search

acmesh-official / acme.sh

A pure Unix shell script implementing ACME client protocol
https://acme.sh
GNU General Public License v3.0
39.19k stars 4.96k forks source link

Is manual mode not broken? #4887

Open zerkms opened 11 months ago

zerkms commented 11 months ago

In the code at the moment I see the following check:

https://github.com/acmesh-official/acme.sh/blob/377a37e4c9c23bb6988fe5f8863f21b19d3e3a40/acme.sh#L4830-L4839

So it depends on the $dnsadded value being 0. dnsadded='1' only happens if the dns api is used.

Hence a question: is manual mode still available in 3.0.x?

Steps to reproduce

Debug log

Corresponding log for --renew command:


[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:issue:4746        d='*.xxx'
[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:issue:4762        _d_alias
[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:issue:4775        txtdomain='_acme-challenge.xxx'
[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:_base64:977       base64 single line.
[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:issue:4777        txt='L7Qi_42FmjafWRJS1sdW4vdozgP0L5MrAKV3tyhCTD4'
[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:issue:4780        d_api
[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:issue:4783        dns_entry='xxx,_acme-challenge.xxx,,dns,L7Qi_42FmjafWRJS1sdW4vdozgP0L5MrAKV3tyhCTD4,'
[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:_setopt:2321      APP
[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:_setopt:2324      17:Le_Vlist='*.xxx#HqOd0qTsH4hes91eqkMSc2PifELzeMPzQOpubnJo6JY.9p_tAyhjSEX7GinTY_OXEWOoQNVetqeFd0GO_chOrUk#https://acme-v02.api.letsencrypt.org/acme/chall-v3/288478118236/ueAj0g#dns-01#dns#https://acme-v02.api.letsencrypt.org/acme/authz-v3/288478118236,'
[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:issue:4832        Dns record not added yet, so, save to /acme.sh-certs/*.xxx/*.xxx.conf and exit.
[Tue Nov 28 22:04:31 UTC 2023] Please add the TXT records to the domains, and re-run with --renew.
[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:_on_issue_err:3552 _on_issue_err
[Tue Nov 28 22:04:31 UTC 2023] Please add '--debug' or '--log' to check more details.
[Tue Nov 28 22:04:31 UTC 2023] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:_on_issue_err:3573 _chk_vlist
[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:_hasfield:482     'dns' contains 'dns'
[Tue Nov 28 22:04:31 UTC 2023] The dns manual mode can not renew automatically, you must issue it again manually. You'd better use the other modes instead.
[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:_exists:534       openssl exists=0
[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:_exists:534       nginx exists=1
[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:_exists:534       socat exists=1
[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:_dlg_versions:252 socat doesn't exist.
[Tue Nov 28 22:04:31 UTC 2023] /usr/local/bin/acme.sh:_on_issue_err:3594 Diagnosis versions: 

➜ dig +short TXT _acme-challenge.xxx @1.1.1.1
"L7Qi_42FmjafWRJS1sdW4vdozgP0L5MrAKV3tyhCTD4"

(the real domain name is redacted with xxx)

github-actions[bot] commented 11 months ago

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.