search

acmesh-official / acme.sh

A pure Unix shell script implementing ACME client protocol
https://acme.sh
GNU General Public License v3.0
39.34k stars 4.97k forks source link

letsencrypt certificate with tls-alpn challenge on port 443 still uses port 80 #4802

Open abaisero opened 1 year ago

abaisero commented 1 year ago

I am unable to get a certificate from letsencrypt using the tls-alpn-01 challenge method. My IPS blocks port 80, but leaves port 443 open, hence why I'm trying to use the tls-alpn challenge method. I cannot use the http-01 NOR the dns-01 challenges, it has to be something that works on port 443.

Steps to reproduce

I upgrade

acme.sh --upgrade

Zerossl does not implement tls-alpn as far as I understand, so first I change the default CA

acme.sh --set-default-ca --server letsencrypt

Then I try to issue the certificate; I turn my nginx instance off, and I run

acme.sh --issue -d abaisero.ddns.net --alpn --tlsport 443 --debug 2

It seems to work for a bit (longer than the http method), but then it fails as the connection gets refused; it almost looks like it's still trying to access the server on port 80, but I'm not really sure. I really need to find some way to get some certificate that works using ONLY the port 443, nothing else can or will ever work. Everywhere I look online they keep saying this should be possible.

Debug log

[Thu 21 Sep 17:49:35 BST 2023] Lets find script dir.
[Thu 21 Sep 17:49:35 BST 2023] _SCRIPT_='/home/abaisero/.acme.sh/acme.sh'
[Thu 21 Sep 17:49:35 BST 2023] _script='/home/abaisero/.acme.sh/acme.sh'
[Thu 21 Sep 17:49:35 BST 2023] _script_home='/home/abaisero/.acme.sh'
[Thu 21 Sep 17:49:35 BST 2023] Using config home:/home/abaisero/.acme.sh
[Thu 21 Sep 17:49:35 BST 2023] LE_WORKING_DIR='/home/abaisero/.acme.sh'
https://github.com/acmesh-official/acme.sh
v3.0.7
[Thu 21 Sep 17:49:35 BST 2023] Running cmd: issue
[Thu 21 Sep 17:49:35 BST 2023] _main_domain='abaisero.ddns.net'
[Thu 21 Sep 17:49:35 BST 2023] _alt_domains='no'
[Thu 21 Sep 17:49:35 BST 2023] Using config home:/home/abaisero/.acme.sh
[Thu 21 Sep 17:49:35 BST 2023] default_acme_server='https://acme-v02.api.letsencrypt.org/directory'
[Thu 21 Sep 17:49:35 BST 2023] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Thu 21 Sep 17:49:35 BST 2023] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Thu 21 Sep 17:49:35 BST 2023] _ACME_SERVER_PATH='directory'
[Thu 21 Sep 17:49:35 BST 2023] DOMAIN_PATH='/home/abaisero/.acme.sh/abaisero.ddns.net_ecc'
[Thu 21 Sep 17:49:35 BST 2023] 'alpn' does not contain 'dns'
[Thu 21 Sep 17:49:35 BST 2023] Le_NextRenewTime
[Thu 21 Sep 17:49:35 BST 2023] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Thu 21 Sep 17:49:35 BST 2023] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Thu 21 Sep 17:49:35 BST 2023] GET
[Thu 21 Sep 17:49:35 BST 2023] url='https://acme-v02.api.letsencrypt.org/directory'
[Thu 21 Sep 17:49:35 BST 2023] timeout=
[Thu 21 Sep 17:49:35 BST 2023] _CURL='curl --silent --dump-header /home/abaisero/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.tEudGzpYj2  -g '
[Thu 21 Sep 17:49:36 BST 2023] ret='0'
[Thu 21 Sep 17:49:36 BST 2023] response='{
  "W9YQtWI1Yng": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-01/renewalInfo/",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}'
[Thu 21 Sep 17:49:36 BST 2023] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Thu 21 Sep 17:49:36 BST 2023] ACME_NEW_AUTHZ
[Thu 21 Sep 17:49:36 BST 2023] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Thu 21 Sep 17:49:36 BST 2023] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Thu 21 Sep 17:49:36 BST 2023] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Thu 21 Sep 17:49:36 BST 2023] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf'
