search

acmesh-official / acme.sh

A pure Unix shell script implementing ACME client protocol
https://acme.sh
GNU General Public License v3.0
39.84k stars 5.01k forks source link

cant issue new cert, dont find the problem #903

Closed zmi1 closed 7 years ago

zmi1 commented 7 years ago

This is a host that already had a cert, with acme v250. Now that cert is outdated, and should be renewed, which doesn't work. Also upgraded to v273, still doesn't work anymore.

I found a line in debug that puzzles me: == Info: Connected to transfer.viennapaint.com.well-known (217.74.11.156) port 443 (#1) does it acceess the wrong host? Why is ".well-known" written there?

Apart from that, what's the problem? I have no idea.

Steps to reproduce

/backup/scripts_multihost/.acme.sh/acme.sh --home /backup/scripts_multihost/.acme.sh/ --issue -d transfer.viennapaint.com -w /www/viennapaint.com.transfer/ --staging --log --debug 2

Debug log

[Mon Jun 26 16:34:20 CEST 2017] Using config home:/backup/scripts_multihost/.acme.sh/
[Mon Jun 26 16:34:20 CEST 2017] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:34:20 CEST 2017] DOMAIN_PATH='/backup/scripts_multihost/.acme.sh//transfer.viennapaint.com'
[Mon Jun 26 16:34:20 CEST 2017] Using ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:34:20 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:34:20 CEST 2017] GET
[Mon Jun 26 16:34:20 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Mon Jun 26 16:34:20 CEST 2017] timeout
[Mon Jun 26 16:34:20 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.QotO1PGTCa '
[Mon Jun 26 16:34:20 CEST 2017] ret='0'
[Mon Jun 26 16:34:20 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Mon Jun 26 16:34:20 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:34:20 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Mon Jun 26 16:34:20 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Mon Jun 26 16:34:20 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Mon Jun 26 16:34:21 CEST 2017] _on_before_issue
[Mon Jun 26 16:34:21 CEST 2017] Le_LocalAddress
[Mon Jun 26 16:34:21 CEST 2017] Check for domain='transfer.viennapaint.com'
[Mon Jun 26 16:34:21 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:34:21 CEST 2017] _saved_account_key_hash is not changed, skip register account.
[Mon Jun 26 16:34:21 CEST 2017] Read key length:
[Mon Jun 26 16:34:21 CEST 2017] Creating domain key
[Mon Jun 26 16:34:21 CEST 2017] Use DEFAULT_DOMAIN_KEY_LENGTH=2048
[Mon Jun 26 16:34:21 CEST 2017] Using config home:/backup/scripts_multihost/.acme.sh/
[Mon Jun 26 16:34:21 CEST 2017] Use length 2048
[Mon Jun 26 16:34:21 CEST 2017] Using RSA: 2048
[Mon Jun 26 16:34:21 CEST 2017] The domain key is here: /backup/scripts_multihost/.acme.sh//transfer.viennapaint.com/transfer.viennapaint.com.key
[Mon Jun 26 16:34:21 CEST 2017] _createcsr
[Mon Jun 26 16:34:21 CEST 2017] Single domain='transfer.viennapaint.com'
[Mon Jun 26 16:34:21 CEST 2017] Getting domain auth token for each domain
[Mon Jun 26 16:34:21 CEST 2017] Getting webroot for domain='transfer.viennapaint.com'
[Mon Jun 26 16:34:21 CEST 2017] _w='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:34:21 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:34:21 CEST 2017] Getting new-authz for domain='transfer.viennapaint.com'
[Mon Jun 26 16:34:21 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:34:21 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Mon Jun 26 16:34:21 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:34:21 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Mon Jun 26 16:34:21 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Mon Jun 26 16:34:21 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Mon Jun 26 16:34:21 CEST 2017] Try new-authz for the 0 time.
[Mon Jun 26 16:34:21 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:34:21 CEST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "transfer.viennapaint.com"}}'
[Mon Jun 26 16:34:21 CEST 2017] RSA key
[Mon Jun 26 16:34:21 CEST 2017] GET
[Mon Jun 26 16:34:21 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Mon Jun 26 16:34:21 CEST 2017] timeout
[Mon Jun 26 16:34:21 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.cOTIhRDYiz '
[Mon Jun 26 16:34:21 CEST 2017] ret='0'
[Mon Jun 26 16:34:21 CEST 2017] POST
[Mon Jun 26 16:34:21 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:34:21 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.HsjeGVCds5 '
[Mon Jun 26 16:34:22 CEST 2017] _ret='0'
[Mon Jun 26 16:34:22 CEST 2017] code='201'
[Mon Jun 26 16:34:22 CEST 2017] The new-authz request is ok.
[Mon Jun 26 16:34:22 CEST 2017] entry='"type":"http-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/TGH-2Z2j1hnVL0KHT6SiYLDMq5QNkZOui5-G1ZmIhhg/45727133","token":"3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-8W3QKjRKuWs"'
[Mon Jun 26 16:34:22 CEST 2017] token='3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-8W3QKjRKuWs'
[Mon Jun 26 16:34:22 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/TGH-2Z2j1hnVL0KHT6SiYLDMq5QNkZOui5-G1ZmIhhg/45727133'
[Mon Jun 26 16:34:22 CEST 2017] keyauthorization='3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-8W3QKjRKuWs.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Mon Jun 26 16:34:22 CEST 2017] dvlist='transfer.viennapaint.com#3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-8W3QKjRKuWs.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/TGH-2Z2j1hnVL0KHT6SiYLDMq5QNkZOui5-G1ZmIhhg/45727133#http-01#/www/viennapaint.com.transfer/'
[Mon Jun 26 16:34:22 CEST 2017] vlist='transfer.viennapaint.com#3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-8W3QKjRKuWs.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/TGH-2Z2j1hnVL0KHT6SiYLDMq5QNkZOui5-G1ZmIhhg/45727133#http-01#/www/viennapaint.com.transfer/,'
[Mon Jun 26 16:34:22 CEST 2017] ok, let's start to verify
[Mon Jun 26 16:34:22 CEST 2017] Verifying:transfer.viennapaint.com
[Mon Jun 26 16:34:22 CEST 2017] d='transfer.viennapaint.com'
[Mon Jun 26 16:34:22 CEST 2017] keyauthorization='3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-8W3QKjRKuWs.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Mon Jun 26 16:34:22 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/TGH-2Z2j1hnVL0KHT6SiYLDMq5QNkZOui5-G1ZmIhhg/45727133'
[Mon Jun 26 16:34:22 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:34:22 CEST 2017] wellknown_path='/www/viennapaint.com.transfer//.well-known/acme-challenge'
[Mon Jun 26 16:34:22 CEST 2017] writing token:3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-8W3QKjRKuWs to /www/viennapaint.com.transfer//.well-known/acme-challenge/3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-8W3QKjRKuWs
[Mon Jun 26 16:34:22 CEST 2017] Changing owner/group of .well-known to website:www
[Mon Jun 26 16:34:22 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/TGH-2Z2j1hnVL0KHT6SiYLDMq5QNkZOui5-G1ZmIhhg/45727133'
[Mon Jun 26 16:34:22 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-8W3QKjRKuWs.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Mon Jun 26 16:34:22 CEST 2017] POST
[Mon Jun 26 16:34:22 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/TGH-2Z2j1hnVL0KHT6SiYLDMq5QNkZOui5-G1ZmIhhg/45727133'
[Mon Jun 26 16:34:22 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.TEgFIrugMv '
[Mon Jun 26 16:34:23 CEST 2017] _ret='0'
[Mon Jun 26 16:34:23 CEST 2017] code='202'
[Mon Jun 26 16:34:23 CEST 2017] sleep 2 secs to verify
[Mon Jun 26 16:34:25 CEST 2017] checking
[Mon Jun 26 16:34:25 CEST 2017] GET
[Mon Jun 26 16:34:25 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/TGH-2Z2j1hnVL0KHT6SiYLDMq5QNkZOui5-G1ZmIhhg/45727133'
[Mon Jun 26 16:34:25 CEST 2017] timeout
[Mon Jun 26 16:34:25 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.ij7IUt3Emf '
[Mon Jun 26 16:34:26 CEST 2017] ret='0'
[Mon Jun 26 16:34:26 CEST 2017] transfer.viennapaint.com:Verify error:Fetching https://transfer.viennapaint.com.well-known/acme-challenge/3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-8W3QKjRKuWs: Error getting validation data
[Mon Jun 26 16:34:26 CEST 2017] Debug: get token url.
[Mon Jun 26 16:34:26 CEST 2017] GET
[Mon Jun 26 16:34:26 CEST 2017] url='http://transfer.viennapaint.com/.well-known/acme-challenge/3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-8W3QKjRKuWs'
[Mon Jun 26 16:34:26 CEST 2017] timeout='1'
[Mon Jun 26 16:34:26 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.HHY90HR6uD  --connect-timeout 1'
[Mon Jun 26 16:34:26 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 60
[Mon Jun 26 16:34:26 CEST 2017] Here is the curl dump log:
[Mon Jun 26 16:34:26 CEST 2017] == Info: Hostname was NOT found in DNS cache
== Info:   Trying 217.74.11.156...
== Info: Connected to transfer.viennapaint.com (217.74.11.156) port 80 (#0)
=> Send header, 198 bytes (0xc6)
0000: GET /.well-known/acme-challenge/3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-
0040: 8W3QKjRKuWs HTTP/1.1
0056: User-Agent: acme.sh/2.7.3 (https://github.com/Neilpang/acme.sh)
0097: Host: transfer.viennapaint.com
00b7: Accept: */*
00c4: 
<= Recv header, 20 bytes (0x14)
0000: HTTP/1.1 302 Found
<= Recv header, 37 bytes (0x25)
0000: Date: Mon, 26 Jun 2017 14:34:26 GMT
== Info: Server Apache/2.4.10 (Linux/SUSE) is not blacklisted
<= Recv header, 36 bytes (0x24)
0000: Server: Apache/2.4.10 (Linux/SUSE)
<= Recv header, 114 bytes (0x72)
0000: Location: https://transfer.viennapaint.com.well-known/acme-chall
0040: enge/3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-8W3QKjRKuWs
<= Recv header, 21 bytes (0x15)
0000: Content-Length: 380
<= Recv header, 19 bytes (0x13)
0000: Connection: close
<= Recv header, 45 bytes (0x2d)
0000: Content-Type: text/html; charset=iso-8859-1
<= Recv header, 2 bytes (0x2)
0000: 
== Info: Closing connection 0
== Info: Issue another request to this URL: 'https://transfer.viennapaint.com.well-known/acme-challenge/3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-8W3QKjRKuWs'
== Info: Hostname was NOT found in DNS cache
== Info:   Trying 217.74.11.156...
== Info: Connected to transfer.viennapaint.com.well-known (217.74.11.156) port 443 (#1)
== Info: successfully set certificate verify locations:
== Info:   CAfile: none
  CApath: /etc/ssl/certs/
== Info: SSLv3, TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: ......3..F....X..&..(..dF..s.>=..ZB.......0.,.(.$.........k.j.9.
0040: 8.....2...*.&.......=.5.../.+.'.#.........g.@.3.2.....E.D.1.-.).
0080: %.......<./...A...............................Q...(.&..#transfer
00c0: .viennapaint.com.well-known.....................................
0100: .. .............................................................
0140: ................................................................
0180: ................................................................
01c0: ................................................................
== Info: SSLv3, TLS handshake, Server hello (2):
<= Recv SSL data, 94 bytes (0x5e)
0000: ...Z...M..;....{...>.K...l8"...7^..... ....9...fD..TR.y(......:.
0040: ..y.....0.....................
== Info: SSLv3, TLS handshake, CERT (11):
<= Recv SSL data, 2494 bytes (0x9be)
0000: ..........0...0.................x......K...0...*.H........0J1.0.
0040: ..U....US1.0...U....Let's Encrypt1#0!..U....Let's Encrypt Author
0080: ity X30...170323093700Z..170621093700Z0.1.0...U....viennapaint.c
00c0: om0.."0...*.H.............0..........z.....a&l...h(<#........Yu.
0100: 1<)h\^h.....+...62.......C.T#.Y.T.$..kT..s.....&..0.....^.b4`...
0140: Y....f..vi.z..a....J&.d.)X.a.r.6.I..1h....?...\...../i.....a|A..
0180: v.f...._.:............4.)....q.H.s...k,.c..V_xMVt...[...vHI..}..
01c0: .Ha5....h....<..tN.m.b.Z.I..;...@>.........%0..!0...U...........
0200: 0...U.%..0...+.........+.......0...U.......0.0...U......R%...KT#
0240: ...M;.....a0...U.#..0....Jjc.}....9..Ee.....0p..+........d0b0/.
0280: .+.....0..#http://ocsp.int-x3.letsencrypt.org/0/..+.....0..#http
02c0: ://cert.int-x3.letsencrypt.org/0/..U...(0&..viennapaint.com..www
0300: .viennapaint.com0....U. ...0..0...g.....0....+..........0..0&..+
0340: .........http://cps.letsencrypt.org0....+.......0.....This Certi
0380: ficate may only be relied upon by Relying Parties and only in ac
03c0: cordance with the Certificate Policy found at https://letsencryp
0400: t.org/repository/0...*.H................f..\{.m...P&u.N.P..F.`..
0440: ....F...j. ..E........T.?!.e$.......[.>....._..z:y../.a.1Hy.8Er.
0480: ..Of...?#.,.>...v).5c..B.;.F...X.......<.R.<. w.d....D...<6n?pu.
04c0: _...*.'.."..rKs.m.^{...5.N.Lz..?......e...3...C...........R.a#..
0500: Sj..4.+..8..v*...1.H.l.n...t&.<.bQ..!...0...0..z.........AB...S.
0540: sj.....0...*.H........0?1$0"..U....Digital Signature Trust Co.1.
0580: 0...U....DST Root CA X30...160317164046Z..210317164046Z0J1.0...U
05c0: ....US1.0...U....Let's Encrypt1#0!..U....Let's Encrypt Authority
0600:  X30.."0...*.H.............0............Z..G.r]7..hc0..5&.%...5.
0640: p./..KA....5.X..*.h....u....bq.y.`.......xgq.i........`<H.~.Mw.$
0680: .G.Z....7....{....J..A.6....m<.h.#*B...tg....Ra..?e.......V....
06c0: .?.......k...}.+.e...6u.k.J...Ix/..O* %)..t..1..18....3.C....0.
0700: y1.=-6....3j.91......d.3...).....}..........}0..y0...U.......0..
0740: .....0...U...........0..+........s0q02..+.....0..&http://isrg.t
0780: rustid.ocsp.identrust.com0;..+.....0../http://apps.identrust.com
07c0: /roots/dstrootcax3.p7c0...U.#..0.......{,q...K.u...`...0T..U. .M
0800: 0K0...g.....0?..+..........000...+........"http://cps.root-x1.le
0840: tsencrypt.org0<..U...50301./.-.+http://crl.identrust.com/DSTROOT
0880: CAX3CRL.crl0...U.......Jjc.}....9..Ee.....0...*.H..............3
08c0: ...cX8.....U.vV.pH.iG'{.$...Z.J.)7$tQ.bh...pg....N(Q.........Z..
0900: ....j.j.>W#....b.......?..H....eb..T..*. .........2...w..ye.+.(.
0940: :.R..R.._....3.wl.@.2...\A.tl[]._3.M..8./{,b....o%./...F=.~..z..
0980: .zm..%......./X../,h&.K........CJ.DNosz(...n{L}.....D....4[.B
== Info: SSLv3, TLS alert, Server hello (2):
=> Send SSL data, 2 bytes (0x2)
0000: .-
== Info: SSL certificate problem: certificate has expired
== Info: Closing connection 1
[Mon Jun 26 16:34:26 CEST 2017] ret='60'
[Mon Jun 26 16:34:26 CEST 2017] Debugging, skip removing: /www/viennapaint.com.transfer//.well-known/acme-challenge/3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-8W3QKjRKuWs
[Mon Jun 26 16:34:26 CEST 2017] pid
[Mon Jun 26 16:34:26 CEST 2017] No need to restore nginx, skip.
[Mon Jun 26 16:34:26 CEST 2017] _clearupdns
[Mon Jun 26 16:34:26 CEST 2017] skip dns.
[Mon Jun 26 16:34:26 CEST 2017] _on_issue_err
[Mon Jun 26 16:34:26 CEST 2017] Please check log file for more details: /backup/scripts_multihost/.acme.sh//acme.sh.log
[Mon Jun 26 16:34:26 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/TGH-2Z2j1hnVL0KHT6SiYLDMq5QNkZOui5-G1ZmIhhg/45727133'
[Mon Jun 26 16:34:26 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-8W3QKjRKuWs.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Mon Jun 26 16:34:26 CEST 2017] POST
[Mon Jun 26 16:34:26 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/TGH-2Z2j1hnVL0KHT6SiYLDMq5QNkZOui5-G1ZmIhhg/45727133'
[Mon Jun 26 16:34:26 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.HHY90HR6uD '
[Mon Jun 26 16:34:27 CEST 2017] _ret='0'
[Mon Jun 26 16:34:27 CEST 2017] code='400'
[Mon Jun 26 16:34:27 CEST 2017] Diagnosis versions: 
openssl:openssl
OpenSSL 1.0.1i-fips 6 Aug 2014
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
nc:
OpenBSD netcat (SUSE Linux)
This is nc from the netcat-openbsd package. An alternative nc is available
in the netcat-traditional package.
usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]
      [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]
      [-x proxy_address[:port]] [hostname] [port[s]]
    Command Summary:
        -4      Use IPv4
        -6      Use IPv6
        -D      Enable the debug socket option
        -d      Detach from stdin
        -h      This help text
        -i secs     Delay interval for lines sent, ports scanned
        -k      Keep inbound sockets open for multiple connects
        -l      Listen mode, for inbound connects
        -n      Suppress name/port resolutions
        -P proxyuser    Username for proxy authentication
        -p port     Specify local port for remote connects
        -q secs     quit after EOF on stdin and delay of secs
        -r      Randomize remote ports
