ssl 证书添加失败
本帖最后由 haaid 于 2020-3-24 23:45 编辑今天发现添加 ssl 证书失败,请军哥帮忙看看什么问题
我看了看 dnspod 的日志,就没有 token 操作记录
acme.sh.log 如下:
Running cmd: issue
_main_domain='test.xx.com'
_alt_domains='no'
Using config home:/usr/local/acme.sh
ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
DOMAIN_PATH='/usr/local/nginx/conf/ssl/test.xx.com'
Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
_init api for server: https://acme-v02.api.letsencrypt.org/directory
GET
url='https://acme-v02.api.letsencrypt.org/directory'
timeout=
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
ret='0'
ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
ACME_NEW_AUTHZ
ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
ACME_VERSION='2'
Le_NextRenewTime
_on_before_issue
_chk_main_domain='test.xx.com'
_chk_alt_domains
Le_LocalAddress
d='test.xx.com'
Check for domain='test.xx.com'
_currentRoot='dns_dp'
d
_saved_account_key_hash is not changed, skip register account.
Read key length:
_createcsr
Single domain='test.xx.com'
Getting domain auth token for each domain
d
url='https://acme-v02.api.letsencrypt.org/acme/new-order'
payload='{"identifiers": [{"type":"dns","value":"test.xx.com"}]}'
RSA key
HEAD
_post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g-I'
_ret='0'
POST
_post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='201'
Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/54431310/2764804268'
Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/54431310/2764804268'
url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/3542018340'
payload
POST
_post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/3542018340'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='200'
d='test.xx.com'
Getting webroot for domain='test.xx.com'
_w='dns_dp'
_currentRoot='dns_dp'
entry='"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/3542018340/8vRlKg","token":"fAFx2OtYKGC5CuIj66BAE1Lsr_yNivKhVJB4m0j-OEA"'
token='fAFx2OtYKGC5CuIj66BAE1Lsr_yNivKhVJB4m0j-OEA'
uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/3542018340/8vRlKg'
keyauthorization='fAFx2OtYKGC5CuIj66BAE1Lsr_yNivKhVJB4m0j-OEA.cIe8hstUX_SsdChRTvNKGOxVpJi93odrubgYyo_4e9Y'
dvlist='test.xx.com#fAFx2OtYKGC5CuIj66BAE1Lsr_yNivKhVJB4m0j-OEA.cIe8hstUX_SsdChRTvNKGOxVpJi93odrubgYyo_4e9Y#https://acme-v02.api.letsencrypt.org/acme/chall-v3/3542018340/8vRlKg#dns-01#dns_dp'
d
vlist='test.xx.com#fAFx2OtYKGC5CuIj66BAE1Lsr_yNivKhVJB4m0j-OEA.cIe8hstUX_SsdChRTvNKGOxVpJi93odrubgYyo_4e9Y#https://acme-v02.api.letsencrypt.org/acme/chall-v3/3542018340/8vRlKg#dns-01#dns_dp,'
d='test.xx.com'
_d_alias
txtdomain='_acme-challenge.test.xx.com'
txt='bi-fQ_GVWp49TUEwGInAPzIfBM-Li_qGC5tn49nYFUQ'
d_api='/usr/local/acme.sh/dnsapi/dns_dp.sh'
Found domain api file: /usr/local/acme.sh/dnsapi/dns_dp.sh
Adding txt value: bi-fQ_GVWp49TUEwGInAPzIfBM-Li_qGC5tn49nYFUQ for domain:_acme-challenge.test.xx.com
First detect the root zone
Domain.Info
url='https://dnsapi.cn/Domain.Info'
POST
_post_url='https://dnsapi.cn/Domain.Info'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
Domain.Info
url='https://dnsapi.cn/Domain.Info'
POST
_post_url='https://dnsapi.cn/Domain.Info'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
Domain.Info
url='https://dnsapi.cn/Domain.Info'
POST
_post_url='https://dnsapi.cn/Domain.Info'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
invalid domain
Error add txt for domain:_acme-challenge.test.xx.com
_on_issue_err
Please check log file for more details: /usr/local/acme.sh/acme.sh.log
url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/3542018340/8vRlKg'
payload='{}'
POST
_post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/3542018340/8vRlKg'
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
code='200'
pid
No need to restore nginx, skip.
_clearupdns
dns_entries
skip dns.
只能看到错误是添加失败,不清楚什么原因,api上面你看一下开白名单了吗?
也可以改一下 /usr/local/acme.sh/account.conf 将 里面的 #LOG_LEVEL=1改成 LOG_LEVEL=2 然后重新生成证书,记录更详细的日志看看 licess 发表于 2020-3-25 09:01
只能看到错误是添加失败,不清楚什么原因,api上面你看一下开白名单了吗?
也可以改一下 /usr/local/acme.s ...
_CURL='curl -L --silent --dump-header /usr/local/acme.sh/http.header-g '
_ret='0'
response='{"status":{"code":"8","message":"\u57df\u540d\u4e0d\u6b63\u786e\uff0c\u8bf7\u8f93\u5165\u4e3b\u57df\u540d\uff0c\u5982 dnspod.cn","created_at":"2020-03-25 12:43:35"}}'
invalid domain
Error add txt for domain:_acme-challenge.beta.api.xc.cool
_on_issue_err
Please check log file for more details: /usr/local/acme.sh/acme.sh.log
api 没开白名单,是不是这个 response 的错 haaid 发表于 2020-3-25 12:50
api 没开白名单,是不是这个 response 的错
上面的\u57df\u540d\u4e0d\u6b63\u786e\uff0c\u8bf7\u8f93\u5165\u4e3b\u57df\u540d\uff0c\u5982 dnspod.cn
unicode转换过来就是: 域名不正确,请输入主域名,如 dnspod.cn 本帖最后由 foboy 于 2020-3-27 23:33 编辑
DNSPOD最近好像坏了,我买的新域名和以前成功过的老域名,现在全部添加记录时失败。提示:invalid domain
更换其他的DNS服务商就正常了。
确实是 dnspod 抽风,过了一段时间好了
页:
[1]