[Thu 21 Sep 17:49:36 BST 2023] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Thu 21 Sep 17:49:36 BST 2023] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Thu 21 Sep 17:49:36 BST 2023] _on_before_issue
[Thu 21 Sep 17:49:36 BST 2023] _chk_main_domain='abaisero.ddns.net'
[Thu 21 Sep 17:49:36 BST 2023] _chk_alt_domains
[Thu 21 Sep 17:49:36 BST 2023] 'alpn' does not contain 'no'
[Thu 21 Sep 17:49:36 BST 2023] Le_LocalAddress
[Thu 21 Sep 17:49:36 BST 2023] d='abaisero.ddns.net'
[Thu 21 Sep 17:49:36 BST 2023] Check for domain='abaisero.ddns.net'
[Thu 21 Sep 17:49:36 BST 2023] _currentRoot='alpn'
[Thu 21 Sep 17:49:36 BST 2023] Standalone alpn mode.
[Thu 21 Sep 17:49:36 BST 2023] _checkport='443'
[Thu 21 Sep 17:49:36 BST 2023] _checkaddr
[Thu 21 Sep 17:49:36 BST 2023] Using: ss
[Thu 21 Sep 17:49:36 BST 2023] d
[Thu 21 Sep 17:49:36 BST 2023] 'alpn' does not contain 'apache'
[Thu 21 Sep 17:49:36 BST 2023] _saved_account_key_hash='ppdh6nKAbPX1dD00tuwl9Sj+7grZF/LZf6WAo9j3bFA='
[Thu 21 Sep 17:49:37 BST 2023] _saved_account_key_hash is not changed, skip register account.
[Thu 21 Sep 17:49:37 BST 2023] Read key length:ec-256
[Thu 21 Sep 17:49:37 BST 2023] _createcsr
[Thu 21 Sep 17:49:37 BST 2023] domain='abaisero.ddns.net'
[Thu 21 Sep 17:49:37 BST 2023] domainlist
[Thu 21 Sep 17:49:37 BST 2023] csrkey='/home/abaisero/.acme.sh/abaisero.ddns.net_ecc/abaisero.ddns.net.key'
[Thu 21 Sep 17:49:37 BST 2023] csr='/home/abaisero/.acme.sh/abaisero.ddns.net_ecc/abaisero.ddns.net.csr'
[Thu 21 Sep 17:49:37 BST 2023] csrconf='/home/abaisero/.acme.sh/abaisero.ddns.net_ecc/abaisero.ddns.net.csr.conf'
[Thu 21 Sep 17:49:37 BST 2023] Single domain='abaisero.ddns.net'
[Thu 21 Sep 17:49:37 BST 2023] seg='abaisero'
[Thu 21 Sep 17:49:37 BST 2023] _is_idn_d='abaisero.ddns.net'
[Thu 21 Sep 17:49:37 BST 2023] _idn_temp
[Thu 21 Sep 17:49:37 BST 2023] _is_idn_d='abaisero.ddns.net'
[Thu 21 Sep 17:49:37 BST 2023] _idn_temp
[Thu 21 Sep 17:49:37 BST 2023] _csr_cn='abaisero.ddns.net'
[Thu 21 Sep 17:49:37 BST 2023] seg='abaisero'
[Thu 21 Sep 17:49:37 BST 2023] Getting domain auth token for each domain
[Thu 21 Sep 17:49:37 BST 2023] seg='abaisero'
[Thu 21 Sep 17:49:37 BST 2023] _is_idn_d='abaisero.ddns.net'
[Thu 21 Sep 17:49:37 BST 2023] _idn_temp
[Thu 21 Sep 17:49:37 BST 2023] d
[Thu 21 Sep 17:49:37 BST 2023] _identifiers='{"type":"dns","value":"abaisero.ddns.net"}'
[Thu 21 Sep 17:49:37 BST 2023] _notBefore
[Thu 21 Sep 17:49:37 BST 2023] _notAfter
[Thu 21 Sep 17:49:37 BST 2023] =======Begin Send Signed Request=======
[Thu 21 Sep 17:49:37 BST 2023] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Thu 21 Sep 17:49:37 BST 2023] payload='{"identifiers": [{"type":"dns","value":"abaisero.ddns.net"}]}'
[Thu 21 Sep 17:49:37 BST 2023] EC key
[Thu 21 Sep 17:49:37 BST 2023] Get nonce with HEAD. ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Thu 21 Sep 17:49:37 BST 2023] HEAD
[Thu 21 Sep 17:49:37 BST 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Thu 21 Sep 17:49:37 BST 2023] body
[Thu 21 Sep 17:49:37 BST 2023] _postContentType='application/jose+json'
[Thu 21 Sep 17:49:37 BST 2023] _CURL='curl --silent --dump-header /home/abaisero/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Z14Podg7T2  -g  -I  '
[Thu 21 Sep 17:49:38 BST 2023] _ret='0'
[Thu 21 Sep 17:49:38 BST 2023] _headers='HTTP/2 200 
server: nginx
date: Thu, 21 Sep 2023 16:49:38 GMT
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: R3UB_MpORs80h2NJiZRMgy90Erti4PXfzTc5IbYSzjdeA6fviRw
x-frame-options: DENY
strict-transport-security: max-age=604800

