search

acmesh-official / acme.sh

A pure Unix shell script implementing ACME client protocol
https://acme.sh
GNU General Public License v3.0
39.41k stars 4.98k forks source link

Non-existent error code 139,resulting in application failure #5134

Closed avsba001 closed 1 month ago

avsba001 commented 6 months ago

Steps to reproduce

I don't know how to reproduce it because it only appears on this computer

Debug log

[Sun May  5 10:00:26 PM CST 2024] Lets find script dir.
[Sun May  5 10:00:26 PM CST 2024] _SCRIPT_='./acme.sh'
[Sun May  5 10:00:26 PM CST 2024] _script='/root/acme.sh/acme.sh'
[Sun May  5 10:00:26 PM CST 2024] _script_home='/root/acme.sh'
[Sun May  5 10:00:26 PM CST 2024] Using config home:/root/.acme.sh
[Sun May  5 10:00:26 PM CST 2024] LE_WORKING_DIR='/root/.acme.sh'
https://github.com/acmesh-official/acme.sh
v3.0.8
[Sun May  5 10:00:26 PM CST 2024] Running cmd: renew
[Sun May  5 10:00:26 PM CST 2024] _renewServer
[Sun May  5 10:00:26 PM CST 2024] Using config home:/root/.acme.sh
[Sun May  5 10:00:26 PM CST 2024] default_acme_server='https://acme-v02.api.letsencrypt.org/directory'
[Sun May  5 10:00:26 PM CST 2024] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Sun May  5 10:00:26 PM CST 2024] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Sun May  5 10:00:26 PM CST 2024] _ACME_SERVER_PATH='directory'
[Sun May  5 10:00:26 PM CST 2024] The domain 'zhangxiong.work' seems to have a ECC cert already, lets use ecc cert.
[Sun May  5 10:00:26 PM CST 2024] DOMAIN_PATH='/root/.acme.sh/zhangxiong.work_ecc'
[Sun May  5 10:00:26 PM CST 2024] Renew: 'zhangxiong.work'
[Sun May  5 10:00:26 PM CST 2024] Le_API='https://acme-v02.api.letsencrypt.org/directory'
[Sun May  5 10:00:26 PM CST 2024] Renew to Le_API=https://acme-v02.api.letsencrypt.org/directory
[Sun May  5 10:00:26 PM CST 2024] initpath again.
[Sun May  5 10:00:26 PM CST 2024] Using config home:/root/.acme.sh
[Sun May  5 10:00:26 PM CST 2024] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Sun May  5 10:00:26 PM CST 2024] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Sun May  5 10:00:26 PM CST 2024] _ACME_SERVER_PATH='directory'
[Sun May  5 10:00:26 PM CST 2024] _main_domain='zhangxiong.work'
[Sun May  5 10:00:26 PM CST 2024] _alt_domains='*.zhangxiong.work'
[Sun May  5 10:00:26 PM CST 2024] 'dns' contains 'dns'
[Sun May  5 10:00:26 PM CST 2024] 'dns' contains 'dns'
[Sun May  5 10:00:26 PM CST 2024] Le_NextRenewTime
[Sun May  5 10:00:26 PM CST 2024] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Sun May  5 10:00:26 PM CST 2024] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Sun May  5 10:00:26 PM CST 2024] GET
[Sun May  5 10:00:26 PM CST 2024] url='https://acme-v02.api.letsencrypt.org/directory'
[Sun May  5 10:00:26 PM CST 2024] timeout=
[Sun May  5 10:00:27 PM CST 2024] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.JzgkY1CWUJ  -g '
[Sun May  5 10:00:27 PM CST 2024] ret='0'
[Sun May  5 10:00:27 PM CST 2024] response='{
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-02/renewalInfo/",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert",
  "s8h5ejk1hwE": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417"
}'
[Sun May  5 10:00:27 PM CST 2024] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Sun May  5 10:00:27 PM CST 2024] ACME_NEW_AUTHZ
[Sun May  5 10:00:27 PM CST 2024] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Sun May  5 10:00:27 PM CST 2024] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Sun May  5 10:00:27 PM CST 2024] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Sun May  5 10:00:27 PM CST 2024] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf'
[Sun May  5 10:00:27 PM CST 2024] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Sun May  5 10:00:28 PM CST 2024] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Sun May  5 10:00:28 PM CST 2024] _on_before_issue
[Sun May  5 10:00:28 PM CST 2024] _chk_main_domain='zhangxiong.work'
[Sun May  5 10:00:28 PM CST 2024] _chk_alt_domains='*.zhangxiong.work'
[Sun May  5 10:00:28 PM CST 2024] 'dns' does not contain 'no'
[Sun May  5 10:00:28 PM CST 2024] Le_LocalAddress
[Sun May  5 10:00:28 PM CST 2024] d='zhangxiong.work'
[Sun May  5 10:00:28 PM CST 2024] Check for domain='zhangxiong.work'
[Sun May  5 10:00:28 PM CST 2024] _currentRoot='dns'
[Sun May  5 10:00:28 PM CST 2024] d='*.zhangxiong.work'
[Sun May  5 10:00:28 PM CST 2024] Check for domain='*.zhangxiong.work'
[Sun May  5 10:00:28 PM CST 2024] _currentRoot='dns'
[Sun May  5 10:00:28 PM CST 2024] d
[Sun May  5 10:00:28 PM CST 2024] 'dns' does not contain 'apache'
[Sun May  5 10:00:28 PM CST 2024] _saved_account_key_hash='rxo4MM7sE2jIALMf8Ss0sWeSD2NHRIstWLpueBKt2nA='
[Sun May  5 10:00:28 PM CST 2024] _saved_account_key_hash is not changed, skip register account.
