search

acmesh-official / acme.sh

A pure Unix shell script implementing ACME client protocol
https://acme.sh
GNU General Public License v3.0
39.57k stars 4.98k forks source link

[pfsense] Can't register an account successfully #849

Closed OdyX closed 7 years ago

OdyX commented 7 years ago

Steps to reproduce

I have tried to hack around curl options in the script, but without success.

Debug log

/root/.acme.sh/acme.sh --home '/tmp/acme/_registerkey/' --registeraccount --accountconf '/tmp/acme/_registerkey/accountconf.conf' --debug 2
[Tue May 16 10:46:06 CEST 2017] Lets find script dir.
[Tue May 16 10:46:06 CEST 2017] _SCRIPT_='/root/.acme.sh/acme.sh'
[Tue May 16 10:46:06 CEST 2017] _script='/root/.acme.sh/acme.sh'
[Tue May 16 10:46:06 CEST 2017] _script_home='/root/.acme.sh'
[Tue May 16 10:46:06 CEST 2017] Using config home:/tmp/acme/_registerkey/
[Tue May 16 10:46:06 CEST 2017] LE_WORKING_DIR='/tmp/acme/_registerkey/'
https://github.com/Neilpang/acme.sh
v2.6.9
[Tue May 16 10:46:06 CEST 2017] Using config home:/tmp/acme/_registerkey/
[Tue May 16 10:46:06 CEST 2017] Using config home:/tmp/acme/_registerkey/
[Tue May 16 10:46:06 CEST 2017] RSA key
[Tue May 16 10:46:14 CEST 2017] AGREEMENT
[Tue May 16 10:46:14 CEST 2017] Registering account
[Tue May 16 10:46:14 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Tue May 16 10:46:14 CEST 2017] payload='{"resource": "new-reg", "agreement": ""}'
[Tue May 16 10:46:14 CEST 2017] Use cached jwk for file: /tmp/acme/_registerkey//ca/acme-staging.api.letsencrypt.org/account.key
[Tue May 16 10:46:14 CEST 2017] Get nonce.
[Tue May 16 10:46:14 CEST 2017] GET
[Tue May 16 10:46:14 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Tue May 16 10:46:14 CEST 2017] timeout
[Tue May 16 10:46:14 CEST 2017] _CURL='curl -L --silent --dump-header /tmp/acme/_registerkey//http.header  --trace-ascii /tmp/tmp.g8RVKgpG '
[Tue May 16 10:46:15 CEST 2017] ret='0'
[Tue May 16 10:46:15 CEST 2017] _headers='HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Content-Length: 372
Boulder-Request-Id: nw6w94AsM6U5lknnPBL13z4wEvtcfXT7tui-Y2RQXg0
Replay-Nonce: 7Z5u5Wx55Wgi2O6C8p2ULTg_BVZCzWqv0C09lrww_yE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Tue, 16 May 2017 08:46:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 16 May 2017 08:46:15 GMT
Connection: keep-alive
'
[Tue May 16 10:46:15 CEST 2017] _CACHED_NONCE='7Z5u5Wx55Wgi2O6C8p2ULTg_BVZCzWqv0C09lrww_yE'
[Tue May 16 10:46:15 CEST 2017] nonce='7Z5u5Wx55Wgi2O6C8p2ULTg_BVZCzWqv0C09lrww_yE'
[Tue May 16 10:46:15 CEST 2017] POST
[Tue May 16 10:46:15 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Tue May 16 10:46:15 CEST 2017] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "yR_5Vv1ObpmZtN7Su-d0oYStnu2a2Sv8b3StUKed8KazEZv6fp4Pd9sR3uz70iC6pd46IGtSVMn3C-FexGd0tQ7xlIS5nqW4al4cemRiu_zlpBxbYbNWyY3R51xfg4C-fN4uSjnamB99_p3DrXfQuaKkXW1Ytfcz2DGiVvVip_gs-8zvv8jsgAs0QUVNDzX6go-fHts5xUz-GbynYsUl-olUNyoIMu7jnxsYWqOJqB1XN_Lf7G5lQWuaIgw6t6DQNMZg38gWRTz5IZ1WFKGHOj7pXne5CFtCBuzxmGLDmvtiqTZdyUM0Zz3edgR6tbaOInFxjEAjHqhE4cyClgJlkZGTMzWEj-PvJ6xvGqVhmVcUV9NR6ab_pRe_qJAcFiiE8vs3RLk_p6nvA9VJ4UTjwGHnennBcZk4YtgDoF6ACqrojMixGTKsEKtswqsfqCrHYWTOsKLSVhkE7OugJdiOQlZxR5GiaCWXaDHQDYRlEthhxZFjgngU7hj1QIURx4E6iQroy6M46GYxWUocaXsXaZ_3En1TnO7ssr2z2MAthLOyLeNqskoaNx0XOt7qwF08pT-VfoNS33KyCEx44t7PNwdyWyy6Bf1ZTx0DhnSiPFtN0JcrpNrVKulnPWcGZRlMo-0Qz3dZN_EppZzq9GKxxWfNRMLEOkeV-V0tTQSsJ3s"}}, "protected": "eyJub25jZSI6ICI3WjV1NVd4NTVXZ2kyTzZDOHAyVUxUZ19CVlpDeldxdjBDMDlscnd3X3lFIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAieVJfNVZ2MU9icG1adE43U3UtZDBvWVN0bnUyYTJTdjhiM1N0VUtlZDhLYXpFWnY2ZnA0UGQ5c1IzdXo3MGlDNnBkNDZJR3RTVk1uM0MtRmV4R2QwdFE3eGxJUzVucVc0YWw0Y2VtUml1X3pscEJ4YlliTld5WTNSNTF4Zmc0Qy1mTjR1U2puYW1COTlfcDNEclhmUXVhS2tYVzFZdGZjejJER2lWdlZpcF9ncy04enZ2OGpzZ0FzMFFVVk5Eelg2Z28tZkh0czV4VXotR2J5bllzVWwtb2xVTnlvSU11N2pueHNZV3FPSnFCMVhOX0xmN0c1bFFXdWFJZ3c2dDZEUU5NWmczOGdXUlR6NUlaMVdGS0dIT2o3cFhuZTVDRnRDQnV6eG1HTERtdnRpcVRaZHlVTTBaejNlZGdSNnRiYU9JbkZ4akVBakhxaEU0Y3lDbGdKbGtaR1RNeldFai1Qdko2eHZHcVZobVZjVVY5TlI2YWJfcFJlX3FKQWNGaWlFOHZzM1JMa19wNm52QTlWSjRVVGp3R0huZW5uQmNaazRZdGdEb0Y2QUNxcm9qTWl4R1RLc0VLdHN3cXNmcUNySFlXVE9zS0xTVmhrRTdPdWdKZGlPUWxaeFI1R2lhQ1dYYURIUURZUmxFdGhoeFpGamduZ1U3aGoxUUlVUng0RTZpUXJveTZNNDZHWXhXVW9jYVhzWGFaXzNFbjFUbk83c3NyMnoyTUF0aExPeUxlTnFza29hTngwWE90N3F3RjA4cFQtVmZvTlMzM0t5Q0V4NDR0N1BOd2R5V3l5NkJmMVpUeDBEaG5TaVBGdE4wSmNycE5yVkt1bG5QV2NHWlJsTW8tMFF6M2RaTl9FcHBaenE5R0t4eFdmTlJNTEVPa2VWLVYwdFRRU3NKM3MifX0", "payload": "eyJyZXNvdXJjZSI6ICJuZXctcmVnIiwgImFncmVlbWVudCI6ICIifQ", "signature": "E-f45tzHQw6uHOqWSECV_s0HA-VyvNnPmnZ1YNGwV_hRW0xq1R-WqxBGgDEmzU_1OSOA_15-4o58inpOvVj0dvUpHshycRebrQYG1dsaSqOovyjVoFewKfHtz0ewE1PSYB34kd4v5w1fu9UoYC8QGmJl80Q47ym8D0TDCL1-sOvNZqQZE0DmV08oH_14dhwC_mHqaF2W6r3Frrchsk9MtyF9UYRiS0kApd5m_c8lRjXJ4TvSCuCaMJGRiYhqN6C-Gs2CvgvkYItXPW1OWiW55qvONoNY2ACCCap7EFy8wdtO_PnlnSOlb7-U6v5vKq_pW5fgI6t3u5nNs4HxapWjZ6hrS2aYXB97jWTSes3RZftZEpN9QjFzJpPlvRg_Y9haRxSeJQwy3VAUNJAxGh8r7KMJjihwXWTXheFjV2qLDN7UNAzTdUcPVVtXRDDDFZ9ndRjKambN11JFJrTzxQE8-CRk7ybDFGGm8EjjiReMgycuiqiP_skSwoolT8VuaoDuW0F6RcJyB-u9S2k8Mj1ingCQO68M75kRkEuCHlKn0b5hcDOQBnsTjjS09AVpbT_0ewWbBhtHkTRlZudjIh7fHn9rP4UZ1sgLjRsVW8joH0Su6gnWnJb8UtBdCeTJt9F2K1IOlXYWfayw4VklYskjkq6qhE5iW_aXb8rFL5qUC38"}'
[Tue May 16 10:46:15 CEST 2017] _CURL='curl -L --silent --dump-header /tmp/acme/_registerkey//http.header  --trace-ascii /tmp/tmp.amV8tDCB '
[Tue May 16 10:48:16 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 52
[Tue May 16 10:48:16 CEST 2017] Here is the curl dump log:
[Tue May 16 10:48:16 CEST 2017] == Info:   Trying 2a02:26f0:3000:199::3d5...
== Info: TCP_NODELAY set
== Info: Connected to acme-staging.api.letsencrypt.org (2a02:26f0:3000:199::3d5) port 443 (#0)
== Info: Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
== Info: successfully set certificate verify locations:
== Info:   CAfile: /usr/local/share/certs/ca-root-nss.crt
  CApath: none
== Info: TLSv1.2 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: ......1..P.o....M.Y....a^ .[$o.v,F'..&..x.0.,.(.$.........k.j.9.
0040: 8.....2...*.&.......=.5.../.+.'.#.........g.@.3.2.....E.D.1.-.).
0080: %.......<./...A.....................[...%.#.. acme-staging.api.l
00c0: etsencrypt.org...........4.2....................................
