 2023] _saved_account_key_hash [Sun Apr 23 00:12:09 UTC 2023] Using config home:/acme.sh [Sun Apr 23 00:12:09 UTC 2023] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Sun Apr 23 00:12:09 UTC 2023] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org' [Sun Apr 23 00:12:09 UTC 2023] _ACME_SERVER_PATH='directory' [Sun Apr 23 00:12:09 UTC 2023] _init api for server: https://acme-v02.api.letsencrypt.org/directory [Sun Apr 23 00:12:09 UTC 2023] length='ec-256' [Sun Apr 23 00:12:09 UTC 2023] Using config home:/acme.sh [Sun Apr 23 00:12:09 UTC 2023] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Sun Apr 23 00:12:09 UTC 2023] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org' [Sun Apr 23 00:12:09 UTC 2023] _ACME_SERVER_PATH='directory' [Sun Apr 23 00:12:09 UTC 2023] _createkey for file:/acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key [Sun Apr 23 00:12:09 UTC 2023] Use length 256 [Sun Apr 23 00:12:09 UTC 2023] Using ec name: prime256v1 [Sun Apr 23 00:12:09 UTC 2023] Create account key ok. [Sun Apr 23 00:12:09 UTC 2023] EC key [Sun Apr 23 00:12:09 UTC 2023] config file is empty, can not read CA_EAB_KEY_ID [Sun Apr 23 00:12:09 UTC 2023] config file is empty, can not read CA_EAB_HMAC_KEY [Sun Apr 23 00:12:09 UTC 2023] config file is empty, can not read CA_EMAIL [Sun Apr 23 00:12:09 UTC 2023] Registering account: https://acme-v02.api.letsencrypt.org/directory [Sun Apr 23 00:12:09 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/new-acct' [Sun Apr 23 00:12:09 UTC 2023] payload='{"termsOfServiceAgreed": true}' [Sun Apr 23 00:12:09 UTC 2023] Use cached jwk for file: /acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key [Sun Apr 23 00:12:09 UTC 2023] Get nonce with HEAD. ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Sun Apr 23 00:12:09 UTC 2023] HEAD [Sun Apr 23 00:12:09 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Sun Apr 23 00:12:09 UTC 2023] body [Sun Apr 23 00:12:09 UTC 2023] _postContentType='application/jose+json' [Sun Apr 23 00:12:09 UTC 2023] _CURL='curl --silent --dump-header /acme.sh/http.header -L --trace-ascii /tmp/tmp.2vMHRBJWWz -g -I ' [Sun Apr 23 00:12:10 UTC 2023] _ret='0' [Sun Apr 23 00:12:10 UTC 2023] _headers='HTTP/2 200 server: nginx date: Sun, 23 Apr 2023 00:12:10 GMT cache-control: public, max-age=0, no-cache link: https://acme-v02.api.letsencrypt.org/directory;rel="index" replay-nonce: 4397bsm1-Pbn2scyi9Voc4-0SJMvhJAwi0aczIGRr6l-zYI x-frame-options: DENY strict-transport-security: max-age=604800 ' [Sun Apr 23 00:12:10 UTC 2023] _CACHED_NONCE='4397bsm1-Pbn2scyi9Voc4-0SJMvhJAwi0aczIGRr6l-zYI' [Sun Apr 23 00:12:10 UTC 2023] nonce='4397bsm1-Pbn2scyi9Voc4-0SJMvhJAwi0aczIGRr6l-zYI' [Sun Apr 23 00:12:10 UTC 2023] POST [Sun Apr 23 00:12:10 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-acct' [Sun Apr 23 00:12:10 UTC 