[Sun May  5 10:00:28 PM CST 2024] Read key length:ec-256
[Sun May  5 10:00:28 PM CST 2024] _createcsr
[Sun May  5 10:00:28 PM CST 2024] domain='zhangxiong.work'
[Sun May  5 10:00:28 PM CST 2024] domainlist='*.zhangxiong.work'
[Sun May  5 10:00:28 PM CST 2024] csrkey='/root/.acme.sh/zhangxiong.work_ecc/zhangxiong.work.key'
[Sun May  5 10:00:28 PM CST 2024] csr='/root/.acme.sh/zhangxiong.work_ecc/zhangxiong.work.csr'
[Sun May  5 10:00:28 PM CST 2024] csrconf='/root/.acme.sh/zhangxiong.work_ecc/zhangxiong.work.csr.conf'
[Sun May  5 10:00:28 PM CST 2024] _is_idn_d='*.zhangxiong.work'
[Sun May  5 10:00:28 PM CST 2024] _idn_temp
[Sun May  5 10:00:28 PM CST 2024] domainlist='*.zhangxiong.work'
[Sun May  5 10:00:28 PM CST 2024] seg='zhangxiong'
[Sun May  5 10:00:28 PM CST 2024] _is_idn_d='zhangxiong.work'
[Sun May  5 10:00:28 PM CST 2024] _idn_temp
[Sun May  5 10:00:28 PM CST 2024] seg='acme.sh'
[Sun May  5 10:00:28 PM CST 2024] Multi domain='DNS:zhangxiong.work,DNS:*.zhangxiong.work'
[Sun May  5 10:00:28 PM CST 2024] _is_idn_d='zhangxiong.work'
[Sun May  5 10:00:28 PM CST 2024] _idn_temp
[Sun May  5 10:00:28 PM CST 2024] _csr_cn='zhangxiong.work'
[Sun May  5 10:00:28 PM CST 2024] seg='zhangxiong'
[Sun May  5 10:00:28 PM CST 2024] Getting domain auth token for each domain
[Sun May  5 10:00:28 PM CST 2024] seg='zhangxiong'
[Sun May  5 10:00:28 PM CST 2024] _is_idn_d='zhangxiong.work'
[Sun May  5 10:00:28 PM CST 2024] _idn_temp
[Sun May  5 10:00:28 PM CST 2024] d='*.zhangxiong.work'
[Sun May  5 10:00:28 PM CST 2024] seg='acme.sh'
[Sun May  5 10:00:28 PM CST 2024] _is_idn_d='*.zhangxiong.work'
[Sun May  5 10:00:28 PM CST 2024] _idn_temp
[Sun May  5 10:00:28 PM CST 2024] d
[Sun May  5 10:00:28 PM CST 2024] _identifiers='{"type":"dns","value":"zhangxiong.work"},{"type":"dns","value":"*.zhangxiong.work"}'
[Sun May  5 10:00:28 PM CST 2024] _notBefore
[Sun May  5 10:00:28 PM CST 2024] _notAfter
[Sun May  5 10:00:28 PM CST 2024] STEP 1, Ordering a Certificate
[Sun May  5 10:00:28 PM CST 2024] =======Begin Send Signed Request=======
[Sun May  5 10:00:28 PM CST 2024] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Sun May  5 10:00:28 PM CST 2024] payload='{"identifiers": [{"type":"dns","value":"zhangxiong.work"},{"type":"dns","value":"*.zhangxiong.work"}]}'
[Sun May  5 10:00:28 PM CST 2024] EC key
[Sun May  5 10:00:28 PM CST 2024] _URGLY_PRINTF
[Sun May  5 10:00:28 PM CST 2024] xargs
[Sun May  5 10:00:28 PM CST 2024] _URGLY_PRINTF
[Sun May  5 10:00:28 PM CST 2024] xargs
[Sun May  5 10:00:28 PM CST 2024] Get nonce with HEAD. ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Sun May  5 10:00:28 PM CST 2024] HEAD
[Sun May  5 10:00:28 PM CST 2024] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Sun May  5 10:00:28 PM CST 2024] body
[Sun May  5 10:00:28 PM CST 2024] _postContentType='application/jose+json'
[Sun May  5 10:00:28 PM CST 2024] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.9MhWJrwUut  -g  -I  '
[Sun May  5 10:00:29 PM CST 2024] _ret='0'
[Sun May  5 10:00:29 PM CST 2024] _headers='HTTP/2 200 
server: nginx
date: Sun, 05 May 2024 14:00:29 GMT
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: Gy4YNW4qb8-rQ--bR6-8elaqSQWdqOeJA9Ruqit1AZkjVL-nVl4
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Sun May  5 10:00:29 PM CST 2024] _CACHED_NONCE='Gy4YNW4qb8-rQ--bR6-8elaqSQWdqOeJA9Ruqit1AZkjVL-nVl4'
[Sun May  5 10:00:29 PM CST 2024] nonce='Gy4YNW4qb8-rQ--bR6-8elaqSQWdqOeJA9Ruqit1AZkjVL-nVl4'
[Sun May  5 10:00:29 PM CST 2024] _URGLY_PRINTF
[Sun May  5 10:00:29 PM CST 2024] xargs
[Sun May  5 10:00:29 PM CST 2024] POST
[Sun May  5 10:00:29 PM CST 2024] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Sun May  5 10:00:29 PM CST 2024] body='{"protected": "eyJub25jZSI6ICJHeTRZTlc0cWI4LXJRLS1iUjYtOGVsYXFTUVdkcU9lSkE5UnVxaXQxQVpralZMLW5WbDQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciIsICJhbGciOiAiRVMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTcwOTk2MzQ1NyJ9", "payload": "eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6InpoYW5neGlvbmcud29yayJ9LHsidHlwZSI6ImRucyIsInZhbHVlIjoiKi56aGFuZ3hpb25nLndvcmsifV19", "signature": "FBajF-u_LqwLKy6bTBLWIYizFzLF9aKCkt9DOmpWS-8OTOHL7-3oHa9tUhc7ssgL8x5etKUXYBeDWpIElB9J4g"}'
[Sun May  5 10:00:29 PM CST 2024] _postContentType='application/jose+json'
[Sun May  5 10:00:29 PM CST 2024] Http already initialized.