        -S      Enable the TCP MD5 signature option
        -s addr     Local source address
        -T ToS      Set IP Type of Service
        -C      Send CRLF as line-ending
        -t      Answer TELNET negotiation
        -U      Use UNIX domain socket
        -u      UDP mode
        -Z      DCCP mode
        -v      Verbose
        -w secs     Timeout for connects and final net reads
        -X proto    Proxy protocol: "4", "5" (SOCKS) or "connect"
        -x addr[:port]  Specify proxy address and port
        -z      Zero-I/O mode [used for scanning]
    Port numbers can be individual or ranges: lo-hi [inclusive]
[Mon Jun 26 16:37:39 CEST 2017] Using config home:/backup/scripts_multihost/.acme.sh/
[Mon Jun 26 16:37:39 CEST 2017] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:37:40 CEST 2017] DOMAIN_PATH='/backup/scripts_multihost/.acme.sh//transfer.viennapaint.com'
[Mon Jun 26 16:37:40 CEST 2017] Using ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:37:40 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:37:40 CEST 2017] GET
[Mon Jun 26 16:37:40 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Mon Jun 26 16:37:40 CEST 2017] timeout
[Mon Jun 26 16:37:40 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.W4YeHx1IEC '
[Mon Jun 26 16:37:40 CEST 2017] ret='0'
[Mon Jun 26 16:37:40 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Mon Jun 26 16:37:40 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:37:40 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Mon Jun 26 16:37:40 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Mon Jun 26 16:37:40 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Mon Jun 26 16:37:40 CEST 2017] Le_NextRenewTime
[Mon Jun 26 16:37:40 CEST 2017] _on_before_issue
[Mon Jun 26 16:37:40 CEST 2017] Le_LocalAddress
[Mon Jun 26 16:37:40 CEST 2017] Check for domain='transfer.viennapaint.com'
[Mon Jun 26 16:37:40 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:37:40 CEST 2017] _saved_account_key_hash is not changed, skip register account.
[Mon Jun 26 16:37:40 CEST 2017] Read key length:
[Mon Jun 26 16:37:40 CEST 2017] _createcsr
[Mon Jun 26 16:37:40 CEST 2017] Single domain='transfer.viennapaint.com'
[Mon Jun 26 16:37:40 CEST 2017] Getting domain auth token for each domain
[Mon Jun 26 16:37:40 CEST 2017] Getting webroot for domain='transfer.viennapaint.com'
[Mon Jun 26 16:37:40 CEST 2017] _w='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:37:40 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:37:40 CEST 2017] Getting new-authz for domain='transfer.viennapaint.com'
[Mon Jun 26 16:37:40 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:37:40 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Mon Jun 26 16:37:40 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:37:40 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Mon Jun 26 16:37:40 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Mon Jun 26 16:37:40 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Mon Jun 26 16:37:40 CEST 2017] Try new-authz for the 0 time.
[Mon Jun 26 16:37:40 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:37:40 CEST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "transfer.viennapaint.com"}}'
[Mon Jun 26 16:37:40 CEST 2017] RSA key
[Mon Jun 26 16:37:40 CEST 2017] GET
[Mon Jun 26 16:37:40 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Mon Jun 26 16:37:40 CEST 2017] timeout
[Mon Jun 26 16:37:40 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.PJOH4kZH4E '
[Mon Jun 26 16:37:41 CEST 2017] ret='0'
[Mon Jun 26 16:37:41 CEST 2017] POST
[Mon Jun 26 16:37:41 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:37:41 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.u6GqSedpRr '
[Mon Jun 26 16:37:42 CEST 2017] _ret='0'
[Mon Jun 26 16:37:42 CEST 2017] code='201'
[Mon Jun 26 16:37:42 CEST 2017] The new-authz request is ok.
[Mon Jun 26 16:37:42 CEST 2017] entry='"type":"http-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/kdTeP9zMefKHma0moRsgnR1VdYBAyRHf9fJBftHQX2E/45727600","token":"8ojJzdyqePSi0tZCyf7-n4uD5Hcs84fjEFQMSBFWLVw"'
[Mon Jun 26 16:37:42 CEST 2017] token='8ojJzdyqePSi0tZCyf7-n4uD5Hcs84fjEFQMSBFWLVw'
[Mon Jun 26 16:37:42 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/kdTeP9zMefKHma0moRsgnR1VdYBAyRHf9fJBftHQX2E/45727600'
[Mon Jun 26 16:37:42 CEST 2017] keyauthorization='8ojJzdyqePSi0tZCyf7-n4uD5Hcs84fjEFQMSBFWLVw.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Mon Jun 26 16:37:42 CEST 2017] dvlist='transfer.viennapaint.com#8ojJzdyqePSi0tZCyf7-n4uD5Hcs84fjEFQMSBFWLVw.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/kdTeP9zMefKHma0moRsgnR1VdYBAyRHf9fJBftHQX2E/45727600#http-01#/www/viennapaint.com.transfer/'
[Mon Jun 26 16:37:42 CEST 2017] vlist='transfer.viennapaint.com#8ojJzdyqePSi0tZCyf7-n4uD5Hcs84fjEFQMSBFWLVw.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/kdTeP9zMefKHma0moRsgnR1VdYBAyRHf9fJBftHQX2E/45727600#http-01#/www/viennapaint.com.transfer/,'
[Mon Jun 26 16:37:42 CEST 2017] ok, let's start to verify
[Mon Jun 26 16:37:42 CEST 2017] Verifying:transfer.viennapaint.com
[Mon Jun 26 16:37:42 CEST 2017] d='transfer.viennapaint.com'
[Mon Jun 26 16:37:42 CEST 2017] keyauthorization='8ojJzdyqePSi0tZCyf7-n4uD5Hcs84fjEFQMSBFWLVw.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Mon Jun 26 16:37:42 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/kdTeP9zMefKHma0moRsgnR1VdYBAyRHf9fJBftHQX2E/45727600'
[Mon Jun 26 16:37:42 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:37:42 CEST 2017] wellknown_path='/www/viennapaint.com.transfer//.well-known/acme-challenge'
[Mon Jun 26 16:37:42 CEST 2017] writing token:8ojJzdyqePSi0tZCyf7-n4uD5Hcs84fjEFQMSBFWLVw to /www/viennapaint.com.transfer//.well-known/acme-challenge/8ojJzdyqePSi0tZCyf7-n4uD5Hcs84fjEFQMSBFWLVw
[Mon Jun 26 16:37:42 CEST 2017] Changing owner/group of .well-known to website:www
[Mon Jun 26 16:37:42 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/kdTeP9zMefKHma0moRsgnR1VdYBAyRHf9fJBftHQX2E/45727600'
[Mon Jun 26 16:37:42 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "8ojJzdyqePSi0tZCyf7-n4uD5Hcs84fjEFQMSBFWLVw.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Mon Jun 26 16:37:42 CEST 2017] POST
[Mon Jun 26 16:37:42 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/kdTeP9zMefKHma0moRsgnR1VdYBAyRHf9fJBftHQX2E/45727600'
[Mon Jun 26 16:37:42 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.U2sV9Q0JT5 '
[Mon Jun 26 16:37:43 CEST 2017] _ret='0'
[Mon Jun 26 16:37:43 CEST 2017] code='202'
[Mon Jun 26 16:37:43 CEST 2017] sleep 2 secs to verify
[Mon Jun 26 16:37:45 CEST 2017] checking
[Mon Jun 26 16:37:45 CEST 2017] GET
[Mon Jun 26 16:37:45 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/kdTeP9zMefKHma0moRsgnR1VdYBAyRHf9fJBftHQX2E/45727600'
[Mon Jun 26 16:37:45 CEST 2017] timeout
[Mon Jun 26 16:37:45 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.gpvpnHoGfM '
[Mon Jun 26 16:37:46 CEST 2017] ret='0'
[Mon Jun 26 16:37:46 CEST 2017] transfer.viennapaint.com:Verify error:Fetching https://transfer.viennapaint.com.well-known/acme-challenge/8ojJzdyqePSi0tZCyf7-n4uD5Hcs84fjEFQMSBFWLVw: Error getting validation data
[Mon Jun 26 16:37:46 CEST 2017] Debug: get token url.
[Mon Jun 26 16:37:46 CEST 2017] GET
[Mon Jun 26 16:37:46 CEST 2017] url='http://transfer.viennapaint.com/.well-known/acme-challenge/8ojJzdyqePSi0tZCyf7-n4uD5Hcs84fjEFQMSBFWLVw'
[Mon Jun 26 16:37:46 CEST 2017] timeout='1'
[Mon Jun 26 16:37:46 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.Z7mENisneN  --connect-timeout 1'
[Mon Jun 26 16:37:46 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 60
[Mon Jun 26 16:37:46 CEST 2017] Here is the curl dump log:
[Mon Jun 26 16:37:46 CEST 2017] == Info: Hostname was NOT found in DNS cache
== Info:   Trying 217.74.11.156...
== Info: Connected to transfer.viennapaint.com (217.74.11.156) port 80 (#0)
=> Send header, 198 bytes (0xc6)
0000: GET /.well-known/acme-challenge/8ojJzdyqePSi0tZCyf7-n4uD5Hcs84fj
0040: EFQMSBFWLVw HTTP/1.1
0056: User-Agent: acme.sh/2.7.3 (https://github.com/Neilpang/acme.sh)
0097: Host: transfer.viennapaint.com
00b7: Accept: */*
00c4: 
<= Recv header, 20 bytes (0x14)
0000: HTTP/1.1 302 Found
<= Recv header, 37 bytes (0x25)
0000: Date: Mon, 26 Jun 2017 14:37:46 GMT
== Info: Server Apache/2.4.10 (Linux/SUSE) is not blacklisted
<= Recv header, 36 bytes (0x24)
0000: Server: Apache/2.4.10 (Linux/SUSE)
<= Recv header, 114 bytes (0x72)
0000: Location: https://transfer.viennapaint.com.well-known/acme-chall
0040: enge/8ojJzdyqePSi0tZCyf7-n4uD5Hcs84fjEFQMSBFWLVw
<= Recv header, 21 bytes (0x15)
0000: Content-Length: 380
<= Recv header, 19 bytes (0x13)
0000: Connection: close
<= Recv header, 45 bytes (0x2d)
0000: Content-Type: text/html; charset=iso-8859-1
<= Recv header, 2 bytes (0x2)
0000: 
== Info: Closing connection 0
== Info: Issue another request to this URL: 'https://transfer.viennapaint.com.well-known/acme-challenge/8ojJzdyqePSi0tZCyf7-n4uD5Hcs84fjEFQMSBFWLVw'
== Info: Hostname was NOT found in DNS cache
== Info:   Trying 217.74.11.156...
== Info: Connected to transfer.viennapaint.com.well-known (217.74.11.156) port 443 (#1)
== Info: successfully set certificate verify locations:
== Info:   CAfile: none
  CApath: /etc/ssl/certs/
== Info: SSLv3, TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: .......^.4t.......0:...?......\.Xy........0.,.(.$.........k.j.9.
0040: 8.....2...*.&.......=.5.../.+.'.#.........g.@.3.2.....E.D.1.-.).
0080: %.......<./...A...............................Q...(.&..#transfer
00c0: .viennapaint.com.well-known.....................................
0100: .. .............................................................
0140: ................................................................
0180: ................................................................
01c0: ................................................................
== Info: SSLv3, TLS handshake, Server hello (2):
<= Recv SSL data, 94 bytes (0x5e)
0000: ...Z..5sS...J...i.i... .@..l7-.......# ...7./..C...E.gm_.^A./..)
0040: owh..T..0.....................
== Info: SSLv3, TLS handshake, CERT (11):
<= Recv SSL data, 2494 bytes (0x9be)
0000: ..........0...0.................x......K...0...*.H........0J1.0.
0040: ..U....US1.0...U....Let's Encrypt1#0!..U....Let's Encrypt Author
0080: ity X30...170323093700Z..170621093700Z0.1.0...U....viennapaint.c
00c0: om0.."0...*.H.............0..........z.....a&l...h(<#........Yu.
0100: 1<)h\^h.....+...62.......C.T#.Y.T.$..kT..s.....&..0.....^.b4`...
0140: Y....f..vi.z..a....J&.d.)X.a.r.6.I..1h....?...\...../i.....a|A..
0180: v.f...._.:............4.)....q.H.s...k,.c..V_xMVt...[...vHI..}..
01c0: .Ha5....h....<..tN.m.b.Z.I..;...@>.........%0..!0...U...........
0200: 0...U.%..0...+.........+.......0...U.......0.0...U......R%...KT#
0240: ...M;.....a0...U.#..0....Jjc.}....9..Ee.....0p..+........d0b0/.
0280: .+.....0..#http://ocsp.int-x3.letsencrypt.org/0/..+.....0..#http
02c0: ://cert.int-x3.letsencrypt.org/0/..U...(0&..viennapaint.com..www
0300: .viennapaint.com0....U. ...0..0...g.....0....+..........0..0&..+
0340: .........http://cps.letsencrypt.org0....+.......0.....This Certi
0380: ficate may only be relied upon by Relying Parties and only in ac
03c0: cordance with the Certificate Policy found at https://letsencryp
0400: t.org/repository/0...*.H................f..\{.m...P&u.N.P..F.`..
0440: ....F...j. ..E........T.?!.e$.......[.>....._..z:y../.a.1Hy.8Er.
0480: ..Of...?#.,.>...v).5c..B.;.F...X.......<.R.<. w.d....D...<6n?pu.
04c0: _...*.'.."..rKs.m.^{...5.N.Lz..?......e...3...C...........R.a#..
0500: Sj..4.+..8..v*...1.H.l.n...t&.<.bQ..!...0...0..z.........AB...S.
0540: sj.....0...*.H........0?1$0"..U....Digital Signature Trust Co.1.
0580: 0...U....DST Root CA X30...160317164046Z..210317164046Z0J1.0...U
05c0: ....US1.0...U....Let's Encrypt1#0!..U....Let's Encrypt Authority
0600:  X30.."0...*.H.............0............Z..G.r]7..hc0..5&.%...5.
0640: p./..KA....5.X..*.h....u....bq.y.`.......xgq.i........`<H.~.Mw.$
0680: .G.Z....7....{....J..A.6....m<.h.#*B...tg....Ra..?e.......V....
06c0: .?.......k...}.+.e...6u.k.J...Ix/..O* %)..t..1..18....3.C....0.
0700: y1.=-6....3j.91......d.3...).....}..........}0..y0...U.......0..
0740: .....0...U...........0..+........s0q02..+.....0..&http://isrg.t
0780: rustid.ocsp.identrust.com0;..+.....0../http://apps.identrust.com
07c0: /roots/dstrootcax3.p7c0...U.#..0.......{,q...K.u...`...0T..U. .M
0800: 0K0...g.....0?..+..........000...+........"http://cps.root-x1.le
0840: tsencrypt.org0<..U...50301./.-.+http://crl.identrust.com/DSTROOT
0880: CAX3CRL.crl0...U.......Jjc.}....9..Ee.....0...*.H..............3
08c0: ...cX8.....U.vV.pH.iG'{.$...Z.J.)7$tQ.bh...pg....N(Q.........Z..
0900: ....j.j.>W#....b.......?..H....eb..T..*. .........2...w..ye.+.(.
0940: :.R..R.._....3.wl.@.2...\A.tl[]._3.M..8./{,b....o%./...F=.~..z..
0980: .zm..%......./X../,h&.K........CJ.DNosz(...n{L}.....D....4[.B
== Info: SSLv3, TLS alert, Server hello (2):
=> Send SSL data, 2 bytes (0x2)
0000: .-
== Info: SSL certificate problem: certificate has expired
== Info: Closing connection 1
[Mon Jun 26 16:37:46 CEST 2017] ret='60'
[Mon Jun 26 16:37:46 CEST 2017] Debugging, skip removing: /www/viennapaint.com.transfer//.well-known/acme-challenge/8ojJzdyqePSi0tZCyf7-n4uD5Hcs84fjEFQMSBFWLVw
[Mon Jun 26 16:37:46 CEST 2017] pid
[Mon Jun 26 16:37:46 CEST 2017] No need to restore nginx, skip.
[Mon Jun 26 16:37:46 CEST 2017] _clearupdns
[Mon Jun 26 16:37:46 CEST 2017] skip dns.
[Mon Jun 26 16:37:46 CEST 2017] _on_issue_err
[Mon Jun 26 16:37:46 CEST 2017] Please check log file for more details: /backup/scripts_multihost/.acme.sh//acme.sh.log
[Mon Jun 26 16:37:46 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/kdTeP9zMefKHma0moRsgnR1VdYBAyRHf9fJBftHQX2E/45727600'
[Mon Jun 26 16:37:46 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "8ojJzdyqePSi0tZCyf7-n4uD5Hcs84fjEFQMSBFWLVw.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Mon Jun 26 16:37:46 CEST 2017] POST
[Mon Jun 26 16:37:46 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/kdTeP9zMefKHma0moRsgnR1VdYBAyRHf9fJBftHQX2E/45727600'
[Mon Jun 26 16:37:46 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.Z7mENisneN '
[Mon Jun 26 16:37:47 CEST 2017] _ret='0'
[Mon Jun 26 16:37:47 CEST 2017] code='400'
[Mon Jun 26 16:37:47 CEST 2017] Diagnosis versions: 
openssl:openssl
OpenSSL 1.0.1i-fips 6 Aug 2014
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
nc:
OpenBSD netcat (SUSE Linux)
This is nc from the netcat-openbsd package. An alternative nc is available
in the netcat-traditional package.
usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]
      [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]
      [-x proxy_address[:port]] [hostname] [port[s]]
    Command Summary:
        -4      Use IPv4
        -6      Use IPv6
        -D      Enable the debug socket option
        -d      Detach from stdin
        -h      This help text
        -i secs     Delay interval for lines sent, ports scanned
        -k      Keep inbound sockets open for multiple connects
        -l      Listen mode, for inbound connects
        -n      Suppress name/port resolutions
        -P proxyuser    Username for proxy authentication
        -p port     Specify local port for remote connects
        -q secs     quit after EOF on stdin and delay of secs
        -r      Randomize remote ports
        -S      Enable the TCP MD5 signature option
        -s addr     Local source address
        -T ToS      Set IP Type of Service
        -C      Send CRLF as line-ending
        -t      Answer TELNET negotiation
        -U      Use UNIX domain socket
        -u      UDP mode
        -Z      DCCP mode
        -v      Verbose
        -w secs     Timeout for connects and final net reads
        -X proto    Proxy protocol: "4", "5" (SOCKS) or "connect"
        -x addr[:port]  Specify proxy address and port
        -z      Zero-I/O mode [used for scanning]
    Port numbers can be individual or ranges: lo-hi [inclusive]
[Mon Jun 26 16:38:41 CEST 2017] Using config home:/backup/scripts_multihost/.acme.sh/
[Mon Jun 26 16:38:41 CEST 2017] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:38:41 CEST 2017] DOMAIN_PATH='/backup/scripts_multihost/.acme.sh//transfer.viennapaint.com'
[Mon Jun 26 16:38:41 CEST 2017] Using ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:38:41 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:38:41 CEST 2017] GET