2023] body='{"protected": "eyJub25jZSI6ICI0Mzk3YnNtMS1QYm4yc2N5aTlWb2M0LTBTSk12aEpBd2kwYWN6SUdScjZsLXpZSSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LWFjY3QiLCAiYWxnIjogIkVTMjU2IiwgImp3ayI6IHsiY3J2IjogIlAtMjU2IiwgImt0eSI6ICJFQyIsICJ4IjogInF0MHhsTEhLV3JHQ2NueXFGVXZ3QUdxencxR29BRjdPdG5GRnlBUDgxRlUiLCAieSI6ICJnUVdkb3RLdks3cFRNamVkQXgzY2RGcXBYZWdaU2ZqYmJmNUIyeWpFLXFvIn19", "payload": "eyJ0ZXJtc09mU2VydmljZUFncmVlZCI6IHRydWV9", "signature": "JiRKu7XY6KQ6Cnha-SBsN8sqFyDuYJqd87yLE1MuB0k0WaaWoWmySc0RR72gwrS--qSeuF5tu_zSK8j_OUSOBQ"}' [Sun Apr 23 00:12:10 UTC 2023] _postContentType='application/jose+json' [Sun Apr 23 00:12:10 UTC 2023] Http already initialized. [Sun Apr 23 00:12:10 UTC 2023] _CURL='curl --silent --dump-header /acme.sh/http.header -L --trace-ascii /tmp/tmp.2vMHRBJWWz -g ' [Sun Apr 23 00:12:10 UTC 2023] _ret='0' [Sun Apr 23 00:12:10 UTC 2023] responseHeaders='HTTP/2 201 server: nginx date: Sun, 23 Apr 2023 00:12:10 GMT content-type: application/json content-length: 268 boulder-requester: 1074849507 cache-control: public, max-age=0, no-cache link: https://acme-v02.api.letsencrypt.org/directory;rel="index" link: https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf;rel="terms-of-service" location: https://acme-v02.api.letsencrypt.org/acme/acct/1074849507 replay-nonce: A5FEqe3U5zkhR_z9XyOxl1uE3AedcK7_YmpPTTDk3Nykpro x-frame-options: DENY strict-transport-security: max-age=604800 ' [Sun Apr 23 00:12:10 UTC 2023] code='201' [Sun Apr 23 00:12:10 UTC 2023] original='{ "key": { "kty": "EC", "crv": "P-256", "x": "qt0xlLHKWrGCcnyqFUvwAGqzw1GoAF7OtnFFyAP81FU", "y": "gQWdotKvK7pTMjedAx3cdFqpXegZSfjbbf5B2yjE-qo" }, "initialIp": "47.27.109.156", "createdAt": "2023-04-23T00:12:10.524504969Z", "status": "valid" }' [Sun Apr 23 00:12:10 UTC 2023] response='{"key":{"kty":"EC","crv":"P-256","x":"qt0xlLHKWrGCcnyqFUvwAGqzw1GoAF7OtnFFyAP81FU","y":"gQWdotKvK7pTMjedAx3cdFqpXegZSfjbbf5B2yjE-qo"},"initialIp":"47.27.109.156","createdAt":"2023-04-23T00:12:10.524504969Z","status":"valid"}' [Sun Apr 23 00:12:10 UTC 2023] Registered [Sun Apr 23 00:12:10 UTC 2023] responseHeaders='HTTP/2 201 server: nginx date: Sun, 23 Apr 2023 00:12:10 GMT content-type: application/json content-length: 268 boulder-requester: 1074849507 cache-control: public, max-age=0, no-cache link: https://acme-v02.api.letsencrypt.org/directory;rel="index" link: https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf;rel="terms-of-service" location: https://acme-v02.api.letsencrypt.org/acme/acct/1074849507 replay-nonce: A5FEqe3U5zkhR_z9XyOxl1uE3AedcK7_YmpPTTDk3Nykpro x-frame-options: DENY strict-transport-security: max-age=604800 ' [Sun Apr 23 00:12:10 UTC 2023] _accUri='https://acme-v02.api.letsencrypt.org/acme/acct/1074849507' [Sun Apr 23 00:12:10 UTC 2023] Calc CA_KEY_HASH='DM49SJsFEdHYEMo/d71x46mQhuN2feFaLxHM2J9Lg5M=' [Sun Apr 23 00:12:10 UTC 2023] ACCOUNT_THUMBPRINT='tF_BVZ8v5hYSCCSZ0p5COdMfqmqLHoehfPfpLgjUNx4' [Sun Apr 23 00:12:10 UTC 2023] Read key length:2048 [Sun Apr 23 00:12:10 UTC 2023] Creating domain key [Sun Apr 23 00:12:10 UTC 2023] Using config home:/acme.sh [Sun Apr 23 00:12:10 UTC 