[Sun May  5 10:00:29 PM CST 2024] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.9MhWJrwUut  -g '
[Sun May  5 10:00:30 PM CST 2024] _ret='0'
[Sun May  5 10:00:30 PM CST 2024] responseHeaders='HTTP/2 201 
server: nginx
date: Sun, 05 May 2024 14:00:30 GMT
content-type: application/json
content-length: 479
boulder-requester: 1709963457
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
location: https://acme-v02.api.letsencrypt.org/acme/order/1709963457/266810976747
replay-nonce: R8tUGx_Z_wh3kN9z58CmGulvWB69-yhF9sobn6-hyWNFIMC6qOg
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Sun May  5 10:00:30 PM CST 2024] code='201'
[Sun May  5 10:00:30 PM CST 2024] original='{
  "status": "ready",
  "expires": "2024-05-12T14:00:30Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "*.zhangxiong.work"
    },
    {
      "type": "dns",
      "value": "zhangxiong.work"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718457",
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718467"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/1709963457/266810976747"
}'
[Sun May  5 10:00:30 PM CST 2024] response='{"status":"ready","expires":"2024-05-12T14:00:30Z","identifiers":[{"type":"dns","value":"*.zhangxiong.work"},{"type":"dns","value":"zhangxiong.work"}],"authorizations":["https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718457","https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718467"],"finalize":"https://acme-v02.api.letsencrypt.org/acme/finalize/1709963457/266810976747"}'
[Sun May  5 10:00:30 PM CST 2024] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/1709963457/266810976747'
[Sun May  5 10:00:30 PM CST 2024] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/1709963457/266810976747'
[Sun May  5 10:00:30 PM CST 2024] _authorizations_seg='https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718457,https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718467'
[Sun May  5 10:00:30 PM CST 2024] STEP 2, Get the authorizations of each domain
[Sun May  5 10:00:30 PM CST 2024] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718457'
[Sun May  5 10:00:30 PM CST 2024] =======Begin Send Signed Request=======
[Sun May  5 10:00:30 PM CST 2024] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718457'
[Sun May  5 10:00:30 PM CST 2024] payload
[Sun May  5 10:00:30 PM CST 2024] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
[Sun May  5 10:00:30 PM CST 2024] Use _CACHED_NONCE='R8tUGx_Z_wh3kN9z58CmGulvWB69-yhF9sobn6-hyWNFIMC6qOg'
[Sun May  5 10:00:30 PM CST 2024] nonce='R8tUGx_Z_wh3kN9z58CmGulvWB69-yhF9sobn6-hyWNFIMC6qOg'
[Sun May  5 10:00:30 PM CST 2024] _URGLY_PRINTF
[Sun May  5 10:00:30 PM CST 2024] xargs
[Sun May  5 10:00:30 PM CST 2024] POST
[Sun May  5 10:00:30 PM CST 2024] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718457'
[Sun May  5 10:00:30 PM CST 2024] body='{"protected": "eyJub25jZSI6ICJSOHRVR3hfWl93aDNrTjl6NThDbUd1bHZXQjY5LXloRjlzb2JuNi1oeVdORklNQzZxT2ciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzM0Njk5ODcxODQ1NyIsICJhbGciOiAiRVMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTcwOTk2MzQ1NyJ9", "payload": "", "signature": "j28VNkjidT4p_uOfaAQBzTUpvPbkJyIIyR8LNKj77ATyu1eyie2RR0xbr_YnDsjP1CTfQbcGGyrE-VYlDojK4g"}'
[Sun May  5 10:00:30 PM CST 2024] _postContentType='application/jose+json'
[Sun May  5 10:00:30 PM CST 2024] Http already initialized.
[Sun May  5 10:00:30 PM CST 2024] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.9MhWJrwUut  -g '
[Sun May  5 10:00:31 PM CST 2024] _ret='0'
[Sun May  5 10:00:31 PM CST 2024] responseHeaders='HTTP/2 200 
server: nginx
date: Sun, 05 May 2024 14:00:31 GMT
content-type: application/json
content-length: 598
boulder-requester: 1709963457
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: Gy4YNW4qMUohA_-TTJxNCZmhpgkqdqv-w2GHMpQNd6dzAj9Hmc4
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Sun May  5 10:00:31 PM CST 2024] code='200'
[Sun May  5 10:00:31 PM CST 2024] original='{
  "identifier": {
    "type": "dns",
    "value": "zhangxiong.work"
  },
  "status": "valid",
  "expires": "2024-06-04T13:59:33Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "valid",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/346998718457/SiPx4g",
      "token": "KJip5KgbY1Y-D8BcFCiBICBcxGEbq1sXBE7YXKiqeRA",
      "validationRecord": [
        {
          "hostname": "zhangxiong.work",
          "resolverAddrs": [
            "10.0.12.82:22757"
          ]
        }
      ],
      "validated": "2024-05-05T13:59:32Z"
    }
  ],
  "wildcard": true
}'
[Sun May  5 10:00:31 PM CST 2024] response='{"identifier":{"type":"dns","value":"zhangxiong.work"},"status":"valid","expires":"2024-06-04T13:59:33Z","challenges":[{"type":"dns-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/346998718457/SiPx4g","token":"KJip5KgbY1Y-D8BcFCiBICBcxGEbq1sXBE7YXKiqeRA","validationRecord":[{"hostname":"zhangxiong.work","resolverAddrs":["10.0.12.82:22757"]}],"validated":"2024-05-05T13:59:32Z"}],"wildcard": true}'
[Sun May  5 10:00:31 PM CST 2024] response='{"identifier":{"type":"dns","value":"zhangxiong.work"},"status":"valid","expires":"2024-06-04T13:59:33Z","challenges":[{"type":"dns-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/346998718457/SiPx4g","token":"KJip5KgbY1Y-D8BcFCiBICBcxGEbq1sXBE7YXKiqeRA","validationRecord":[{"hostname":"zhangxiong.work","resolverAddrs":["10.0.12.82:22757"]}],"validated":"2024-05-05T13:59:32Z"}],"wildcard": true}'
[Sun May  5 10:00:31 PM CST 2024] _d='*.zhangxiong.work'
[Sun May  5 10:00:31 PM CST 2024] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718467'
[Sun May  5 10:00:31 PM CST 2024] =======Begin Send Signed Request=======
[Sun May  5 10:00:31 PM CST 2024] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718467'
[Sun May  5 10:00:31 PM CST 2024] payload
[Sun May  5 10:00:31 PM CST 2024] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
[Sun May  5 10:00:31 PM CST 2024] Use _CACHED_NONCE='Gy4YNW4qMUohA_-TTJxNCZmhpgkqdqv-w2GHMpQNd6dzAj9Hmc4'
[Sun May  5 10:00:31 PM CST 2024] nonce='Gy4YNW4qMUohA_-TTJxNCZmhpgkqdqv-w2GHMpQNd6dzAj9Hmc4'
[Sun May  5 10:00:31 PM CST 2024] _URGLY_PRINTF
[Sun May  5 10:00:31 PM CST 2024] xargs
[Sun May  5 10:00:31 PM CST 2024] POST
[Sun May  5 10:00:31 PM CST 2024] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718467'
[Sun May  5 10:00:31 PM CST 2024] body='{"protected": "eyJub25jZSI6ICJHeTRZTlc0cU1Vb2hBXy1UVEp4TkNabWhwZ2txZHF2LXcyR0hNcFFOZDZkekFqOUhtYzQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzM0Njk5ODcxODQ2NyIsICJhbGciOiAiRVMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTcwOTk2MzQ1NyJ9", "payload": "", "signature": "kJIBU4dP6y9rrq5HLXlOox9qZIRYXqnRomTInEsf3LGPouG3WNo7bcEKoh4hKIrnhVsVd5ZK0zLKcW2jGWz4CA"}'
[Sun May  5 10:00:31 PM CST 2024] _postContentType='application/jose+json'
[Sun May  5 10:00:31 PM CST 2024] Http already initialized.
