生成Let'sEncrypt问题求助~~

每次醒来 发表于 2018-10-13 00:01:09

Verifying:XXX.com
XXX.com:Verify error:DNS problem: NXDOMAIN looking up TXT for _acme-challenge.XXX.com
Removing DNS records.
Successfully retrieved the record id for ACME challenge.
Successfully removed the TXT record.
Successfully retrieved the record id for ACME challenge.
Successfully removed the TXT record.
Please check log file for more details: /usr/local/acme.sh/acme.sh.log
Let's Encrypt SSL Certificate create failed!

请问这个是怎么回事!!!

我的命令执行的没错吧
# export Namesilo_Key="XXXXXXXXXX"
# lnmp dnsssl namesilo

每次醒来 发表于 2018-10-13 01:13:54

# export Namesilo_Key="XXXXXXXXXX"
# lnmp dnsssl namesilo
XXX.com:Verify error:DNS problem: NXDOMAIN looking up TXT for _acme-challenge.XXX.com
Removing DNS records.
Successfully retrieved the record id for ACME challenge.
Successfully removed the TXT record.
Successfully retrieved the record id for ACME challenge.
Successfully removed the TXT record.
Please check log file for more details: /usr/local/acme.sh/acme.sh.log
Let's Encrypt SSL Certificate create failed!

[ 本帖最后由每次醒来于 2018-10-13 01:22 编辑 ]

licess 发表于 2018-10-13 16:16:01

方法没错，看一下日志里具体什么错误信息

每次醒来 发表于 2018-10-13 17:52:52

原帖由 licess 于 2018-10-13 16:16 发表 http://bbs.vpser.net/images/common/back.gif
方法没错，看一下日志里具体什么错误信息求助日志在此字符限制分三楼

_main_domain='xxx.com'
_alt_domains='*.xxx.com'
Using config home:/usr/local/acme.sh
ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
DOMAIN_PATH='/usr/local/nginx/conf/ssl/xxx.com'
Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
_init api for server: https://acme-v02.api.letsencrypt.org/directory
GET
url='https://acme-v02.api.letsencrypt.org/directory'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
ret='0'
ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
ACME_NEW_AUTHZ
ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
ACME_VERSION='2'
Le_NextRenewTime
_on_before_issue
_chk_main_domain='xxx.com'
_chk_alt_domains='*.xxx.com'
Le_LocalAddress
d='xxx.com'
Check for domain='xxx.com'
_currentRoot='dns_namesilo'
d='*.xxx.com'
Check for domain='*.xxx.com'
_currentRoot='dns_namesilo'
d
_saved_account_key_hash is not changed, skip register account.
Read key length:
_createcsr
Multi domain='DNS:xxx.com,DNS:*.xxx.com'
Getting domain auth token for each domain
d='*.xxx.com'
d
url='https://acme-v02.api.letsencrypt.org/acme/new-order'
payload='{"identifiers": [{"type":"dns","value":"xxx.com"},{"type":"dns","value":"*.xxx.com"}]}'
RSA key
HEAD
_post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
POST
_post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='201'
Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/43741607/113810236'
GET
url='https://acme-v02.api.letsencrypt.org/acme/authz/TJnQWLHeBWOe1QpKrWkrjc5hnqYIRjkNfJoSaz5ZM9E'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
ret='0'
GET
url='https://acme-v02.api.letsencrypt.org/acme/authz/7DEQ_ETfYK7lSRi4nOM0IbYrIqp3ez_BBwFlaVw_1l4'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
ret='0'
d='xxx.com'
Getting webroot for domain='xxx.com'
_w='dns_namesilo'
_currentRoot='dns_namesilo'
entry='"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/7DEQ_ETfYK7lSRi4nOM0IbYrIqp3ez_BBwFlaVw_1l4/8243098477","token":"_2KuNFgf2fH8DaCSfFxcxdWmOt-iDfbq2MOavti2lvg"'
token='_2KuNFgf2fH8DaCSfFxcxdWmOt-iDfbq2MOavti2lvg'
uri='https://acme-v02.api.letsencrypt.org/acme/challenge/7DEQ_ETfYK7lSRi4nOM0IbYrIqp3ez_BBwFlaVw_1l4/8243098477'
keyauthorization='_2KuNFgf2fH8DaCSfFxcxdWmOt-iDfbq2MOavti2lvg.DEsCTeUPjB0ZNrc7k4SlpxKq1qfi3mrRkeNDA_z5Tc8'
dvlist='xxx.com#_2KuNFgf2fH8DaCSfFxcxdWmOt-iDfbq2MOavti2lvg.DEsCTeUPjB0ZNrc7k4SlpxKq1qfi3mrRkeNDA_z5Tc8#https://acme-v02.api.letsencrypt.org/acme/challenge/7DEQ_ETfYK7lSRi4nOM0IbYrIqp3ez_BBwFlaVw_1l4/8243098477#dns-01#dns_namesilo'