[Mon Jun 26 16:38:41 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Mon Jun 26 16:38:41 CEST 2017] timeout
[Mon Jun 26 16:38:41 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.Tbl0gGIxp3 '
[Mon Jun 26 16:38:42 CEST 2017] ret='0'
[Mon Jun 26 16:38:42 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Mon Jun 26 16:38:42 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:38:42 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Mon Jun 26 16:38:42 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Mon Jun 26 16:38:42 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Mon Jun 26 16:38:42 CEST 2017] Le_NextRenewTime
[Mon Jun 26 16:38:42 CEST 2017] _on_before_issue
[Mon Jun 26 16:38:42 CEST 2017] Le_LocalAddress
[Mon Jun 26 16:38:42 CEST 2017] Check for domain='transfer.viennapaint.com'
[Mon Jun 26 16:38:42 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:38:42 CEST 2017] _saved_account_key_hash is not changed, skip register account.
[Mon Jun 26 16:38:42 CEST 2017] Read key length:
[Mon Jun 26 16:38:42 CEST 2017] _createcsr
[Mon Jun 26 16:38:42 CEST 2017] Single domain='transfer.viennapaint.com'
[Mon Jun 26 16:38:42 CEST 2017] Getting domain auth token for each domain
[Mon Jun 26 16:38:42 CEST 2017] Getting webroot for domain='transfer.viennapaint.com'
[Mon Jun 26 16:38:42 CEST 2017] _w='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:38:42 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:38:42 CEST 2017] Getting new-authz for domain='transfer.viennapaint.com'
[Mon Jun 26 16:38:42 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:38:42 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Mon Jun 26 16:38:42 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:38:42 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Mon Jun 26 16:38:42 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Mon Jun 26 16:38:42 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Mon Jun 26 16:38:42 CEST 2017] Try new-authz for the 0 time.
[Mon Jun 26 16:38:42 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:38:42 CEST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "transfer.viennapaint.com"}}'
[Mon Jun 26 16:38:42 CEST 2017] RSA key
[Mon Jun 26 16:38:42 CEST 2017] GET
[Mon Jun 26 16:38:42 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Mon Jun 26 16:38:42 CEST 2017] timeout
[Mon Jun 26 16:38:42 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.PYCVD5MQEp '
[Mon Jun 26 16:38:42 CEST 2017] ret='0'
[Mon Jun 26 16:38:42 CEST 2017] POST
[Mon Jun 26 16:38:42 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:38:42 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.aQM2zoxP5A '
[Mon Jun 26 16:38:43 CEST 2017] _ret='0'
[Mon Jun 26 16:38:43 CEST 2017] code='201'
[Mon Jun 26 16:38:43 CEST 2017] The new-authz request is ok.
[Mon Jun 26 16:38:43 CEST 2017] entry='"type":"http-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/22nns6qvpoz9eSw7N2k-yRboNVQ-nhMdxFQFyBXVxss/45727684","token":"4HO2BzXMOLDtUsLDaHV6bXVqtTrC3L2D1s3zlxIUmPs"'
[Mon Jun 26 16:38:43 CEST 2017] token='4HO2BzXMOLDtUsLDaHV6bXVqtTrC3L2D1s3zlxIUmPs'
[Mon Jun 26 16:38:43 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/22nns6qvpoz9eSw7N2k-yRboNVQ-nhMdxFQFyBXVxss/45727684'
[Mon Jun 26 16:38:43 CEST 2017] keyauthorization='4HO2BzXMOLDtUsLDaHV6bXVqtTrC3L2D1s3zlxIUmPs.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Mon Jun 26 16:38:43 CEST 2017] dvlist='transfer.viennapaint.com#4HO2BzXMOLDtUsLDaHV6bXVqtTrC3L2D1s3zlxIUmPs.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/22nns6qvpoz9eSw7N2k-yRboNVQ-nhMdxFQFyBXVxss/45727684#http-01#/www/viennapaint.com.transfer/'
[Mon Jun 26 16:38:43 CEST 2017] vlist='transfer.viennapaint.com#4HO2BzXMOLDtUsLDaHV6bXVqtTrC3L2D1s3zlxIUmPs.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/22nns6qvpoz9eSw7N2k-yRboNVQ-nhMdxFQFyBXVxss/45727684#http-01#/www/viennapaint.com.transfer/,'
[Mon Jun 26 16:38:43 CEST 2017] ok, let's start to verify
[Mon Jun 26 16:38:43 CEST 2017] Verifying:transfer.viennapaint.com
[Mon Jun 26 16:38:43 CEST 2017] d='transfer.viennapaint.com'
[Mon Jun 26 16:38:43 CEST 2017] keyauthorization='4HO2BzXMOLDtUsLDaHV6bXVqtTrC3L2D1s3zlxIUmPs.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Mon Jun 26 16:38:43 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/22nns6qvpoz9eSw7N2k-yRboNVQ-nhMdxFQFyBXVxss/45727684'
[Mon Jun 26 16:38:43 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:38:43 CEST 2017] wellknown_path='/www/viennapaint.com.transfer//.well-known/acme-challenge'
[Mon Jun 26 16:38:43 CEST 2017] writing token:4HO2BzXMOLDtUsLDaHV6bXVqtTrC3L2D1s3zlxIUmPs to /www/viennapaint.com.transfer//.well-known/acme-challenge/4HO2BzXMOLDtUsLDaHV6bXVqtTrC3L2D1s3zlxIUmPs
[Mon Jun 26 16:38:43 CEST 2017] Changing owner/group of .well-known to website:www
[Mon Jun 26 16:38:43 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/22nns6qvpoz9eSw7N2k-yRboNVQ-nhMdxFQFyBXVxss/45727684'
[Mon Jun 26 16:38:43 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "4HO2BzXMOLDtUsLDaHV6bXVqtTrC3L2D1s3zlxIUmPs.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Mon Jun 26 16:38:43 CEST 2017] POST
[Mon Jun 26 16:38:43 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/22nns6qvpoz9eSw7N2k-yRboNVQ-nhMdxFQFyBXVxss/45727684'
[Mon Jun 26 16:38:44 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.BLGszoj4Bg '
[Mon Jun 26 16:38:44 CEST 2017] _ret='0'
[Mon Jun 26 16:38:44 CEST 2017] code='202'
[Mon Jun 26 16:38:44 CEST 2017] sleep 2 secs to verify
[Mon Jun 26 16:38:46 CEST 2017] checking
[Mon Jun 26 16:38:46 CEST 2017] GET
[Mon Jun 26 16:38:46 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/22nns6qvpoz9eSw7N2k-yRboNVQ-nhMdxFQFyBXVxss/45727684'
[Mon Jun 26 16:38:46 CEST 2017] timeout
[Mon Jun 26 16:38:46 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.PkoNTWmDBI '
[Mon Jun 26 16:38:47 CEST 2017] ret='0'
[Mon Jun 26 16:38:47 CEST 2017] transfer.viennapaint.com:Verify error:Fetching https://transfer.viennapaint.com.well-known/acme-challenge/4HO2BzXMOLDtUsLDaHV6bXVqtTrC3L2D1s3zlxIUmPs: Error getting validation data
[Mon Jun 26 16:38:47 CEST 2017] Debug: get token url.
[Mon Jun 26 16:38:47 CEST 2017] GET
[Mon Jun 26 16:38:47 CEST 2017] url='http://transfer.viennapaint.com/.well-known/acme-challenge/4HO2BzXMOLDtUsLDaHV6bXVqtTrC3L2D1s3zlxIUmPs'
[Mon Jun 26 16:38:47 CEST 2017] timeout='1'
[Mon Jun 26 16:38:47 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.xg0sjonVQ3  --connect-timeout 1'
[Mon Jun 26 16:38:47 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 60
[Mon Jun 26 16:38:47 CEST 2017] Here is the curl dump log:
[Mon Jun 26 16:38:47 CEST 2017] == Info: Hostname was NOT found in DNS cache
== Info:   Trying 217.74.11.156...
== Info: Connected to transfer.viennapaint.com (217.74.11.156) port 80 (#0)
=> Send header, 198 bytes (0xc6)
0000: GET /.well-known/acme-challenge/4HO2BzXMOLDtUsLDaHV6bXVqtTrC3L2D
0040: 1s3zlxIUmPs HTTP/1.1
0056: User-Agent: acme.sh/2.7.3 (https://github.com/Neilpang/acme.sh)
0097: Host: transfer.viennapaint.com
00b7: Accept: */*
00c4: 
<= Recv header, 20 bytes (0x14)
0000: HTTP/1.1 302 Found
<= Recv header, 37 bytes (0x25)
0000: Date: Mon, 26 Jun 2017 14:38:47 GMT
== Info: Server Apache/2.4.10 (Linux/SUSE) is not blacklisted
<= Recv header, 36 bytes (0x24)
0000: Server: Apache/2.4.10 (Linux/SUSE)
<= Recv header, 114 bytes (0x72)
0000: Location: https://transfer.viennapaint.com.well-known/acme-chall
0040: enge/4HO2BzXMOLDtUsLDaHV6bXVqtTrC3L2D1s3zlxIUmPs
<= Recv header, 21 bytes (0x15)
0000: Content-Length: 380
<= Recv header, 19 bytes (0x13)
0000: Connection: close
<= Recv header, 45 bytes (0x2d)
0000: Content-Type: text/html; charset=iso-8859-1
<= Recv header, 2 bytes (0x2)
0000: 
== Info: Closing connection 0
== Info: Issue another request to this URL: 'https://transfer.viennapaint.com.well-known/acme-challenge/4HO2BzXMOLDtUsLDaHV6bXVqtTrC3L2D1s3zlxIUmPs'
== Info: Hostname was NOT found in DNS cache
== Info:   Trying 217.74.11.156...
== Info: Connected to transfer.viennapaint.com.well-known (217.74.11.156) port 443 (#1)
== Info: successfully set certificate verify locations:
== Info:   CAfile: none
  CApath: /etc/ssl/certs/
== Info: SSLv3, TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: ......&.'..L.g....TcMv.....%..)Lj........0.,.(.$.........k.j.9.
0040: 8.....2...*.&.......=.5.../.+.'.#.........g.@.3.2.....E.D.1.-.).
0080: %.......<./...A...............................Q...(.&..#transfer
00c0: .viennapaint.com.well-known.....................................
0100: .. .............................................................
0140: ................................................................
0180: ................................................................
01c0: ................................................................
== Info: SSLv3, TLS handshake, Server hello (2):
<= Recv SSL data, 94 bytes (0x5e)
0000: ...Z......R....M.K....+..B+.wz\G.@>... ..&....&..1.Mb.:.........
0040: .......0.....................
== Info: SSLv3, TLS handshake, CERT (11):
<= Recv SSL data, 2494 bytes (0x9be)
0000: ..........0...0.................x......K...0...*.H........0J1.0.
0040: ..U....US1.0...U....Let's Encrypt1#0!..U....Let's Encrypt Author
0080: ity X30...170323093700Z..170621093700Z0.1.0...U....viennapaint.c
00c0: om0.."0...*.H.............0..........z.....a&l...h(<#........Yu.
0100: 1<)h\^h.....+...62.......C.T#.Y.T.$..kT..s.....&..0.....^.b4`...
0140: Y....f..vi.z..a....J&.d.)X.a.r.6.I..1h....?...\...../i.....a|A..
0180: v.f...._.:............4.)....q.H.s...k,.c..V_xMVt...[...vHI..}..
01c0: .Ha5....h....<..tN.m.b.Z.I..;...@>.........%0..!0...U...........
0200: 0...U.%..0...+.........+.......0...U.......0.0...U......R%...KT#
0240: ...M;.....a0...U.#..0....Jjc.}....9..Ee.....0p..+........d0b0/.
0280: .+.....0..#http://ocsp.int-x3.letsencrypt.org/0/..+.....0..#http
02c0: ://cert.int-x3.letsencrypt.org/0/..U...(0&..viennapaint.com..www
0300: .viennapaint.com0....U. ...0..0...g.....0....+..........0..0&..+
0340: .........http://cps.letsencrypt.org0....+.......0.....This Certi
0380: ficate may only be relied upon by Relying Parties and only in ac
03c0: cordance with the Certificate Policy found at https://letsencryp
0400: t.org/repository/0...*.H................f..\{.m...P&u.N.P..F.`..
0440: ....F...j. ..E........T.?!.e$.......[.>....._..z:y../.a.1Hy.8Er.
0480: ..Of...?#.,.>...v).5c..B.;.F...X.......<.R.<. w.d....D...<6n?pu.
04c0: _...*.'.."..rKs.m.^{...5.N.Lz..?......e...3...C...........R.a#..
0500: Sj..4.+..8..v*...1.H.l.n...t&.<.bQ..!...0...0..z.........AB...S.
0540: sj.....0...*.H........0?1$0"..U....Digital Signature Trust Co.1.
0580: 0...U....DST Root CA X30...160317164046Z..210317164046Z0J1.0...U
05c0: ....US1.0...U....Let's Encrypt1#0!..U....Let's Encrypt Authority
0600:  X30.."0...*.H.............0............Z..G.r]7..hc0..5&.%...5.
0640: p./..KA....5.X..*.h....u....bq.y.`.......xgq.i........`<H.~.Mw.$
0680: .G.Z....7....{....J..A.6....m<.h.#*B...tg....Ra..?e.......V....
06c0: .?.......k...}.+.e...6u.k.J...Ix/..O* %)..t..1..18....3.C....0.
0700: y1.=-6....3j.91......d.3...).....}..........}0..y0...U.......0..
0740: .....0...U...........0..+........s0q02..+.....0..&http://isrg.t
0780: rustid.ocsp.identrust.com0;..+.....0../http://apps.identrust.com
07c0: /roots/dstrootcax3.p7c0...U.#..0.......{,q...K.u...`...0T..U. .M
0800: 0K0...g.....0?..+..........000...+........"http://cps.root-x1.le
0840: tsencrypt.org0<..U...50301./.-.+http://crl.identrust.com/DSTROOT
0880: CAX3CRL.crl0...U.......Jjc.}....9..Ee.....0...*.H..............3
08c0: ...cX8.....U.vV.pH.iG'{.$...Z.J.)7$tQ.bh...pg....N(Q.........Z..
0900: ....j.j.>W#....b.......?..H....eb..T..*. .........2...w..ye.+.(.
0940: :.R..R.._....3.wl.@.2...\A.tl[]._3.M..8./{,b....o%./...F=.~..z..
0980: .zm..%......./X../,h&.K........CJ.DNosz(...n{L}.....D....4[.B
== Info: SSLv3, TLS alert, Server hello (2):
=> Send SSL data, 2 bytes (0x2)
0000: .-
== Info: SSL certificate problem: certificate has expired
== Info: Closing connection 1
[Mon Jun 26 16:38:47 CEST 2017] ret='60'
[Mon Jun 26 16:38:47 CEST 2017] Debugging, skip removing: /www/viennapaint.com.transfer//.well-known/acme-challenge/4HO2BzXMOLDtUsLDaHV6bXVqtTrC3L2D1s3zlxIUmPs
[Mon Jun 26 16:38:47 CEST 2017] pid
[Mon Jun 26 16:38:47 CEST 2017] No need to restore nginx, skip.
[Mon Jun 26 16:38:47 CEST 2017] _clearupdns
[Mon Jun 26 16:38:47 CEST 2017] skip dns.
[Mon Jun 26 16:38:47 CEST 2017] _on_issue_err
[Mon Jun 26 16:38:47 CEST 2017] Please check log file for more details: /backup/scripts_multihost/.acme.sh//acme.sh.log
[Mon Jun 26 16:38:47 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/22nns6qvpoz9eSw7N2k-yRboNVQ-nhMdxFQFyBXVxss/45727684'
[Mon Jun 26 16:38:47 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "4HO2BzXMOLDtUsLDaHV6bXVqtTrC3L2D1s3zlxIUmPs.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Mon Jun 26 16:38:47 CEST 2017] POST
[Mon Jun 26 16:38:47 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/22nns6qvpoz9eSw7N2k-yRboNVQ-nhMdxFQFyBXVxss/45727684'
[Mon Jun 26 16:38:47 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.xg0sjonVQ3 '
[Mon Jun 26 16:38:48 CEST 2017] _ret='0'
[Mon Jun 26 16:38:48 CEST 2017] code='400'
[Mon Jun 26 16:38:48 CEST 2017] Diagnosis versions: 
openssl:openssl
OpenSSL 1.0.1i-fips 6 Aug 2014
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
nc:
OpenBSD netcat (SUSE Linux)
This is nc from the netcat-openbsd package. An alternative nc is available
in the netcat-traditional package.
usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]
      [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]
      [-x proxy_address[:port]] [hostname] [port[s]]
    Command Summary:
        -4      Use IPv4
        -6      Use IPv6
        -D      Enable the debug socket option
        -d      Detach from stdin
        -h      This help text
        -i secs     Delay interval for lines sent, ports scanned
        -k      Keep inbound sockets open for multiple connects
        -l      Listen mode, for inbound connects
        -n      Suppress name/port resolutions
        -P proxyuser    Username for proxy authentication
        -p port     Specify local port for remote connects
        -q secs     quit after EOF on stdin and delay of secs
        -r      Randomize remote ports
        -S      Enable the TCP MD5 signature option
        -s addr     Local source address
        -T ToS      Set IP Type of Service
        -C      Send CRLF as line-ending
        -t      Answer TELNET negotiation
        -U      Use UNIX domain socket
        -u      UDP mode
        -Z      DCCP mode
        -v      Verbose
        -w secs     Timeout for connects and final net reads
        -X proto    Proxy protocol: "4", "5" (SOCKS) or "connect"
        -x addr[:port]  Specify proxy address and port
        -z      Zero-I/O mode [used for scanning]
    Port numbers can be individual or ranges: lo-hi [inclusive]
[Mon Jun 26 16:39:36 CEST 2017] Using config home:/backup/scripts_multihost/.acme.sh/
[Mon Jun 26 16:39:36 CEST 2017] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:39:36 CEST 2017] DOMAIN_PATH='/backup/scripts_multihost/.acme.sh//transfer.viennapaint.com'
[Mon Jun 26 16:39:36 CEST 2017] Using ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:39:36 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:39:36 CEST 2017] GET
[Mon Jun 26 16:39:36 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Mon Jun 26 16:39:36 CEST 2017] timeout
[Mon Jun 26 16:39:36 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.4F4U5RQ04s '
[Mon Jun 26 16:39:36 CEST 2017] ret='0'
[Mon Jun 26 16:39:37 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Mon Jun 26 16:39:37 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:39:37 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Mon Jun 26 16:39:37 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Mon Jun 26 16:39:37 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Mon Jun 26 16:39:37 CEST 2017] Le_NextRenewTime
[Mon Jun 26 16:39:37 CEST 2017] _on_before_issue
[Mon Jun 26 16:39:37 CEST 2017] Le_LocalAddress
[Mon Jun 26 16:39:37 CEST 2017] Check for domain='transfer.viennapaint.com'
[Mon Jun 26 16:39:37 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:39:37 CEST 2017] _saved_account_key_hash is not changed, skip register account.