[Sun May  5 10:00:31 PM CST 2024] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.9MhWJrwUut  -g '
[Sun May  5 10:00:33 PM CST 2024] _ret='0'
[Sun May  5 10:00:33 PM CST 2024] responseHeaders='HTTP/2 200 
server: nginx
date: Sun, 05 May 2024 14:00:33 GMT
content-type: application/json
content-length: 578
boulder-requester: 1709963457
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: KBbvukTeSBd6okJC4Hf_UsXBEZZxzvhzcKwfsZbX5bON_C_68Ts
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Sun May  5 10:00:33 PM CST 2024] code='200'
[Sun May  5 10:00:33 PM CST 2024] original='{
  "identifier": {
    "type": "dns",
    "value": "zhangxiong.work"
  },
  "status": "valid",
  "expires": "2024-06-04T13:59:28Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "valid",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/346998718467/hwCodA",
      "token": "EzdIIfq3TQ65gwCzlUKixen4kZvTZvw8mCee1z7-KGs",
      "validationRecord": [
        {
          "hostname": "zhangxiong.work",
          "resolverAddrs": [
            "10.0.12.89:20043"
          ]
        }
      ],
      "validated": "2024-05-05T13:59:28Z"
    }
  ]
}'
[Sun May  5 10:00:33 PM CST 2024] response='{"identifier":{"type":"dns","value":"zhangxiong.work"},"status":"valid","expires":"2024-06-04T13:59:28Z","challenges":[{"type":"dns-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/346998718467/hwCodA","token":"EzdIIfq3TQ65gwCzlUKixen4kZvTZvw8mCee1z7-KGs","validationRecord":[{"hostname":"zhangxiong.work","resolverAddrs":["10.0.12.89:20043"]}],"validated":"2024-05-05T13:59:28Z"}]}'
[Sun May  5 10:00:33 PM CST 2024] response='{"identifier":{"type":"dns","value":"zhangxiong.work"},"status":"valid","expires":"2024-06-04T13:59:28Z","challenges":[{"type":"dns-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/346998718467/hwCodA","token":"EzdIIfq3TQ65gwCzlUKixen4kZvTZvw8mCee1z7-KGs","validationRecord":[{"hostname":"zhangxiong.work","resolverAddrs":["10.0.12.89:20043"]}],"validated":"2024-05-05T13:59:28Z"}]}'
[Sun May  5 10:00:33 PM CST 2024] _d='zhangxiong.work'
[Sun May  5 10:00:33 PM CST 2024] _authorizations_map='zhangxiong.work,{"identifier":{"type":"dns","value":"zhangxiong.work"},"status":"valid","expires":"2024-06-04T13:59:28Z","challenges":[{"type":"dns-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/346998718467/hwCodA","token":"EzdIIfq3TQ65gwCzlUKixen4kZvTZvw8mCee1z7-KGs","validationRecord":[{"hostname":"zhangxiong.work","resolverAddrs":["10.0.12.89:20043"]}],"validated":"2024-05-05T13:59:28Z"}]}#https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718467
*.zhangxiong.work,{"identifier":{"type":"dns","value":"zhangxiong.work"},"status":"valid","expires":"2024-06-04T13:59:33Z","challenges":[{"type":"dns-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/346998718457/SiPx4g","token":"KJip5KgbY1Y-D8BcFCiBICBcxGEbq1sXBE7YXKiqeRA","validationRecord":[{"hostname":"zhangxiong.work","resolverAddrs":["10.0.12.82:22757"]}],"validated":"2024-05-05T13:59:32Z"}],"wildcard": true}#https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718457
'
[Sun May  5 10:00:33 PM CST 2024] d='zhangxiong.work'
[Sun May  5 10:00:33 PM CST 2024] Getting webroot for domain='zhangxiong.work'
[Sun May  5 10:00:33 PM CST 2024] _w='dns'
[Sun May  5 10:00:33 PM CST 2024] _currentRoot='dns'
[Sun May  5 10:00:33 PM CST 2024] _is_idn_d='zhangxiong.work'
[Sun May  5 10:00:33 PM CST 2024] _idn_temp
[Sun May  5 10:00:33 PM CST 2024] _candidates='zhangxiong.work,{"identifier":{"type":"dns","value":"zhangxiong.work"},"status":"valid","expires":"2024-06-04T13:59:28Z","challenges":[{"type":"dns-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/346998718467/hwCodA","token":"EzdIIfq3TQ65gwCzlUKixen4kZvTZvw8mCee1z7-KGs","validationRecord":[{"hostname":"zhangxiong.work","resolverAddrs":["10.0.12.89:20043"]}],"validated":"2024-05-05T13:59:28Z"}]}#https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718467'
[Sun May  5 10:00:33 PM CST 2024] response='{"identifier":{"type":"dns","value":"zhangxiong.work"},"status":"valid","expires":"2024-06-04T13:59:28Z","challenges":[{"type":"dns-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/346998718467/hwCodA","token":"EzdIIfq3TQ65gwCzlUKixen4kZvTZvw8mCee1z7-KGs","validationRecord":[{"hostname":"zhangxiong.work","resolverAddrs":["10.0.12.89:20043"]}],"validated":"2024-05-05T13:59:28Z"}]}#https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718467'
[Sun May  5 10:00:33 PM CST 2024] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718467'
[Sun May  5 10:00:33 PM CST 2024] zhangxiong.work is already valid.
[Sun May  5 10:00:33 PM CST 2024] keyauthorization='verified_ok'
[Sun May  5 10:00:33 PM CST 2024] entry='"type":"dns-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/346998718467/hwCodA","token":"EzdIIfq3TQ65gwCzlUKixen4kZvTZvw8mCee1z7-KGs","validationRecord":[{"hostname":"zhangxiong.work","resolverAddrs":["10.0.12.89:20043"]'
[Sun May  5 10:00:33 PM CST 2024] dvlist='zhangxiong.work#verified_ok##dns-01#dns#https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718467'
[Sun May  5 10:00:33 PM CST 2024] d='*.zhangxiong.work'
[Sun May  5 10:00:33 PM CST 2024] Getting webroot for domain='*.zhangxiong.work'
[Sun May  5 10:00:33 PM CST 2024] _w='dns'
[Sun May  5 10:00:33 PM CST 2024] _currentRoot='dns'
[Sun May  5 10:00:33 PM CST 2024] _is_idn_d='*.zhangxiong.work'
[Sun May  5 10:00:33 PM CST 2024] _idn_temp
[Sun May  5 10:00:33 PM CST 2024] _candidates='*.zhangxiong.work,{"identifier":{"type":"dns","value":"zhangxiong.work"},"status":"valid","expires":"2024-06-04T13:59:33Z","challenges":[{"type":"dns-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/346998718457/SiPx4g","token":"KJip5KgbY1Y-D8BcFCiBICBcxGEbq1sXBE7YXKiqeRA","validationRecord":[{"hostname":"zhangxiong.work","resolverAddrs":["10.0.12.82:22757"]}],"validated":"2024-05-05T13:59:32Z"}],"wildcard": true}#https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718457'
[Sun May  5 10:00:33 PM CST 2024] response='{"identifier":{"type":"dns","value":"zhangxiong.work"},"status":"valid","expires":"2024-06-04T13:59:33Z","challenges":[{"type":"dns-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/346998718457/SiPx4g","token":"KJip5KgbY1Y-D8BcFCiBICBcxGEbq1sXBE7YXKiqeRA","validationRecord":[{"hostname":"zhangxiong.work","resolverAddrs":["10.0.12.82:22757"]}],"validated":"2024-05-05T13:59:32Z"}],"wildcard": true}#https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718457'
[Sun May  5 10:00:33 PM CST 2024] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718457'
[Sun May  5 10:00:33 PM CST 2024] *.zhangxiong.work is already valid.