'
[Thu 21 Sep 17:49:38 BST 2023] _CACHED_NONCE='R3UB_MpORs80h2NJiZRMgy90Erti4PXfzTc5IbYSzjdeA6fviRw'
[Thu 21 Sep 17:49:38 BST 2023] nonce='R3UB_MpORs80h2NJiZRMgy90Erti4PXfzTc5IbYSzjdeA6fviRw'
[Thu 21 Sep 17:49:38 BST 2023] POST
[Thu 21 Sep 17:49:38 BST 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Thu 21 Sep 17:49:38 BST 2023] body='{"protected": "eyJub25jZSI6ICJSM1VCX01wT1JzODBoMk5KaVpSTWd5OTBFcnRpNFBYZnpUYzVJYllTempkZUE2ZnZpUnciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciIsICJhbGciOiAiRVMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTMyMDc4MTg5NiJ9", "payload": "eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6ImFiYWlzZXJvLmRkbnMubmV0In1dfQ", "signature": "PPCGRZuIFBn-zTTARAGK-huTnXT5qL1kbqK-Iglk07SY-x93PElN9Gr9VloR3KJ9TRKbX8xunnr54jRXYUoIrw"}'
[Thu 21 Sep 17:49:38 BST 2023] _postContentType='application/jose+json'
[Thu 21 Sep 17:49:38 BST 2023] Http already initialized.
[Thu 21 Sep 17:49:38 BST 2023] _CURL='curl --silent --dump-header /home/abaisero/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Z14Podg7T2  -g '
[Thu 21 Sep 17:49:38 BST 2023] _ret='0'
[Thu 21 Sep 17:49:38 BST 2023] responseHeaders='HTTP/2 201 
server: nginx
date: Thu, 21 Sep 2023 16:49:38 GMT
content-type: application/json
content-length: 343
boulder-requester: 1320781896
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
location: https://acme-v02.api.letsencrypt.org/acme/order/1320781896/209935287726
replay-nonce: R3UB_MpOP3odb6rHGjxRsDQBGGvdsA9pSLVmzEbC-qV5kEPgibE
x-frame-options: DENY
strict-transport-security: max-age=604800

'
[Thu 21 Sep 17:49:38 BST 2023] code='201'
[Thu 21 Sep 17:49:38 BST 2023] original='{
  "status": "pending",
  "expires": "2023-09-28T16:49:38Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "abaisero.ddns.net"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/266636843756"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/1320781896/209935287726"
}'
[Thu 21 Sep 17:49:38 BST 2023] response='{"status":"pending","expires":"2023-09-28T16:49:38Z","identifiers":[{"type":"dns","value":"abaisero.ddns.net"}],"authorizations":["https://acme-v02.api.letsencrypt.org/acme/authz-v3/266636843756"],"finalize":"https://acme-v02.api.letsencrypt.org/acme/finalize/1320781896/209935287726"}'
[Thu 21 Sep 17:49:39 BST 2023] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/1320781896/209935287726'
[Thu 21 Sep 17:49:39 BST 2023] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/1320781896/209935287726'
[Thu 21 Sep 17:49:39 BST 2023] _authorizations_seg='https://acme-v02.api.letsencrypt.org/acme/authz-v3/266636843756'
[Thu 21 Sep 17:49:39 BST 2023] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/266636843756'
[Thu 21 Sep 17:49:39 BST 2023] =======Begin Send Signed Request=======
[Thu 21 Sep 17:49:39 BST 2023] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/266636843756'
[Thu 21 Sep 17:49:39 BST 2023] payload
[Thu 21 Sep 17:49:39 BST 2023] Use cached jwk for file: /home/abaisero/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
[Thu 21 Sep 17:49:39 BST 2023] Use _CACHED_NONCE='R3UB_MpOP3odb6rHGjxRsDQBGGvdsA9pSLVmzEbC-qV5kEPgibE'
[Thu 21 Sep 17:49:39 BST 2023] nonce='R3UB_MpOP3odb6rHGjxRsDQBGGvdsA9pSLVmzEbC-qV5kEPgibE'
[Thu 21 Sep 17:49:39 BST 2023] POST
[Thu 21 Sep 17:49:39 BST 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/266636843756'
[Thu 21 Sep 17:49:39 BST 2023] body='{"protected": "eyJub25jZSI6ICJSM1VCX01wT1Azb2RiNnJIR2p4UnNEUUJHR3Zkc0E5cFNMVm16RWJDLXFWNWtFUGdpYkUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzI2NjYzNjg0Mzc1NiIsICJhbGciOiAiRVMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTMyMDc4MTg5NiJ9", "payload": "", "signature": "m_GDsbAtRyM9z-zKu_XO8XSh5trCHbKra5a9bO4-Fzte0hJU4yVAZuClKjNGfhMneUXwTo3KyE-Yhs6Z-LiMXw"}'
[Thu 21 Sep 17:49:39 BST 2023] _postContentType='application/jose+json'
[Thu 21 Sep 17:49:39 BST 2023] Http already initialized.
[Thu 21 Sep 17:49:39 BST 2023] _CURL='curl --silent --dump-header /home/abaisero/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Z14Podg7T2  -g '
[Thu 21 Sep 17:49:39 BST 2023] _ret='0'
[Thu 21 Sep 17:49:39 BST 2023] responseHeaders='HTTP/2 200 
server: nginx
date: Thu, 21 Sep 2023 16:49:39 GMT
content-type: application/json
content-length: 801
boulder-requester: 1320781896
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: R3UB_MpOR3hVrOhiLSlzeu9hIPk-dj5NqeDJOqy5kdu5lgbB2ho
x-frame-options: DENY
strict-transport-security: max-age=604800

