军哥 SSL dns api更新问题
军哥,我用的是namesilo, 因为一个注册了多个域名,之前有网站设置的通配符,sslAPI,看到一个API 可对应多个域名,现在想添加新的网站,可是旧的API在namesilo上不可看,只能重新生成。两个问题,
1、我是否能在LNMP中找到原来的API export Namesilo_Key="04bacab5eae....",如果能找到,我直接用旧的API,可是反复找日志也找不到;
2、如果我重新生成,那么旧的已经设置的API通配符SSl的我该如何更新呢,烦请解答,谢谢。
namesiloexport Namesilo_Key="123456"
api的信息都保存在 /usr/local/acme.sh/account.conf 中,虽然namesilo换新版了,但是老版的api界面还是有的,https://www.vpser.net/manage/lnmp-letsencrypt-wildcard-ssl-howto.html 这里面都有老版的链接
重新生成了新的api可以,直接修改 /usr/local/acme.sh/account.conf 中的设置 @军哥,按照你上面的指引,找到了API Key,
执行
LNMP dnsssl namesilo
最后出现了这个,请问我该怎么弄呢,谢谢。
Unable to find domain specified.
Error add txt for domain:_acme-challenge.***.com
Please check log file for more details: /usr/local/acme.sh/acme.sh.log
Let's Encrypt SSL Certificate create failed!
SKYIDEA 发表于 2019-11-18 06:23
@军哥,按照你上面的指引,找到了API Key,
执行
LNMP dnsssl namesilo
/usr/local/acme.sh/acme.sh --upgrade 升级一下再试试 我装的的是新版的 执行升级
# /usr/local/acme.sh/acme.sh --upgrade
Installing from online archive.
Downloading https://github.com/Neilpang/acme.sh/archive/master.tar.gz
Extracting master.tar.gz
It is recommended to install socat first.
We use socat for standalone server if you use standalone mode.
If you don't use standalone mode, just ignore this warning.
Installing to /usr/local/acme.sh
Installed to /usr/local/acme.sh/acme.sh
Good, bash is found, so change the shebang to use bash as preferred.
OK
Install success!
Upgrade success!
再次执行 LNMP dnsssl namesilo,还是同样的错,错误日志如下:
Unable to find domain specified.
Error add txt for domain:_acme-challenge.*.com
_on_issue_err
Please check log file for more details: /usr/local/acme.sh/acme.sh.log
url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1284478275/IApj_A'
payload='{}'
POST
_post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1284478275/IApj_A'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='200'
url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1286422106/9umL-w'
发acme.sh.log 的日志看一下
这个是日志的内容
_saved_account_key_hash is not changed, skip register account.
Read key length:
_createcsr
Multi domain='DNS:beoops.com,DNS:*.beoops.com'
Getting domain auth token for each domain
d='*.beoops.com'
d
url='https://acme-v02.api.letsencrypt.org/acme/new-order'
payload='{"identifiers": [{"type":"dns","value":"beoops.com"},{"type":"dns","value":"*.beoops.com"}]}'
RSA key
HEAD
_post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g-I'
_ret='0'
POST
_post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='201'
Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/71942066/1537284284'
Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/71942066/1537284284'
url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/1284478275'
payload
POST
_post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/1284478275'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='200'
url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/1286422106'
payload
POST
_post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/1286422106'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='200'
d='beoops.com'
Getting webroot for domain='beoops.com'
_w='dns_namesilo'
_currentRoot='dns_namesilo'
entry='"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1284478275/IApj_A","token":"dz0-1XDgymwV6raX15XxYIt_aONdKQOFQkEquOaqKng"'
token='dz0-1XDgymwV6raX15XxYIt_aONdKQOFQkEquOaqKng'
uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1284478275/IApj_A'
keyauthorization='dz0-1XDgymwV6raX15XxYIt_aONdKQOFQkEquOaqKng.5B8wLkZqsw3AjWb4D3gH6L4BRNDBW8cPwgu3OyY_CdI'
beoops.com is already verified.