2023] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Sun Apr 23 00:12:10 UTC 2023] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org' [Sun Apr 23 00:12:10 UTC 2023] _ACME_SERVER_PATH='directory' [Sun Apr 23 00:12:10 UTC 2023] _createkey for file:/acme.sh/mycustomdomain.net_ecc/mycustomdomain.net.key [Sun Apr 23 00:12:10 UTC 2023] Use length 256 [Sun Apr 23 00:12:10 UTC 2023] Using ec name: prime256v1 [Sun Apr 23 00:12:10 UTC 2023] The domain key is here: /acme.sh/mycustomdomain.net_ecc/mycustomdomain.net.key [Sun Apr 23 00:12:10 UTC 2023] _createcsr [Sun Apr 23 00:12:10 UTC 2023] domain='mycustomdomain.net' [Sun Apr 23 00:12:10 UTC 2023] domainlist [Sun Apr 23 00:12:10 UTC 2023] csrkey='/acme.sh/mycustomdomain.net_ecc/mycustomdomain.net.key' [Sun Apr 23 00:12:10 UTC 2023] csr='/acme.sh/mycustomdomain.net_ecc/mycustomdomain.net.csr' [Sun Apr 23 00:12:10 UTC 2023] csrconf='/acme.sh/mycustomdomain.net_ecc/mycustomdomain.net.csr.conf' [Sun Apr 23 00:12:10 UTC 2023] Single domain='mycustomdomain.net' [Sun Apr 23 00:12:10 UTC 2023] seg='absenceoffear' [Sun Apr 23 00:12:10 UTC 2023] _is_idn_d='mycustomdomain.net' [Sun Apr 23 00:12:10 UTC 2023] _idn_temp [Sun Apr 23 00:12:10 UTC 2023] _is_idn_d='mycustomdomain.net' [Sun Apr 23 00:12:10 UTC 2023] _idn_temp [Sun Apr 23 00:12:10 UTC 2023] _csr_cn='mycustomdomain.net' [Sun Apr 23 00:12:10 UTC 2023] seg='absenceoffear' [Sun Apr 23 00:12:10 UTC 2023] Getting domain auth token for each domain [Sun Apr 23 00:12:10 UTC 2023] seg='absenceoffear' [Sun Apr 23 00:12:10 UTC 2023] _is_idn_d='mycustomdomain.net' [Sun Apr 23 00:12:10 UTC 2023] _idn_temp [Sun Apr 23 00:12:10 UTC 2023] d [Sun Apr 23 00:12:10 UTC 2023] _identifiers='{"type":"dns","value":"mycustomdomain.net"}' [Sun Apr 23 00:12:10 UTC 2023] _notBefore [Sun Apr 23 00:12:10 UTC 2023] _notAfter [Sun Apr 23 00:12:10 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Sun Apr 23 00:12:10 UTC 2023] payload='{"identifiers": [{"type":"dns","value":"mycustomdomain.net"}]}' [Sun Apr 23 00:12:10 UTC 2023] Use cached jwk for file: /acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key [Sun Apr 23 00:12:10 UTC 2023] Use _CACHED_NONCE='A5FEqe3U5zkhR_z9XyOxl1uE3AedcK7_YmpPTTDk3Nykpro' [Sun Apr 23 00:12:10 UTC 2023] nonce='A5FEqe3U5zkhR_z9XyOxl1uE3AedcK7_YmpPTTDk3Nykpro' [Sun Apr 23 00:12:10 UTC 2023] POST [Sun Apr 23 00:12:10 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Sun Apr 23 00:12:10 UTC 2023] body='{"protected": "eyJub25jZSI6ICJBNUZFcWUzVTV6a2hSX3o5WHlPeGwxdUUzQWVkY0s3X1ltcFBUVERrM055a3BybyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIiwgImFsZyI6ICJFUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xMDc0ODQ5NTA3In0", "payload": "eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6ImFic2VuY2VvZmZlYXIubmV0In1dfQ", "signature": "AIW9jT-TzrKZ62vQBDR_zjJa1L52ETClcr4fIIo9MwPV38TA522SYdWemGvTUTNlMoMZmqdLz5_OWW9DyBvOPg"}' [Sun Apr 23 00:12:10 UTC 2023] _postContentType='application/jose+json' [Sun Apr 23 00:12:10 UTC 2023] Http