'
[Thu 21 Sep 17:49:39 BST 2023] code='200'
[Thu 21 Sep 17:49:39 BST 2023] original='{
  "identifier": {
    "type": "dns",
    "value": "abaisero.ddns.net"
  },
  "status": "pending",
  "expires": "2023-09-28T16:49:38Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/O68tWg",
      "token": "yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/K1ISlQ",
      "token": "yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A",
      "token": "yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"
    }
  ]
}'
[Thu 21 Sep 17:49:39 BST 2023] response='{"identifier":{"type":"dns","value":"abaisero.ddns.net"},"status":"pending","expires":"2023-09-28T16:49:38Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/O68tWg","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/K1ISlQ","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"}]}'
[Thu 21 Sep 17:49:39 BST 2023] response='{"identifier":{"type":"dns","value":"abaisero.ddns.net"},"status":"pending","expires":"2023-09-28T16:49:38Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/O68tWg","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/K1ISlQ","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"}]}'
[Thu 21 Sep 17:49:39 BST 2023] _d='abaisero.ddns.net'
[Thu 21 Sep 17:49:39 BST 2023] _authorizations_map='abaisero.ddns.net,{"identifier":{"type":"dns","value":"abaisero.ddns.net"},"status":"pending","expires":"2023-09-28T16:49:38Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/O68tWg","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/K1ISlQ","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"}]}#https://acme-v02.api.letsencrypt.org/acme/authz-v3/266636843756
'
[Thu 21 Sep 17:49:39 BST 2023] d='abaisero.ddns.net'
[Thu 21 Sep 17:49:39 BST 2023] Getting webroot for domain='abaisero.ddns.net'
[Thu 21 Sep 17:49:39 BST 2023] _w='alpn'
[Thu 21 Sep 17:49:39 BST 2023] _currentRoot='alpn'
[Thu 21 Sep 17:49:40 BST 2023] _is_idn_d='abaisero.ddns.net'
[Thu 21 Sep 17:49:40 BST 2023] _idn_temp
[Thu 21 Sep 17:49:40 BST 2023] _candidates='abaisero.ddns.net,{"identifier":{"type":"dns","value":"abaisero.ddns.net"},"status":"pending","expires":"2023-09-28T16:49:38Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/O68tWg","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/K1ISlQ","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"}]}#https://acme-v02.api.letsencrypt.org/acme/authz-v3/266636843756'
[Thu 21 Sep 17:49:40 BST 2023] response='{"identifier":{"type":"dns","value":"abaisero.ddns.net"},"status":"pending","expires":"2023-09-28T16:49:38Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/O68tWg","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/K1ISlQ","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"}]}#https://acme-v02.api.letsencrypt.org/acme/authz-v3/266636843756'
[Thu 21 Sep 17:49:40 BST 2023] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/266636843756'
[Thu 21 Sep 17:49:40 BST 2023] entry='"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"'
[Thu 21 Sep 17:49:40 BST 2023] token='yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs'
[Thu 21 Sep 17:49:40 BST 2023] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A'
[Thu 21 Sep 17:49:40 BST 2023] keyauthorization='yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs.AX72PmkPhlGKtk03c8E4aJFVABeqKpH9uU45ds68n-o'
[Thu 21 Sep 17:49:40 BST 2023] dvlist='abaisero.ddns.net#yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs.AX72PmkPhlGKtk03c8E4aJFVABeqKpH9uU45ds68n-o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A#tls-alpn-01#alpn#https://acme-v02.api.letsencrypt.org/acme/authz-v3/266636843756'
[Thu 21 Sep 17:49:40 BST 2023] d
[Thu 21 Sep 17:49:40 BST 2023] vlist='abaisero.ddns.net#yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs.AX72PmkPhlGKtk03c8E4aJFVABeqKpH9uU45ds68n-o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A#tls-alpn-01#alpn#https://acme-v02.api.letsencrypt.org/acme/authz-v3/266636843756,'
[Thu 21 Sep 17:49:40 BST 2023] d='abaisero.ddns.net'
[Thu 21 Sep 17:49:40 BST 2023] ok, let's start to verify
[Thu 21 Sep 17:49:40 BST 2023] Verifying: abaisero.ddns.net
[Thu 21 Sep 17:49:40 BST 2023] d='abaisero.ddns.net'
[Thu 21 Sep 17:49:40 BST 2023] keyauthorization='yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs.AX72PmkPhlGKtk03c8E4aJFVABeqKpH9uU45ds68n-o'
[Thu 21 Sep 17:49:40 BST 2023] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A'
[Thu 21 Sep 17:49:40 BST 2023] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/266636843756'
[Thu 21 Sep 17:49:40 BST 2023] _currentRoot='alpn'
[Thu 21 Sep 17:49:40 BST 2023] acmevalidationv1='c1a7b48c74086ef4daaa38535ce4fb1de6a4bec57aea81ce4ed9888c59cd9a1c'
[Thu 21 Sep 17:49:40 BST 2023] Starting tls server.