[Mon Jun 26 16:39:37 CEST 2017] Read key length:
[Mon Jun 26 16:39:37 CEST 2017] _createcsr
[Mon Jun 26 16:39:37 CEST 2017] Single domain='transfer.viennapaint.com'
[Mon Jun 26 16:39:37 CEST 2017] Getting domain auth token for each domain
[Mon Jun 26 16:39:37 CEST 2017] Getting webroot for domain='transfer.viennapaint.com'
[Mon Jun 26 16:39:37 CEST 2017] _w='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:39:37 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:39:37 CEST 2017] Getting new-authz for domain='transfer.viennapaint.com'
[Mon Jun 26 16:39:37 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:39:37 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Mon Jun 26 16:39:37 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:39:37 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Mon Jun 26 16:39:37 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Mon Jun 26 16:39:37 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Mon Jun 26 16:39:37 CEST 2017] Try new-authz for the 0 time.
[Mon Jun 26 16:39:37 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:39:37 CEST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "transfer.viennapaint.com"}}'
[Mon Jun 26 16:39:37 CEST 2017] RSA key
[Mon Jun 26 16:39:37 CEST 2017] GET
[Mon Jun 26 16:39:37 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Mon Jun 26 16:39:37 CEST 2017] timeout
[Mon Jun 26 16:39:37 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.GSqUcnqZ3n '
[Mon Jun 26 16:39:38 CEST 2017] ret='0'
[Mon Jun 26 16:39:38 CEST 2017] POST
[Mon Jun 26 16:39:38 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:39:38 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.Jd0DNPvWLd '
[Mon Jun 26 16:39:39 CEST 2017] _ret='0'
[Mon Jun 26 16:39:39 CEST 2017] code='201'
[Mon Jun 26 16:39:39 CEST 2017] The new-authz request is ok.
[Mon Jun 26 16:39:39 CEST 2017] entry='"type":"http-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/cFQfcCGm-H4_JCNS9nngnym3z8UsLsnnSRyCgB8X2UU/45727853","token":"tRCCSDaD66hoAnDK3bcreF9sHhAcsFU4MPYWO1ka3kk"'
[Mon Jun 26 16:39:39 CEST 2017] token='tRCCSDaD66hoAnDK3bcreF9sHhAcsFU4MPYWO1ka3kk'
[Mon Jun 26 16:39:39 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/cFQfcCGm-H4_JCNS9nngnym3z8UsLsnnSRyCgB8X2UU/45727853'
[Mon Jun 26 16:39:39 CEST 2017] keyauthorization='tRCCSDaD66hoAnDK3bcreF9sHhAcsFU4MPYWO1ka3kk.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Mon Jun 26 16:39:39 CEST 2017] dvlist='transfer.viennapaint.com#tRCCSDaD66hoAnDK3bcreF9sHhAcsFU4MPYWO1ka3kk.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/cFQfcCGm-H4_JCNS9nngnym3z8UsLsnnSRyCgB8X2UU/45727853#http-01#/www/viennapaint.com.transfer/'
[Mon Jun 26 16:39:39 CEST 2017] vlist='transfer.viennapaint.com#tRCCSDaD66hoAnDK3bcreF9sHhAcsFU4MPYWO1ka3kk.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/cFQfcCGm-H4_JCNS9nngnym3z8UsLsnnSRyCgB8X2UU/45727853#http-01#/www/viennapaint.com.transfer/,'
[Mon Jun 26 16:39:39 CEST 2017] ok, let's start to verify
[Mon Jun 26 16:39:39 CEST 2017] Verifying:transfer.viennapaint.com
[Mon Jun 26 16:39:39 CEST 2017] d='transfer.viennapaint.com'
[Mon Jun 26 16:39:39 CEST 2017] keyauthorization='tRCCSDaD66hoAnDK3bcreF9sHhAcsFU4MPYWO1ka3kk.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Mon Jun 26 16:39:39 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/cFQfcCGm-H4_JCNS9nngnym3z8UsLsnnSRyCgB8X2UU/45727853'
[Mon Jun 26 16:39:39 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:39:39 CEST 2017] wellknown_path='/www/viennapaint.com.transfer//.well-known/acme-challenge'
[Mon Jun 26 16:39:39 CEST 2017] writing token:tRCCSDaD66hoAnDK3bcreF9sHhAcsFU4MPYWO1ka3kk to /www/viennapaint.com.transfer//.well-known/acme-challenge/tRCCSDaD66hoAnDK3bcreF9sHhAcsFU4MPYWO1ka3kk
[Mon Jun 26 16:39:39 CEST 2017] Changing owner/group of .well-known to website:www
[Mon Jun 26 16:39:39 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/cFQfcCGm-H4_JCNS9nngnym3z8UsLsnnSRyCgB8X2UU/45727853'
[Mon Jun 26 16:39:39 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "tRCCSDaD66hoAnDK3bcreF9sHhAcsFU4MPYWO1ka3kk.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Mon Jun 26 16:39:39 CEST 2017] POST
[Mon Jun 26 16:39:39 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/cFQfcCGm-H4_JCNS9nngnym3z8UsLsnnSRyCgB8X2UU/45727853'
[Mon Jun 26 16:39:39 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.fGlzlnC3KS '
[Mon Jun 26 16:39:40 CEST 2017] _ret='0'
[Mon Jun 26 16:39:40 CEST 2017] code='202'
[Mon Jun 26 16:39:40 CEST 2017] sleep 2 secs to verify
[Mon Jun 26 16:39:42 CEST 2017] checking
[Mon Jun 26 16:39:42 CEST 2017] GET
[Mon Jun 26 16:39:42 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/cFQfcCGm-H4_JCNS9nngnym3z8UsLsnnSRyCgB8X2UU/45727853'
[Mon Jun 26 16:39:42 CEST 2017] timeout
[Mon Jun 26 16:39:42 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.38yETf4UNx '
[Mon Jun 26 16:39:42 CEST 2017] ret='0'
[Mon Jun 26 16:39:42 CEST 2017] transfer.viennapaint.com:Verify error:Fetching http://transfer.viennapaint.com/.well-known/acme-challenge/tRCCSDaD66hoAnDK3bcreF9sHhAcsFU4MPYWO1ka3kk: Error getting validation data
[Mon Jun 26 16:39:42 CEST 2017] Debug: get token url.
[Mon Jun 26 16:39:42 CEST 2017] GET
[Mon Jun 26 16:39:42 CEST 2017] url='http://transfer.viennapaint.com/.well-known/acme-challenge/tRCCSDaD66hoAnDK3bcreF9sHhAcsFU4MPYWO1ka3kk'
[Mon Jun 26 16:39:42 CEST 2017] timeout='1'
[Mon Jun 26 16:39:42 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.yFGmPfftW6  --connect-timeout 1'
[Mon Jun 26 16:39:42 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 52
[Mon Jun 26 16:39:42 CEST 2017] Here is the curl dump log:
[Mon Jun 26 16:39:42 CEST 2017] == Info: Hostname was NOT found in DNS cache
== Info:   Trying 217.74.11.156...
== Info: Connected to transfer.viennapaint.com (217.74.11.156) port 80 (#0)
=> Send header, 198 bytes (0xc6)
0000: GET /.well-known/acme-challenge/tRCCSDaD66hoAnDK3bcreF9sHhAcsFU4
0040: MPYWO1ka3kk HTTP/1.1
0056: User-Agent: acme.sh/2.7.3 (https://github.com/Neilpang/acme.sh)
0097: Host: transfer.viennapaint.com
00b7: Accept: */*
00c4: 
== Info: Empty reply from server
== Info: Connection #0 to host transfer.viennapaint.com left intact
[Mon Jun 26 16:39:42 CEST 2017] ret='52'
[Mon Jun 26 16:39:42 CEST 2017] Debugging, skip removing: /www/viennapaint.com.transfer//.well-known/acme-challenge/tRCCSDaD66hoAnDK3bcreF9sHhAcsFU4MPYWO1ka3kk
[Mon Jun 26 16:39:42 CEST 2017] pid
[Mon Jun 26 16:39:42 CEST 2017] No need to restore nginx, skip.
[Mon Jun 26 16:39:42 CEST 2017] _clearupdns
[Mon Jun 26 16:39:42 CEST 2017] skip dns.
[Mon Jun 26 16:39:42 CEST 2017] _on_issue_err
[Mon Jun 26 16:39:42 CEST 2017] Please check log file for more details: /backup/scripts_multihost/.acme.sh//acme.sh.log
[Mon Jun 26 16:39:42 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/cFQfcCGm-H4_JCNS9nngnym3z8UsLsnnSRyCgB8X2UU/45727853'
[Mon Jun 26 16:39:42 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "tRCCSDaD66hoAnDK3bcreF9sHhAcsFU4MPYWO1ka3kk.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Mon Jun 26 16:39:42 CEST 2017] POST
[Mon Jun 26 16:39:42 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/cFQfcCGm-H4_JCNS9nngnym3z8UsLsnnSRyCgB8X2UU/45727853'
[Mon Jun 26 16:39:42 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.yFGmPfftW6 '
[Mon Jun 26 16:39:43 CEST 2017] _ret='0'
[Mon Jun 26 16:39:43 CEST 2017] code='400'
[Mon Jun 26 16:39:43 CEST 2017] Diagnosis versions: 
openssl:openssl
OpenSSL 1.0.1i-fips 6 Aug 2014
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
nc:
OpenBSD netcat (SUSE Linux)
This is nc from the netcat-openbsd package. An alternative nc is available
in the netcat-traditional package.
usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]
      [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]
      [-x proxy_address[:port]] [hostname] [port[s]]
    Command Summary:
        -4      Use IPv4
        -6      Use IPv6
        -D      Enable the debug socket option
        -d      Detach from stdin
        -h      This help text
        -i secs     Delay interval for lines sent, ports scanned
        -k      Keep inbound sockets open for multiple connects
        -l      Listen mode, for inbound connects
        -n      Suppress name/port resolutions
        -P proxyuser    Username for proxy authentication
        -p port     Specify local port for remote connects
        -q secs     quit after EOF on stdin and delay of secs
        -r      Randomize remote ports
        -S      Enable the TCP MD5 signature option
        -s addr     Local source address
        -T ToS      Set IP Type of Service
        -C      Send CRLF as line-ending
        -t      Answer TELNET negotiation
        -U      Use UNIX domain socket
        -u      UDP mode
        -Z      DCCP mode
        -v      Verbose
        -w secs     Timeout for connects and final net reads
        -X proto    Proxy protocol: "4", "5" (SOCKS) or "connect"
        -x addr[:port]  Specify proxy address and port
        -z      Zero-I/O mode [used for scanning]
    Port numbers can be individual or ranges: lo-hi [inclusive]
[Mon Jun 26 16:43:07 CEST 2017] Using config home:/backup/scripts_multihost/.acme.sh/
[Mon Jun 26 16:43:07 CEST 2017] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:43:07 CEST 2017] DOMAIN_PATH='/backup/scripts_multihost/.acme.sh//transfer.viennapaint.com'
[Mon Jun 26 16:43:07 CEST 2017] Using ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:43:07 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:43:07 CEST 2017] GET
[Mon Jun 26 16:43:07 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Mon Jun 26 16:43:07 CEST 2017] timeout
[Mon Jun 26 16:43:07 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.dhQjwHGghA '
[Mon Jun 26 16:43:07 CEST 2017] ret='0'
[Mon Jun 26 16:43:07 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Mon Jun 26 16:43:07 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:43:07 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Mon Jun 26 16:43:07 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Mon Jun 26 16:43:07 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Mon Jun 26 16:43:07 CEST 2017] Le_NextRenewTime
[Mon Jun 26 16:43:07 CEST 2017] _on_before_issue
[Mon Jun 26 16:43:07 CEST 2017] Le_LocalAddress
[Mon Jun 26 16:43:08 CEST 2017] Check for domain='transfer.viennapaint.com'
[Mon Jun 26 16:43:08 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:43:08 CEST 2017] _saved_account_key_hash is not changed, skip register account.
[Mon Jun 26 16:43:08 CEST 2017] Read key length:
[Mon Jun 26 16:43:08 CEST 2017] _createcsr
[Mon Jun 26 16:43:08 CEST 2017] Single domain='transfer.viennapaint.com'
[Mon Jun 26 16:43:08 CEST 2017] Getting domain auth token for each domain
[Mon Jun 26 16:43:08 CEST 2017] Getting webroot for domain='transfer.viennapaint.com'
[Mon Jun 26 16:43:08 CEST 2017] _w='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:43:08 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:43:08 CEST 2017] Getting new-authz for domain='transfer.viennapaint.com'
[Mon Jun 26 16:43:08 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:43:08 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Mon Jun 26 16:43:08 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:43:08 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Mon Jun 26 16:43:08 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Mon Jun 26 16:43:08 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Mon Jun 26 16:43:08 CEST 2017] Try new-authz for the 0 time.
[Mon Jun 26 16:43:08 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:43:08 CEST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "transfer.viennapaint.com"}}'
[Mon Jun 26 16:43:08 CEST 2017] RSA key
[Mon Jun 26 16:43:08 CEST 2017] GET
[Mon Jun 26 16:43:08 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Mon Jun 26 16:43:08 CEST 2017] timeout
[Mon Jun 26 16:43:08 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.8oVD9MegXR '
[Mon Jun 26 16:43:08 CEST 2017] ret='0'
[Mon Jun 26 16:43:08 CEST 2017] POST
[Mon Jun 26 16:43:08 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:43:08 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.bBiei3he6B '
[Mon Jun 26 16:43:09 CEST 2017] _ret='0'
[Mon Jun 26 16:43:09 CEST 2017] code='201'
[Mon Jun 26 16:43:09 CEST 2017] The new-authz request is ok.
[Mon Jun 26 16:43:09 CEST 2017] entry='"type":"http-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/nh7X7XEgJHrZBuPg8teD3NgjcIWfaBHMt7iIGOqe_b4/45728174","token":"HZDGpUOzFB9nxYj_qBBlWpLrYLqcbN53I0rgc4KjUcY"'
[Mon Jun 26 16:43:09 CEST 2017] token='HZDGpUOzFB9nxYj_qBBlWpLrYLqcbN53I0rgc4KjUcY'
[Mon Jun 26 16:43:09 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/nh7X7XEgJHrZBuPg8teD3NgjcIWfaBHMt7iIGOqe_b4/45728174'
[Mon Jun 26 16:43:09 CEST 2017] keyauthorization='HZDGpUOzFB9nxYj_qBBlWpLrYLqcbN53I0rgc4KjUcY.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Mon Jun 26 16:43:09 CEST 2017] dvlist='transfer.viennapaint.com#HZDGpUOzFB9nxYj_qBBlWpLrYLqcbN53I0rgc4KjUcY.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/nh7X7XEgJHrZBuPg8teD3NgjcIWfaBHMt7iIGOqe_b4/45728174#http-01#/www/viennapaint.com.transfer/'
[Mon Jun 26 16:43:09 CEST 2017] vlist='transfer.viennapaint.com#HZDGpUOzFB9nxYj_qBBlWpLrYLqcbN53I0rgc4KjUcY.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/nh7X7XEgJHrZBuPg8teD3NgjcIWfaBHMt7iIGOqe_b4/45728174#http-01#/www/viennapaint.com.transfer/,'
[Mon Jun 26 16:43:09 CEST 2017] ok, let's start to verify
[Mon Jun 26 16:43:09 CEST 2017] Verifying:transfer.viennapaint.com
[Mon Jun 26 16:43:09 CEST 2017] d='transfer.viennapaint.com'
[Mon Jun 26 16:43:09 CEST 2017] keyauthorization='HZDGpUOzFB9nxYj_qBBlWpLrYLqcbN53I0rgc4KjUcY.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Mon Jun 26 16:43:09 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/nh7X7XEgJHrZBuPg8teD3NgjcIWfaBHMt7iIGOqe_b4/45728174'
[Mon Jun 26 16:43:09 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:43:09 CEST 2017] wellknown_path='/www/viennapaint.com.transfer//.well-known/acme-challenge'
[Mon Jun 26 16:43:09 CEST 2017] writing token:HZDGpUOzFB9nxYj_qBBlWpLrYLqcbN53I0rgc4KjUcY to /www/viennapaint.com.transfer//.well-known/acme-challenge/HZDGpUOzFB9nxYj_qBBlWpLrYLqcbN53I0rgc4KjUcY
[Mon Jun 26 16:43:09 CEST 2017] Changing owner/group of .well-known to website:www
[Mon Jun 26 16:43:09 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/nh7X7XEgJHrZBuPg8teD3NgjcIWfaBHMt7iIGOqe_b4/45728174'
[Mon Jun 26 16:43:09 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "HZDGpUOzFB9nxYj_qBBlWpLrYLqcbN53I0rgc4KjUcY.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Mon Jun 26 16:43:09 CEST 2017] POST
[Mon Jun 26 16:43:09 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/nh7X7XEgJHrZBuPg8teD3NgjcIWfaBHMt7iIGOqe_b4/45728174'
[Mon Jun 26 16:43:09 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.yTlZ0G0iwF '
[Mon Jun 26 16:43:10 CEST 2017] _ret='0'
[Mon Jun 26 16:43:10 CEST 2017] code='202'
[Mon Jun 26 16:43:10 CEST 2017] sleep 2 secs to verify
[Mon Jun 26 16:43:12 CEST 2017] checking
[Mon Jun 26 16:43:12 CEST 2017] GET
[Mon Jun 26 16:43:12 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/nh7X7XEgJHrZBuPg8teD3NgjcIWfaBHMt7iIGOqe_b4/45728174'
[Mon Jun 26 16:43:12 CEST 2017] timeout
[Mon Jun 26 16:43:12 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.KLETecii6Z '
[Mon Jun 26 16:43:12 CEST 2017] ret='0'
[Mon Jun 26 16:43:12 CEST 2017] transfer.viennapaint.com:Verify error:Fetching http://transfer.viennapaint.com/.well-known/acme-challenge/HZDGpUOzFB9nxYj_qBBlWpLrYLqcbN53I0rgc4KjUcY: Error getting validation data
[Mon Jun 26 16:43:12 CEST 2017] Debug: get token url.
[Mon Jun 26 16:43:12 CEST 2017] GET
[Mon Jun 26 16:43:12 CEST 2017] url='http://transfer.viennapaint.com/.well-known/acme-challenge/HZDGpUOzFB9nxYj_qBBlWpLrYLqcbN53I0rgc4KjUcY'
[Mon Jun 26 16:43:12 CEST 2017] timeout='1'
[Mon Jun 26 16:43:12 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.aRiKaPSyQn  --connect-timeout 1'
[Mon Jun 26 16:43:13 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 56
[Mon Jun 26 16:43:13 CEST 2017] Here is the curl dump log:
[Mon Jun 26 16:43:13 CEST 2017] == Info: Hostname was NOT found in DNS cache
== Info:   Trying 217.74.11.156...
== Info: Connected to transfer.viennapaint.com (217.74.11.156) port 80 (#0)