[ 本帖最后由每次醒来于 2018-10-13 17:54 编辑 ]

每次醒来 发表于 2018-10-13 17:53:44

d='*.xxx.com'
Getting webroot for domain='*.xxx.com'
_w='dns_namesilo'
_currentRoot='dns_namesilo'
entry='"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/TJnQWLHeBWOe1QpKrWkrjc5hnqYIRjkNfJoSaz5ZM9E/8243098476","token":"rXUFZwlaZ80-Tz6q0REejC_sjoroesyxArKfOHxX5xg"'
token='rXUFZwlaZ80-Tz6q0REejC_sjoroesyxArKfOHxX5xg'
uri='https://acme-v02.api.letsencrypt.org/acme/challenge/TJnQWLHeBWOe1QpKrWkrjc5hnqYIRjkNfJoSaz5ZM9E/8243098476'
keyauthorization='rXUFZwlaZ80-Tz6q0REejC_sjoroesyxArKfOHxX5xg.DEsCTeUPjB0ZNrc7k4SlpxKq1qfi3mrRkeNDA_z5Tc8'
dvlist='*.xxx.com#rXUFZwlaZ80-Tz6q0REejC_sjoroesyxArKfOHxX5xg.DEsCTeUPjB0ZNrc7k4SlpxKq1qfi3mrRkeNDA_z5Tc8#https://acme-v02.api.letsencrypt.org/acme/challenge/TJnQWLHeBWOe1QpKrWkrjc5hnqYIRjkNfJoSaz5ZM9E/8243098476#dns-01#dns_namesilo'
d
vlist='xxx.com#_2KuNFgf2fH8DaCSfFxcxdWmOt-iDfbq2MOavti2lvg.DEsCTeUPjB0ZNrc7k4SlpxKq1qfi3mrRkeNDA_z5Tc8#https://acme-v02.api.letsencrypt.org/acme/challenge/7DEQ_ETfYK7lSRi4nOM0IbYrIqp3ez_BBwFlaVw_1l4/8243098477#dns-01#dns_namesilo,*.xxx.com#rXUFZwlaZ80-Tz6q0REejC_sjoroesyxArKfOHxX5xg.DEsCTeUPjB0ZNrc7k4SlpxKq1qfi3mrRkeNDA_z5Tc8#https://acme-v02.api.letsencrypt.org/acme/challenge/TJnQWLHeBWOe1QpKrWkrjc5hnqYIRjkNfJoSaz5ZM9E/8243098476#dns-01#dns_namesilo,'
d='xxx.com'
_d_alias
txtdomain='_acme-challenge.xxx.com'
txt='5AN5Fta0px788l9M0FYkHY3mGBBWcKjV81ArCTzxzsM'
d_api='/usr/local/acme.sh/dnsapi/dns_namesilo.sh'
Found domain api file: /usr/local/acme.sh/dnsapi/dns_namesilo.sh
GET
url='https://www.namesilo.com/api/listDomains?version=1&type=xml&key=62c6d0d2d5c59fa933fa95'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header -g '
ret='0'
host='xxx.com'
_sub_domain='_acme-challenge'
_domain='xxx.com'
txtvalue='5AN5Fta0px788l9M0FYkHY3mGBBWcKjV81ArCTzxzsM'
GET
url='https://www.namesilo.com/api/dnsAddRecord?version=1&type=xml&key=62c6d0d2d5c59fa933fa95&domain=xxx.com&rrtype=TXT&rrhost=_acme-challenge&rrvalue=5AN5Fta0px788l9M0FYkHY3mGBBWcKjV81ArCTzxzsM'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header -g '
ret='0'
Successfully added TXT record, ready for validation.
d='*.xxx.com'
_d_alias
txtdomain='_acme-challenge.xxx.com'
txt='KTjq6kASfg0kNAqPCFQxmU3jhX_itU1aqMlv4HAtaGI'
d_api='/usr/local/acme.sh/dnsapi/dns_namesilo.sh'
Found domain api file: /usr/local/acme.sh/dnsapi/dns_namesilo.sh
GET