already initialized. [Sun Apr 23 00:12:10 UTC 2023] _CURL='curl --silent --dump-header /acme.sh/http.header -L --trace-ascii /tmp/tmp.2vMHRBJWWz -g ' [Sun Apr 23 00:12:11 UTC 2023] _ret='0' [Sun Apr 23 00:12:11 UTC 2023] responseHeaders='HTTP/2 201 server: nginx date: Sun, 23 Apr 2023 00:12:11 GMT content-type: application/json content-length: 343 boulder-requester: 1074849507 cache-control: public, max-age=0, no-cache link: https://acme-v02.api.letsencrypt.org/directory;rel="index" location: https://acme-v02.api.letsencrypt.org/acme/order/1074849507/177814328187 replay-nonce: 2712FHdC362iPyEBgGv019kkwP4kDKcV-OMzrOQflLKOJyw x-frame-options: DENY strict-transport-security: max-age=604800 ' [Sun Apr 23 00:12:11 UTC 2023] code='201' [Sun Apr 23 00:12:11 UTC 2023] original='{ "status": "pending", "expires": "2023-04-30T00:12:11Z", "identifiers": [ { "type": "dns", "value": "mycustomdomain.net" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/221703278547" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/1074849507/177814328187" }' [Sun Apr 23 00:12:11 UTC 2023] response='{"status":"pending","expires":"2023-04-30T00:12:11Z","identifiers":[{"type":"dns","value":"mycustomdomain.net"}],"authorizations":["https://acme-v02.api.letsencrypt.org/acme/authz-v3/221703278547"],"finalize":"https://acme-v02.api.letsencrypt.org/acme/finalize/1074849507/177814328187"}' [Sun Apr 23 00:12:11 UTC 2023] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/1074849507/177814328187' [Sun Apr 23 00:12:11 UTC 2023] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/1074849507/177814328187' [Sun Apr 23 00:12:11 UTC 2023] _authorizations_seg='https://acme-v02.api.letsencrypt.org/acme/authz-v3/221703278547' [Sun Apr 23 00:12:11 UTC 2023] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/221703278547' [Sun Apr 23 00:12:11 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/221703278547' [Sun Apr 23 00:12:11 UTC 2023] payload [Sun Apr 23 00:12:11 UTC 2023] Use cached jwk for file: /acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key [Sun Apr 23 00:12:11 UTC 2023] Use _CACHED_NONCE='2712FHdC362iPyEBgGv019kkwP4kDKcV-OMzrOQflLKOJyw' [Sun Apr 23 00:12:11 UTC 2023] nonce='2712FHdC362iPyEBgGv019kkwP4kDKcV-OMzrOQflLKOJyw' [Sun Apr 23 00:12:11 UTC 2023] POST [Sun Apr 23 00:12:11 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/221703278547' [Sun Apr 23 00:12:11 UTC 2023] body='{"protected": "eyJub25jZSI6ICIyNzEyRkhkQzM2MmlQeUVCZ0d2MDE5a2t3UDRrREtjVi1PTXpyT1FmbExLT0p5dyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjIxNzAzMjc4NTQ3IiwgImFsZyI6ICJFUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xMDc0ODQ5NTA3In0", "payload": "", "signature": "Z27OItHdacGTqCEQbT47MldBtAg2qXAuDmmYs3VT42G5-D_nU_8VNQEz5fgaW--WdF5ETlQQZe6ynQcn9-tzYQ"}' [Sun Apr 23 00:12:11 UTC 2023] _postContentType='application/jose+json' [Sun Apr 23 00:12:11 UTC 2023] Http already initialized. [Sun Apr 23 00:12:11 UTC 2023] _CURL='curl --silent --dump-header /acme.sh/http.header -L --trace-ascii /tmp/tmp.2vMHRBJWWz -g ' [Sun Apr 23 00:12:11 UTC 2023] _ret='0' [Sun Apr 23 00:12:11 UTC 2023] responseHeaders='HTTP/2 200 server: nginx date: Sun, 23 Apr 2023 00:12:11 GMT content-type: application/json content-length: 801 boulder-requester: 1074849507 cache-control: public, max-age=0, no-cache link: https://acme-v02.api.letsencrypt.org/directory;rel="index" replay-nonce: 371Ca7M7PgWjCKc5k0OvReY9m8jaGV9wiCm1iEAZaIz-oOE x-frame-options: DENY strict-transport-security: max-age=604800 ' [Sun Apr 23 00:12:11 UTC 2023] code='200' [Sun Apr 23 00:12:11 UTC 2023] original='{ "identifier": { "type": "dns", "value": "mycustomdomain.net" }, "status": "pending", "expires": "2023-04-30T00:12:11Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/VsVKdQ", "token": "15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/U2VJ0Q", "token": "15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/dRNMPA", "token": "15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY" } ] }' [Sun Apr 23 00:12:11 UTC 2023] response='{"identifier":{"type":"dns","value":"mycustomdomain.net"},"status":"pending","expires":"2023-04-30T00:12:11Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/VsVKdQ","token":"15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/U2VJ0Q","token":"15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/dRNMPA","token":"15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY"}]}' [Sun Apr 23 00:12:11 UTC 2023] response='{"identifier":{"type":"dns","value":"mycustomdomain.net"},"status":"pending","expires":"2023-04-30T00:12:11Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/VsVKdQ","token":"15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/U2VJ0Q","token":"15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/dRNMPA","token":"15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY"}]}' [Sun Apr 23 00:12:11 UTC 2023] _d='mycustomdomain.net' [Sun Apr 23 00:12:11 UTC 2023] _authorizations_map='mycustomdomain.net,{"identifier":{"type":"dns","value":"mycustomdomain.net"},"status":"pending","expires":"2023-04-30T00:12:11Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/VsVKdQ","token":"15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/U2VJ0Q","token":"15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/dRNMPA","token":"15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY"}]} ' [Sun Apr 23 00:12:11 UTC 2023] d='mycustomdomain.net' [Sun Apr 23 00:12:11 UTC 2023] Getting webroot for domain='mycustomdomain.net' [Sun Apr 23 00:12:11 UTC 2023] _w='dns_dynu' [Sun Apr 23 00:12:11 UTC 2023] _currentRoot='dns_dynu' [Sun Apr 23 00:12:11 UTC 2023] _is_idn_d='mycustomdomain.net' [Sun Apr 23 00:12:11 UTC 2023] _idn_temp [Sun Apr 23 00:12:11 UTC 2023] _candidates='mycustomdomain.net,{"identifier":{"type":"dns","value":"mycustomdomain.net"},"status":"pending","expires":"2023-04-30T00:12:11Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/VsVKdQ","token":"15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/U2VJ0Q","token":"15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/dRNMPA","token":"15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY"}]}' [Sun