=> Send header, 198 bytes (0xc6)
0000: GET /.well-known/acme-challenge/HZDGpUOzFB9nxYj_qBBlWpLrYLqcbN53
0040: I0rgc4KjUcY HTTP/1.1
0056: User-Agent: acme.sh/2.7.3 (https://github.com/Neilpang/acme.sh)
0097: Host: transfer.viennapaint.com
00b7: Accept: */*
00c4: 
== Info: Recv failure: Connection reset by peer
== Info: Closing connection 0
[Mon Jun 26 16:43:13 CEST 2017] ret='56'
[Mon Jun 26 16:43:13 CEST 2017] Debugging, skip removing: /www/viennapaint.com.transfer//.well-known/acme-challenge/HZDGpUOzFB9nxYj_qBBlWpLrYLqcbN53I0rgc4KjUcY
[Mon Jun 26 16:43:13 CEST 2017] pid
[Mon Jun 26 16:43:13 CEST 2017] No need to restore nginx, skip.
[Mon Jun 26 16:43:13 CEST 2017] _clearupdns
[Mon Jun 26 16:43:13 CEST 2017] skip dns.
[Mon Jun 26 16:43:13 CEST 2017] _on_issue_err
[Mon Jun 26 16:43:13 CEST 2017] Please check log file for more details: /backup/scripts_multihost/.acme.sh//acme.sh.log
[Mon Jun 26 16:43:13 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/nh7X7XEgJHrZBuPg8teD3NgjcIWfaBHMt7iIGOqe_b4/45728174'
[Mon Jun 26 16:43:13 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "HZDGpUOzFB9nxYj_qBBlWpLrYLqcbN53I0rgc4KjUcY.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Mon Jun 26 16:43:13 CEST 2017] POST
[Mon Jun 26 16:43:13 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/nh7X7XEgJHrZBuPg8teD3NgjcIWfaBHMt7iIGOqe_b4/45728174'
[Mon Jun 26 16:43:13 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.aRiKaPSyQn '
[Mon Jun 26 16:43:14 CEST 2017] _ret='0'
[Mon Jun 26 16:43:14 CEST 2017] code='400'
[Mon Jun 26 16:43:14 CEST 2017] Diagnosis versions: 
openssl:openssl
OpenSSL 1.0.1i-fips 6 Aug 2014
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
nc:
OpenBSD netcat (SUSE Linux)
This is nc from the netcat-openbsd package. An alternative nc is available
in the netcat-traditional package.
usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]
      [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]
      [-x proxy_address[:port]] [hostname] [port[s]]
    Command Summary:
        -4      Use IPv4
        -6      Use IPv6
        -D      Enable the debug socket option
        -d      Detach from stdin
        -h      This help text
        -i secs     Delay interval for lines sent, ports scanned
        -k      Keep inbound sockets open for multiple connects
        -l      Listen mode, for inbound connects
        -n      Suppress name/port resolutions
        -P proxyuser    Username for proxy authentication
        -p port     Specify local port for remote connects
        -q secs     quit after EOF on stdin and delay of secs
        -r      Randomize remote ports
        -S      Enable the TCP MD5 signature option
        -s addr     Local source address
        -T ToS      Set IP Type of Service
        -C      Send CRLF as line-ending
        -t      Answer TELNET negotiation
        -U      Use UNIX domain socket
        -u      UDP mode
        -Z      DCCP mode
        -v      Verbose
        -w secs     Timeout for connects and final net reads
        -X proto    Proxy protocol: "4", "5" (SOCKS) or "connect"
        -x addr[:port]  Specify proxy address and port
        -z      Zero-I/O mode [used for scanning]
    Port numbers can be individual or ranges: lo-hi [inclusive]
[Mon Jun 26 16:43:49 CEST 2017] Using config home:/backup/scripts_multihost/.acme.sh/
[Mon Jun 26 16:43:49 CEST 2017] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:43:49 CEST 2017] DOMAIN_PATH='/backup/scripts_multihost/.acme.sh//transfer.viennapaint.com'
[Mon Jun 26 16:43:49 CEST 2017] Using ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:43:49 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:43:49 CEST 2017] GET
[Mon Jun 26 16:43:49 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Mon Jun 26 16:43:49 CEST 2017] timeout
[Mon Jun 26 16:43:49 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.8la50v68bq '
[Mon Jun 26 16:43:49 CEST 2017] ret='0'
[Mon Jun 26 16:43:49 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Mon Jun 26 16:43:49 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:43:49 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Mon Jun 26 16:43:49 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Mon Jun 26 16:43:49 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Mon Jun 26 16:43:49 CEST 2017] Le_NextRenewTime
[Mon Jun 26 16:43:49 CEST 2017] _on_before_issue
[Mon Jun 26 16:43:49 CEST 2017] Le_LocalAddress
[Mon Jun 26 16:43:49 CEST 2017] Check for domain='transfer.viennapaint.com'
[Mon Jun 26 16:43:49 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:43:49 CEST 2017] _saved_account_key_hash is not changed, skip register account.
[Mon Jun 26 16:43:49 CEST 2017] Read key length:
[Mon Jun 26 16:43:49 CEST 2017] _createcsr
[Mon Jun 26 16:43:49 CEST 2017] Single domain='transfer.viennapaint.com'
[Mon Jun 26 16:43:49 CEST 2017] Getting domain auth token for each domain
[Mon Jun 26 16:43:49 CEST 2017] Getting webroot for domain='transfer.viennapaint.com'
[Mon Jun 26 16:43:49 CEST 2017] _w='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:43:49 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:43:49 CEST 2017] Getting new-authz for domain='transfer.viennapaint.com'
[Mon Jun 26 16:43:49 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:43:49 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Mon Jun 26 16:43:49 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:43:49 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Mon Jun 26 16:43:49 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Mon Jun 26 16:43:49 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Mon Jun 26 16:43:49 CEST 2017] Try new-authz for the 0 time.
[Mon Jun 26 16:43:49 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:43:49 CEST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "transfer.viennapaint.com"}}'
[Mon Jun 26 16:43:49 CEST 2017] RSA key
[Mon Jun 26 16:43:50 CEST 2017] GET
[Mon Jun 26 16:43:50 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Mon Jun 26 16:43:50 CEST 2017] timeout
[Mon Jun 26 16:43:50 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.8a0qAUTkSb '
[Mon Jun 26 16:43:50 CEST 2017] ret='0'
[Mon Jun 26 16:43:50 CEST 2017] POST
[Mon Jun 26 16:43:50 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:43:50 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.Xmowh2CXpa '
[Mon Jun 26 16:43:51 CEST 2017] _ret='0'
[Mon Jun 26 16:43:51 CEST 2017] code='201'
[Mon Jun 26 16:43:51 CEST 2017] The new-authz request is ok.
[Mon Jun 26 16:43:51 CEST 2017] entry='"type":"http-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/QVjNTtCLGakK7ayxl62ppVBhizLifxHIEbeJ5yaKDCE/45728233","token":"XfByTXSXIrXbcGAdlj4a8R4jkApYee8xn1sn_SXukNw"'
[Mon Jun 26 16:43:51 CEST 2017] token='XfByTXSXIrXbcGAdlj4a8R4jkApYee8xn1sn_SXukNw'
[Mon Jun 26 16:43:51 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/QVjNTtCLGakK7ayxl62ppVBhizLifxHIEbeJ5yaKDCE/45728233'
[Mon Jun 26 16:43:51 CEST 2017] keyauthorization='XfByTXSXIrXbcGAdlj4a8R4jkApYee8xn1sn_SXukNw.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Mon Jun 26 16:43:51 CEST 2017] dvlist='transfer.viennapaint.com#XfByTXSXIrXbcGAdlj4a8R4jkApYee8xn1sn_SXukNw.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/QVjNTtCLGakK7ayxl62ppVBhizLifxHIEbeJ5yaKDCE/45728233#http-01#/www/viennapaint.com.transfer/'
[Mon Jun 26 16:43:51 CEST 2017] vlist='transfer.viennapaint.com#XfByTXSXIrXbcGAdlj4a8R4jkApYee8xn1sn_SXukNw.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/QVjNTtCLGakK7ayxl62ppVBhizLifxHIEbeJ5yaKDCE/45728233#http-01#/www/viennapaint.com.transfer/,'
[Mon Jun 26 16:43:51 CEST 2017] ok, let's start to verify
[Mon Jun 26 16:43:51 CEST 2017] Verifying:transfer.viennapaint.com
[Mon Jun 26 16:43:51 CEST 2017] d='transfer.viennapaint.com'
[Mon Jun 26 16:43:51 CEST 2017] keyauthorization='XfByTXSXIrXbcGAdlj4a8R4jkApYee8xn1sn_SXukNw.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Mon Jun 26 16:43:51 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/QVjNTtCLGakK7ayxl62ppVBhizLifxHIEbeJ5yaKDCE/45728233'
[Mon Jun 26 16:43:51 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:43:51 CEST 2017] wellknown_path='/www/viennapaint.com.transfer//.well-known/acme-challenge'
[Mon Jun 26 16:43:51 CEST 2017] writing token:XfByTXSXIrXbcGAdlj4a8R4jkApYee8xn1sn_SXukNw to /www/viennapaint.com.transfer//.well-known/acme-challenge/XfByTXSXIrXbcGAdlj4a8R4jkApYee8xn1sn_SXukNw
[Mon Jun 26 16:43:51 CEST 2017] Changing owner/group of .well-known to website:www
[Mon Jun 26 16:43:51 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/QVjNTtCLGakK7ayxl62ppVBhizLifxHIEbeJ5yaKDCE/45728233'
[Mon Jun 26 16:43:51 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "XfByTXSXIrXbcGAdlj4a8R4jkApYee8xn1sn_SXukNw.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Mon Jun 26 16:43:51 CEST 2017] POST
[Mon Jun 26 16:43:51 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/QVjNTtCLGakK7ayxl62ppVBhizLifxHIEbeJ5yaKDCE/45728233'
[Mon Jun 26 16:43:51 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.iAbT4XybMG '
[Mon Jun 26 16:43:52 CEST 2017] _ret='0'
[Mon Jun 26 16:43:52 CEST 2017] code='202'
[Mon Jun 26 16:43:52 CEST 2017] sleep 2 secs to verify
[Mon Jun 26 16:43:54 CEST 2017] checking
[Mon Jun 26 16:43:54 CEST 2017] GET
[Mon Jun 26 16:43:54 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/QVjNTtCLGakK7ayxl62ppVBhizLifxHIEbeJ5yaKDCE/45728233'
[Mon Jun 26 16:43:54 CEST 2017] timeout
[Mon Jun 26 16:43:54 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.PJJiayKZ3Q '
[Mon Jun 26 16:43:54 CEST 2017] ret='0'
[Mon Jun 26 16:43:54 CEST 2017] transfer.viennapaint.com:Verify error:Fetching http://transfer.viennapaint.com/.well-known/acme-challenge/XfByTXSXIrXbcGAdlj4a8R4jkApYee8xn1sn_SXukNw: Error getting validation data
[Mon Jun 26 16:43:54 CEST 2017] Debug: get token url.
[Mon Jun 26 16:43:54 CEST 2017] GET
[Mon Jun 26 16:43:54 CEST 2017] url='http://transfer.viennapaint.com/.well-known/acme-challenge/XfByTXSXIrXbcGAdlj4a8R4jkApYee8xn1sn_SXukNw'
[Mon Jun 26 16:43:54 CEST 2017] timeout='1'
[Mon Jun 26 16:43:54 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.nWlHRHPC3s  --connect-timeout 1'
[Mon Jun 26 16:43:54 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 52
[Mon Jun 26 16:43:54 CEST 2017] Here is the curl dump log:
[Mon Jun 26 16:43:54 CEST 2017] == Info: Hostname was NOT found in DNS cache
== Info:   Trying 217.74.11.156...
== Info: Connected to transfer.viennapaint.com (217.74.11.156) port 80 (#0)
=> Send header, 198 bytes (0xc6)
0000: GET /.well-known/acme-challenge/XfByTXSXIrXbcGAdlj4a8R4jkApYee8x
0040: n1sn_SXukNw HTTP/1.1
0056: User-Agent: acme.sh/2.7.3 (https://github.com/Neilpang/acme.sh)
0097: Host: transfer.viennapaint.com
00b7: Accept: */*
00c4: 
== Info: Empty reply from server
== Info: Connection #0 to host transfer.viennapaint.com left intact
[Mon Jun 26 16:43:54 CEST 2017] ret='52'
[Mon Jun 26 16:43:54 CEST 2017] Debugging, skip removing: /www/viennapaint.com.transfer//.well-known/acme-challenge/XfByTXSXIrXbcGAdlj4a8R4jkApYee8xn1sn_SXukNw
[Mon Jun 26 16:43:54 CEST 2017] pid
[Mon Jun 26 16:43:54 CEST 2017] No need to restore nginx, skip.
[Mon Jun 26 16:43:54 CEST 2017] _clearupdns
[Mon Jun 26 16:43:54 CEST 2017] skip dns.
[Mon Jun 26 16:43:54 CEST 2017] _on_issue_err
[Mon Jun 26 16:43:54 CEST 2017] Please check log file for more details: /backup/scripts_multihost/.acme.sh//acme.sh.log
[Mon Jun 26 16:43:54 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/QVjNTtCLGakK7ayxl62ppVBhizLifxHIEbeJ5yaKDCE/45728233'
[Mon Jun 26 16:43:54 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "XfByTXSXIrXbcGAdlj4a8R4jkApYee8xn1sn_SXukNw.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Mon Jun 26 16:43:54 CEST 2017] POST
[Mon Jun 26 16:43:54 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/QVjNTtCLGakK7ayxl62ppVBhizLifxHIEbeJ5yaKDCE/45728233'
[Mon Jun 26 16:43:55 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.nWlHRHPC3s '
[Mon Jun 26 16:43:55 CEST 2017] _ret='0'
[Mon Jun 26 16:43:55 CEST 2017] code='400'
[Mon Jun 26 16:43:55 CEST 2017] Diagnosis versions: 
openssl:openssl
OpenSSL 1.0.1i-fips 6 Aug 2014
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
nc:
OpenBSD netcat (SUSE Linux)
This is nc from the netcat-openbsd package. An alternative nc is available
in the netcat-traditional package.
usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]
      [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]
      [-x proxy_address[:port]] [hostname] [port[s]]
    Command Summary:
        -4      Use IPv4
        -6      Use IPv6
        -D      Enable the debug socket option
        -d      Detach from stdin
        -h      This help text
        -i secs     Delay interval for lines sent, ports scanned
        -k      Keep inbound sockets open for multiple connects
        -l      Listen mode, for inbound connects
        -n      Suppress name/port resolutions
        -P proxyuser    Username for proxy authentication
        -p port     Specify local port for remote connects
        -q secs     quit after EOF on stdin and delay of secs
        -r      Randomize remote ports
        -S      Enable the TCP MD5 signature option
        -s addr     Local source address
        -T ToS      Set IP Type of Service
        -C      Send CRLF as line-ending
        -t      Answer TELNET negotiation
        -U      Use UNIX domain socket
        -u      UDP mode
        -Z      DCCP mode
        -v      Verbose
        -w secs     Timeout for connects and final net reads
        -X proto    Proxy protocol: "4", "5" (SOCKS) or "connect"
        -x addr[:port]  Specify proxy address and port
        -z      Zero-I/O mode [used for scanning]
    Port numbers can be individual or ranges: lo-hi [inclusive]
[Mon Jun 26 16:45:13 CEST 2017] Using config home:/backup/scripts_multihost/.acme.sh/
[Mon Jun 26 16:45:13 CEST 2017] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:45:13 CEST 2017] DOMAIN_PATH='/backup/scripts_multihost/.acme.sh//transfer.viennapaint.com'
[Mon Jun 26 16:45:13 CEST 2017] Using ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:45:13 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:45:13 CEST 2017] GET
[Mon Jun 26 16:45:13 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Mon Jun 26 16:45:13 CEST 2017] timeout
[Mon Jun 26 16:45:13 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.J9Cj5pGX3Z '
[Mon Jun 26 16:45:14 CEST 2017] ret='0'
[Mon Jun 26 16:45:14 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Mon Jun 26 16:45:14 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:45:14 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Mon Jun 26 16:45:14 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Mon Jun 26 16:45:14 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Mon Jun 26 16:45:14 CEST 2017] Le_NextRenewTime
[Mon Jun 26 16:45:14 CEST 2017] _on_before_issue
[Mon Jun 26 16:45:14 CEST 2017] Le_LocalAddress
[Mon Jun 26 16:45:14 CEST 2017] Check for domain='transfer.viennapaint.com'
[Mon Jun 26 16:45:14 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:45:14 CEST 2017] _saved_account_key_hash is not changed, skip register account.
[Mon Jun 26 16:45:14 CEST 2017] Read key length:
[Mon Jun 26 16:45:14 CEST 2017] _createcsr
[Mon Jun 26 16:45:14 CEST 2017] Single domain='transfer.viennapaint.com'
[Mon Jun 26 16:45:14 CEST 2017] Getting domain auth token for each domain
[Mon Jun 26 16:45:14 CEST 2017] Getting webroot for domain='transfer.viennapaint.com'
[Mon Jun 26 16:45:14 CEST 2017] _w='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:45:14 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:45:14 CEST 2017] Getting new-authz for domain='transfer.viennapaint.com'
[Mon Jun 26 16:45:14 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:45:14 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Mon Jun 26 16:45:14 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:45:14 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Mon Jun 26 16:45:14 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Mon Jun 26 16:45:14 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Mon Jun 26 16:45:14 CEST 2017] Try new-authz for the 0 time.
[Mon Jun 26 16:45:14 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:45:14 CEST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "transfer.viennapaint.com"}}'