url='https://www.namesilo.com/api/listDomains?version=1&type=xml&key=62c6d0d2d5c59fa933fa95'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header -g '
ret='0'
host='xxx.com'
_sub_domain='_acme-challenge'
_domain='xxx.com'
txtvalue='KTjq6kASfg0kNAqPCFQxmU3jhX_itU1aqMlv4HAtaGI'
GET
url='https://www.namesilo.com/api/dnsAddRecord?version=1&type=xml&key=62c6d0d2d5c59fa933fa95&domain=xxx.com&rrtype=TXT&rrhost=_acme-challenge&rrvalue=KTjq6kASfg0kNAqPCFQxmU3jhX_itU1aqMlv4HAtaGI'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header -g '
ret='0'
Successfully added TXT record, ready for validation.
Sleep [1;31;32m120[0m seconds for the txt records to take effect
ok, let's start to verify
Verifying:xxx.com
d='xxx.com'
keyauthorization='_2KuNFgf2fH8DaCSfFxcxdWmOt-iDfbq2MOavti2lvg.DEsCTeUPjB0ZNrc7k4SlpxKq1qfi3mrRkeNDA_z5Tc8'
uri='https://acme-v02.api.letsencrypt.org/acme/challenge/7DEQ_ETfYK7lSRi4nOM0IbYrIqp3ez_BBwFlaVw_1l4/8243098477'
_currentRoot='dns_namesilo'
url='https://acme-v02.api.letsencrypt.org/acme/challenge/7DEQ_ETfYK7lSRi4nOM0IbYrIqp3ez_BBwFlaVw_1l4/8243098477'
payload='{"keyAuthorization": "_2KuNFgf2fH8DaCSfFxcxdWmOt-iDfbq2MOavti2lvg.DEsCTeUPjB0ZNrc7k4SlpxKq1qfi3mrRkeNDA_z5Tc8"}'
POST
_post_url='https://acme-v02.api.letsencrypt.org/acme/challenge/7DEQ_ETfYK7lSRi4nOM0IbYrIqp3ez_BBwFlaVw_1l4/8243098477'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header -g '
_ret='0'
code='200'
trigger validation code: 200
sleep 2 secs to verify
checking
GET
url='https://acme-v02.api.letsencrypt.org/acme/challenge/7DEQ_ETfYK7lSRi4nOM0IbYrIqp3ez_BBwFlaVw_1l4/8243098477'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header -g '
ret='0'
xxx.com:Verify error:DNS problem: NXDOMAIN looking up TXT for _acme-challenge.xxx.com
Skip for removelevel:
pid
No need to restore nginx, skip.
_clearupdns
Removing DNS records.
txt='5AN5Fta0px788l9M0FYkHY3mGBBWcKjV81ArCTzxzsM'
d_api='/usr/local/acme.sh/dnsapi/dns_namesilo.sh'
_d_alias
GET
url='https://www.namesilo.com/api/listDomains?version=1&type=xml&key=62c6d0d2d5c59fa933fa95'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header -g '
ret='0'
host='xxx.com'
GET
url='https://www.namesilo.com/api/dnsListRecords?version=1&type=xml&key=62c6d0d2d5c59fa933fa95&domain=xxx.com'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header -g '
ret='0'
record_id='1dfb9242fb89122f6fe9b4a0836e344a'
Successfully retrieved the record id for ACME challenge.