Apr 23 00:12:11 UTC 2023] response='{"identifier":{"type":"dns","value":"mycustomdomain.net"},"status":"pending","expires":"2023-04-30T00:12:11Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/VsVKdQ","token":"15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/U2VJ0Q","token":"15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/dRNMPA","token":"15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY"}]}' [Sun Apr 23 00:12:11 UTC 2023] entry='"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/U2VJ0Q","token":"15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY"' [Sun Apr 23 00:12:11 UTC 2023] token='15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY' [Sun Apr 23 00:12:11 UTC 2023] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/U2VJ0Q' [Sun Apr 23 00:12:11 UTC 2023] keyauthorization='15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY.tF_BVZ8v5hYSCCSZ0p5COdMfqmqLHoehfPfpLgjUNx4' [Sun Apr 23 00:12:11 UTC 2023] dvlist='mycustomdomain.net#15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY.tF_BVZ8v5hYSCCSZ0p5COdMfqmqLHoehfPfpLgjUNx4#https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/U2VJ0Q#dns-01#dns_dynu' [Sun Apr 23 00:12:11 UTC 2023] d [Sun Apr 23 00:12:11 UTC 2023] vlist='mycustomdomain.net#15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY.tF_BVZ8v5hYSCCSZ0p5COdMfqmqLHoehfPfpLgjUNx4#https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/U2VJ0Q#dns-01#dns_dynu,' [Sun Apr 23 00:12:11 UTC 2023] d='mycustomdomain.net' [Sun Apr 23 00:12:11 UTC 2023] _d_alias [Sun Apr 23 00:12:11 UTC 2023] txtdomain='_acme-challenge.mycustomdomain.net' [Sun Apr 23 00:12:11 UTC 2023] txt='IyK2BiQgSxxomsouU-QARfCN-IJ2Cw8SSpHhHgSAnJc' [Sun Apr 23 00:12:11 UTC 2023] d_api='/root/.acme.sh/dnsapi/dns_dynu.sh' [Sun Apr 23 00:12:11 UTC 2023] dns_entry='mycustomdomain.net,_acme-challenge.mycustomdomain.net,,dns_dynu,IyK2BiQgSxxomsouU-QARfCN-IJ2Cw8SSpHhHgSAnJc,/root/.acme.sh/dnsapi/dns_dynu.sh' [Sun Apr 23 00:12:11 UTC 2023] Found domain api file: /root/.acme.sh/dnsapi/dns_dynu.sh [Sun Apr 23 00:12:11 UTC 2023] Adding txt value: IyK2BiQgSxxomsouU-QARfCN-IJ2Cw8SSpHhHgSAnJc for domain: _acme-challenge.mycustomdomain.net [Sun Apr 23 00:12:11 UTC 2023] Getting Dynu token. [Sun Apr 23 00:12:11 UTC 2023] GET [Sun Apr 23 00:12:11 UTC 2023] url='https://api.dynu.com/v2/oauth2/token' [Sun Apr 23 00:12:11 UTC 2023] timeout= [Sun Apr 23 00:12:11 UTC 2023] Http already initialized. [Sun Apr 23 00:12:11 UTC 2023] _CURL='curl --silent --dump-header /acme.sh/http.header -L --trace-ascii /tmp/tmp.2vMHRBJWWz -g ' [Sun Apr 23 00:12:12 UTC 2023] ret='0' [Sun Apr 23 00:12:12 UTC 2023] Authentication failed. [Sun Apr 23 00:12:12 UTC 2023] Can not get token. [Sun Apr 23 00:12:12 UTC 2023] Detect root zone [Sun Apr 23 00:12:12 