[Mon Jun 26 16:45:14 CEST 2017] RSA key
[Mon Jun 26 16:45:14 CEST 2017] GET
[Mon Jun 26 16:45:14 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Mon Jun 26 16:45:14 CEST 2017] timeout
[Mon Jun 26 16:45:14 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.ZlTtGhY0U3 '
[Mon Jun 26 16:45:14 CEST 2017] ret='0'
[Mon Jun 26 16:45:14 CEST 2017] POST
[Mon Jun 26 16:45:14 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:45:14 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.xQhI1lzJfm '
[Mon Jun 26 16:45:15 CEST 2017] _ret='0'
[Mon Jun 26 16:45:15 CEST 2017] code='201'
[Mon Jun 26 16:45:15 CEST 2017] The new-authz request is ok.
[Mon Jun 26 16:45:15 CEST 2017] entry='"type":"http-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/lsN9p0q3HK4te1-Um4QGH6lSE2NPESF6cvL2fTb-BCA/45728398","token":"i3Nmgeh5DUF_wDeEtOM7fOcmlz29nN3TqZ8u_1VgkTk"'
[Mon Jun 26 16:45:15 CEST 2017] token='i3Nmgeh5DUF_wDeEtOM7fOcmlz29nN3TqZ8u_1VgkTk'
[Mon Jun 26 16:45:15 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/lsN9p0q3HK4te1-Um4QGH6lSE2NPESF6cvL2fTb-BCA/45728398'
[Mon Jun 26 16:45:15 CEST 2017] keyauthorization='i3Nmgeh5DUF_wDeEtOM7fOcmlz29nN3TqZ8u_1VgkTk.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Mon Jun 26 16:45:15 CEST 2017] dvlist='transfer.viennapaint.com#i3Nmgeh5DUF_wDeEtOM7fOcmlz29nN3TqZ8u_1VgkTk.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/lsN9p0q3HK4te1-Um4QGH6lSE2NPESF6cvL2fTb-BCA/45728398#http-01#/www/viennapaint.com.transfer/'
[Mon Jun 26 16:45:15 CEST 2017] vlist='transfer.viennapaint.com#i3Nmgeh5DUF_wDeEtOM7fOcmlz29nN3TqZ8u_1VgkTk.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/lsN9p0q3HK4te1-Um4QGH6lSE2NPESF6cvL2fTb-BCA/45728398#http-01#/www/viennapaint.com.transfer/,'
[Mon Jun 26 16:45:15 CEST 2017] ok, let's start to verify
[Mon Jun 26 16:45:15 CEST 2017] Verifying:transfer.viennapaint.com
[Mon Jun 26 16:45:15 CEST 2017] d='transfer.viennapaint.com'
[Mon Jun 26 16:45:15 CEST 2017] keyauthorization='i3Nmgeh5DUF_wDeEtOM7fOcmlz29nN3TqZ8u_1VgkTk.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Mon Jun 26 16:45:15 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/lsN9p0q3HK4te1-Um4QGH6lSE2NPESF6cvL2fTb-BCA/45728398'
[Mon Jun 26 16:45:15 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:45:15 CEST 2017] wellknown_path='/www/viennapaint.com.transfer//.well-known/acme-challenge'
[Mon Jun 26 16:45:15 CEST 2017] writing token:i3Nmgeh5DUF_wDeEtOM7fOcmlz29nN3TqZ8u_1VgkTk to /www/viennapaint.com.transfer//.well-known/acme-challenge/i3Nmgeh5DUF_wDeEtOM7fOcmlz29nN3TqZ8u_1VgkTk
[Mon Jun 26 16:45:15 CEST 2017] Changing owner/group of .well-known to website:www
[Mon Jun 26 16:45:15 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/lsN9p0q3HK4te1-Um4QGH6lSE2NPESF6cvL2fTb-BCA/45728398'
[Mon Jun 26 16:45:15 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "i3Nmgeh5DUF_wDeEtOM7fOcmlz29nN3TqZ8u_1VgkTk.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Mon Jun 26 16:45:15 CEST 2017] POST
[Mon Jun 26 16:45:15 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/lsN9p0q3HK4te1-Um4QGH6lSE2NPESF6cvL2fTb-BCA/45728398'
[Mon Jun 26 16:45:16 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.DAaHx3uA6e '
[Mon Jun 26 16:45:16 CEST 2017] _ret='0'
[Mon Jun 26 16:45:16 CEST 2017] code='202'
[Mon Jun 26 16:45:16 CEST 2017] sleep 2 secs to verify
[Mon Jun 26 16:45:18 CEST 2017] checking
[Mon Jun 26 16:45:18 CEST 2017] GET
[Mon Jun 26 16:45:18 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/lsN9p0q3HK4te1-Um4QGH6lSE2NPESF6cvL2fTb-BCA/45728398'
[Mon Jun 26 16:45:18 CEST 2017] timeout
[Mon Jun 26 16:45:18 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.uvwTHbeuOy '
[Mon Jun 26 16:45:19 CEST 2017] ret='0'
[Mon Jun 26 16:45:19 CEST 2017] transfer.viennapaint.com:Verify error:Fetching https://transfer.viennapaint.com.well-known/acme-challenge/i3Nmgeh5DUF_wDeEtOM7fOcmlz29nN3TqZ8u_1VgkTk: Error getting validation data
[Mon Jun 26 16:45:19 CEST 2017] Debug: get token url.
[Mon Jun 26 16:45:19 CEST 2017] GET
[Mon Jun 26 16:45:19 CEST 2017] url='http://transfer.viennapaint.com/.well-known/acme-challenge/i3Nmgeh5DUF_wDeEtOM7fOcmlz29nN3TqZ8u_1VgkTk'
[Mon Jun 26 16:45:19 CEST 2017] timeout='1'
[Mon Jun 26 16:45:19 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.re3No2jgxf  --connect-timeout 1'
[Mon Jun 26 16:45:19 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 60
[Mon Jun 26 16:45:19 CEST 2017] Here is the curl dump log:
[Mon Jun 26 16:45:19 CEST 2017] == Info: Hostname was NOT found in DNS cache
== Info:   Trying 217.74.11.156...
== Info: Connected to transfer.viennapaint.com (217.74.11.156) port 80 (#0)
=> Send header, 198 bytes (0xc6)
0000: GET /.well-known/acme-challenge/i3Nmgeh5DUF_wDeEtOM7fOcmlz29nN3T
0040: qZ8u_1VgkTk HTTP/1.1
0056: User-Agent: acme.sh/2.7.3 (https://github.com/Neilpang/acme.sh)
0097: Host: transfer.viennapaint.com
00b7: Accept: */*
00c4: 
<= Recv header, 20 bytes (0x14)
0000: HTTP/1.1 302 Found
<= Recv header, 37 bytes (0x25)
0000: Date: Mon, 26 Jun 2017 14:45:19 GMT
== Info: Server Apache/2.4.10 (Linux/SUSE) is not blacklisted
<= Recv header, 36 bytes (0x24)
0000: Server: Apache/2.4.10 (Linux/SUSE)
<= Recv header, 114 bytes (0x72)
0000: Location: https://transfer.viennapaint.com.well-known/acme-chall
0040: enge/i3Nmgeh5DUF_wDeEtOM7fOcmlz29nN3TqZ8u_1VgkTk
<= Recv header, 21 bytes (0x15)
0000: Content-Length: 380
<= Recv header, 19 bytes (0x13)
0000: Connection: close
<= Recv header, 45 bytes (0x2d)
0000: Content-Type: text/html; charset=iso-8859-1
<= Recv header, 2 bytes (0x2)
0000: 
== Info: Closing connection 0
== Info: Issue another request to this URL: 'https://transfer.viennapaint.com.well-known/acme-challenge/i3Nmgeh5DUF_wDeEtOM7fOcmlz29nN3TqZ8u_1VgkTk'
== Info: Hostname was NOT found in DNS cache
== Info:   Trying 217.74.11.156...
== Info: Connected to transfer.viennapaint.com.well-known (217.74.11.156) port 443 (#1)
== Info: successfully set certificate verify locations:
== Info:   CAfile: none
  CApath: /etc/ssl/certs/
== Info: SSLv3, TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: .........].....b.x...pY.M..}....]E.z69....0.,.(.$.........k.j.9.
0040: 8.....2...*.&.......=.5.../.+.'.#.........g.@.3.2.....E.D.1.-.).
0080: %.......<./...A...............................Q...(.&..#transfer
00c0: .viennapaint.com.well-known.....................................
0100: .. .............................................................
0140: ................................................................
0180: ................................................................
01c0: ................................................................
== Info: SSLv3, TLS handshake, Server hello (2):
<= Recv SSL data, 94 bytes (0x5e)
0000: ...Z..o_w..e.*e.....}_.Z}Q=#Q<.9T..(|. .#J..k...7..Q....7.....T.
0040: ..6..<..0.....................
== Info: SSLv3, TLS handshake, CERT (11):
<= Recv SSL data, 2494 bytes (0x9be)
0000: ..........0...0.................x......K...0...*.H........0J1.0.
0040: ..U....US1.0...U....Let's Encrypt1#0!..U....Let's Encrypt Author
0080: ity X30...170323093700Z..170621093700Z0.1.0...U....viennapaint.c
00c0: om0.."0...*.H.............0..........z.....a&l...h(<#........Yu.
0100: 1<)h\^h.....+...62.......C.T#.Y.T.$..kT..s.....&..0.....^.b4`...
0140: Y....f..vi.z..a....J&.d.)X.a.r.6.I..1h....?...\...../i.....a|A..
0180: v.f...._.:............4.)....q.H.s...k,.c..V_xMVt...[...vHI..}..
01c0: .Ha5....h....<..tN.m.b.Z.I..;...@>.........%0..!0...U...........
0200: 0...U.%..0...+.........+.......0...U.......0.0...U......R%...KT#
0240: ...M;.....a0...U.#..0....Jjc.}....9..Ee.....0p..+........d0b0/.
0280: .+.....0..#http://ocsp.int-x3.letsencrypt.org/0/..+.....0..#http
02c0: ://cert.int-x3.letsencrypt.org/0/..U...(0&..viennapaint.com..www
0300: .viennapaint.com0....U. ...0..0...g.....0....+..........0..0&..+
0340: .........http://cps.letsencrypt.org0....+.......0.....This Certi
0380: ficate may only be relied upon by Relying Parties and only in ac
03c0: cordance with the Certificate Policy found at https://letsencryp
0400: t.org/repository/0...*.H................f..\{.m...P&u.N.P..F.`..
0440: ....F...j. ..E........T.?!.e$.......[.>....._..z:y../.a.1Hy.8Er.
0480: ..Of...?#.,.>...v).5c..B.;.F...X.......<.R.<. w.d....D...<6n?pu.
04c0: _...*.'.."..rKs.m.^{...5.N.Lz..?......e...3...C...........R.a#..
0500: Sj..4.+..8..v*...1.H.l.n...t&.<.bQ..!...0...0..z.........AB...S.
0540: sj.....0...*.H........0?1$0"..U....Digital Signature Trust Co.1.
0580: 0...U....DST Root CA X30...160317164046Z..210317164046Z0J1.0...U
05c0: ....US1.0...U....Let's Encrypt1#0!..U....Let's Encrypt Authority
0600:  X30.."0...*.H.............0............Z..G.r]7..hc0..5&.%...5.
0640: p./..KA....5.X..*.h....u....bq.y.`.......xgq.i........`<H.~.Mw.$
0680: .G.Z....7....{....J..A.6....m<.h.#*B...tg....Ra..?e.......V....
06c0: .?.......k...}.+.e...6u.k.J...Ix/..O* %)..t..1..18....3.C....0.
0700: y1.=-6....3j.91......d.3...).....}..........}0..y0...U.......0..
0740: .....0...U...........0..+........s0q02..+.....0..&http://isrg.t
0780: rustid.ocsp.identrust.com0;..+.....0../http://apps.identrust.com
07c0: /roots/dstrootcax3.p7c0...U.#..0.......{,q...K.u...`...0T..U. .M
0800: 0K0...g.....0?..+..........000...+........"http://cps.root-x1.le
0840: tsencrypt.org0<..U...50301./.-.+http://crl.identrust.com/DSTROOT
0880: CAX3CRL.crl0...U.......Jjc.}....9..Ee.....0...*.H..............3
08c0: ...cX8.....U.vV.pH.iG'{.$...Z.J.)7$tQ.bh...pg....N(Q.........Z..
0900: ....j.j.>W#....b.......?..H....eb..T..*. .........2...w..ye.+.(.
0940: :.R..R.._....3.wl.@.2...\A.tl[]._3.M..8./{,b....o%./...F=.~..z..
0980: .zm..%......./X../,h&.K........CJ.DNosz(...n{L}.....D....4[.B
== Info: SSLv3, TLS alert, Server hello (2):
=> Send SSL data, 2 bytes (0x2)
0000: .-
== Info: SSL certificate problem: certificate has expired
== Info: Closing connection 1
[Mon Jun 26 16:45:19 CEST 2017] ret='60'
[Mon Jun 26 16:45:19 CEST 2017] Debugging, skip removing: /www/viennapaint.com.transfer//.well-known/acme-challenge/i3Nmgeh5DUF_wDeEtOM7fOcmlz29nN3TqZ8u_1VgkTk
[Mon Jun 26 16:45:19 CEST 2017] pid
[Mon Jun 26 16:45:19 CEST 2017] No need to restore nginx, skip.
[Mon Jun 26 16:45:19 CEST 2017] _clearupdns
[Mon Jun 26 16:45:19 CEST 2017] skip dns.
[Mon Jun 26 16:45:19 CEST 2017] _on_issue_err
[Mon Jun 26 16:45:19 CEST 2017] Please check log file for more details: /backup/scripts_multihost/.acme.sh//acme.sh.log
[Mon Jun 26 16:45:19 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/lsN9p0q3HK4te1-Um4QGH6lSE2NPESF6cvL2fTb-BCA/45728398'
[Mon Jun 26 16:45:19 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "i3Nmgeh5DUF_wDeEtOM7fOcmlz29nN3TqZ8u_1VgkTk.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Mon Jun 26 16:45:19 CEST 2017] POST
[Mon Jun 26 16:45:19 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/lsN9p0q3HK4te1-Um4QGH6lSE2NPESF6cvL2fTb-BCA/45728398'
[Mon Jun 26 16:45:19 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.re3No2jgxf '
[Mon Jun 26 16:45:20 CEST 2017] _ret='0'
[Mon Jun 26 16:45:20 CEST 2017] code='400'
[Mon Jun 26 16:45:20 CEST 2017] Diagnosis versions: 
openssl:openssl
OpenSSL 1.0.1i-fips 6 Aug 2014
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
nc:
OpenBSD netcat (SUSE Linux)
This is nc from the netcat-openbsd package. An alternative nc is available
in the netcat-traditional package.
usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]
      [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]
      [-x proxy_address[:port]] [hostname] [port[s]]
    Command Summary:
        -4      Use IPv4
        -6      Use IPv6
        -D      Enable the debug socket option
        -d      Detach from stdin
        -h      This help text
        -i secs     Delay interval for lines sent, ports scanned
        -k      Keep inbound sockets open for multiple connects
        -l      Listen mode, for inbound connects
        -n      Suppress name/port resolutions
        -P proxyuser    Username for proxy authentication
        -p port     Specify local port for remote connects
        -q secs     quit after EOF on stdin and delay of secs
        -r      Randomize remote ports
        -S      Enable the TCP MD5 signature option
        -s addr     Local source address
        -T ToS      Set IP Type of Service
        -C      Send CRLF as line-ending
        -t      Answer TELNET negotiation
        -U      Use UNIX domain socket
        -u      UDP mode
        -Z      DCCP mode
        -v      Verbose
        -w secs     Timeout for connects and final net reads
        -X proto    Proxy protocol: "4", "5" (SOCKS) or "connect"
        -x addr[:port]  Specify proxy address and port
        -z      Zero-I/O mode [used for scanning]
    Port numbers can be individual or ranges: lo-hi [inclusive]
[Mon Jun 26 16:46:02 CEST 2017] Using config home:/backup/scripts_multihost/.acme.sh/
[Mon Jun 26 16:46:02 CEST 2017] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:46:02 CEST 2017] DOMAIN_PATH='/backup/scripts_multihost/.acme.sh//transfer.viennapaint.com'
[Mon Jun 26 16:46:02 CEST 2017] Renew: 'transfer.viennapaint.com'
[Mon Jun 26 16:46:02 CEST 2017] Using config home:/backup/scripts_multihost/.acme.sh/
[Mon Jun 26 16:46:02 CEST 2017] Using ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:46:02 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:46:02 CEST 2017] GET
[Mon Jun 26 16:46:02 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Mon Jun 26 16:46:02 CEST 2017] timeout
[Mon Jun 26 16:46:02 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.g6Os0k22cf '
[Mon Jun 26 16:46:02 CEST 2017] ret='0'
[Mon Jun 26 16:46:02 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Mon Jun 26 16:46:02 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:46:02 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Mon Jun 26 16:46:02 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Mon Jun 26 16:46:02 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Mon Jun 26 16:46:02 CEST 2017] Le_NextRenewTime
[Mon Jun 26 16:46:02 CEST 2017] _on_before_issue
[Mon Jun 26 16:46:02 CEST 2017] Le_LocalAddress
[Mon Jun 26 16:46:02 CEST 2017] Check for domain='transfer.viennapaint.com'
[Mon Jun 26 16:46:02 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:46:02 CEST 2017] _saved_account_key_hash is not changed, skip register account.
[Mon Jun 26 16:46:02 CEST 2017] Read key length:
[Mon Jun 26 16:46:02 CEST 2017] _createcsr
[Mon Jun 26 16:46:02 CEST 2017] Single domain='transfer.viennapaint.com'
[Mon Jun 26 16:46:02 CEST 2017] Getting domain auth token for each domain
[Mon Jun 26 16:46:02 CEST 2017] Getting webroot for domain='transfer.viennapaint.com'
[Mon Jun 26 16:46:02 CEST 2017] _w='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:46:02 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:46:02 CEST 2017] Getting new-authz for domain='transfer.viennapaint.com'
[Mon Jun 26 16:46:02 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Mon Jun 26 16:46:02 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Mon Jun 26 16:46:02 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:46:02 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Mon Jun 26 16:46:02 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Mon Jun 26 16:46:02 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Mon Jun 26 16:46:02 CEST 2017] Try new-authz for the 0 time.
[Mon Jun 26 16:46:02 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:46:02 CEST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "transfer.viennapaint.com"}}'
[Mon Jun 26 16:46:02 CEST 2017] RSA key
[Mon Jun 26 16:46:03 CEST 2017] GET
[Mon Jun 26 16:46:03 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Mon Jun 26 16:46:03 CEST 2017] timeout
[Mon Jun 26 16:46:03 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.RCNimAlt0q '
[Mon Jun 26 16:46:03 CEST 2017] ret='0'
[Mon Jun 26 16:46:03 CEST 2017] POST
[Mon Jun 26 16:46:03 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Mon Jun 26 16:46:03 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.zmkqYtlqFt '
[Mon Jun 26 16:46:04 CEST 2017] _ret='0'
[Mon Jun 26 16:46:04 CEST 2017] code='201'
[Mon Jun 26 16:46:04 CEST 2017] The new-authz request is ok.