[Thu 21 Sep 17:49:40 BST 2023] san_a='abaisero.ddns.net'
[Thu 21 Sep 17:49:40 BST 2023] san_b
[Thu 21 Sep 17:49:40 BST 2023] port='443'
[Thu 21 Sep 17:49:40 BST 2023] acmeValidationv1='c1a7b48c74086ef4daaa38535ce4fb1de6a4bec57aea81ce4ed9888c59cd9a1c'
[Thu 21 Sep 17:49:40 BST 2023] _createkey for file:/home/abaisero/.acme.sh/abaisero.ddns.net_ecc/tls.validation.key
[Thu 21 Sep 17:49:40 BST 2023] Use length 2048
[Thu 21 Sep 17:49:40 BST 2023] Using RSA: 2048
[Thu 21 Sep 17:49:40 BST 2023] _createcsr
[Thu 21 Sep 17:49:40 BST 2023] domain='tls.acme.sh'
[Thu 21 Sep 17:49:40 BST 2023] domainlist='abaisero.ddns.net'
[Thu 21 Sep 17:49:40 BST 2023] csrkey='/home/abaisero/.acme.sh/abaisero.ddns.net_ecc/tls.validation.key'
[Thu 21 Sep 17:49:40 BST 2023] csr='/home/abaisero/.acme.sh/abaisero.ddns.net_ecc/tls.validation.csr'
[Thu 21 Sep 17:49:40 BST 2023] csrconf='/home/abaisero/.acme.sh/abaisero.ddns.net_ecc/tls.validation.conf'
[Thu 21 Sep 17:49:40 BST 2023] _is_idn_d='abaisero.ddns.net'
[Thu 21 Sep 17:49:40 BST 2023] _idn_temp
[Thu 21 Sep 17:49:40 BST 2023] domainlist='abaisero.ddns.net'
[Thu 21 Sep 17:49:40 BST 2023] seg='abaisero'
[Thu 21 Sep 17:49:40 BST 2023] _is_idn_d='tls.acme.sh'
[Thu 21 Sep 17:49:40 BST 2023] _idn_temp
[Thu 21 Sep 17:49:40 BST 2023] _csr_cn='tls.acme.sh'
[Thu 21 Sep 17:49:40 BST 2023] seg='tls'
[Thu 21 Sep 17:49:40 BST 2023] _signcsr
[Thu 21 Sep 17:49:40 BST 2023] Signature ok
subject=CN = tls.acme.sh
Getting Private key
[Thu 21 Sep 17:49:40 BST 2023] Le_Listen_V4
[Thu 21 Sep 17:49:40 BST 2023] Le_Listen_V6
[Thu 21 Sep 17:49:40 BST 2023] openssl s_server -www -cert /home/abaisero/.acme.sh/abaisero.ddns.net_ecc/tls.validation.cert  -key /home/abaisero/.acme.sh/abaisero.ddns.net_ecc/tls.validation.key  -accept 443 -alpn acme-tls/1
Using default temp DH parameters
548466391552:error:0200600D:system library:bind:Permission denied:../crypto/bio/b_sock2.c:161:
548466391552:error:20093075:BIO routines:BIO_bind:unable to bind socket:../crypto/bio/b_sock2.c:162:
   0 items in the session cache
   0 client connects (SSL_connect())
   0 client renegotiates (SSL_connect())
   0 client connects that finished
   0 server accepts (SSL_accept())
   0 server renegotiates (SSL_accept())
   0 server accepts that finished
   0 session cache hits
   0 session cache misses
   0 session cache timeouts
   0 callback cache hits
   0 cache full overflows (128 allowed)
[Thu 21 Sep 17:49:41 BST 2023] serverproc='94096'
[Thu 21 Sep 17:49:42 BST 2023] Trigger domain validation.
[Thu 21 Sep 17:49:42 BST 2023] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A'
[Thu 21 Sep 17:49:42 BST 2023] _t_key_authz='yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs.AX72PmkPhlGKtk03c8E4aJFVABeqKpH9uU45ds68n-o'
[Thu 21 Sep 17:49:42 BST 2023] _t_vtype='tls-alpn-01'
[Thu 21 Sep 17:49:42 BST 2023] =======Begin Send Signed Request=======
[Thu 21 Sep 17:49:42 BST 2023] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A'
[Thu 21 Sep 17:49:42 BST 2023] payload='{}'
[Thu 21 Sep 17:49:42 BST 2023] Use cached jwk for file: /home/abaisero/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
[Thu 21 Sep 17:49:42 BST 2023] Use _CACHED_NONCE='R3UB_MpOR3hVrOhiLSlzeu9hIPk-dj5NqeDJOqy5kdu5lgbB2ho'
[Thu 21 Sep 17:49:42 BST 2023] nonce='R3UB_MpOR3hVrOhiLSlzeu9hIPk-dj5NqeDJOqy5kdu5lgbB2ho'
[Thu 21 Sep 17:49:42 BST 2023] POST
[Thu 21 Sep 17:49:42 BST 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A'
[Thu 21 Sep 17:49:42 BST 2023] body='{"protected": "eyJub25jZSI6ICJSM1VCX01wT1IzaFZyT2hpTFNsemV1OWhJUGstZGo1TnFlREpPcXk1a2R1NWxnYkIyaG8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzI2NjYzNjg0Mzc1Ni91bWNtM0EiLCAiYWxnIjogIkVTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzEzMjA3ODE4OTYifQ", "payload": "e30", "signature": "YoS4YhhokqkmUFuV6Jl-59B2TGS3LpjTNnW6W_8OriRQ9zaLxdp9X3kRDHL_GfSPmxrweJ06Qtk9rnoM35Dv1w"}'
[Thu 21 Sep 17:49:42 BST 2023] _postContentType='application/jose+json'
[Thu 21 Sep 17:49:42 BST 2023] Http already initialized.
[Thu 21 Sep 17:49:42 BST 2023] _CURL='curl --silent --dump-header /home/abaisero/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Z14Podg7T2  -g '
[Thu 21 Sep 17:49:42 BST 2023] _ret='0'
[Thu 21 Sep 17:49:42 BST 2023] responseHeaders='HTTP/2 200 
server: nginx
date: Thu, 21 Sep 2023 16:49:42 GMT
content-type: application/json
content-length: 191
boulder-requester: 1320781896
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
link: <https://acme-v02.api.letsencrypt.org/acme/authz-v3/266636843756>;rel="up"
location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A
replay-nonce: k01JHcR-sslkwCTvAM1yjDnCSXbs_WAKWnI4eD8jvyxw7Q36tdY
x-frame-options: DENY
strict-transport-security: max-age=604800