UTC 2023] h='mycustomdomain.net' [Sun Apr 23 00:12:12 UTC 2023] dns/getroot/mycustomdomain.net [Sun Apr 23 00:12:12 UTC 2023] Getting https://api.dynu.com/v2/dns/getroot/mycustomdomain.net [Sun Apr 23 00:12:12 UTC 2023] GET [Sun Apr 23 00:12:12 UTC 2023] url='https://api.dynu.com/v2/dns/getroot/mycustomdomain.net' [Sun Apr 23 00:12:12 UTC 2023] timeout= [Sun Apr 23 00:12:12 UTC 2023] Http already initialized. [Sun Apr 23 00:12:12 UTC 2023] _CURL='curl --silent --dump-header /acme.sh/http.header -L --trace-ascii /tmp/tmp.2vMHRBJWWz -g ' [Sun Apr 23 00:12:13 UTC 2023] ret='0' [Sun Apr 23 00:12:13 UTC 2023] response='{"statusCode":401,"type":"Authentication Exception","message":"Failed."}' [Sun Apr 23 00:12:13 UTC 2023] h='net' [Sun Apr 23 00:12:13 UTC 2023] dns/getroot/net [Sun Apr 23 00:12:13 UTC 2023] Getting https://api.dynu.com/v2/dns/getroot/net [Sun Apr 23 00:12:13 UTC 2023] GET [Sun Apr 23 00:12:13 UTC 2023] url='https://api.dynu.com/v2/dns/getroot/net' [Sun Apr 23 00:12:13 UTC 2023] timeout= [Sun Apr 23 00:12:13 UTC 2023] Http already initialized. [Sun Apr 23 00:12:13 UTC 2023] _CURL='curl --silent --dump-header /acme.sh/http.header -L --trace-ascii /tmp/tmp.2vMHRBJWWz -g ' [Sun Apr 23 00:12:13 UTC 2023] ret='0' [Sun Apr 23 00:12:13 UTC 2023] response='{"statusCode":401,"type":"Authentication Exception","message":"Failed."}' [Sun Apr 23 00:12:13 UTC 2023] h [Sun Apr 23 00:12:13 UTC 2023] Invalid domain. [Sun Apr 23 00:12:13 UTC 2023] Error add txt for domain:_acme-challenge.mycustomdomain.net [Sun Apr 23 00:12:13 UTC 2023] _on_issue_err [Sun Apr 23 00:12:13 UTC 2023] Please add '--debug' or '--log' to check more details. [Sun Apr 23 00:12:13 UTC 2023] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Sun Apr 23 00:12:13 UTC 2023] _chk_vlist='mycustomdomain.net#15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY.tF_BVZ8v5hYSCCSZ0p5COdMfqmqLHoehfPfpLgjUNx4#https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/U2VJ0Q#dns-01#dns_dynu,' [Sun Apr 23 00:12:13 UTC 2023] start to deactivate authz [Sun Apr 23 00:12:13 UTC 2023] Trigger domain validation. [Sun Apr 23 00:12:13 UTC 2023] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/U2VJ0Q' [Sun Apr 23 00:12:13 UTC 2023] _t_key_authz='15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY.tF_BVZ8v5hYSCCSZ0p5COdMfqmqLHoehfPfpLgjUNx4' [Sun Apr 23 00:12:13 UTC 2023] _t_vtype [Sun Apr 23 00:12:13 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/U2VJ0Q' [Sun Apr 23 00:12:13 UTC 2023] payload='{}' [Sun Apr 23 00:12:13 UTC 2023] Use cached jwk for file: /acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key [Sun Apr 23 00:12:13 UTC 2023] Use _CACHED_NONCE='371Ca7M7PgWjCKc5k0OvReY9m8jaGV9wiCm1iEAZaIz-oOE' [Sun Apr 23 00:12:13 UTC 2023] nonce='371Ca7M7PgWjCKc5k0OvReY9m8jaGV9wiCm1iEAZaIz-oOE' [Sun Apr 23 00:12:13 UTC 2023] POST [Sun Apr 23 00:12:13 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/U2VJ0Q' [Sun Apr 23 00:12:13 UTC 