keyauthorization='verified_ok'
dvlist='beoops.com#verified_ok#https://acme-v02.api.letsencrypt.org/acme/chall-v3/1284478275/IApj_A#dns-01#dns_namesilo'
d='*.beoops.com'
Getting webroot for domain='*.beoops.com'
_w='dns_namesilo'
_currentRoot='dns_namesilo'
entry='"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1286422106/9umL-w","token":"ZuwDYlRebe_fbAo3n6C-qMtmcGPqkfymXliQ2twFIzw"'
token='ZuwDYlRebe_fbAo3n6C-qMtmcGPqkfymXliQ2twFIzw'
uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1286422106/9umL-w'
keyauthorization='ZuwDYlRebe_fbAo3n6C-qMtmcGPqkfymXliQ2twFIzw.5B8wLkZqsw3AjWb4D3gH6L4BRNDBW8cPwgu3OyY_CdI'
dvlist='*.beoops.com#ZuwDYlRebe_fbAo3n6C-qMtmcGPqkfymXliQ2twFIzw.5B8wLkZqsw3AjWb4D3gH6L4BRNDBW8cPwgu3OyY_CdI#https://acme-v02.api.letsencrypt.org/acme/chall-v3/1286422106/9umL-w#dns-01#dns_namesilo'
d
vlist='beoops.com#verified_ok#https://acme-v02.api.letsencrypt.org/acme/chall-v3/1284478275/IApj_A#dns-01#dns_namesilo,*.beoops.com#ZuwDYlRebe_fbAo3n6C-qMtmcGPqkfymXliQ2twFIzw.5B8wLkZqsw3AjWb4D3gH6L4BRNDBW8cPwgu3OyY_CdI#https://acme-v02.api.letsencrypt.org/acme/chall-v3/1286422106/9umL-w#dns-01#dns_namesilo,'
d='beoops.com'
beoops.com is already verified, skip dns-01.
d='*.beoops.com'
_d_alias
txtdomain='_acme-challenge.beoops.com'
txt='hxaqX9OxpK1DkTc5Fp2J7WXp4tPsYse8bIrI2Vi0kLw'
d_api='/usr/local/acme.sh/dnsapi/dns_namesilo.sh'
Found domain api file: /usr/local/acme.sh/dnsapi/dns_namesilo.sh
Adding txt value: hxaqX9OxpK1DkTc5Fp2J7WXp4tPsYse8bIrI2Vi0kLw for domain:_acme-challenge.beoops.com
GET
url='https://www.namesilo.com/api/listDomains?version=1&type=xml&key=04bacab5eae0ccc885518c2028ae06f6e020'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
ret='0'
host='beoops.com'
Unable to find domain specified.
Error add txt for domain:_acme-challenge.beoops.com
_on_issue_err
Please check log file for more details: /usr/local/acme.sh/acme.sh.log
url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1284478275/IApj_A'
payload='{}'
POST
_post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1284478275/IApj_A'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='200'
url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1286422106/9umL-w'
payload='{}'
POST
_post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1286422106/9umL-w'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='200'
pid
No need to restore nginx, skip.
_clearupdns
dns_entries
skip dns.
Running cmd: upgrade
Using config home:/usr/local/acme.sh
ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
Installing from online archive.
Downloading https://github.com/Neilpang/acme.sh/archive/master.tar.gz
GET
url='https://github.com/Neilpang/acme.sh/archive/master.tar.gz'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
ret='0'
Extracting master.tar.gz
ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
Skip install cron job
It is recommended to install socat first.
We use socat for standalone server if you use standalone mode.
If you don't use standalone mode, just ignore this warning.
Installing to /usr/local/acme.sh
Installed to /usr/local/acme.sh/acme.sh
Good, bash is found, so change the shebang to use bash as preferred.
OK
Install success!
Upgrade success!
SKYIDEA 发表于 2019-11-18 11:20
这个是日志的内容
_saved_account_key_hash is not changed, skip regi ...
有可能api的key是错误的 本帖最后由 SKYIDEA 于 2019-11-18 12:26 编辑
军哥,那我如果重新生成Key的,那我旧的以前配置好的API网站需要怎么操作呢? SKYIDEA 发表于 2019-11-18 12:25
军哥,那我如果重新生成Key的,那我旧的以前配置好的API网站需要怎么操作呢? ...
account.conf 中删除包含api key的行,重新按添加教程,export 参数哪些
页:
[1]