0100: ................. .....................................3t.......
0140: ................................................................
0180: ................................................................
01c0: ................................................................
== Info: TLSv1.2 (IN), TLS handshake, Server hello (2):
<= Recv SSL data, 111 bytes (0x6f)
0000: ...k..w.6p$....y.d....pBM..}.[.5.;.i.. R.......`.#..u.0.?...j.5.
0040: .x.
...0..#.............3t...http/1.1.http/1.0
== Info: NPN, negotiated HTTP1.1
== Info: TLSv1.2 (IN), TLS handshake, Certificate (11):
<= Recv SSL data, 5273 bytes (0x1499)
0000: ..........0...0................N0..dB..x0...*.H........0Z1.0...
0040: U....US1.0...U....IdenTrust1.0...U....TrustID Server1.0...U....T
0080: rustID Server CA A520...150626170545Z..180625170545Z0..1.0...U..
00c0: ..*.api.letsencrypt.org1)0'..U... INTERNET SECURITY RESEARCH GRO
0100: UP1.0...U....Mountain View1.0...U....California1.0...U....US0.."
0140: 0...*.H.............0.........B...n96k....`1...+..|....:..f6....
0180: .M...].q.......n....Wr....ohxhA.%...&...(2........J9e..W.4..o...
01c0: ...F ...c0....)...,.6,.5F.O.....o...'K.!b8bm....Q<{V..3.....H.Z.
0200: ....!..X..?..v.........7.....R.'ylE..%....E.T...............E..[
0240: ...[-...........;O..9..N..............0...0...U...........0..'..
0280: U. ....0...0.....`.H.../...0..0@..+........4https://secure.ident
02c0: rust.com/certificates/policy/ts/0....+.......0.....This TrustID 
0300: Server Certificate has been issued in accordance with IdenTrust'
0340: s TrustID Certificate Policy found at https://secure.identrust.c
0380: om/certificates/policy/ts/0.....g.....0..0@..+........4https://s
03c0: ecure.identrust.com/certificates/policy/ts/0....+.......0.....Th
0400: is TrustID Server Certificate has been issued in accordance with
0440:  IdenTrust's TrustID Certificate Policy found at https://secure.
0480: identrust.com/certificates/policy/ts/0...U....../...qz.....e....
04c0: ....0E..U...>0<0:.8.6.4http://validation.identrust.com/crl/trust
0500: idcaa52.crl0....+........x0v00..+.....0..$http://commercial.ocsp
0540: .identrust.com0B..+.....0..6http://validation.identrust.com/cert
0580: s/trustidcaa52.p7c0...U.%..0...+.........+.......0...U.#..0....V
05c0: $<......x...XH..T.05..U....0,..*.api.letsencrypt.org..api.letsen
0600: crypt.org0...*.H..................a.6E.....x..+p....{..=.;`.b.c/
0640: .B..3l..| F..L7j.2O....z.f.6]n.N...........=....>...'....l.Vd.e 
0680: ...#....E1.j.AJ.j;2#..o.Dm1..a.b..O2.4......:..t)..I.(.)R...q.qr
06c0: o...i...e.P..i...TR....0..b.Qw...Hp..C.j.........]../.?A.Cg...
0700: .E...jXZ.C(.e.....v.........6...0...0..............@.U..&...,.w0
0740: ...*.H........0J1.0...U....US1.0...U....IdenTrust1'0%..U....Iden
0780: Trust Commercial Root CA 10...140320180538Z..220320180538Z0Z1.0.
07c0: ..U....US1.0...U....IdenTrust1.0...U....TrustID Server1.0...U...
0800: .TrustID Server CA A520.."0...*.H.............0.........i.....?.
0840: &Bv..s?.2D&.x.xW...]v+I..Z]Z......L6z+........|.r...........W..G
0880: ......-.2....(xh.~.B.1z.."S3...l...ck.2......`|..1....?..2.~....
08c0: ...........B.. +.....pc..u(.......%..7...<@.....G....%`.5..Q..
0900: ..[....@L.wq..E.~..i.Bf.F.:.F=...o...3a....<.^...".i.K#.........
0940: 0...0....+........}0{00..+.....0..$http://commercial.ocsp.identr
0980: ust.com0G..+.....0..;http://validation.identrust.com/roots/comme
09c0: rcialrootca1.p7c0...U.#..0....D........{.B.&T..6v0...U.......0..
0a00: ..0..1..U. ...(0..$0.. ..U. .0...0P..+.......0D0B.>https://secur
0a40: e.identrust.com/certificates/policy/ts/index.html0.0....+.......
0a80: 0.....This TrustID Server Certificate has been issued in accorda
0ac0: nce with IdenTrust's TrustID Certificate Policy found at https:/
0b00: /secure.identrust.com/certificates/policy/ts/index.html0J..U...C
0b40: 0A0?.=.;.9http://validation.identrust.com/crl/commercialrootca1.
0b80: crl0;..U.%.402..+.........+.........+.........+.........+.......
0bc0: 0...U...........0...U.......V$<......x...XH..T.0...*.H..........
0c00: ......r,..;#..J}e.}...Un..n..kkC..q..rL...../.......E!......i..@
0c40: ........}..%.H....2...i.M....,...Z.H.Y...cb..O...w.$...uQ.Uq..
0c80: ..........YY....D......H...5..g,I.Jbf..U......H..$v.p..?5......
0cc0: ...N..R.om.!:...I9%~GV.Y.d.*......t.i.hY?....f"..J......{t7C....
0d00: ....._a..i.=..k_...=........_...U..E..k%.:T..]..M.,)._/........z
0d40: .j.g........Eu....d+.H..=S...&A.G..{..W|...p......B.RK..Y...K...
0d80: ......irer<.YV?....)..a..S!..[...6...=.&.Nt."O/.....9h....q7x..g
0dc0: ..."S.7..i/u...#..-..-..s.....[.9..../e2.S....5L...!4...y.+..K.!
0e00: .Z9...0...0..w.........AB...H.o.!....0...*.H........0?1$0"..U...
0e40: .Digital Signature Trust Co.1.0...U....DST Root CA X30...1409251
0e80: 62803Z..210929162803Z0J1.0...U....US1.0...U....IdenTrust1'0%..U.
0ec0: ...IdenTrust Commercial Root CA 10.."0...*.H.............0......
0f00: ...P..?.=.3F.oQa...O.g.]..S..(......Cr...]|..B.1Pt...|..!.C...^.
0f40: n....Z2............q..S.N......O20.K.^W.S......b+.$.b....)KIx<.
0f80: `."...6....,T.g5ns..X......&z..6........?@.mZ...4.$.t#.]3..]..%.
0fc0: 0..]...G......II..[....$..bOO....t...r.jz.I..Fy.......Y.u!.e..V.
1000: ...`....R......+#.#v;.3....i.K..N.~.9...Dp~..Z.......5.II..V.=..
1040: .}.;...M..O.7....j.b..5.Qy,.%8..K......9.Jt|.Y..?N.R.=.R......
1080: I4.(.A.:......._......P`.1.s.....3.t.  .gl...zU.FN....>.....3d+
10c0: c.2^...{.xo........xz....rt.Utx...np..O..h.{.1.s==.*..A...M.eky3
1100: ..........z0..v0...U...........0...U.......0.......0..;..U. ...2
1140: 0...0.. ..`.H.../...0...0J..+........>https://secure.identrust.c
1180: om/certificates/policy/ts/index.html0....+.......0.....This Trus
11c0: tID Server Certificate has been issued in accordance with IdenTr
1200: ust's TrustID Certificate Policy found at https://secure.identru
1240: st.com/certificates/policy/ts/index.html0...g.....0...U.......D.
1280: .......{.B.&T..6v0<..U...50301./.-.+http://crl.identrust.com/DST
12c0: ROOTCAX3CRL.crl0t..+........h0f0'..+.....0...http://x3ocsp.ident
1300: rust.com0;..+.....0../http://apps.identrust.com/roots/dstrootcax
1340: 3.p7c0...U.%..0...+.........+.......0...U.#..0.......{,q...K.u..
1380: .`...0...*.H..............?G>.....'LU....K-.1...%J.3tP.b..DM....