每次醒来 发表于 2018-10-13 17:53:50

GET
url='https://www.namesilo.com/api/dnsDeleteRecord?version=1&type=xml&key=62c6d0d2d5c59fa933fa95&domain=xxx.com&rrid=1dfb9242fb89122f6fe9b4a0836e344a'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header -g '
ret='0'
Successfully removed the TXT record.
txt='KTjq6kASfg0kNAqPCFQxmU3jhX_itU1aqMlv4HAtaGI'
d_api='/usr/local/acme.sh/dnsapi/dns_namesilo.sh'
_d_alias
GET
url='https://www.namesilo.com/api/listDomains?version=1&type=xml&key=62c6d0d2d5c59fa933fa95'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header -g '
ret='0'
host='xxx.com'
GET
url='https://www.namesilo.com/api/dnsListRecords?version=1&type=xml&key=62c6d0d2d5c59fa933fa95&domain=xxx.com'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header -g '
ret='0'
record_id='bd76f2c02448bf7c9137caf8ace47bd5'
Successfully retrieved the record id for ACME challenge.
GET
url='https://www.namesilo.com/api/dnsDeleteRecord?version=1&type=xml&key=62c6d0d2d5c59fa933fa95&domain=xxx.com&rrid=bd76f2c02448bf7c9137caf8ace47bd5'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header -g '
ret='0'
Successfully removed the TXT record.
_on_issue_err
Please check log file for more details: /usr/local/acme.sh/acme.sh.log
url='https://acme-v02.api.letsencrypt.org/acme/challenge/7DEQ_ETfYK7lSRi4nOM0IbYrIqp3ez_BBwFlaVw_1l4/8243098477'
payload='{"keyAuthorization": "_2KuNFgf2fH8DaCSfFxcxdWmOt-iDfbq2MOavti2lvg.DEsCTeUPjB0ZNrc7k4SlpxKq1qfi3mrRkeNDA_z5Tc8"}'
POST
_post_url='https://acme-v02.api.letsencrypt.org/acme/challenge/7DEQ_ETfYK7lSRi4nOM0IbYrIqp3ez_BBwFlaVw_1l4/8243098477'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header -g '
_ret='0'
code='400'
url='https://acme-v02.api.letsencrypt.org/acme/challenge/TJnQWLHeBWOe1QpKrWkrjc5hnqYIRjkNfJoSaz5ZM9E/8243098476'
payload='{"keyAuthorization": "rXUFZwlaZ80-Tz6q0REejC_sjoroesyxArKfOHxX5xg.DEsCTeUPjB0ZNrc7k4SlpxKq1qfi3mrRkeNDA_z5Tc8"}'
POST
_post_url='https://acme-v02.api.letsencrypt.org/acme/challenge/TJnQWLHeBWOe1QpKrWkrjc5hnqYIRjkNfJoSaz5ZM9E/8243098476'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header -g '
_ret='0'
code='200'

licess 发表于 2018-10-14 10:26:50

有可能添加上了还没生效
建议换个dns试试
另外前面你的api key信息都泄露了，赶紧重置或删掉原来的api key

页: [1]

VPS侦探论坛's Archiver

生成Let'sEncrypt问题求助~~