'
[Thu 21 Sep 17:49:42 BST 2023] code='200'
[Thu 21 Sep 17:49:42 BST 2023] original='{
  "type": "tls-alpn-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A",
  "token": "yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"
}'
[Thu 21 Sep 17:49:42 BST 2023] response='{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"}'
[Thu 21 Sep 17:49:42 BST 2023] trigger validation code: 200
[Thu 21 Sep 17:49:42 BST 2023] Lets check the status of the authz
[Thu 21 Sep 17:49:42 BST 2023] original='{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"}'
[Thu 21 Sep 17:49:42 BST 2023] response='{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs"}'
[Thu 21 Sep 17:49:42 BST 2023] status='pending'
[Thu 21 Sep 17:49:42 BST 2023] Pending, The CA is processing your order, please just wait. (1/30)
[Thu 21 Sep 17:49:42 BST 2023] sleep 2 secs to verify again
[Thu 21 Sep 17:49:44 BST 2023] checking
[Thu 21 Sep 17:49:44 BST 2023] =======Begin Send Signed Request=======
[Thu 21 Sep 17:49:44 BST 2023] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/266636843756'
[Thu 21 Sep 17:49:44 BST 2023] payload
[Thu 21 Sep 17:49:44 BST 2023] Use cached jwk for file: /home/abaisero/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
[Thu 21 Sep 17:49:44 BST 2023] Use _CACHED_NONCE='k01JHcR-sslkwCTvAM1yjDnCSXbs_WAKWnI4eD8jvyxw7Q36tdY'
[Thu 21 Sep 17:49:44 BST 2023] nonce='k01JHcR-sslkwCTvAM1yjDnCSXbs_WAKWnI4eD8jvyxw7Q36tdY'
[Thu 21 Sep 17:49:45 BST 2023] POST
[Thu 21 Sep 17:49:45 BST 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/266636843756'
[Thu 21 Sep 17:49:45 BST 2023] body='{"protected": "eyJub25jZSI6ICJrMDFKSGNSLXNzbGt3Q1R2QU0xeWpEbkNTWGJzX1dBS1duSTRlRDhqdnl4dzdRMzZ0ZFkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzI2NjYzNjg0Mzc1NiIsICJhbGciOiAiRVMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTMyMDc4MTg5NiJ9", "payload": "", "signature": "uJKiRrbmbXZ59ZzV-2eqWUJ0ycd7ZOxmZH5JTs4eH0PqlVILBwOBXqmMssQ70hAIqu6uUe9fQ8iManwg3u-bYA"}'
[Thu 21 Sep 17:49:45 BST 2023] _postContentType='application/jose+json'
[Thu 21 Sep 17:49:45 BST 2023] Http already initialized.
[Thu 21 Sep 17:49:45 BST 2023] _CURL='curl --silent --dump-header /home/abaisero/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Z14Podg7T2  -g '
[Thu 21 Sep 17:49:45 BST 2023] _ret='0'
[Thu 21 Sep 17:49:45 BST 2023] responseHeaders='HTTP/2 200 
server: nginx
date: Thu, 21 Sep 2023 16:49:45 GMT
content-type: application/json
content-length: 819
boulder-requester: 1320781896
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: R3UB_MpOby07IUEkx_JcE4B_RrxW_PIsick3EzW0h_TGvNhIHFM
x-frame-options: DENY
strict-transport-security: max-age=604800