13c0: ..p........40...1.......!.....VZ.....*..=.07.S.N..:a......d...NO
1400: ...*.k...f...v....NZ...M....I4H..3L.$..4.......N.S...?.'b$!.....
1440: ..i....;..Q......^$>.O}.y...N.;.@.xu.........9..EX....8.......
1480: ...e......NH..Z.q...8....
== Info: TLSv1.2 (IN), TLS handshake, Server key exchange (12):
<= Recv SSL data, 333 bytes (0x14d)
0000: ...I...A...T..D....L.......R'.&.......u2.f%.......k.c.X.#|..[j
0040: ....:..Rt.........8Q..i...f.p.<..~.#.6......F.+..........`.p!.F.
0080: ..p.T.ZD....SM....)..eM.A.l|.w.........b..f.....J.1D. .S..O^...
00c0: ...C.{..!..$...F.4).....QYp.V..A&...Y..gU0.?Gs....+...x.NI3e1FPL
0100: B' .....?e....7.....P..+...e.........u..'A]........*.....{.c.)?3
0140: .:../.......L
== Info: TLSv1.2 (IN), TLS handshake, Server finished (14):
<= Recv SSL data, 4 bytes (0x4)
0000: ....
== Info: TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
=> Send SSL data, 70 bytes (0x46)
0000: ...BA..H..E.7...S.Wy..`.5..Y...r4(.|".(Z.._.H...;.,.?.'..flE....
0040: ...m(.
== Info: TLSv1.2 (OUT), TLS change cipher, Client hello (1):
=> Send SSL data, 1 bytes (0x1)
0000: .
== Info: TLSv1.2 (OUT), TLS handshake, Unknown (67):
=> Send SSL data, 36 bytes (0x24)
0000: C.. .http/1.1.......................
== Info: TLSv1.2 (OUT), TLS handshake, Finished (20):
=> Send SSL data, 16 bytes (0x10)
0000: ....... ........
== Info: TLSv1.2 (IN), TLS change cipher, Client hello (1):
<= Recv SSL data, 1 bytes (0x1)
0000: .
== Info: TLSv1.2 (IN), TLS handshake, Finished (20):
<= Recv SSL data, 16 bytes (0x10)
0000: ....$.*.k.l..>.b
== Info: SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
== Info: Server certificate:
== Info:  subject: CN=*.api.letsencrypt.org; O=INTERNET SECURITY RESEARCH GROUP; L=Mountain View; ST=California; C=US
== Info:  start date: Jun 26 17:05:45 2015 GMT
== Info:  expire date: Jun 25 17:05:45 2018 GMT
== Info:  subjectAltName: host "acme-staging.api.letsencrypt.org" matched cert's "*.api.letsencrypt.org"
== Info:  issuer: C=US; O=IdenTrust; OU=TrustID Server; CN=TrustID Server CA A52
== Info:  SSL certificate verify ok.
=> Send header, 242 bytes (0xf2)
0000: POST /acme/new-reg HTTP/1.1
001d: Host: acme-staging.api.letsencrypt.org
0045: User-Agent: acme.sh/2.6.9 (https://github.com/Neilpang/acme.sh)
0086: Accept: */*
0093: Content-Length: 2609
00a9: Content-Type: application/x-www-form-urlencoded
00da: Expect: 100-continue
00f0: 
<= Recv header, 23 bytes (0x17)
0000: HTTP/1.1 100 Continue
<= Recv header, 40 bytes (0x28)
0000: Expires: Tue, 16 May 2017 08:46:16 GMT
<= Recv header, 46 bytes (0x2e)
0000: Cache-Control: max-age=0, no-cache, no-store
<= Recv header, 18 bytes (0x12)
0000: Pragma: no-cache
=> Send data, 2609 bytes (0xa31)
0000: {"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "
0040: n": "yR_5Vv1ObpmZtN7Su-d0oYStnu2a2Sv8b3StUKed8KazEZv6fp4Pd9sR3uz
0080: 70iC6pd46IGtSVMn3C-FexGd0tQ7xlIS5nqW4al4cemRiu_zlpBxbYbNWyY3R51x
00c0: fg4C-fN4uSjnamB99_p3DrXfQuaKkXW1Ytfcz2DGiVvVip_gs-8zvv8jsgAs0QUV
0100: NDzX6go-fHts5xUz-GbynYsUl-olUNyoIMu7jnxsYWqOJqB1XN_Lf7G5lQWuaIgw
0140: 6t6DQNMZg38gWRTz5IZ1WFKGHOj7pXne5CFtCBuzxmGLDmvtiqTZdyUM0Zz3edgR
0180: 6tbaOInFxjEAjHqhE4cyClgJlkZGTMzWEj-PvJ6xvGqVhmVcUV9NR6ab_pRe_qJA
01c0: cFiiE8vs3RLk_p6nvA9VJ4UTjwGHnennBcZk4YtgDoF6ACqrojMixGTKsEKtswqs
0200: fqCrHYWTOsKLSVhkE7OugJdiOQlZxR5GiaCWXaDHQDYRlEthhxZFjgngU7hj1QIU
0240: Rx4E6iQroy6M46GYxWUocaXsXaZ_3En1TnO7ssr2z2MAthLOyLeNqskoaNx0XOt7
0280: qwF08pT-VfoNS33KyCEx44t7PNwdyWyy6Bf1ZTx0DhnSiPFtN0JcrpNrVKulnPWc
02c0: GZRlMo-0Qz3dZN_EppZzq9GKxxWfNRMLEOkeV-V0tTQSsJ3s"}}, "protected"
0300: : "eyJub25jZSI6ICI3WjV1NVd4NTVXZ2kyTzZDOHAyVUxUZ19CVlpDeldxdjBDM
0340: Dlscnd3X3lFIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsI
0380: CJrdHkiOiAiUlNBIiwgIm4iOiAieVJfNVZ2MU9icG1adE43U3UtZDBvWVN0bnUyY
03c0: TJTdjhiM1N0VUtlZDhLYXpFWnY2ZnA0UGQ5c1IzdXo3MGlDNnBkNDZJR3RTVk1uM
0400: 0MtRmV4R2QwdFE3eGxJUzVucVc0YWw0Y2VtUml1X3pscEJ4YlliTld5WTNSNTF4Z
0440: mc0Qy1mTjR1U2puYW1COTlfcDNEclhmUXVhS2tYVzFZdGZjejJER2lWdlZpcF9nc
0480: y04enZ2OGpzZ0FzMFFVVk5Eelg2Z28tZkh0czV4VXotR2J5bllzVWwtb2xVTnlvS
04c0: U11N2pueHNZV3FPSnFCMVhOX0xmN0c1bFFXdWFJZ3c2dDZEUU5NWmczOGdXUlR6N
0500: UlaMVdGS0dIT2o3cFhuZTVDRnRDQnV6eG1HTERtdnRpcVRaZHlVTTBaejNlZGdSN
0540: nRiYU9JbkZ4akVBakhxaEU0Y3lDbGdKbGtaR1RNeldFai1Qdko2eHZHcVZobVZjV
0580: VY5TlI2YWJfcFJlX3FKQWNGaWlFOHZzM1JMa19wNm52QTlWSjRVVGp3R0huZW5uQ
05c0: mNaazRZdGdEb0Y2QUNxcm9qTWl4R1RLc0VLdHN3cXNmcUNySFlXVE9zS0xTVmhrR
0600: TdPdWdKZGlPUWxaeFI1R2lhQ1dYYURIUURZUmxFdGhoeFpGamduZ1U3aGoxUUlVU
0640: ng0RTZpUXJveTZNNDZHWXhXVW9jYVhzWGFaXzNFbjFUbk83c3NyMnoyTUF0aExPe
0680: UxlTnFza29hTngwWE90N3F3RjA4cFQtVmZvTlMzM0t5Q0V4NDR0N1BOd2R5V3l5N
06c0: kJmMVpUeDBEaG5TaVBGdE4wSmNycE5yVkt1bG5QV2NHWlJsTW8tMFF6M2RaTl9Fc
0700: HBaenE5R0t4eFdmTlJNTEVPa2VWLVYwdFRRU3NKM3MifX0", "payload": "eyJ
0740: yZXNvdXJjZSI6ICJuZXctcmVnIiwgImFncmVlbWVudCI6ICIifQ", "signature
0780: ": "E-f45tzHQw6uHOqWSECV_s0HA-VyvNnPmnZ1YNGwV_hRW0xq1R-WqxBGgDEm
07c0: zU_1OSOA_15-4o58inpOvVj0dvUpHshycRebrQYG1dsaSqOovyjVoFewKfHtz0ew
0800: E1PSYB34kd4v5w1fu9UoYC8QGmJl80Q47ym8D0TDCL1-sOvNZqQZE0DmV08oH_14
0840: dhwC_mHqaF2W6r3Frrchsk9MtyF9UYRiS0kApd5m_c8lRjXJ4TvSCuCaMJGRiYhq
0880: N6C-Gs2CvgvkYItXPW1OWiW55qvONoNY2ACCCap7EFy8wdtO_PnlnSOlb7-U6v5v
08c0: Kq_pW5fgI6t3u5nNs4HxapWjZ6hrS2aYXB97jWTSes3RZftZEpN9QjFzJpPlvRg_
0900: Y9haRxSeJQwy3VAUNJAxGh8r7KMJjihwXWTXheFjV2qLDN7UNAzTdUcPVVtXRDDD
0940: FZ9ndRjKambN11JFJrTzxQE8-CRk7ybDFGGm8EjjiReMgycuiqiP_skSwoolT8Vu
0980: aoDuW0F6RcJyB-u9S2k8Mj1ingCQO68M75kRkEuCHlKn0b5hcDOQBnsTjjS09AVp
09c0: bT_0ewWbBhtHkTRlZudjIh7fHn9rP4UZ1sgLjRsVW8joH0Su6gnWnJb8UtBdCeTJ
0a00: t9F2K1IOlXYWfayw4VklYskjkq6qhE5iW_aXb8rFL5qUC38"}
== Info: We are completely uploaded and fine
== Info: TLSv1.2 (IN), TLS alert, Client hello (1):
<= Recv SSL data, 2 bytes (0x2)
0000: ..
== Info: Empty reply from server
== Info: Connection #0 to host acme-staging.api.letsencrypt.org left intact
[Tue May 16 10:48:16 CEST 2017] _ret='52'
[Tue May 16 10:48:16 CEST 2017] original
[Tue May 16 10:48:16 CEST 2017] responseHeaders='HTTP/1.1 100 Continue
Expires: Tue, 16 May 2017 08:46:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
'
[Tue May 16 10:48:16 CEST 2017] response
[Tue May 16 10:48:16 CEST 2017] code='100'
[Tue May 16 10:48:16 CEST 2017] Register account Error:

Ideas

/root/.acme.sh/acme.sh --home '/tmp/acme/_registerkey/' --registeraccount --accountconf '/tmp/acme/_registerkey/accountconf.conf' --debug 2
[Tue May 16 10:52:35 CEST 2017] Lets find script dir.
[Tue May 16 10:52:35 CEST 2017] _SCRIPT_='/root/.acme.sh/acme.sh'
[Tue May 16 10:52:35 CEST 2017] _script='/root/.acme.sh/acme.sh'
[Tue May 16 10:52:35 CEST 2017] _script_home='/root/.acme.sh'
[Tue May 16 10:52:35 CEST 2017] Using config home:/tmp/acme/_registerkey/
[Tue May 16 10:52:35 CEST 2017] LE_WORKING_DIR='/tmp/acme/_registerkey/'
https://github.com/Neilpang/acme.sh
v2.6.9
[Tue May 16 10:52:35 CEST 2017] Using config home:/tmp/acme/_registerkey/
[Tue May 16 10:52:35 CEST 2017] Using config home:/tmp/acme/_registerkey/
[Tue May 16 10:52:35 CEST 2017] RSA key
[Tue May 16 10:52:44 CEST 2017] AGREEMENT
[Tue May 16 10:52:44 CEST 2017] Registering account
[Tue May 16 10:52:44 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Tue May 16 10:52:44 CEST 2017] payload='{"resource": "new-reg", "agreement": ""}'
[Tue May 16 10:52:44 CEST 2017] Use cached jwk for file: /tmp/acme/_registerkey//ca/acme-staging.api.letsencrypt.org/account.key
[Tue May 16 10:52:44 CEST 2017] Get nonce.
[Tue May 16 10:52:44 CEST 2017] GET
[Tue May 16 10:52:44 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Tue May 16 10:52:44 CEST 2017] timeout
[Tue May 16 10:52:44 CEST 2017] _CURL='curl -L --silent --dump-header /tmp/acme/_registerkey//http.header  --trace-ascii /tmp/tmp.P51mqONo '
[Tue May 16 10:52:44 CEST 2017] ret='0'
[Tue May 16 10:52:44 CEST 2017] _headers='HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Content-Length: 372
Boulder-Request-Id: -tGVrRdohUAIvBgcb3QzRbSvv9TyEE1G6FC5aEeonHM
Replay-Nonce: XGCLOyNBXvhzrVRczjLypZ2hcFSUko0ku-U8FxHdE1o
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Tue, 16 May 2017 08:52:44 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 16 May 2017 08:52:44 GMT
Connection: keep-alive
'
[Tue May 16 10:52:44 CEST 2017] _CACHED_NONCE='XGCLOyNBXvhzrVRczjLypZ2hcFSUko0ku-U8FxHdE1o'
[Tue May 16 10:52:44 CEST 2017] nonce='XGCLOyNBXvhzrVRczjLypZ2hcFSUko0ku-U8FxHdE1o'
[Tue May 16 10:52:45 CEST 2017] POST
[Tue May 16 10:52:45 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Tue May 16 10:52:45 CEST 2017] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "yR_5Vv1ObpmZtN7Su-d0oYStnu2a2Sv8b3StUKed8KazEZv6fp4Pd9sR3uz70iC6pd46IGtSVMn3C-FexGd0tQ7xlIS5nqW4al4cemRiu_zlpBxbYbNWyY3R51xfg4C-fN4uSjnamB99_p3DrXfQuaKkXW1Ytfcz2DGiVvVip_gs-8zvv8jsgAs0QUVNDzX6go-fHts5xUz-GbynYsUl-olUNyoIMu7jnxsYWqOJqB1XN_Lf7G5lQWuaIgw6t6DQNMZg38gWRTz5IZ1WFKGHOj7pXne5CFtCBuzxmGLDmvtiqTZdyUM0Zz3edgR6tbaOInFxjEAjHqhE4cyClgJlkZGTMzWEj-PvJ6xvGqVhmVcUV9NR6ab_pRe_qJAcFiiE8vs3RLk_p6nvA9VJ4UTjwGHnennBcZk4YtgDoF6ACqrojMixGTKsEKtswqsfqCrHYWTOsKLSVhkE7OugJdiOQlZxR5GiaCWXaDHQDYRlEthhxZFjgngU7hj1QIURx4E6iQroy6M46GYxWUocaXsXaZ_3En1TnO7ssr2z2MAthLOyLeNqskoaNx0XOt7qwF08pT-VfoNS33KyCEx44t7PNwdyWyy6Bf1ZTx0DhnSiPFtN0JcrpNrVKulnPWcGZRlMo-0Qz3dZN_EppZzq9GKxxWfNRMLEOkeV-V0tTQSsJ3s"}}, "protected": "eyJub25jZSI6ICJYR0NMT3lOQlh2aHpyVlJjempMeXBaMmhjRlNVa28wa3UtVThGeEhkRTFvIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAieVJfNVZ2MU9icG1adE43U3UtZDBvWVN0bnUyYTJTdjhiM1N0VUtlZDhLYXpFWnY2ZnA0UGQ5c1IzdXo3MGlDNnBkNDZJR3RTVk1uM0MtRmV4R2QwdFE3eGxJUzVucVc0YWw0Y2VtUml1X3pscEJ4YlliTld5WTNSNTF4Zmc0Qy1mTjR1U2puYW1COTlfcDNEclhmUXVhS2tYVzFZdGZjejJER2lWdlZpcF9ncy04enZ2OGpzZ0FzMFFVVk5Eelg2Z28tZkh0czV4VXotR2J5bllzVWwtb2xVTnlvSU11N2pueHNZV3FPSnFCMVhOX0xmN0c1bFFXdWFJZ3c2dDZEUU5NWmczOGdXUlR6NUlaMVdGS0dIT2o3cFhuZTVDRnRDQnV6eG1HTERtdnRpcVRaZHlVTTBaejNlZGdSNnRiYU9JbkZ4akVBakhxaEU0Y3lDbGdKbGtaR1RNeldFai1Qdko2eHZHcVZobVZjVVY5TlI2YWJfcFJlX3FKQWNGaWlFOHZzM1JMa19wNm52QTlWSjRVVGp3R0huZW5uQmNaazRZdGdEb0Y2QUNxcm9qTWl4R1RLc0VLdHN3cXNmcUNySFlXVE9zS0xTVmhrRTdPdWdKZGlPUWxaeFI1R2lhQ1dYYURIUURZUmxFdGhoeFpGamduZ1U3aGoxUUlVUng0RTZpUXJveTZNNDZHWXhXVW9jYVhzWGFaXzNFbjFUbk83c3NyMnoyTUF0aExPeUxlTnFza29hTngwWE90N3F3RjA4cFQtVmZvTlMzM0t5Q0V4NDR0N1BOd2R5V3l5NkJmMVpUeDBEaG5TaVBGdE4wSmNycE5yVkt1bG5QV2NHWlJsTW8tMFF6M2RaTl9FcHBaenE5R0t4eFdmTlJNTEVPa2VWLVYwdFRRU3NKM3MifX0", "payload": "eyJyZXNvdXJjZSI6ICJuZXctcmVnIiwgImFncmVlbWVudCI6ICIifQ", "signature": "M-H9vOR5cTxp6teZ_l_1ba5Hh6Hwp94YnvE5xyJ3SA91r9fO8961LgS67MPbsedplw6BmmV_cd5-7g00f5vQbL0JAjnRgIGUuZuFMTEoHnUk1EQmQ8-6HqdkynmQErcME0YIAj1MNMMUyb3z3_Ps2GoCyMHycz2NhK6pnrZb1wHe21-JTHQGK_nlWrVMExj7xxPL4LlqPrJ6fZAJwq44-kQIvaJgnkSCEt24gigrztTGEsBCYamTHxjDVIhtCjVpvLdJuW1G0mPe6RN4l1ihbmVNJPcF-wlevRef5lMYqd4mqW9OnPdrUVCZSLAeh3-amkQ-DFzQawnCLHuZ60NBimiu1JEP7bJqbwaPNNNZdmPGk3qPl00ci8qDZA1Yz8Jupf2_JyUoTAuVMvQj-NMsY6gYEixitTSzJmk0J2Q_R9xi0HDiYGGuw5sjwuYofJqzQayefmV09zmfq6DmklUdt0Ikj2d69ZpmsuIppvzaDWjVvgj38EV3_AsAJzcmCKdqqzvVElZ-aEYxgicyQ0r06joA1HzJ2bBYtamUNTr2SEM17kfV_4RdTk6t0KtBg0XnowgVusRgwGP03MwtAhKeMrVcy1Y5Svfue_QD1_wtsS5EkxgGZMkgCbBiBoW9C9TQS4u5vM8xT9NicLqfKKkLvzE7TU5KR12ltqzRThJioLs"}'
[Tue May 16 10:52:45 CEST 2017] _CURL='curl -L --silent --dump-header /tmp/acme/_registerkey//http.header  --trace-ascii /tmp/tmp.sGhx7PNS '
[Tue May 16 10:53:05 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 52
[Tue May 16 10:53:05 CEST 2017] Here is the curl dump log:
[Tue May 16 10:53:05 CEST 2017] == Info:   Trying 2a02:26f0:11c:195::3d5...
== Info: TCP_NODELAY set
== Info: Connected to acme-staging.api.letsencrypt.org (2a02:26f0:11c:195::3d5) port 443 (#0)
== Info: Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
== Info: successfully set certificate verify locations:
== Info:   CAfile: /usr/local/share/certs/ca-root-nss.crt
  CApath: none
== Info: TLSv1.2 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: .......i.d...8..l...;@.%M.....[3.Xo.'...x.0.,.(.$.........k.j.9.
0040: 8.....2...*.&.......=.5.../.+.'.#.........g.@.3.2.....E.D.1.-.).