[Sun May  5 10:00:33 PM CST 2024] keyauthorization='verified_ok'
[Sun May  5 10:00:33 PM CST 2024] entry='"type":"dns-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/346998718457/SiPx4g","token":"KJip5KgbY1Y-D8BcFCiBICBcxGEbq1sXBE7YXKiqeRA","validationRecord":[{"hostname":"zhangxiong.work","resolverAddrs":["10.0.12.82:22757"]'
[Sun May  5 10:00:33 PM CST 2024] dvlist='*.zhangxiong.work#verified_ok##dns-01#dns#https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718457'
[Sun May  5 10:00:33 PM CST 2024] d
[Sun May  5 10:00:33 PM CST 2024] vlist='zhangxiong.work#verified_ok##dns-01#dns#https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718467,*.zhangxiong.work#verified_ok##dns-01#dns#https://acme-v02.api.letsencrypt.org/acme/authz-v3/346998718457,'
[Sun May  5 10:00:33 PM CST 2024] d='zhangxiong.work'
[Sun May  5 10:00:33 PM CST 2024] zhangxiong.work is already verified, skip dns-01.
[Sun May  5 10:00:33 PM CST 2024] d='*.zhangxiong.work'
[Sun May  5 10:00:33 PM CST 2024] *.zhangxiong.work is already verified, skip dns-01.
[Sun May  5 10:00:33 PM CST 2024] ok, let's start to verify
[Sun May  5 10:00:33 PM CST 2024] zhangxiong.work is already verified, skip dns-01.
[Sun May  5 10:00:34 PM CST 2024] *.zhangxiong.work is already verified, skip dns-01.
[Sun May  5 10:00:34 PM CST 2024] pid
[Sun May  5 10:00:34 PM CST 2024] No need to restore nginx, skip.
[Sun May  5 10:00:34 PM CST 2024] _clearupdns
[Sun May  5 10:00:34 PM CST 2024] dns_entries
[Sun May  5 10:00:34 PM CST 2024] skip dns.
[Sun May  5 10:00:34 PM CST 2024] Verify finished, start to sign.
[Sun May  5 10:00:34 PM CST 2024] i='2'
[Sun May  5 10:00:34 PM CST 2024] j='8'
[Sun May  5 10:00:34 PM CST 2024] Lets finalize the order.
[Sun May  5 10:00:34 PM CST 2024] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/1709963457/266810976747'
[Sun May  5 10:00:34 PM CST 2024] =======Begin Send Signed Request=======
[Sun May  5 10:00:34 PM CST 2024] url='https://acme-v02.api.letsencrypt.org/acme/finalize/1709963457/266810976747'
[Sun May  5 10:00:34 PM CST 2024] payload='{"csr": "MIIBMzCB2wIBADAaMRgwFgYDVQQDDA96aGFuZ3hpb25nLndvcmswWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATnTPAV1vO4jTNGGUDa6xomrU1Qh3zhr7a5GIag2ZXYLGYxKMfjOZD_MTE2FoSl76MRUoDvAck-mSAf8Mb70wzGoF8wXQYJKoZIhvcNAQkOMVAwTjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwLQYDVR0RBCYwJIIPemhhbmd4aW9uZy53b3JrghEqLnpoYW5neGlvbmcud29yazAKBggqhkjOPQQDAgNHADBEAiAo2v_MgLSEZkmjm4qrg3eEvDJ7PQqs1UTMIvLl-qOlLQIgSgwT9-1rkZO1I2OLYkOIy79bpYgcKEVf-W4XBXIc-E4"}'
[Sun May  5 10:00:34 PM CST 2024] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
[Sun May  5 10:00:34 PM CST 2024] Use _CACHED_NONCE='KBbvukTeSBd6okJC4Hf_UsXBEZZxzvhzcKwfsZbX5bON_C_68Ts'
[Sun May  5 10:00:34 PM CST 2024] nonce='KBbvukTeSBd6okJC4Hf_UsXBEZZxzvhzcKwfsZbX5bON_C_68Ts'
[Sun May  5 10:00:34 PM CST 2024] _URGLY_PRINTF
[Sun May  5 10:00:34 PM CST 2024] xargs
[Sun May  5 10:00:34 PM CST 2024] POST
[Sun May  5 10:00:34 PM CST 2024] _post_url='https://acme-v02.api.letsencrypt.org/acme/finalize/1709963457/266810976747'
[Sun May  5 10:00:34 PM CST 2024] body='{"protected": "eyJub25jZSI6ICJLQmJ2dWtUZVNCZDZva0pDNEhmX1VzWEJFWlp4enZoemNLd2ZzWmJYNWJPTl9DXzY4VHMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2ZpbmFsaXplLzE3MDk5NjM0NTcvMjY2ODEwOTc2NzQ3IiwgImFsZyI6ICJFUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNzA5OTYzNDU3In0", "payload": "eyJjc3IiOiAiTUlJQk16Q0Iyd0lCQURBYU1SZ3dGZ1lEVlFRRERBOTZhR0Z1WjNocGIyNW5MbmR2Y21zd1dUQVRCZ2NxaGtqT1BRSUJCZ2dxaGtqT1BRTUJCd05DQUFUblRQQVYxdk80alROR0dVRGE2eG9tclUxUWgzemhyN2E1R0lhZzJaWFlMR1l4S01mak9aRF9NVEUyRm9TbDc2TVJVb0R2QWNrLW1TQWY4TWI3MHd6R29GOHdYUVlKS29aSWh2Y05BUWtPTVZBd1RqQWRCZ05WSFNVRUZqQVVCZ2dyQmdFRkJRY0RBUVlJS3dZQkJRVUhBd0l3TFFZRFZSMFJCQ1l3SklJUGVtaGhibWQ0YVc5dVp5NTNiM0pyZ2hFcUxucG9ZVzVuZUdsdmJtY3VkMjl5YXpBS0JnZ3Foa2pPUFFRREFnTkhBREJFQWlBbzJ2X01nTFNFWmttam00cXJnM2VFdkRKN1BRcXMxVVRNSXZMbC1xT2xMUUlnU2d3VDktMXJrWk8xSTJPTFlrT0l5NzlicFlnY0tFVmYtVzRYQlhJYy1FNCJ9", "signature": "Zt28-ClX3oODmqKx4LPuyi-dQI8AhhfK45w2AXbOcdJRuUO3TheoSFoDoRi5kBccPRw0oHUo3tgdArAS4-gBHA"}'
[Sun May  5 10:00:34 PM CST 2024] _postContentType='application/jose+json'
[Sun May  5 10:00:34 PM CST 2024] Http already initialized.