'
[Thu 21 Sep 17:49:45 BST 2023] code='200'
[Thu 21 Sep 17:49:45 BST 2023] original='{
  "identifier": {
    "type": "dns",
    "value": "abaisero.ddns.net"
  },
  "status": "invalid",
  "expires": "2023-09-28T16:49:38Z",
  "challenges": [
    {
      "type": "tls-alpn-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:connection",
        "detail": "130.44.132.50: Connection refused",
        "status": 400
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A",
      "token": "yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs",
      "validationRecord": [
        {
          "hostname": "abaisero.ddns.net",
          "port": "443",
          "addressesResolved": [
            "130.44.132.50"
          ],
          "addressUsed": "130.44.132.50"
        }
      ],
      "validated": "2023-09-21T16:49:42Z"
    }
  ]
}'
[Thu 21 Sep 17:49:45 BST 2023] response='{"identifier":{"type":"dns","value":"abaisero.ddns.net"},"status":"invalid","expires":"2023-09-28T16:49:38Z","challenges":[{"type":"tls-alpn-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:connection","detail":"130.44.132.50: Connection refused","status": 400},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs","validationRecord":[{"hostname":"abaisero.ddns.net","port":"443","addressesResolved":["130.44.132.50"],"addressUsed":"130.44.132.50"}],"validated":"2023-09-21T16:49:42Z"}]}'
[Thu 21 Sep 17:49:45 BST 2023] original='{"identifier":{"type":"dns","value":"abaisero.ddns.net"},"status":"invalid","expires":"2023-09-28T16:49:38Z","challenges":[{"type":"tls-alpn-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:connection","detail":"130.44.132.50: Connection refused","status": 400},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs","validationRecord":[{"hostname":"abaisero.ddns.net","port":"443","addressesResolved":["130.44.132.50"],"addressUsed":"130.44.132.50"}],"validated":"2023-09-21T16:49:42Z"}]}'
[Thu 21 Sep 17:49:45 BST 2023] response='{"identifier":{"type":"dns","value":"abaisero.ddns.net"},"status":"invalid","expires":"2023-09-28T16:49:38Z","challenges":[{"type":"tls-alpn-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:connection","detail":"130.44.132.50: Connection refused","status": 400},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A","token":"yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs","validationRecord":[{"hostname":"abaisero.ddns.net","port":"443","addressesResolved":["130.44.132.50"],"addressUsed":"130.44.132.50"}],"validated":"2023-09-21T16:49:42Z"}]}'
[Thu 21 Sep 17:49:45 BST 2023] status='invalid
invalid'
[Thu 21 Sep 17:49:45 BST 2023] error='"error":{"type":"urn:ietf:params:acme:error:connection","detail":"130.44.132.50: Connection refused","status": 400'
[Thu 21 Sep 17:49:45 BST 2023] errordetail='130.44.132.50: Connection refused'
[Thu 21 Sep 17:49:45 BST 2023] Invalid status, abaisero.ddns.net:Verify error detail:130.44.132.50: Connection refused
[Thu 21 Sep 17:49:45 BST 2023] Skip for removelevel:
[Thu 21 Sep 17:49:45 BST 2023] pid='94096'
/home/abaisero/.acme.sh/acme.sh: line 2538: kill: (94096) - No such process
[Thu 21 Sep 17:49:45 BST 2023] No need to restore nginx, skip.
[Thu 21 Sep 17:49:45 BST 2023] _clearupdns
[Thu 21 Sep 17:49:45 BST 2023] dns_entries
[Thu 21 Sep 17:49:45 BST 2023] skip dns.
[Thu 21 Sep 17:49:45 BST 2023] _on_issue_err
[Thu 21 Sep 17:49:45 BST 2023] Please add '--debug' or '--log' to check more details.
[Thu 21 Sep 17:49:45 BST 2023] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
[Thu 21 Sep 17:49:45 BST 2023] _chk_vlist='abaisero.ddns.net#yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs.AX72PmkPhlGKtk03c8E4aJFVABeqKpH9uU45ds68n-o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A#tls-alpn-01#alpn#https://acme-v02.api.letsencrypt.org/acme/authz-v3/266636843756,'
[Thu 21 Sep 17:49:45 BST 2023] start to deactivate authz
[Thu 21 Sep 17:49:45 BST 2023] Trigger domain validation.
[Thu 21 Sep 17:49:45 BST 2023] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A'
[Thu 21 Sep 17:49:45 BST 2023] _t_key_authz='yyfX3e-FwR4_ylKc65lukYCCncJPJqEdPN7p9M4BXTs.AX72PmkPhlGKtk03c8E4aJFVABeqKpH9uU45ds68n-o'
[Thu 21 Sep 17:49:45 BST 2023] _t_vtype
[Thu 21 Sep 17:49:45 BST 2023] =======Begin Send Signed Request=======
[Thu 21 Sep 17:49:45 BST 2023] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A'
[Thu 21 Sep 17:49:45 BST 2023] payload='{}'
[Thu 21 Sep 17:49:45 BST 2023] Use cached jwk for file: /home/abaisero/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
[Thu 21 Sep 17:49:45 BST 2023] Use _CACHED_NONCE='R3UB_MpOby07IUEkx_JcE4B_RrxW_PIsick3EzW0h_TGvNhIHFM'
[Thu 21 Sep 17:49:45 BST 2023] nonce='R3UB_MpOby07IUEkx_JcE4B_RrxW_PIsick3EzW0h_TGvNhIHFM'
[Thu 21 Sep 17:49:46 BST 2023] POST
[Thu 21 Sep 17:49:46 BST 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/266636843756/umcm3A'
[Thu 21 Sep 17:49:46 BST 2023] body='{"protected": "eyJub25jZSI6ICJSM1VCX01wT2J5MDdJVUVreF9KY0U0Ql9ScnhXX1BJc2ljazNFelcwaF9UR3ZOaElIRk0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzI2NjYzNjg0Mzc1Ni91bWNtM0EiLCAiYWxnIjogIkVTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzEzMjA3ODE4OTYifQ", "payload": "e30", "signature": "RVArRZ7oM7KoAkVUKxe9UQnSeP_vAm4JlOTXIJZHqbB1BVrqDnD8yMmZwsrhLRKO9kUtRvFeIlQP0hGW4f-Miw"}'
[Thu 21 Sep 17:49:46 BST 2023] _postContentType='application/jose+json'
[Thu 21 Sep 17:49:46 BST 2023] Http already initialized.
[Thu 21 Sep 17:49:46 BST 2023] _CURL='curl --silent --dump-header /home/abaisero/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.Z14Podg7T2  -g '
[Thu 21 Sep 17:49:46 BST 2023] _ret='0'
[Thu 21 Sep 17:49:46 BST 2023] responseHeaders='HTTP/2 400 
server: nginx
date: Thu, 21 Sep 2023 16:49:46 GMT
content-type: application/problem+json
content-length: 144
boulder-requester: 1320781896
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: ZKFe2RaL7zwv86FLKNB5vGdg-TX_DNIjGoxTC-BbOQsYqTkh4n8