0080: %.......<./...A.....................[...%.#.. acme-staging.api.l
00c0: etsencrypt.org...........4.2....................................
0100: ................. .....................................3t.......
0140: ................................................................
0180: ................................................................
01c0: ................................................................
== Info: TLSv1.2 (IN), TLS handshake, Server hello (2):
<= Recv SSL data, 111 bytes (0x6f)
0000: ...k...Z.N......Q.s..-...3)Z.*fP:.... .........I...D S/.w......
0040: .A.vj...0..#.............3t...http/1.1.http/1.0
== Info: NPN, negotiated HTTP1.1
== Info: TLSv1.2 (IN), TLS handshake, Certificate (11):
<= Recv SSL data, 5273 bytes (0x1499)
0000: ..........0...0................N0..dB..x0...*.H........0Z1.0...
0040: U....US1.0...U....IdenTrust1.0...U....TrustID Server1.0...U....T
0080: rustID Server CA A520...150626170545Z..180625170545Z0..1.0...U..
00c0: ..*.api.letsencrypt.org1)0'..U... INTERNET SECURITY RESEARCH GRO
0100: UP1.0...U....Mountain View1.0...U....California1.0...U....US0.."
0140: 0...*.H.............0.........B...n96k....`1...+..|....:..f6....
0180: .M...].q.......n....Wr....ohxhA.%...&...(2........J9e..W.4..o...
01c0: ...F ...c0....)...,.6,.5F.O.....o...'K.!b8bm....Q<{V..3.....H.Z.
0200: ....!..X..?..v.........7.....R.'ylE..%....E.T...............E..[
0240: ...[-...........;O..9..N..............0...0...U...........0..'..
0280: U. ....0...0.....`.H.../...0..0@..+........4https://secure.ident
02c0: rust.com/certificates/policy/ts/0....+.......0.....This TrustID 
0300: Server Certificate has been issued in accordance with IdenTrust'
0340: s TrustID Certificate Policy found at https://secure.identrust.c
0380: om/certificates/policy/ts/0.....g.....0..0@..+........4https://s
03c0: ecure.identrust.com/certificates/policy/ts/0....+.......0.....Th
0400: is TrustID Server Certificate has been issued in accordance with
0440:  IdenTrust's TrustID Certificate Policy found at https://secure.
0480: identrust.com/certificates/policy/ts/0...U....../...qz.....e....
04c0: ....0E..U...>0<0:.8.6.4http://validation.identrust.com/crl/trust
0500: idcaa52.crl0....+........x0v00..+.....0..$http://commercial.ocsp
0540: .identrust.com0B..+.....0..6http://validation.identrust.com/cert
0580: s/trustidcaa52.p7c0...U.%..0...+.........+.......0...U.#..0....V
05c0: $<......x...XH..T.05..U....0,..*.api.letsencrypt.org..api.letsen
0600: crypt.org0...*.H..................a.6E.....x..+p....{..=.;`.b.c/
0640: .B..3l..| F..L7j.2O....z.f.6]n.N...........=....>...'....l.Vd.e 
0680: ...#....E1.j.AJ.j;2#..o.Dm1..a.b..O2.4......:..t)..I.(.)R...q.qr
06c0: o...i...e.P..i...TR....0..b.Qw...Hp..C.j.........]../.?A.Cg...
0700: .E...jXZ.C(.e.....v.........6...0...0..............@.U..&...,.w0
0740: ...*.H........0J1.0...U....US1.0...U....IdenTrust1'0%..U....Iden
0780: Trust Commercial Root CA 10...140320180538Z..220320180538Z0Z1.0.
07c0: ..U....US1.0...U....IdenTrust1.0...U....TrustID Server1.0...U...
0800: .TrustID Server CA A520.."0...*.H.............0.........i.....?.
0840: &Bv..s?.2D&.x.xW...]v+I..Z]Z......L6z+........|.r...........W..G
0880: ......-.2....(xh.~.B.1z.."S3...l...ck.2......`|..1....?..2.~....
08c0: ...........B.. +.....pc..u(.......%..7...<@.....G....%`.5..Q..
0900: ..[....@L.wq..E.~..i.Bf.F.:.F=...o...3a....<.^...".i.K#.........
0940: 0...0....+........}0{00..+.....0..$http://commercial.ocsp.identr
0980: ust.com0G..+.....0..;http://validation.identrust.com/roots/comme
09c0: rcialrootca1.p7c0...U.#..0....D........{.B.&T..6v0...U.......0..
0a00: ..0..1..U. ...(0..$0.. ..U. .0...0P..+.......0D0B.>https://secur
0a40: e.identrust.com/certificates/policy/ts/index.html0.0....+.......
0a80: 0.....This TrustID Server Certificate has been issued in accorda
0ac0: nce with IdenTrust's TrustID Certificate Policy found at https:/
0b00: /secure.identrust.com/certificates/policy/ts/index.html0J..U...C
0b40: 0A0?.=.;.9http://validation.identrust.com/crl/commercialrootca1.
0b80: crl0;..U.%.402..+.........+.........+.........+.........+.......
0bc0: 0...U...........0...U.......V$<......x...XH..T.0...*.H..........
0c00: ......r,..;#..J}e.}...Un..n..kkC..q..rL...../.......E!......i..@
0c40: ........}..%.H....2...i.M....,...Z.H.Y...cb..O...w.$...uQ.Uq..
0c80: ..........YY....D......H...5..g,I.Jbf..U......H..$v.p..?5......
0cc0: ...N..R.om.!:...I9%~GV.Y.d.*......t.i.hY?....f"..J......{t7C....
0d00: ....._a..i.=..k_...=........_...U..E..k%.:T..]..M.,)._/........z
0d40: .j.g........Eu....d+.H..=S...&A.G..{..W|...p......B.RK..Y...K...
0d80: ......irer<.YV?....)..a..S!..[...6...=.&.Nt."O/.....9h....q7x..g
0dc0: ..."S.7..i/u...#..-..-..s.....[.9..../e2.S....5L...!4...y.+..K.!
0e00: .Z9...0...0..w.........AB...H.o.!....0...*.H........0?1$0"..U...
0e40: .Digital Signature Trust Co.1.0...U....DST Root CA X30...1409251
0e80: 62803Z..210929162803Z0J1.0...U....US1.0...U....IdenTrust1'0%..U.
0ec0: ...IdenTrust Commercial Root CA 10.."0...*.H.............0......
0f00: ...P..?.=.3F.oQa...O.g.]..S..(......Cr...]|..B.1Pt...|..!.C...^.
0f40: n....Z2............q..S.N......O20.K.^W.S......b+.$.b....)KIx<.
0f80: `."...6....,T.g5ns..X......&z..6........?@.mZ...4.$.t#.]3..]..%.
0fc0: 0..]...G......II..[....$..bOO....t...r.jz.I..Fy.......Y.u!.e..V.
1000: ...`....R......+#.#v;.3....i.K..N.~.9...Dp~..Z.......5.II..V.=..
1040: .}.;...M..O.7....j.b..5.Qy,.%8..K......9.Jt|.Y..?N.R.=.R......
1080: I4.(.A.:......._......P`.1.s.....3.t.  .gl...zU.FN....>.....3d+
10c0: c.2^...{.xo........xz....rt.Utx...np..O..h.{.1.s==.*..A...M.eky3
1100: ..........z0..v0...U...........0...U.......0.......0..;..U. ...2
1140: 0...0.. ..`.H.../...0...0J..+........>https://secure.identrust.c