2023] body='{"protected": "eyJub25jZSI6ICIzNzFDYTdNN1BnV2pDS2M1azBPdlJlWTltOGphR1Y5d2lDbTFpRUFaYUl6LW9PRSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMjIxNzAzMjc4NTQ3L1UyVkowUSIsICJhbGciOiAiRVMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTA3NDg0OTUwNyJ9", "payload": "e30", "signature": "G1grYcM4ZC5prxRPhnIzOVKAFzpX0grfB7y4D5TY3NECYnkCsjC4yAt8Jdo1f0BoHej5VZ574FPNmQgbTMVngw"}' [Sun Apr 23 00:12:13 UTC 2023] _postContentType='application/jose+json' [Sun Apr 23 00:12:13 UTC 2023] Http already initialized. [Sun Apr 23 00:12:13 UTC 2023] _CURL='curl --silent --dump-header /acme.sh/http.header -L --trace-ascii /tmp/tmp.2vMHRBJWWz -g ' [Sun Apr 23 00:12:14 UTC 2023] _ret='0' [Sun Apr 23 00:12:14 UTC 2023] responseHeaders='HTTP/2 200 server: nginx date: Sun, 23 Apr 2023 00:12:14 GMT content-type: application/json content-length: 186 boulder-requester: 1074849507 cache-control: public, max-age=0, no-cache link: https://acme-v02.api.letsencrypt.org/directory;rel="index" link: https://acme-v02.api.letsencrypt.org/acme/authz-v3/221703278547;rel="up" location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/U2VJ0Q replay-nonce: C878UnZ3pX2HxJuYpvf2KsAMbYuw_ECIa0uZH3KbvShecIA x-frame-options: DENY strict-transport-security: max-age=604800 ' [Sun Apr 23 00:12:14 UTC 2023] code='200' [Sun Apr 23 00:12:14 UTC 2023] original='{ "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/U2VJ0Q", "token": "15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY" }' [Sun Apr 23 00:12:14 UTC 2023] response='{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/221703278547/U2VJ0Q","token":"15KiIGLIUu3jQvxQ6zmQS4Pa95ywO1oK6newIgSktxY"}' [Sun Apr 23 00:12:14 UTC 2023] Diagnosis versions: openssl:openssl OpenSSL 3.0.8 7 Feb 2023 (Library: OpenSSL 3.0.8 7 Feb 2023) apache: apache doesn't exist. nginx: nginx doesn't exist. socat: socat by Gerhard Rieger and contributors - see www.dest-unreach.org socat version 1.7.4.4 on 31 Oct 2022 04:42:14 running on Linux version #42962 SMP Fri Mar 24 00:28:41 CST 2023, release 3.10.108, machine x86_64 features:
define WITH_STDIO 1
define WITH_FDNUM 1
define WITH_FILE 1
define WITH_CREAT 1
define WITH_GOPEN 1
define WITH_TERMIOS 1
define WITH_PIPE 1
define WITH_UNIX 1
define WITH_ABSTRACT_UNIXSOCKET 1
define WITH_IP4 1
define WITH_IP6 1
define WITH_RAWIP 1
define WITH_GENERICSOCKET 1
define WITH_INTERFACE 1
define WITH_TCP 1
define WITH_UDP 1
define WITH_SCTP 1
define WITH_LISTEN 1
define WITH_SOCKS4 1
define WITH_SOCKS4A 1
define WITH_VSOCK 1
define WITH_PROXY 1
define WITH_SYSTEM 1
define WITH_EXEC 1
define WITH_READLINE 1
define WITH_TUN 1
define WITH_PTY 1
define WITH_OPENSSL 1
undef WITH_FIPS
undef WITH_LIBWRAP
define WITH_SYCLS 1
define WITH_FILAN 1
define WITH_RETRY 1
define WITH_MSGLEVEL 0 /debug/
[Sun Apr 23 00:12:14 UTC 2023] pid [Sun Apr 23 00:12:14 UTC 2023] No need to restore nginx, skip. [Sun Apr 23 00:12:14 UTC 2023] _clearupdns [Sun Apr 23 00:12:14 UTC 2023] dns_entries [Sun Apr 23 00:12:14 UTC 2023] skip dns.