'
[Thu 21 Sep 17:49:46 BST 2023] code='400'
[Thu 21 Sep 17:49:46 BST 2023] original='{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Unable to update challenge :: authorization must be pending",
  "status": 400
}'
[Thu 21 Sep 17:49:46 BST 2023] response='{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Unable to update challenge :: authorization must be pending",
  "status": 400
}'
[Thu 21 Sep 17:49:46 BST 2023] Diagnosis versions: 
openssl:openssl
OpenSSL 1.1.1n  15 Mar 2022
apache:
apache doesn't exist.
nginx:
nginx doesn't exist.
socat:
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
socat version 1.7.4.1 on Feb  3 2021 12:58:17
   running on Linux version #1642 SMP PREEMPT Mon Apr  3 17:24:16 BST 2023, release 6.1.21-v8+, machine aarch64
features:
  #define WITH_STDIO 1
  #define WITH_FDNUM 1
  #define WITH_FILE 1
  #define WITH_CREAT 1
  #define WITH_GOPEN 1
  #define WITH_TERMIOS 1
  #define WITH_PIPE 1
  #define WITH_UNIX 1
  #define WITH_ABSTRACT_UNIXSOCKET 1
  #define WITH_IP4 1
  #define WITH_IP6 1
  #define WITH_RAWIP 1
  #define WITH_GENERICSOCKET 1
  #define WITH_INTERFACE 1
  #define WITH_TCP 1
  #define WITH_UDP 1
  #define WITH_SCTP 1
  #define WITH_LISTEN 1
  #define WITH_SOCKS4 1
  #define WITH_SOCKS4A 1
  #define WITH_VSOCK 1
  #define WITH_PROXY 1
  #define WITH_SYSTEM 1
  #define WITH_EXEC 1
  #undef WITH_READLINE
  #define WITH_TUN 1
  #define WITH_PTY 1
  #define WITH_OPENSSL 1
  #undef WITH_FIPS
  #define WITH_LIBWRAP 1
  #define WITH_SYCLS 1
  #define WITH_FILAN 1
  #define WITH_RETRY 1
  #define WITH_MSGLEVEL 0 /*debug*/
github-actions[bot] commented 1 year ago

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.

abaisero commented 1 year ago

I've already done both of those things