[Sun May  5 10:00:34 PM CST 2024] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.9MhWJrwUut  -g '
[Sun May  5 10:00:34 PM CST 2024] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 139
[Sun May  5 10:00:34 PM CST 2024] Here is the curl dump log:
[Sun May  5 10:00:34 PM CST 2024] == Info:   Trying 172.65.32.248:443...
== Info: Connected to acme-v02.api.letsencrypt.org (172.65.32.248) port 443 (#0)
== Info: ALPN: offers h2,http/1.1
=> Send SSL data, 5 bytes (0x5)
0000: .....
== Info: TLSv1.3 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: ......k..o.A....._uw..h..8.N...].}.o.w ...9.%....qJ.t..A....=...
0040: .._...N.>.......,.0.........+./...$.(.k.#.'.g.....9.....3.....=.
0080: <.5./.....u...!.....acme-v02.api.letsencrypt.org................
00c0: .........................h2.http/1.1.........1.....*.(..........
0100: ...............................+............-.....3.&.$... .}..v
0140: ~......A........g...............................................
0180: ................................................................
01c0: ................................................................
== Info:  CAfile: /etc/ssl/certs/ca-certificates.crt
== Info:  CApath: /etc/ssl/certs
<= Recv SSL data, 5 bytes (0x5)
0000: ....z
== Info: TLSv1.3 (IN), TLS handshake, Server hello (2):
<= Recv SSL data, 122 bytes (0x7a)
0000: ...v....|O....i+......D..;..,hQ..o/NB. ...9.%....qJ.t..A....=...
0040: .._...N......+.....3.$... (.:....P.+.yj.r:S....+J.S...;..X
<= Recv SSL data, 5 bytes (0x5)
0000: .....
<= Recv SSL data, 5 bytes (0x5)
0000: ....$
<= Recv SSL data, 1 bytes (0x1)
0000: .
== Info: TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
<= Recv SSL data, 19 bytes (0x13)
0000: .................h2
<= Recv SSL data, 5 bytes (0x5)
0000: .....
<= Recv SSL data, 1 bytes (0x1)
0000: .
== Info: TLSv1.3 (IN), TLS handshake, Certificate (11):
<= Recv SSL data, 2802 bytes (0xaf2)
0000: ...........0...0............k.B.RH ...=..B..0...*.H........021.0
0040: ...U....US1.0...U....Let's Encrypt1.0...U....R30...240503140648Z
0080: ..240801140647Z0'1%0#..U....acme-v02.api.letsencrypt.org0.."0...
00c0: *.H.............0............_.gk...N....../.<br....*<...._5.5..
0100: r?..a...4-.........@.!..+Y...........U^...4...6.]."l..._T`4..,Bd
0140: .iZ..V..fm.L..L...+.L*...<]xI..}.....f.8>.blhY.}^.eq{V..r....5.$
0180: .)..y...?.bN....JR....c.I..0ig.....q..7k....C`.../..K2le3..0C..M
01c0: ...Fc..>..T..........s............0...0...U...........0...U.%..0
0200: ...+.........+.......0...U.......0.0...U......zQ.H.....s^..._..Z
0240: ..0...U.#..0........XV..P.@........0U..+........I0G0!..+.....0..
0280: .http://r3.o.lencr.org0"..+.....0...http://r3.i.lencr.org/0....U
02c0: .....0....acme-v02-1.api.letsencrypt.org..acme-v02-2.api.letsenc
0300: rypt.org..acme-v02-3.api.letsencrypt.org..acme-v02-4.api.letsenc
0340: rypt.org..acme-v02-5.api.letsencrypt.org..acme-v02.api.letsencry
0380: pt.org..incident.letsencrypt.org0...U. ..0.0...g.....0.....+....
03c0: .y............v....q...R.0...?d..n(...R....J?.......>.\Z.....G0E
0400: .!..-....Q.....:..~A..BB.k.n.$..,.$. ....?U...~...L..;~U..?&.g.W
0440: ..^...v.H..k..G4..j...0..R..V.,.....9..s....>.]......G0E. ~EL...
0480: &..icG........I4.....O.Zs7.!.....cu...+.aG.......#..e.......O0..
04c0: .*.H..................Y.}.+.."V<.=..u.6......"9`l..?h&6.K...3..
0500: ..@"K.0-.l.1.C(...Q...?C.3....9....C.<..u.B.:..Vu.;LC..W...{..."
0540: ,.+...R..n...u.~....f..t$.../_48.....gR..m#d...vJ.m........+.C=G
0580: F.yF.@..+8..,..'......{..EkY.....N./.1....B.u.n...<m0..5%..D.]
05c0: .gdT.........f..=.....0...0............+.J....S...%._Z0...*.H...
0600: .....0O1.0...U....US1)0'..U... Internet Security Research Group1
0640: .0...U....ISRG Root X10...200904000000Z..250915160000Z021.0...U.
0680: ...US1.0...U....Let's Encrypt1.0...U....R30.."0...*.H...........
06c0: ..0...........(.........U.......zB..]&..+..L...k.u....G..U5W....
0700: 9...<B.Nn.;......\.Y8...i.Z.....$%..7q..........;ERE...S.4.R....
0740: ..`p..T..m...@4k+..f.f4|.k..W)..0.].ro......X=......+.....q].F..
0780: .%...`guf.....\.S.:..G.......w?.S......p...c.......S...H...i.%u.
07c0: ..R...Q.............0...0...U...........0...U.%..0...+.........+
0800: .......0...U.......0.......0...U...........XV..P.@........0...U.
0840: #..0...y.Y.{....s.....X...n02..+........&0$0"..+.....0...http://
0880: x1.i.lencr.org/0'..U... 0.0.......http://x1.c.lencr.org/0"..U. .
08c0: .0.0...g.....0...+..........0...*.H...............NG>...D...gx..
0900: c.uM..=3erT-...... ._..p..n;.^... ..........<....9..|%.G.en?F...
0940: ..+.T....'K.../...q.J....#{.-...W>...3.G!x..'.*....\.d...y.O.mD.