[Mon Jun 26 16:46:04 CEST 2017] entry='"type":"http-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/U0dm7ZgapQg5Wbhao2bKOY7wkRhVcqvLUENlHm_mZDk/45728505","token":"T5K32R1v_vZ0o6r5zHQV56bEr_Qfdiou71tfYWHGYf4"'
[Mon Jun 26 16:46:04 CEST 2017] token='T5K32R1v_vZ0o6r5zHQV56bEr_Qfdiou71tfYWHGYf4'
[Mon Jun 26 16:46:04 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/U0dm7ZgapQg5Wbhao2bKOY7wkRhVcqvLUENlHm_mZDk/45728505'
[Mon Jun 26 16:46:04 CEST 2017] keyauthorization='T5K32R1v_vZ0o6r5zHQV56bEr_Qfdiou71tfYWHGYf4.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Mon Jun 26 16:46:04 CEST 2017] dvlist='transfer.viennapaint.com#T5K32R1v_vZ0o6r5zHQV56bEr_Qfdiou71tfYWHGYf4.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/U0dm7ZgapQg5Wbhao2bKOY7wkRhVcqvLUENlHm_mZDk/45728505#http-01#/www/viennapaint.com.transfer/'
[Mon Jun 26 16:46:04 CEST 2017] vlist='transfer.viennapaint.com#T5K32R1v_vZ0o6r5zHQV56bEr_Qfdiou71tfYWHGYf4.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/U0dm7ZgapQg5Wbhao2bKOY7wkRhVcqvLUENlHm_mZDk/45728505#http-01#/www/viennapaint.com.transfer/,'
[Mon Jun 26 16:46:04 CEST 2017] ok, let's start to verify
[Mon Jun 26 16:46:04 CEST 2017] Verifying:transfer.viennapaint.com
[Mon Jun 26 16:46:04 CEST 2017] d='transfer.viennapaint.com'
[Mon Jun 26 16:46:04 CEST 2017] keyauthorization='T5K32R1v_vZ0o6r5zHQV56bEr_Qfdiou71tfYWHGYf4.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Mon Jun 26 16:46:04 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/U0dm7ZgapQg5Wbhao2bKOY7wkRhVcqvLUENlHm_mZDk/45728505'
[Mon Jun 26 16:46:04 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Mon Jun 26 16:46:04 CEST 2017] wellknown_path='/www/viennapaint.com.transfer//.well-known/acme-challenge'
[Mon Jun 26 16:46:04 CEST 2017] writing token:T5K32R1v_vZ0o6r5zHQV56bEr_Qfdiou71tfYWHGYf4 to /www/viennapaint.com.transfer//.well-known/acme-challenge/T5K32R1v_vZ0o6r5zHQV56bEr_Qfdiou71tfYWHGYf4
[Mon Jun 26 16:46:04 CEST 2017] Changing owner/group of .well-known to website:www
[Mon Jun 26 16:46:04 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/U0dm7ZgapQg5Wbhao2bKOY7wkRhVcqvLUENlHm_mZDk/45728505'
[Mon Jun 26 16:46:04 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "T5K32R1v_vZ0o6r5zHQV56bEr_Qfdiou71tfYWHGYf4.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Mon Jun 26 16:46:04 CEST 2017] POST
[Mon Jun 26 16:46:04 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/U0dm7ZgapQg5Wbhao2bKOY7wkRhVcqvLUENlHm_mZDk/45728505'
[Mon Jun 26 16:46:04 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.WnsIBY5Ko2 '
[Mon Jun 26 16:46:05 CEST 2017] _ret='0'
[Mon Jun 26 16:46:05 CEST 2017] code='202'
[Mon Jun 26 16:46:05 CEST 2017] sleep 2 secs to verify
[Mon Jun 26 16:46:07 CEST 2017] checking
[Mon Jun 26 16:46:07 CEST 2017] GET
[Mon Jun 26 16:46:07 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/U0dm7ZgapQg5Wbhao2bKOY7wkRhVcqvLUENlHm_mZDk/45728505'
[Mon Jun 26 16:46:07 CEST 2017] timeout
[Mon Jun 26 16:46:07 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.b7KBTEzo6p '
[Mon Jun 26 16:46:07 CEST 2017] ret='0'
[Mon Jun 26 16:46:07 CEST 2017] transfer.viennapaint.com:Verify error:Fetching https://transfer.viennapaint.com.well-known/acme-challenge/T5K32R1v_vZ0o6r5zHQV56bEr_Qfdiou71tfYWHGYf4: Error getting validation data
[Mon Jun 26 16:46:07 CEST 2017] Debug: get token url.
[Mon Jun 26 16:46:07 CEST 2017] GET
[Mon Jun 26 16:46:07 CEST 2017] url='http://transfer.viennapaint.com/.well-known/acme-challenge/T5K32R1v_vZ0o6r5zHQV56bEr_Qfdiou71tfYWHGYf4'
[Mon Jun 26 16:46:07 CEST 2017] timeout='1'
[Mon Jun 26 16:46:07 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.HAEI21UUsN  --connect-timeout 1'
[Mon Jun 26 16:46:08 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 60
[Mon Jun 26 16:46:08 CEST 2017] Here is the curl dump log:
[Mon Jun 26 16:46:08 CEST 2017] == Info: Hostname was NOT found in DNS cache
== Info:   Trying 217.74.11.156...
== Info: Connected to transfer.viennapaint.com (217.74.11.156) port 80 (#0)
=> Send header, 198 bytes (0xc6)
0000: GET /.well-known/acme-challenge/T5K32R1v_vZ0o6r5zHQV56bEr_Qfdiou
0040: 71tfYWHGYf4 HTTP/1.1
0056: User-Agent: acme.sh/2.7.3 (https://github.com/Neilpang/acme.sh)
0097: Host: transfer.viennapaint.com
00b7: Accept: */*
00c4: 
<= Recv header, 20 bytes (0x14)
0000: HTTP/1.1 302 Found
<= Recv header, 37 bytes (0x25)
0000: Date: Mon, 26 Jun 2017 14:46:07 GMT
== Info: Server Apache/2.4.10 (Linux/SUSE) is not blacklisted
<= Recv header, 36 bytes (0x24)
0000: Server: Apache/2.4.10 (Linux/SUSE)
<= Recv header, 114 bytes (0x72)
0000: Location: https://transfer.viennapaint.com.well-known/acme-chall
0040: enge/T5K32R1v_vZ0o6r5zHQV56bEr_Qfdiou71tfYWHGYf4
<= Recv header, 21 bytes (0x15)
0000: Content-Length: 380
<= Recv header, 19 bytes (0x13)
0000: Connection: close
<= Recv header, 45 bytes (0x2d)
0000: Content-Type: text/html; charset=iso-8859-1
<= Recv header, 2 bytes (0x2)
0000: 
== Info: Closing connection 0
== Info: Issue another request to this URL: 'https://transfer.viennapaint.com.well-known/acme-challenge/T5K32R1v_vZ0o6r5zHQV56bEr_Qfdiou71tfYWHGYf4'
== Info: Hostname was NOT found in DNS cache
== Info:   Trying 217.74.11.156...
== Info: Connected to transfer.viennapaint.com.well-known (217.74.11.156) port 443 (#1)
== Info: successfully set certificate verify locations:
== Info:   CAfile: none
  CApath: /etc/ssl/certs/
== Info: SSLv3, TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: ......<h...z.8..>.G......}....e...........0.,.(.$.........k.j.9.
0040: 8.....2...*.&.......=.5.../.+.'.#.........g.@.3.2.....E.D.1.-.).
0080: %.......<./...A...............................Q...(.&..#transfer
00c0: .viennapaint.com.well-known.....................................
0100: .. .............................................................
0140: ................................................................
0180: ................................................................
01c0: ................................................................
== Info: SSLv3, TLS handshake, Server hello (2):
<= Recv SSL data, 94 bytes (0x5e)
0000: ...Z..u.>Q......y..$!g.^..8.A.8.d.8..u 0.._G..R..^.i|U..{... g.:
0040: n.....F.0.....................
== Info: SSLv3, TLS handshake, CERT (11):
<= Recv SSL data, 2494 bytes (0x9be)
0000: ..........0...0.................x......K...0...*.H........0J1.0.
0040: ..U....US1.0...U....Let's Encrypt1#0!..U....Let's Encrypt Author
0080: ity X30...170323093700Z..170621093700Z0.1.0...U....viennapaint.c
00c0: om0.."0...*.H.............0..........z.....a&l...h(<#........Yu.
0100: 1<)h\^h.....+...62.......C.T#.Y.T.$..kT..s.....&..0.....^.b4`...
0140: Y....f..vi.z..a....J&.d.)X.a.r.6.I..1h....?...\...../i.....a|A..
0180: v.f...._.:............4.)....q.H.s...k,.c..V_xMVt...[...vHI..}..
01c0: .Ha5....h....<..tN.m.b.Z.I..;...@>.........%0..!0...U...........
0200: 0...U.%..0...+.........+.......0...U.......0.0...U......R%...KT#
0240: ...M;.....a0...U.#..0....Jjc.}....9..Ee.....0p..+........d0b0/.
0280: .+.....0..#http://ocsp.int-x3.letsencrypt.org/0/..+.....0..#http
02c0: ://cert.int-x3.letsencrypt.org/0/..U...(0&..viennapaint.com..www
0300: .viennapaint.com0....U. ...0..0...g.....0....+..........0..0&..+
0340: .........http://cps.letsencrypt.org0....+.......0.....This Certi
0380: ficate may only be relied upon by Relying Parties and only in ac
03c0: cordance with the Certificate Policy found at https://letsencryp
0400: t.org/repository/0...*.H................f..\{.m...P&u.N.P..F.`..
0440: ....F...j. ..E........T.?!.e$.......[.>....._..z:y../.a.1Hy.8Er.
0480: ..Of...?#.,.>...v).5c..B.;.F...X.......<.R.<. w.d....D...<6n?pu.
04c0: _...*.'.."..rKs.m.^{...5.N.Lz..?......e...3...C...........R.a#..
0500: Sj..4.+..8..v*...1.H.l.n...t&.<.bQ..!...0...0..z.........AB...S.
0540: sj.....0...*.H........0?1$0"..U....Digital Signature Trust Co.1.
0580: 0...U....DST Root CA X30...160317164046Z..210317164046Z0J1.0...U
05c0: ....US1.0...U....Let's Encrypt1#0!..U....Let's Encrypt Authority
0600:  X30.."0...*.H.............0............Z..G.r]7..hc0..5&.%...5.
0640: p./..KA....5.X..*.h....u....bq.y.`.......xgq.i........`<H.~.Mw.$
0680: .G.Z....7....{....J..A.6....m<.h.#*B...tg....Ra..?e.......V....
06c0: .?.......k...}.+.e...6u.k.J...Ix/..O* %)..t..1..18....3.C....0.
0700: y1.=-6....3j.91......d.3...).....}..........}0..y0...U.......0..
0740: .....0...U...........0..+........s0q02..+.....0..&http://isrg.t
0780: rustid.ocsp.identrust.com0;..+.....0../http://apps.identrust.com
07c0: /roots/dstrootcax3.p7c0...U.#..0.......{,q...K.u...`...0T..U. .M
0800: 0K0...g.....0?..+..........000...+........"http://cps.root-x1.le
0840: tsencrypt.org0<..U...50301./.-.+http://crl.identrust.com/DSTROOT
0880: CAX3CRL.crl0...U.......Jjc.}....9..Ee.....0...*.H..............3
08c0: ...cX8.....U.vV.pH.iG'{.$...Z.J.)7$tQ.bh...pg....N(Q.........Z..
0900: ....j.j.>W#....b.......?..H....eb..T..*. .........2...w..ye.+.(.
0940: :.R..R.._....3.wl.@.2...\A.tl[]._3.M..8./{,b....o%./...F=.~..z..
0980: .zm..%......./X../,h&.K........CJ.DNosz(...n{L}.....D....4[.B
== Info: SSLv3, TLS alert, Server hello (2):
=> Send SSL data, 2 bytes (0x2)
0000: .-
== Info: SSL certificate problem: certificate has expired
== Info: Closing connection 1
[Mon Jun 26 16:46:08 CEST 2017] ret='60'
[Mon Jun 26 16:46:08 CEST 2017] Debugging, skip removing: /www/viennapaint.com.transfer//.well-known/acme-challenge/T5K32R1v_vZ0o6r5zHQV56bEr_Qfdiou71tfYWHGYf4
[Mon Jun 26 16:46:08 CEST 2017] pid
[Mon Jun 26 16:46:08 CEST 2017] No need to restore nginx, skip.
[Mon Jun 26 16:46:08 CEST 2017] _clearupdns
[Mon Jun 26 16:46:08 CEST 2017] skip dns.
[Mon Jun 26 16:46:08 CEST 2017] _on_issue_err
[Mon Jun 26 16:46:08 CEST 2017] Please check log file for more details: /backup/scripts_multihost/.acme.sh//acme.sh.log
[Mon Jun 26 16:46:08 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/U0dm7ZgapQg5Wbhao2bKOY7wkRhVcqvLUENlHm_mZDk/45728505'
[Mon Jun 26 16:46:08 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "T5K32R1v_vZ0o6r5zHQV56bEr_Qfdiou71tfYWHGYf4.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Mon Jun 26 16:46:08 CEST 2017] POST
[Mon Jun 26 16:46:08 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/U0dm7ZgapQg5Wbhao2bKOY7wkRhVcqvLUENlHm_mZDk/45728505'
[Mon Jun 26 16:46:08 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.HAEI21UUsN '
[Mon Jun 26 16:46:09 CEST 2017] _ret='0'
[Mon Jun 26 16:46:09 CEST 2017] code='400'
[Mon Jun 26 16:46:09 CEST 2017] Diagnosis versions: 
openssl:openssl
OpenSSL 1.0.1i-fips 6 Aug 2014
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
nc:
OpenBSD netcat (SUSE Linux)
This is nc from the netcat-openbsd package. An alternative nc is available
in the netcat-traditional package.
usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]
      [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]
      [-x proxy_address[:port]] [hostname] [port[s]]
    Command Summary:
        -4      Use IPv4
        -6      Use IPv6
        -D      Enable the debug socket option
        -d      Detach from stdin
        -h      This help text
        -i secs     Delay interval for lines sent, ports scanned
        -k      Keep inbound sockets open for multiple connects
        -l      Listen mode, for inbound connects
        -n      Suppress name/port resolutions
        -P proxyuser    Username for proxy authentication
        -p port     Specify local port for remote connects
        -q secs     quit after EOF on stdin and delay of secs
        -r      Randomize remote ports
        -S      Enable the TCP MD5 signature option
        -s addr     Local source address
        -T ToS      Set IP Type of Service
        -C      Send CRLF as line-ending
        -t      Answer TELNET negotiation
        -U      Use UNIX domain socket
        -u      UDP mode
        -Z      DCCP mode
        -v      Verbose
        -w secs     Timeout for connects and final net reads
        -X proto    Proxy protocol: "4", "5" (SOCKS) or "connect"
        -x addr[:port]  Specify proxy address and port
        -z      Zero-I/O mode [used for scanning]
    Port numbers can be individual or ranges: lo-hi [inclusive]
[Tue Jun 27 08:20:54 CEST 2017] Using config home:/backup/scripts_multihost/.acme.sh/
[Tue Jun 27 08:20:54 CEST 2017] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Tue Jun 27 08:20:54 CEST 2017] DOMAIN_PATH='/backup/scripts_multihost/.acme.sh//transfer.viennapaint.com'
[Tue Jun 27 08:20:54 CEST 2017] Using ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Tue Jun 27 08:20:54 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Tue Jun 27 08:20:54 CEST 2017] GET
[Tue Jun 27 08:20:54 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Tue Jun 27 08:20:54 CEST 2017] timeout
[Tue Jun 27 08:20:54 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header '
[Tue Jun 27 08:20:54 CEST 2017] ret='0'
[Tue Jun 27 08:20:54 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Tue Jun 27 08:20:54 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Tue Jun 27 08:20:54 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Tue Jun 27 08:20:54 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Tue Jun 27 08:20:54 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Tue Jun 27 08:20:54 CEST 2017] Le_NextRenewTime
[Tue Jun 27 08:20:54 CEST 2017] _on_before_issue
[Tue Jun 27 08:20:54 CEST 2017] Le_LocalAddress
[Tue Jun 27 08:20:54 CEST 2017] Check for domain='transfer.viennapaint.com'
[Tue Jun 27 08:20:54 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Tue Jun 27 08:20:54 CEST 2017] _saved_account_key_hash is not changed, skip register account.
[Tue Jun 27 08:20:54 CEST 2017] Read key length:
[Tue Jun 27 08:20:54 CEST 2017] _createcsr
[Tue Jun 27 08:20:54 CEST 2017] Single domain='transfer.viennapaint.com'
[Tue Jun 27 08:20:54 CEST 2017] Getting domain auth token for each domain
[Tue Jun 27 08:20:54 CEST 2017] Getting webroot for domain='transfer.viennapaint.com'
[Tue Jun 27 08:20:54 CEST 2017] _w='/www/viennapaint.com.transfer/'
[Tue Jun 27 08:20:54 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Tue Jun 27 08:20:54 CEST 2017] Getting new-authz for domain='transfer.viennapaint.com'
[Tue Jun 27 08:20:54 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Tue Jun 27 08:20:54 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Tue Jun 27 08:20:54 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Tue Jun 27 08:20:54 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Tue Jun 27 08:20:54 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Tue Jun 27 08:20:54 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Tue Jun 27 08:20:54 CEST 2017] Try new-authz for the 0 time.
[Tue Jun 27 08:20:54 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Tue Jun 27 08:20:54 CEST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "transfer.viennapaint.com"}}'
[Tue Jun 27 08:20:54 CEST 2017] RSA key
[Tue Jun 27 08:20:55 CEST 2017] GET
[Tue Jun 27 08:20:55 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Tue Jun 27 08:20:55 CEST 2017] timeout
[Tue Jun 27 08:20:55 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header '
[Tue Jun 27 08:20:55 CEST 2017] ret='0'
[Tue Jun 27 08:20:55 CEST 2017] POST
[Tue Jun 27 08:20:55 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Tue Jun 27 08:20:55 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header '
[Tue Jun 27 08:20:56 CEST 2017] _ret='0'
[Tue Jun 27 08:20:56 CEST 2017] code='201'
[Tue Jun 27 08:20:56 CEST 2017] The new-authz request is ok.
[Tue Jun 27 08:20:56 CEST 2017] entry='"type":"http-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/F3RBlC5zDi__bMCCe9CAiqwy-HyRTCQtSIWJ0mfIaio/45817999","token":"ubzhtkoyLsUIaTVO2E7BMUhTs-QgHAC3KAMTS2_OnCs"'
[Tue Jun 27 08:20:56 CEST 2017] token='ubzhtkoyLsUIaTVO2E7BMUhTs-QgHAC3KAMTS2_OnCs'
[Tue Jun 27 08:20:56 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/F3RBlC5zDi__bMCCe9CAiqwy-HyRTCQtSIWJ0mfIaio/45817999'
[Tue Jun 27 08:20:56 CEST 2017] keyauthorization='ubzhtkoyLsUIaTVO2E7BMUhTs-QgHAC3KAMTS2_OnCs.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Tue Jun 27 08:20:56 CEST 2017] dvlist='transfer.viennapaint.com#ubzhtkoyLsUIaTVO2E7BMUhTs-QgHAC3KAMTS2_OnCs.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/F3RBlC5zDi__bMCCe9CAiqwy-HyRTCQtSIWJ0mfIaio/45817999#http-01#/www/viennapaint.com.transfer/'
[Tue Jun 27 08:20:56 CEST 2017] vlist='transfer.viennapaint.com#ubzhtkoyLsUIaTVO2E7BMUhTs-QgHAC3KAMTS2_OnCs.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/F3RBlC5zDi__bMCCe9CAiqwy-HyRTCQtSIWJ0mfIaio/45817999#http-01#/www/viennapaint.com.transfer/,'