1180: om/certificates/policy/ts/index.html0....+.......0.....This Trus
11c0: tID Server Certificate has been issued in accordance with IdenTr
1200: ust's TrustID Certificate Policy found at https://secure.identru
1240: st.com/certificates/policy/ts/index.html0...g.....0...U.......D.
1280: .......{.B.&T..6v0<..U...50301./.-.+http://crl.identrust.com/DST
12c0: ROOTCAX3CRL.crl0t..+........h0f0'..+.....0...http://x3ocsp.ident
1300: rust.com0;..+.....0../http://apps.identrust.com/roots/dstrootcax
1340: 3.p7c0...U.%..0...+.........+.......0...U.#..0.......{,q...K.u..
1380: .`...0...*.H..............?G>.....'LU....K-.1...%J.3tP.b..DM....
13c0: ..p........40...1.......!.....VZ.....*..=.07.S.N..:a......d...NO
1400: ...*.k...f...v....NZ...M....I4H..3L.$..4.......N.S...?.'b$!.....
1440: ..i....;..Q......^$>.O}.y...N.;.@.xu.........9..EX....8.......
1480: ...e......NH..Z.q...8....
== Info: TLSv1.2 (IN), TLS handshake, Server key exchange (12):
<= Recv SSL data, 333 bytes (0x14d)
0000: ...I...A.<x.YrQ.+.?.|.h,.A......YilFt@PzY.....X.>.e.*..6q.D>..n
0040: M.YLO.........aV.Q...[....=).3~.=.DJD..FK..Wp"(..T.O:..o.e..
0080: ...g.&...k#....?.........5.Y.._9...i.>...Nh+.`9.......N3.D~..M..
00c0: .#..P85u..W#P !.X...iw..H...uS..."I.;.a[.s..a...j...D./..q..!..M
0100: ....+.#.y.3.x....$.0t...r......0..n.MZ,P...H;.....O..*.{^...;@
0140: g..N..j..2..T
== Info: TLSv1.2 (IN), TLS handshake, Server finished (14):
<= Recv SSL data, 4 bytes (0x4)
0000: ....
== Info: TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
=> Send SSL data, 70 bytes (0x46)
0000: ...BA.|..2.26.#>...B...:.3J..0.F.e..B`!8.....o.}`}(>.h.g...UIK
0040: .c.V./
== Info: TLSv1.2 (OUT), TLS change cipher, Client hello (1):
=> Send SSL data, 1 bytes (0x1)
0000: .
== Info: TLSv1.2 (OUT), TLS handshake, Unknown (67):
=> Send SSL data, 36 bytes (0x24)
0000: C.. .http/1.1.......................
== Info: TLSv1.2 (OUT), TLS handshake, Finished (20):
=> Send SSL data, 16 bytes (0x10)
0000: ......_..y..L...
== Info: TLSv1.2 (IN), TLS change cipher, Client hello (1):
<= Recv SSL data, 1 bytes (0x1)
0000: .
== Info: TLSv1.2 (IN), TLS handshake, Finished (20):
<= Recv SSL data, 16 bytes (0x10)
0000: ........G.K.....
== Info: SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
== Info: Server certificate:
== Info:  subject: CN=*.api.letsencrypt.org; O=INTERNET SECURITY RESEARCH GROUP; L=Mountain View; ST=California; C=US
== Info:  start date: Jun 26 17:05:45 2015 GMT
== Info:  expire date: Jun 25 17:05:45 2018 GMT
== Info:  subjectAltName: host "acme-staging.api.letsencrypt.org" matched cert's "*.api.letsencrypt.org"
== Info:  issuer: C=US; O=IdenTrust; OU=TrustID Server; CN=TrustID Server CA A52
== Info:  SSL certificate verify ok.
=> Send header, 220 bytes (0xdc)
0000: POST /acme/new-reg HTTP/1.1
001d: Host: acme-staging.api.letsencrypt.org
0045: User-Agent: acme.sh/2.6.9 (https://github.com/Neilpang/acme.sh)
0086: Accept: */*
0093: Content-Length: 2609
00a9: Content-Type: application/x-www-form-urlencoded
00da: 
=> Send data, 2609 bytes (0xa31)
0000: {"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "
0040: n": "yR_5Vv1ObpmZtN7Su-d0oYStnu2a2Sv8b3StUKed8KazEZv6fp4Pd9sR3uz
0080: 70iC6pd46IGtSVMn3C-FexGd0tQ7xlIS5nqW4al4cemRiu_zlpBxbYbNWyY3R51x
00c0: fg4C-fN4uSjnamB99_p3DrXfQuaKkXW1Ytfcz2DGiVvVip_gs-8zvv8jsgAs0QUV
0100: NDzX6go-fHts5xUz-GbynYsUl-olUNyoIMu7jnxsYWqOJqB1XN_Lf7G5lQWuaIgw
0140: 6t6DQNMZg38gWRTz5IZ1WFKGHOj7pXne5CFtCBuzxmGLDmvtiqTZdyUM0Zz3edgR
0180: 6tbaOInFxjEAjHqhE4cyClgJlkZGTMzWEj-PvJ6xvGqVhmVcUV9NR6ab_pRe_qJA
01c0: cFiiE8vs3RLk_p6nvA9VJ4UTjwGHnennBcZk4YtgDoF6ACqrojMixGTKsEKtswqs
0200: fqCrHYWTOsKLSVhkE7OugJdiOQlZxR5GiaCWXaDHQDYRlEthhxZFjgngU7hj1QIU
0240: Rx4E6iQroy6M46GYxWUocaXsXaZ_3En1TnO7ssr2z2MAthLOyLeNqskoaNx0XOt7
0280: qwF08pT-VfoNS33KyCEx44t7PNwdyWyy6Bf1ZTx0DhnSiPFtN0JcrpNrVKulnPWc
02c0: GZRlMo-0Qz3dZN_EppZzq9GKxxWfNRMLEOkeV-V0tTQSsJ3s"}}, "protected"
0300: : "eyJub25jZSI6ICJYR0NMT3lOQlh2aHpyVlJjempMeXBaMmhjRlNVa28wa3UtV
0340: ThGeEhkRTFvIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsI
0380: CJrdHkiOiAiUlNBIiwgIm4iOiAieVJfNVZ2MU9icG1adE43U3UtZDBvWVN0bnUyY
03c0: TJTdjhiM1N0VUtlZDhLYXpFWnY2ZnA0UGQ5c1IzdXo3MGlDNnBkNDZJR3RTVk1uM
0400: 0MtRmV4R2QwdFE3eGxJUzVucVc0YWw0Y2VtUml1X3pscEJ4YlliTld5WTNSNTF4Z
0440: mc0Qy1mTjR1U2puYW1COTlfcDNEclhmUXVhS2tYVzFZdGZjejJER2lWdlZpcF9nc
0480: y04enZ2OGpzZ0FzMFFVVk5Eelg2Z28tZkh0czV4VXotR2J5bllzVWwtb2xVTnlvS
04c0: U11N2pueHNZV3FPSnFCMVhOX0xmN0c1bFFXdWFJZ3c2dDZEUU5NWmczOGdXUlR6N
0500: UlaMVdGS0dIT2o3cFhuZTVDRnRDQnV6eG1HTERtdnRpcVRaZHlVTTBaejNlZGdSN
0540: nRiYU9JbkZ4akVBakhxaEU0Y3lDbGdKbGtaR1RNeldFai1Qdko2eHZHcVZobVZjV
0580: VY5TlI2YWJfcFJlX3FKQWNGaWlFOHZzM1JMa19wNm52QTlWSjRVVGp3R0huZW5uQ
05c0: mNaazRZdGdEb0Y2QUNxcm9qTWl4R1RLc0VLdHN3cXNmcUNySFlXVE9zS0xTVmhrR
0600: TdPdWdKZGlPUWxaeFI1R2lhQ1dYYURIUURZUmxFdGhoeFpGamduZ1U3aGoxUUlVU
0640: ng0RTZpUXJveTZNNDZHWXhXVW9jYVhzWGFaXzNFbjFUbk83c3NyMnoyTUF0aExPe
0680: UxlTnFza29hTngwWE90N3F3RjA4cFQtVmZvTlMzM0t5Q0V4NDR0N1BOd2R5V3l5N
06c0: kJmMVpUeDBEaG5TaVBGdE4wSmNycE5yVkt1bG5QV2NHWlJsTW8tMFF6M2RaTl9Fc
0700: HBaenE5R0t4eFdmTlJNTEVPa2VWLVYwdFRRU3NKM3MifX0", "payload": "eyJ
0740: yZXNvdXJjZSI6ICJuZXctcmVnIiwgImFncmVlbWVudCI6ICIifQ", "signature
0780: ": "M-H9vOR5cTxp6teZ_l_1ba5Hh6Hwp94YnvE5xyJ3SA91r9fO8961LgS67MPb
07c0: sedplw6BmmV_cd5-7g00f5vQbL0JAjnRgIGUuZuFMTEoHnUk1EQmQ8-6HqdkynmQ
0800: ErcME0YIAj1MNMMUyb3z3_Ps2GoCyMHycz2NhK6pnrZb1wHe21-JTHQGK_nlWrVM
0840: Exj7xxPL4LlqPrJ6fZAJwq44-kQIvaJgnkSCEt24gigrztTGEsBCYamTHxjDVIht
0880: CjVpvLdJuW1G0mPe6RN4l1ihbmVNJPcF-wlevRef5lMYqd4mqW9OnPdrUVCZSLAe
08c0: h3-amkQ-DFzQawnCLHuZ60NBimiu1JEP7bJqbwaPNNNZdmPGk3qPl00ci8qDZA1Y
0900: z8Jupf2_JyUoTAuVMvQj-NMsY6gYEixitTSzJmk0J2Q_R9xi0HDiYGGuw5sjwuYo
0940: fJqzQayefmV09zmfq6DmklUdt0Ikj2d69ZpmsuIppvzaDWjVvgj38EV3_AsAJzcm