0980: ^.........D).Y .c.!..&..W..e..."...C....~...7.Z..0..n+*.!N......
09c0: .^....j...;3..K........?.UC6.h.6.j.....@.4...c959un..v.....Kl...
0a00: .......h..e..=wS..y...1.u*C.U.r.)...]N..F.0..._..y..^p.........a
0a40: q%*...%PRh........}..l.!1.........=.L.8...+.......= .~Y...X.[.H.
0a80: .\O.)..U#......|.../....GF?.....(Mh2.g^.i....../..RC.o2WeM2..8S.
0ac0: ]~]f)........V.B..N.%8DPm...U...Id.N....[.s...G...
<= Recv SSL data, 5 bytes (0x5)
0000: .....
<= Recv SSL data, 1 bytes (0x1)
0000: .
== Info: TLSv1.3 (IN), TLS handshake, CERT verify (15):
<= Recv SSL data, 264 bytes (0x108)
0000: .........sp................4&...X'N..8M0....Jv......*......S.e..
0040: ..R........._.r.....S.8...]g............]E.......-.p.x&_T....t.6
0080: ...f.K.=?u...vah........cx.3.&V...`.....9.-.D...XG.n.......`.+..
00c0: ...*j`..a..U..{...u..k:....J.6.'~.?...Z.......AX=.....&..Op=..T
0100: .8c@e...
<= Recv SSL data, 5 bytes (0x5)
0000: ....E
<= Recv SSL data, 1 bytes (0x1)
0000: .
== Info: TLSv1.3 (IN), TLS handshake, Finished (20):
<= Recv SSL data, 52 bytes (0x34)
0000: ...0.*^c..}...}d........<..e..y.'..yq]...g.D.}`..`.]
=> Send SSL data, 5 bytes (0x5)
0000: .....
== Info: TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
=> Send SSL data, 1 bytes (0x1)
0000: .
=> Send SSL data, 5 bytes (0x5)
0000: ....E
=> Send SSL data, 1 bytes (0x1)
0000: .
== Info: TLSv1.3 (OUT), TLS handshake, Finished (20):
=> Send SSL data, 52 bytes (0x34)
0000: ...0-S.?i..e.a.....8`*v...(..s...x.V9..)R.Eg.u.....}
== Info: SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
== Info: ALPN: server accepted h2
== Info: Server certificate:
== Info:  subject: CN=acme-v02.api.letsencrypt.org
== Info:  start date: May  3 14:06:48 2024 GMT
== Info:  expire date: Aug  1 14:06:47 2024 GMT
== Info:  subjectAltName: host "acme-v02.api.letsencrypt.org" matched cert's "acme-v02.api.letsencrypt.org"
== Info:  issuer: C=US; O=Let's Encrypt; CN=R3
== Info:  SSL certificate verify ok.
=> Send SSL data, 5 bytes (0x5)
0000: ....Q
=> Send SSL data, 1 bytes (0x1)
0000: .
== Info: using HTTP/2
== Info: h2h3 [:method: POST]
== Info: h2h3 [:path: /acme/authz-v3/346998718467]
== Info: h2h3 [:scheme: https]
== Info: h2h3 [:authority: acme-v02.api.letsencrypt.org]
== Info: h2h3 [user-agent: acme.sh/3.0.8 (https://github.com/acmesh-official/acme.sh)]
== Info: h2h3 [accept: */*]
== Info: h2h3 [content-type: application/jose+json]
== Info: h2h3 [content-length: 431]
== Info: Using Stream ID: 1 (easy handle 0x564d606913f0)
=> Send SSL data, 5 bytes (0x5)
0000: .....
=> Send SSL data, 1 bytes (0x1)
0000: .
=> Send header, 222 bytes (0xde)
0000: POST /acme/authz-v3/346998718467 HTTP/2
0029: Host: acme-v02.api.letsencrypt.org
004d: user-agent: acme.sh/3.0.8 (https://github.com/acmesh-official/ac
008d: me.sh)
0095: accept: */*
00a2: content-type: application/jose+json
00c7: content-length: 431
00dc: 
=> Send SSL data, 5 bytes (0x5)
0000: .....
=> Send SSL data, 1 bytes (0x1)
0000: .
=> Send data, 431 bytes (0x1af)
0000: {"protected": "eyJub25jZSI6ICJHeTRZTlc0cU1Vb2hBXy1UVEp4TkNabWhwZ
0040: 2txZHF2LXcyR0hNcFFOZDZkekFqOUhtYzQiLCAidXJsIjogImh0dHBzOi8vYWNtZ
0080: S12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzM0Njk5ODcxO
00c0: DQ2NyIsICJhbGciOiAiRVMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuY
0100: XBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTcwOTk2MzQ1NyJ9", "paylo
0140: ad": "", "signature": "kJIBU4dP6y9rrq5HLXlOox9qZIRYXqnRomTInEsf3
0180: LGPouG3WNo7bcEKoh4hKIrnhVsVd5ZK0zLKcW2jGWz4CA"}
== Info: We are completely uploaded and fine
<= Recv SSL data, 5 bytes (0x5)
0000: ....J
<= Recv SSL data, 1 bytes (0x1)
0000: .
== Info: TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
<= Recv SSL data, 57 bytes (0x39)
0000: ...5..Q....<.......... ..s...T..rE-....8.w.7.D.....o.,...
<= Recv SSL data, 5 bytes (0x5)
0000: ....J
<= Recv SSL data, 1 bytes (0x1)
0000: .
== Info: TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
<= Recv SSL data, 57 bytes (0x39)
0000: ...5..Q...{Y.......... ...F.O>R.,...7.7..7..kZ[#....w....
== Info: old SSL session ID is stale, removing
<= Recv SSL data, 5 bytes (0x5)
0000: ....O
<= Recv SSL data, 1 bytes (0x1)
0000: .
=> Send SSL data, 5 bytes (0x5)
0000: .....
=> Send SSL data, 1 bytes (0x1)
0000: .
<= Recv SSL data, 5 bytes (0x5)
0000: ....g
<= Recv SSL data, 1 bytes (0x1)
0000: .