[Tue Jun 27 08:20:56 CEST 2017] ok, let's start to verify
[Tue Jun 27 08:20:56 CEST 2017] Verifying:transfer.viennapaint.com
[Tue Jun 27 08:21:01 CEST 2017] Using config home:/backup/scripts_multihost/.acme.sh/
[Tue Jun 27 08:21:01 CEST 2017] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Tue Jun 27 08:21:01 CEST 2017] DOMAIN_PATH='/backup/scripts_multihost/.acme.sh//transfer.viennapaint.com'
[Tue Jun 27 08:21:01 CEST 2017] Using ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Tue Jun 27 08:21:01 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Tue Jun 27 08:21:01 CEST 2017] GET
[Tue Jun 27 08:21:01 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Tue Jun 27 08:21:01 CEST 2017] timeout
[Tue Jun 27 08:21:01 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.bZPguYxpbr '
[Tue Jun 27 08:21:01 CEST 2017] ret='0'
[Tue Jun 27 08:21:02 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Tue Jun 27 08:21:02 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Tue Jun 27 08:21:02 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Tue Jun 27 08:21:02 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Tue Jun 27 08:21:02 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Tue Jun 27 08:21:02 CEST 2017] Le_NextRenewTime
[Tue Jun 27 08:21:02 CEST 2017] _on_before_issue
[Tue Jun 27 08:21:02 CEST 2017] Le_LocalAddress
[Tue Jun 27 08:21:02 CEST 2017] Check for domain='transfer.viennapaint.com'
[Tue Jun 27 08:21:02 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Tue Jun 27 08:21:02 CEST 2017] _saved_account_key_hash is not changed, skip register account.
[Tue Jun 27 08:21:02 CEST 2017] Read key length:
[Tue Jun 27 08:21:02 CEST 2017] _createcsr
[Tue Jun 27 08:21:02 CEST 2017] Single domain='transfer.viennapaint.com'
[Tue Jun 27 08:21:02 CEST 2017] Getting domain auth token for each domain
[Tue Jun 27 08:21:02 CEST 2017] Getting webroot for domain='transfer.viennapaint.com'
[Tue Jun 27 08:21:02 CEST 2017] _w='/www/viennapaint.com.transfer/'
[Tue Jun 27 08:21:02 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Tue Jun 27 08:21:02 CEST 2017] Getting new-authz for domain='transfer.viennapaint.com'
[Tue Jun 27 08:21:02 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Tue Jun 27 08:21:02 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Tue Jun 27 08:21:02 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Tue Jun 27 08:21:02 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Tue Jun 27 08:21:02 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Tue Jun 27 08:21:02 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Tue Jun 27 08:21:02 CEST 2017] Try new-authz for the 0 time.
[Tue Jun 27 08:21:02 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Tue Jun 27 08:21:02 CEST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "transfer.viennapaint.com"}}'
[Tue Jun 27 08:21:02 CEST 2017] RSA key
[Tue Jun 27 08:21:02 CEST 2017] GET
[Tue Jun 27 08:21:02 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Tue Jun 27 08:21:02 CEST 2017] timeout
[Tue Jun 27 08:21:02 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.6w6bDf5n1h '
[Tue Jun 27 08:21:02 CEST 2017] ret='0'
[Tue Jun 27 08:21:02 CEST 2017] POST
[Tue Jun 27 08:21:02 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Tue Jun 27 08:21:02 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.tOVQELY99P '
[Tue Jun 27 08:21:03 CEST 2017] _ret='0'
[Tue Jun 27 08:21:03 CEST 2017] code='201'
[Tue Jun 27 08:21:03 CEST 2017] The new-authz request is ok.
[Tue Jun 27 08:21:03 CEST 2017] entry='"type":"http-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/wW9dGpoQG2foYgv50xesyHCOxK7SHgBb1btFq5Fi7MY/45818026","token":"szmBAFeghY7lPe1JWfkE6IIAJO8Y2sG8FnpIXu_8eOU"'
[Tue Jun 27 08:21:03 CEST 2017] token='szmBAFeghY7lPe1JWfkE6IIAJO8Y2sG8FnpIXu_8eOU'
[Tue Jun 27 08:21:03 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/wW9dGpoQG2foYgv50xesyHCOxK7SHgBb1btFq5Fi7MY/45818026'
[Tue Jun 27 08:21:03 CEST 2017] keyauthorization='szmBAFeghY7lPe1JWfkE6IIAJO8Y2sG8FnpIXu_8eOU.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Tue Jun 27 08:21:03 CEST 2017] dvlist='transfer.viennapaint.com#szmBAFeghY7lPe1JWfkE6IIAJO8Y2sG8FnpIXu_8eOU.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/wW9dGpoQG2foYgv50xesyHCOxK7SHgBb1btFq5Fi7MY/45818026#http-01#/www/viennapaint.com.transfer/'
[Tue Jun 27 08:21:03 CEST 2017] vlist='transfer.viennapaint.com#szmBAFeghY7lPe1JWfkE6IIAJO8Y2sG8FnpIXu_8eOU.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs#https://acme-staging.api.letsencrypt.org/acme/challenge/wW9dGpoQG2foYgv50xesyHCOxK7SHgBb1btFq5Fi7MY/45818026#http-01#/www/viennapaint.com.transfer/,'
[Tue Jun 27 08:21:03 CEST 2017] ok, let's start to verify
[Tue Jun 27 08:21:03 CEST 2017] Verifying:transfer.viennapaint.com
[Tue Jun 27 08:21:03 CEST 2017] d='transfer.viennapaint.com'
[Tue Jun 27 08:21:03 CEST 2017] keyauthorization='szmBAFeghY7lPe1JWfkE6IIAJO8Y2sG8FnpIXu_8eOU.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs'
[Tue Jun 27 08:21:03 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/wW9dGpoQG2foYgv50xesyHCOxK7SHgBb1btFq5Fi7MY/45818026'
[Tue Jun 27 08:21:03 CEST 2017] _currentRoot='/www/viennapaint.com.transfer/'
[Tue Jun 27 08:21:03 CEST 2017] wellknown_path='/www/viennapaint.com.transfer//.well-known/acme-challenge'
[Tue Jun 27 08:21:03 CEST 2017] writing token:szmBAFeghY7lPe1JWfkE6IIAJO8Y2sG8FnpIXu_8eOU to /www/viennapaint.com.transfer//.well-known/acme-challenge/szmBAFeghY7lPe1JWfkE6IIAJO8Y2sG8FnpIXu_8eOU
[Tue Jun 27 08:21:03 CEST 2017] Changing owner/group of .well-known to website:www
[Tue Jun 27 08:21:03 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/wW9dGpoQG2foYgv50xesyHCOxK7SHgBb1btFq5Fi7MY/45818026'
[Tue Jun 27 08:21:03 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "szmBAFeghY7lPe1JWfkE6IIAJO8Y2sG8FnpIXu_8eOU.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Tue Jun 27 08:21:03 CEST 2017] POST
[Tue Jun 27 08:21:03 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/wW9dGpoQG2foYgv50xesyHCOxK7SHgBb1btFq5Fi7MY/45818026'
[Tue Jun 27 08:21:03 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.KqTF1filDg '
[Tue Jun 27 08:21:04 CEST 2017] _ret='0'
[Tue Jun 27 08:21:04 CEST 2017] code='202'
[Tue Jun 27 08:21:04 CEST 2017] sleep 2 secs to verify
[Tue Jun 27 08:21:06 CEST 2017] checking
[Tue Jun 27 08:21:06 CEST 2017] GET
[Tue Jun 27 08:21:06 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/wW9dGpoQG2foYgv50xesyHCOxK7SHgBb1btFq5Fi7MY/45818026'
[Tue Jun 27 08:21:06 CEST 2017] timeout
[Tue Jun 27 08:21:06 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.i2H014J1QW '
[Tue Jun 27 08:21:07 CEST 2017] ret='0'
[Tue Jun 27 08:21:07 CEST 2017] transfer.viennapaint.com:Verify error:Fetching https://transfer.viennapaint.com.well-known/acme-challenge/szmBAFeghY7lPe1JWfkE6IIAJO8Y2sG8FnpIXu_8eOU: Error getting validation data
[Tue Jun 27 08:21:07 CEST 2017] Debug: get token url.
[Tue Jun 27 08:21:07 CEST 2017] GET
[Tue Jun 27 08:21:07 CEST 2017] url='http://transfer.viennapaint.com/.well-known/acme-challenge/szmBAFeghY7lPe1JWfkE6IIAJO8Y2sG8FnpIXu_8eOU'
[Tue Jun 27 08:21:07 CEST 2017] timeout='1'
[Tue Jun 27 08:21:07 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.zoYrC7XdAA  --connect-timeout 1'
[Tue Jun 27 08:21:07 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 60
[Tue Jun 27 08:21:07 CEST 2017] Here is the curl dump log:
[Tue Jun 27 08:21:07 CEST 2017] == Info: Hostname was NOT found in DNS cache
== Info:   Trying 217.74.11.156...
== Info: Connected to transfer.viennapaint.com (217.74.11.156) port 80 (#0)
=> Send header, 198 bytes (0xc6)
0000: GET /.well-known/acme-challenge/szmBAFeghY7lPe1JWfkE6IIAJO8Y2sG8
0040: FnpIXu_8eOU HTTP/1.1
0056: User-Agent: acme.sh/2.7.3 (https://github.com/Neilpang/acme.sh)
0097: Host: transfer.viennapaint.com
00b7: Accept: */*
00c4: 
<= Recv header, 20 bytes (0x14)
0000: HTTP/1.1 302 Found
<= Recv header, 37 bytes (0x25)
0000: Date: Tue, 27 Jun 2017 06:21:07 GMT
== Info: Server Apache/2.4.10 (Linux/SUSE) is not blacklisted
<= Recv header, 36 bytes (0x24)
0000: Server: Apache/2.4.10 (Linux/SUSE)
<= Recv header, 114 bytes (0x72)
0000: Location: https://transfer.viennapaint.com.well-known/acme-chall
0040: enge/szmBAFeghY7lPe1JWfkE6IIAJO8Y2sG8FnpIXu_8eOU
<= Recv header, 21 bytes (0x15)
0000: Content-Length: 380
<= Recv header, 19 bytes (0x13)
0000: Connection: close
<= Recv header, 45 bytes (0x2d)
0000: Content-Type: text/html; charset=iso-8859-1
<= Recv header, 2 bytes (0x2)
0000: 
== Info: Closing connection 0
== Info: Issue another request to this URL: 'https://transfer.viennapaint.com.well-known/acme-challenge/szmBAFeghY7lPe1JWfkE6IIAJO8Y2sG8FnpIXu_8eOU'
== Info: Hostname was NOT found in DNS cache
== Info:   Trying 217.74.11.156...
== Info: Connected to transfer.viennapaint.com.well-known (217.74.11.156) port 443 (#1)
== Info: successfully set certificate verify locations:
== Info:   CAfile: none
  CApath: /etc/ssl/certs/
== Info: SSLv3, TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: .............c3.iQ..$..;\.T..7..4Pr.......0.,.(.$.........k.j.9.
0040: 8.....2...*.&.......=.5.../.+.'.#.........g.@.3.2.....E.D.1.-.).
0080: %.......<./...A...............................Q...(.&..#transfer
00c0: .viennapaint.com.well-known.....................................
0100: .. .............................................................
0140: ................................................................
0180: ................................................................
01c0: ................................................................
== Info: SSLv3, TLS handshake, Server hello (2):
<= Recv SSL data, 94 bytes (0x5e)
0000: ...Z..\.{#.C.+`w......cyQ ....V.}..-2L .......X.it........8.S=..
0040: .p. g...0.....................
== Info: SSLv3, TLS handshake, CERT (11):
<= Recv SSL data, 2494 bytes (0x9be)
0000: ..........0...0.................x......K...0...*.H........0J1.0.
0040: ..U....US1.0...U....Let's Encrypt1#0!..U....Let's Encrypt Author
0080: ity X30...170323093700Z..170621093700Z0.1.0...U....viennapaint.c
00c0: om0.."0...*.H.............0..........z.....a&l...h(<#........Yu.
0100: 1<)h\^h.....+...62.......C.T#.Y.T.$..kT..s.....&..0.....^.b4`...
0140: Y....f..vi.z..a....J&.d.)X.a.r.6.I..1h....?...\...../i.....a|A..
0180: v.f...._.:............4.)....q.H.s...k,.c..V_xMVt...[...vHI..}..
01c0: .Ha5....h....<..tN.m.b.Z.I..;...@>.........%0..!0...U...........
0200: 0...U.%..0...+.........+.......0...U.......0.0...U......R%...KT#
0240: ...M;.....a0...U.#..0....Jjc.}....9..Ee.....0p..+........d0b0/.
0280: .+.....0..#http://ocsp.int-x3.letsencrypt.org/0/..+.....0..#http
02c0: ://cert.int-x3.letsencrypt.org/0/..U...(0&..viennapaint.com..www
0300: .viennapaint.com0....U. ...0..0...g.....0....+..........0..0&..+
0340: .........http://cps.letsencrypt.org0....+.......0.....This Certi
0380: ficate may only be relied upon by Relying Parties and only in ac
03c0: cordance with the Certificate Policy found at https://letsencryp
0400: t.org/repository/0...*.H................f..\{.m...P&u.N.P..F.`..
0440: ....F...j. ..E........T.?!.e$.......[.>....._..z:y../.a.1Hy.8Er.
0480: ..Of...?#.,.>...v).5c..B.;.F...X.......<.R.<. w.d....D...<6n?pu.
04c0: _...*.'.."..rKs.m.^{...5.N.Lz..?......e...3...C...........R.a#..
0500: Sj..4.+..8..v*...1.H.l.n...t&.<.bQ..!...0...0..z.........AB...S.
0540: sj.....0...*.H........0?1$0"..U....Digital Signature Trust Co.1.
0580: 0...U....DST Root CA X30...160317164046Z..210317164046Z0J1.0...U
05c0: ....US1.0...U....Let's Encrypt1#0!..U....Let's Encrypt Authority
0600:  X30.."0...*.H.............0............Z..G.r]7..hc0..5&.%...5.
0640: p./..KA....5.X..*.h....u....bq.y.`.......xgq.i........`<H.~.Mw.$
0680: .G.Z....7....{....J..A.6....m<.h.#*B...tg....Ra..?e.......V....
06c0: .?.......k...}.+.e...6u.k.J...Ix/..O* %)..t..1..18....3.C....0.
0700: y1.=-6....3j.91......d.3...).....}..........}0..y0...U.......0..
0740: .....0...U...........0..+........s0q02..+.....0..&http://isrg.t
0780: rustid.ocsp.identrust.com0;..+.....0../http://apps.identrust.com
07c0: /roots/dstrootcax3.p7c0...U.#..0.......{,q...K.u...`...0T..U. .M
0800: 0K0...g.....0?..+..........000...+........"http://cps.root-x1.le
0840: tsencrypt.org0<..U...50301./.-.+http://crl.identrust.com/DSTROOT
0880: CAX3CRL.crl0...U.......Jjc.}....9..Ee.....0...*.H..............3
08c0: ...cX8.....U.vV.pH.iG'{.$...Z.J.)7$tQ.bh...pg....N(Q.........Z..
0900: ....j.j.>W#....b.......?..H....eb..T..*. .........2...w..ye.+.(.
0940: :.R..R.._....3.wl.@.2...\A.tl[]._3.M..8./{,b....o%./...F=.~..z..
0980: .zm..%......./X../,h&.K........CJ.DNosz(...n{L}.....D....4[.B
== Info: SSLv3, TLS alert, Server hello (2):
=> Send SSL data, 2 bytes (0x2)
0000: .-
== Info: SSL certificate problem: certificate has expired
== Info: Closing connection 1
[Tue Jun 27 08:21:07 CEST 2017] ret='60'
[Tue Jun 27 08:21:07 CEST 2017] Debugging, skip removing: /www/viennapaint.com.transfer//.well-known/acme-challenge/szmBAFeghY7lPe1JWfkE6IIAJO8Y2sG8FnpIXu_8eOU
[Tue Jun 27 08:21:07 CEST 2017] pid
[Tue Jun 27 08:21:07 CEST 2017] No need to restore nginx, skip.
[Tue Jun 27 08:21:07 CEST 2017] _clearupdns
[Tue Jun 27 08:21:07 CEST 2017] skip dns.
[Tue Jun 27 08:21:07 CEST 2017] _on_issue_err
[Tue Jun 27 08:21:07 CEST 2017] Please check log file for more details: /backup/scripts_multihost/.acme.sh//acme.sh.log
[Tue Jun 27 08:21:07 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/wW9dGpoQG2foYgv50xesyHCOxK7SHgBb1btFq5Fi7MY/45818026'
[Tue Jun 27 08:21:07 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "szmBAFeghY7lPe1JWfkE6IIAJO8Y2sG8FnpIXu_8eOU.YDRQpWOYdMWksD1_0A-jwqT8g1zRPSuz3eIwXeHUqBs"}'
[Tue Jun 27 08:21:07 CEST 2017] POST
[Tue Jun 27 08:21:07 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/wW9dGpoQG2foYgv50xesyHCOxK7SHgBb1btFq5Fi7MY/45818026'
[Tue Jun 27 08:21:07 CEST 2017] _CURL='curl -L --silent --dump-header /backup/scripts_multihost/.acme.sh//http.header  --trace-ascii /tmp/tmp.zoYrC7XdAA '
[Tue Jun 27 08:21:08 CEST 2017] _ret='0'
[Tue Jun 27 08:21:08 CEST 2017] code='400'
[Tue Jun 27 08:21:08 CEST 2017] Diagnosis versions: 
openssl:openssl
OpenSSL 1.0.1i-fips 6 Aug 2014
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
nc:
OpenBSD netcat (SUSE Linux)
This is nc from the netcat-openbsd package. An alternative nc is available
in the netcat-traditional package.
usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]
      [-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]
      [-x proxy_address[:port]] [hostname] [port[s]]
    Command Summary:
        -4      Use IPv4
        -6      Use IPv6
        -D      Enable the debug socket option
        -d      Detach from stdin
        -h      This help text
        -i secs     Delay interval for lines sent, ports scanned
        -k      Keep inbound sockets open for multiple connects
        -l      Listen mode, for inbound connects
        -n      Suppress name/port resolutions
        -P proxyuser    Username for proxy authentication
        -p port     Specify local port for remote connects
        -q secs     quit after EOF on stdin and delay of secs
        -r      Randomize remote ports
        -S      Enable the TCP MD5 signature option
        -s addr     Local source address
        -T ToS      Set IP Type of Service
        -C      Send CRLF as line-ending
        -t      Answer TELNET negotiation
        -U      Use UNIX domain socket
        -u      UDP mode
        -Z      DCCP mode
        -v      Verbose
        -w secs     Timeout for connects and final net reads
        -X proto    Proxy protocol: "4", "5" (SOCKS) or "connect"
        -x addr[:port]  Specify proxy address and port
        -z      Zero-I/O mode [used for scanning]
    Port numbers can be individual or ranges: lo-hi [inclusive]
Neilpang commented 7 years ago

you have a apache rewrite rule from http to https, right ?

But your rule is wrong.

the url:

http://transfer.viennapaint.com/.well-known/acme-challenge/3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-8W3QKjRKuWs

is redirected to:

https://transfer.viennapaint.com.well-known/acme-challenge/3yi_gAsjd8Rsoh6rwhMoZylQ2Z_7bwd-8W3QKjRKuWs

you lost a / char.

zmi1 commented 7 years ago

Thank you. I reported it to the webmaster.