0980: CKdqqzvVElZ-aEYxgicyQ0r06joA1HzJ2bBYtamUNTr2SEM17kfV_4RdTk6t0KtB
09c0: g0XnowgVusRgwGP03MwtAhKeMrVcy1Y5Svfue_QD1_wtsS5EkxgGZMkgCbBiBoW9
0a00: C9TQS4u5vM8xT9NicLqfKKkLvzE7TU5KR12ltqzRThJioLs"}
== Info: upload completely sent off: 2609 out of 2609 bytes
== Info: TLSv1.2 (IN), TLS alert, Client hello (1):
<= Recv SSL data, 2 bytes (0x2)
0000: ..
== Info: Empty reply from server
== Info: Connection #0 to host acme-staging.api.letsencrypt.org left intact
[Tue May 16 10:53:05 CEST 2017] _ret='52'
[Tue May 16 10:53:05 CEST 2017] original
[Tue May 16 10:53:05 CEST 2017] responseHeaders
[Tue May 16 10:53:05 CEST 2017] response
[Tue May 16 10:53:05 CEST 2017] code
[Tue May 16 10:53:05 CEST 2017] Registered
[Tue May 16 10:53:05 CEST 2017] _accUri
[Tue May 16 10:53:05 CEST 2017] _tos
[Tue May 16 10:53:05 CEST 2017] Use default tos: https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf
[Tue May 16 10:53:05 CEST 2017] AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf'
[Tue May 16 10:53:05 CEST 2017] Update tos: https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf
[Tue May 16 10:53:05 CEST 2017] url
[Tue May 16 10:53:05 CEST 2017] payload='{"resource": "reg", "agreement": "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"}'
[Tue May 16 10:53:05 CEST 2017] Use cached jwk for file: /tmp/acme/_registerkey//ca/acme-staging.api.letsencrypt.org/account.key
[Tue May 16 10:53:05 CEST 2017] Get nonce.
[Tue May 16 10:53:05 CEST 2017] GET
[Tue May 16 10:53:05 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Tue May 16 10:53:05 CEST 2017] timeout
[Tue May 16 10:53:05 CEST 2017] _CURL='curl -L --silent --dump-header /tmp/acme/_registerkey//http.header  --trace-ascii /tmp/tmp.zdMHfQ7Z '
[Tue May 16 10:53:06 CEST 2017] ret='0'
[Tue May 16 10:53:06 CEST 2017] _headers='HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Content-Length: 372
Boulder-Request-Id: BswhZvcLni1wlB-nJv-JqoG9e7t18i1TFrTyD61HX0k
Replay-Nonce: COQvBzU5nxYk2BrdCSzPmy1kDYzf-1iOIKNYPZxDZCg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Tue, 16 May 2017 08:53:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 16 May 2017 08:53:06 GMT
Connection: keep-alive
'
[Tue May 16 10:53:06 CEST 2017] _CACHED_NONCE='COQvBzU5nxYk2BrdCSzPmy1kDYzf-1iOIKNYPZxDZCg'
[Tue May 16 10:53:06 CEST 2017] nonce='COQvBzU5nxYk2BrdCSzPmy1kDYzf-1iOIKNYPZxDZCg'
[Tue May 16 10:53:06 CEST 2017] POST
[Tue May 16 10:53:06 CEST 2017] url
[Tue May 16 10:53:06 CEST 2017] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "yR_5Vv1ObpmZtN7Su-d0oYStnu2a2Sv8b3StUKed8KazEZv6fp4Pd9sR3uz70iC6pd46IGtSVMn3C-FexGd0tQ7xlIS5nqW4al4cemRiu_zlpBxbYbNWyY3R51xfg4C-fN4uSjnamB99_p3DrXfQuaKkXW1Ytfcz2DGiVvVip_gs-8zvv8jsgAs0QUVNDzX6go-fHts5xUz-GbynYsUl-olUNyoIMu7jnxsYWqOJqB1XN_Lf7G5lQWuaIgw6t6DQNMZg38gWRTz5IZ1WFKGHOj7pXne5CFtCBuzxmGLDmvtiqTZdyUM0Zz3edgR6tbaOInFxjEAjHqhE4cyClgJlkZGTMzWEj-PvJ6xvGqVhmVcUV9NR6ab_pRe_qJAcFiiE8vs3RLk_p6nvA9VJ4UTjwGHnennBcZk4YtgDoF6ACqrojMixGTKsEKtswqsfqCrHYWTOsKLSVhkE7OugJdiOQlZxR5GiaCWXaDHQDYRlEthhxZFjgngU7hj1QIURx4E6iQroy6M46GYxWUocaXsXaZ_3En1TnO7ssr2z2MAthLOyLeNqskoaNx0XOt7qwF08pT-VfoNS33KyCEx44t7PNwdyWyy6Bf1ZTx0DhnSiPFtN0JcrpNrVKulnPWcGZRlMo-0Qz3dZN_EppZzq9GKxxWfNRMLEOkeV-V0tTQSsJ3s"}}, "protected": "eyJub25jZSI6ICJDT1F2QnpVNW54WWsyQnJkQ1N6UG15MWtEWXpmLTFpT0lLTllQWnhEWkNnIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAieVJfNVZ2MU9icG1adE43U3UtZDBvWVN0bnUyYTJTdjhiM1N0VUtlZDhLYXpFWnY2ZnA0UGQ5c1IzdXo3MGlDNnBkNDZJR3RTVk1uM0MtRmV4R2QwdFE3eGxJUzVucVc0YWw0Y2VtUml1X3pscEJ4YlliTld5WTNSNTF4Zmc0Qy1mTjR1U2puYW1COTlfcDNEclhmUXVhS2tYVzFZdGZjejJER2lWdlZpcF9ncy04enZ2OGpzZ0FzMFFVVk5Eelg2Z28tZkh0czV4VXotR2J5bllzVWwtb2xVTnlvSU11N2pueHNZV3FPSnFCMVhOX0xmN0c1bFFXdWFJZ3c2dDZEUU5NWmczOGdXUlR6NUlaMVdGS0dIT2o3cFhuZTVDRnRDQnV6eG1HTERtdnRpcVRaZHlVTTBaejNlZGdSNnRiYU9JbkZ4akVBakhxaEU0Y3lDbGdKbGtaR1RNeldFai1Qdko2eHZHcVZobVZjVVY5TlI2YWJfcFJlX3FKQWNGaWlFOHZzM1JMa19wNm52QTlWSjRVVGp3R0huZW5uQmNaazRZdGdEb0Y2QUNxcm9qTWl4R1RLc0VLdHN3cXNmcUNySFlXVE9zS0xTVmhrRTdPdWdKZGlPUWxaeFI1R2lhQ1dYYURIUURZUmxFdGhoeFpGamduZ1U3aGoxUUlVUng0RTZpUXJveTZNNDZHWXhXVW9jYVhzWGFaXzNFbjFUbk83c3NyMnoyTUF0aExPeUxlTnFza29hTngwWE90N3F3RjA4cFQtVmZvTlMzM0t5Q0V4NDR0N1BOd2R5V3l5NkJmMVpUeDBEaG5TaVBGdE4wSmNycE5yVkt1bG5QV2NHWlJsTW8tMFF6M2RaTl9FcHBaenE5R0t4eFdmTlJNTEVPa2VWLVYwdFRRU3NKM3MifX0", "payload": "eyJyZXNvdXJjZSI6ICJyZWciLCAiYWdyZWVtZW50IjogImh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL2RvY3VtZW50cy9MRS1TQS12MS4xLjEtQXVndXN0LTEtMjAxNi5wZGYifQ", "signature": "Pxw6K1sNcm-8soC7pdOTf9TLD1TtHgT-c7bK2__rCqXiKqgYLJDIiIPQ8z6P3CHe_X2kQgHtjnvT4zYDay9GOLG2r5LEw2iuPuDRlsUsLWafFUsQOoI3JuqpUb5nUXtdOQLSnsmBaSEDroNzpJDq2pS-yepe8NsdYWwS_ulEVKFfr5R-nZ6XOzZhKGNYcZr1HvDoUkRhdV5d4Zx7SlvJxDaKmlBXJ-CMSgMLIvO9BKp950nqaT1y4N41LclOPihVWlmbChzI9bYnCEiLzw4TcbPw-0T3LFAs4FBHNZqdAI8hx3hYillVsNI3KlMLtjDSUGPaevdg7DqpeHV1Y0Dxq2lyMPviAlrc6Rz0tdfNFLh2bT7nKsgeL9PoQAjbUomUvdzNCKXZCXOdm_vjnuTmJyqTUAkyYIywm5yNk2-0B-6O9NFk94BAmCR4GLd_Cf-9IYUDdToAgGtU0ky1SKh_qXgM4t17-HjIY17mRkH0WMigbKI8b7vfHmwUIHIVXLTAVO4vMpc7F2J_UYiQLEnxoKAfZIJ71rF97A5ISNk7Bs2cacTkLE3UdYqZvhVLBxvy4U_NGxfcPxNCCZ8wiV2tTlnGyMcPipeiF-gwKI1iGhfSfAvMrCac7SCX2FewOw-UPJH-B2n_tEUrBYwDVHQEDp8x6NL81Q6U4XWawyimGBU"}'
[Tue May 16 10:53:06 CEST 2017] _CURL='curl -L --silent --dump-header /tmp/acme/_registerkey//http.header  --trace-ascii /tmp/tmp.Tpto5qfD '
[Tue May 16 10:53:06 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 3
[Tue May 16 10:53:06 CEST 2017] Here is the curl dump log:
[Tue May 16 10:53:06 CEST 2017] == Info: <url> malformed
== Info: Closing connection -1
[Tue May 16 10:53:06 CEST 2017] _ret='3'
[Tue May 16 10:53:06 CEST 2017] original
[Tue May 16 10:53:06 CEST 2017] responseHeaders
[Tue May 16 10:53:06 CEST 2017] response
[Tue May 16 10:53:06 CEST 2017] code
[Tue May 16 10:53:06 CEST 2017] Update account error.

At your disposal for any help!

Neilpang commented 7 years ago

it seems you are connecting to letsencrypt CA on ipv6 network.

== Info: Connection #0 to host acme-staging.api.letsencrypt.org left intact
[Tue May 16 10:53:05 CEST 2017] _ret='52'

curl returns error code 52 : Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 52

Can you please try: 

curl -vv https://acme-staging.api.letsencrypt.org
OdyX commented 7 years ago

Here's what it gives:

curl -vv https://acme-staging.api.letsencrypt.org
* Rebuilt URL to: https://acme-staging.api.letsencrypt.org/
*   Trying 2a02:26f0:3000:197::3d5...
* TCP_NODELAY set
* Connected to acme-staging.api.letsencrypt.org (2a02:26f0:3000:197::3d5) port 443 (#0)
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /usr/local/share/certs/ca-root-nss.crt
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* NPN, negotiated HTTP1.1
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Unknown (67):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
*  subject: CN=*.api.letsencrypt.org; O=INTERNET SECURITY RESEARCH GROUP; L=Mountain View; ST=California; C=US
*  start date: Jun 26 17:05:45 2015 GMT
*  expire date: Jun 25 17:05:45 2018 GMT
*  subjectAltName: host "acme-staging.api.letsencrypt.org" matched cert's "*.api.letsencrypt.org"
*  issuer: C=US; O=IdenTrust; OU=TrustID Server; CN=TrustID Server CA A52
*  SSL certificate verify ok.
> GET / HTTP/1.1
> Host: acme-staging.api.letsencrypt.org
> User-Agent: curl/7.54.0
> Accept: */*
> 
< HTTP/1.1 200 OK
< Server: nginx
< Content-Type: text/html
< Content-Length: 2183
< Last-Modified: Thu, 10 Sep 2015 21:07:14 GMT
< ETag: "55f1f102-887"
< X-Frame-Options: DENY
< Strict-Transport-Security: max-age=604800
< Accept-Ranges: bytes
< Expires: Wed, 17 May 2017 05:39:32 GMT
< Cache-Control: max-age=0, no-cache, no-store
< Pragma: no-cache
< Date: Wed, 17 May 2017 05:39:32 GMT
< Connection: keep-alive
< 
<!DOCTYPE html>

<html lang="en">
<head>
  <meta charset="utf-8">
  <meta http-equiv="X-UA-Compatible" content="IE=edge">
  <meta name="viewport" content=
  "width=device-width, initial-scale=1">

  <title>Boulder: The Let's Encrypt CA</title>
  <link href=
  "//maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css"
  rel="stylesheet" type="text/css">
  <link href=
  "//maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css"
  rel="stylesheet" type="text/css">
</head>

<body>
  <div class="container-fluid">
    <div class="row">
      <div class="col-xs-6 text-right">
        <p style="font-size: 90px;">
        <i class="fa fa-barcode"></i></p>
      </div>

      <div class="col-xs-6 text-left">
        <h1>Boulder<br>
        <small>The Let's Encrypt CA</small></h1>
      </div>
    </div>

    <div class="row">
      <div class="col-xs-8 col-xs-offset-2 text-center">
        <h3>This is an <a href="https://github.com/letsencrypt/acme-spec/">ACME</a> Certificate Authority running <a href="https://github.com/letsencrypt/boulder">Boulder</a>.</h3>
        <p>This is a <em>programmatic</em> endpoint, an API for a computer to talk to. You should probably be using a specialized client to utilize the service, and not your web browser. See <a href="https://letsencrypt.org/"><tt>https://letsencrypt.org/</tt></a> for help.</p>
        <p>If you're trying to use this service, note that the starting point, <em>the directory</em>, is available at this URL: <a href="https://acme-staging.api.letsencrypt.org/directory"><tt>https://acme-staging.api.letsencrypt.org/directory</a></tt>.</p>
      </div>
    </div>
    <div class="row">
      <div class="col-xs-4 col-xs-offset-2 text-center">
        <p><a href="https://letsencrypt.status.io" title="Twitter">
          <i class="fa fa-area-chart"></i>
          Service Status (letsencrypt.status.io)
        </a></p>
      </div>
      <div class="col-xs-4 text-center">
        <p><a href="https://twitter.com/letsencrypt" title="Twitter">
          <i class="fa fa-twitter"></i>
          Check with us on Twitter
        </a></p>
      </div>
    </div> <!-- row -->
  </div>

</body>
</html>
* Connection #0 to host acme-staging.api.letsencrypt.org left intact

Indeed. Adding -4 in the _ACME_CURL definition makes the script work fine !

acme.sh should really cope with IPv6 networks though. I stay at your disposal for any debugging if you need!

Neilpang commented 7 years ago

I just tried on my ipv6 server, it seems working. How is are you doing now? Is it working for you now ?