<= Recv header, 13 bytes (0xd)
0000: HTTP/2 200 
<= Recv header, 15 bytes (0xf)
0000: server: nginx
<= Recv header, 37 bytes (0x25)
0000: date: Sun, 05 May 2024 14:00:33 GMT
<= Recv header, 32 bytes (0x20)
0000: content-type: application/json
<= Recv header, 21 bytes (0x15)
0000: content-length: 578
<= Recv header, 31 bytes (0x1f)
0000: boulder-requester: 1709963457
<= Recv header, 44 bytes (0x2c)
0000: cache-control: public, max-age=0, no-cache
<= Recv header, 68 bytes (0x44)
0000: link: <https://acme-v02.api.letsencrypt.org/directory>;rel="inde
0040: x"
<= Recv header, 67 bytes (0x43)
0000: replay-nonce: KBbvukTeSBd6okJC4Hf_UsXBEZZxzvhzcKwfsZbX5bON_C_68T
0040: s
<= Recv header, 23 bytes (0x17)
0000: x-frame-options: DENY
<= Recv header, 43 bytes (0x2b)
0000: strict-transport-security: max-age=604800
<= Recv header, 2 bytes (0x2)
0000: 
<= Recv data, 578 bytes (0x242)
0000: {.  "identifier": {.    "type": "dns",.    "value": "zhangxiong.
0040: work".  },.  "status": "valid",.  "expires": "2024-06-04T13:59:2
0080: 8Z",.  "challenges": [.    {.      "type": "dns-01",.      "stat
00c0: us": "valid",.      "url": "https://acme-v02.api.letsencrypt.org
0100: /acme/chall-v3/346998718467/hwCodA",.      "token": "EzdIIfq3TQ6
0140: 5gwCzlUKixen4kZvTZvw8mCee1z7-KGs",.      "validationRecord": [. 
0180:        {.          "hostname": "zhangxiong.work",.          "res
01c0: olverAddrs": [.            "10.0.12.89:20043".          ].      
0200:   }.      ],.      "validated": "2024-05-05T13:59:28Z".    }.  ]
0240: .}
== Info: Connection #0 to host acme-v02.api.letsencrypt.org left intact
[Sun May  5 10:00:34 PM CST 2024] _ret='139'
[Sun May  5 10:00:34 PM CST 2024] responseHeaders='HTTP/2 200 
server: nginx
date: Sun, 05 May 2024 14:00:33 GMT
content-type: application/json
content-length: 578
boulder-requester: 1709963457
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: KBbvukTeSBd6okJC4Hf_UsXBEZZxzvhzcKwfsZbX5bON_C_68Ts
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Sun May  5 10:00:34 PM CST 2024] code='200'
[Sun May  5 10:00:34 PM CST 2024] original
[Sun May  5 10:00:34 PM CST 2024] response
[Sun May  5 10:00:34 PM CST 2024] Sign error, wrong status
[Sun May  5 10:00:34 PM CST 2024] 
[Sun May  5 10:00:34 PM CST 2024] _on_issue_err
[Sun May  5 10:00:34 PM CST 2024] Please add '--debug' or '--log' to check more details.
[Sun May  5 10:00:34 PM CST 2024] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
[Sun May  5 10:00:34 PM CST 2024] _chk_vlist
[Sun May  5 10:00:34 PM CST 2024] 'dns' contains 'dns'
[Sun May  5 10:00:34 PM CST 2024] The dns manual mode can not renew automatically, you must issue it again manually. You'd better use the other modes instead.
[Sun May  5 10:00:34 PM CST 2024] Diagnosis versions: 
openssl:openssl
OpenSSL 3.0.11 19 Sep 2023 (Library: OpenSSL 3.0.11 19 Sep 2023)
apache:
apache doesn't exist.
nginx:
nginx version: nginx/1.25.5
built by gcc 12.2.0 (Debian 12.2.0-14) 
built with OpenSSL 1.1.1q  5 Jul 2022
TLS SNI support enabled
configure arguments: --user=www --group=www --prefix=/www/server/nginx --add-module=/www/server/nginx/src/ngx_devel_kit --add-module=/www/server/nginx/src/lua_nginx_module --add-module=/www/server/nginx/src/ngx_cache_purge --with-openssl=/www/server/nginx/src/openssl --with-pcre=pcre-8.43 --with-http_v2_module --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module --with-http_stub_status_module --with-http_ssl_module --with-http_image_filter_module --with-http_gzip_static_module --with-http_gunzip_module --with-ipv6 --with-http_sub_module --with-http_flv_module --with-http_addition_module --with-http_realip_module --with-http_mp4_module --add-module=/www/server/nginx/src/ngx_http_substitutions_filter_module-master --with-ld-opt=-Wl,-E --with-cc-opt=-Wno-error --with-ld-opt=-ljemalloc --with-http_dav_module --add-module=/www/server/nginx/src/nginx-dav-ext-module --with-http_v3_module --add-module=/www/server/ngx_brotli
socat:
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
socat version 1.7.4.4 on 06 Nov 2022 08:15:51
   running on Linux version #1 SMP PREEMPT_DYNAMIC Debian 6.1.85-1 (2024-04-11), release 6.1.0-20-amd64, machine x86_64
features:
  #define WITH_STDIO 1
  #define WITH_FDNUM 1
  #define WITH_FILE 1
  #define WITH_CREAT 1
  #define WITH_GOPEN 1
  #define WITH_TERMIOS 1
  #define WITH_PIPE 1
  #define WITH_UNIX 1
  #define WITH_ABSTRACT_UNIXSOCKET 1
  #define WITH_IP4 1
  #define WITH_IP6 1
  #define WITH_RAWIP 1
  #define WITH_GENERICSOCKET 1
  #define WITH_INTERFACE 1
  #define WITH_TCP 1
  #define WITH_UDP 1
  #define WITH_SCTP 1
  #define WITH_LISTEN 1
  #define WITH_SOCKS4 1
  #define WITH_SOCKS4A 1
  #define WITH_VSOCK 1
  #define WITH_PROXY 1
  #define WITH_SYSTEM 1
  #define WITH_EXEC 1
  #undef WITH_READLINE
  #define WITH_TUN 1
  #define WITH_PTY 1
  #define WITH_OPENSSL 1
  #undef WITH_FIPS
  #define WITH_LIBWRAP 1
  #define WITH_SYCLS 1
  #define WITH_FILAN 1
  #define WITH_RETRY 1
  #define WITH_MSGLEVEL 0 /*debug*/
github-actions[bot] commented 6 months ago

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.

YAOmeihah commented 5 months ago

同样的问题 [Wed May 22 23:36:05 CST 2024] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 139 [Wed May 22 23:36:05 CST 2024] Sign error, wrong status [Wed May 22 23:36:05 CST 2024] [Wed May 22 23:36:05 CST 2024] Please add '--debug' or '--log' to check more details. [Wed May 22 23:36:05 CST 2024] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh

123ABCDF11345 commented 4 months ago

同样问题 :[Fri Jun 28 23:27:58 CST 2024] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 139 [Fri Jun 28 23:27:59 CST 2024] Sign error, wrong status [Fri Jun 28 23:27:59 CST 2024] [Fri Jun 28 23:27:59 CST 2024] Please add '--debug' or '--log' to check more details. [Fri Jun 28 23:27:59 CST 2024] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh