search

acmesh-official / acme.sh

A pure Unix shell script implementing ACME client protocol
https://acme.sh
GNU General Public License v3.0
38.53k stars 4.9k forks source link

Could not get nonce, let's try again -- when using wget2; wget & curl OK #4846

Open pgnd opened 10 months ago

pgnd commented 10 months ago

with

    ./acme.sh --version
        https://github.com/acmesh-official/acme.sh
        v3.0.7

using either 

    curl -V
        curl 8.4.0 (x86_64-redhat-linux-gnu) libcurl/8.4.0 OpenSSL/3.0.9 zlib/1.2.13 brotli/1.0.9 libidn2/2.3.4 libpsl/0.21.2 (+libidn2/2.3.4) libssh/0.10.5/openssl/zlib nghttp2/1.52.0 OpenLDAP/2.6.6
        Release-Date: 2023-10-11
        Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp ws wss
        Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM PSL SPNEGO SSL threadsafe TLS-SRP UnixSockets

or

    wget --version
        GNU Wget 1.21.3 built on linux-gnu.

        -cares +digest +gpgme +https +ipv6 +iri +large-file +metalink +nls
        +ntlm +opie +psl +ssl/gnutls

works as always

if, instead, using 'next' wget, aka wget2 (see: https://gitlab.com/gnuwget/wget2; and, no it's not widely used yet ...),

    wget2 --version
        GNU Wget2 2.1.0 - multithreaded metalink/file/website downloader

        +digest +https +ssl/gnutls +ipv6 +iri +large-file +nls -ntlm -opie +psl -hsts
        +iconv +idn2 +zlib -lzma +brotlidec +zstd -bzip2 -lzip +http2 +gpgme

    ls -al `which wget`
        lrwxrwxrwx 1 root root 14 Sep  1 17:40 /usr/local/bin/wget -> /usr/bin/wget2*

can't issue/renew certs; fails @

"Could not get nonce, let's try again."

@ log:

    [Mon Oct 30 03:14:33 AM EDT 2023] HEAD
    [Mon Oct 30 03:14:33 AM EDT 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
    [Mon Oct 30 03:14:33 AM EDT 2023] _WGET='wget -q --content-on-error  --read-timeout=3.0  --tries=2  '
    [Mon Oct 30 03:14:34 AM EDT 2023] Using sed  -i
    [Mon Oct 30 03:14:34 AM EDT 2023] _ret='0'
    [Mon Oct 30 03:14:34 AM EDT 2023] GET
    [Mon Oct 30 03:14:34 AM EDT 2023] url='https://acme-v02.api.letsencrypt.org/directory'
    [Mon Oct 30 03:14:34 AM EDT 2023] timeout=
    [Mon Oct 30 03:14:34 AM EDT 2023] _WGET='wget -q --content-on-error '
    [Mon Oct 30 03:14:34 AM EDT 2023] ret='0'
    [Mon Oct 30 03:14:34 AM EDT 2023] GET
    [Mon Oct 30 03:14:34 AM EDT 2023] url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
    [Mon Oct 30 03:14:34 AM EDT 2023] timeout=
    [Mon Oct 30 03:14:34 AM EDT 2023] _WGET='wget -q --content-on-error '
    [Mon Oct 30 03:14:35 AM EDT 2023] ret='0'
    [Mon Oct 30 03:14:35 AM EDT 2023] Could not get nonce, let's try again.

not yet clear if particular cmd-line option(s) solve the problem, or an actual issue with wget.

github-actions[bot] commented 10 months ago

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.

pgnd commented 10 months ago

is IS the latest version

it IS the debug=2 level log