VPS侦探论坛

标题: 求助 acme配置问题 [打印本页]

---

作者: sushome    时间: 2024-7-17 16:00
标题: 求助 acme配置问题


这个问题困扰我几年了，最近一直想搞好，每次ssl过期都手动申请然后替换文件太痛苦了，我是在freessl中通过acme专属链接去申请证书的：

当前lnmp版本1.4

1. acme.sh --issue -d domain.com --dns dns_dp --server https://acme.freessl.cn/v2/DV90/directory/xxx

复制代码

然后就报这个错：

1. [Wed Jul 17 15:44:00 CST 2024] Error creating new order. Le_OrderFinalize not found. {
   
2.   "type": "urn:ietf:params:acme:error:malformed",
   
3.   "detail": "Trace-ID: 2ecba9be28aeb3df2354f5fa1e350679, KeyID header contained an invalid account URL: "https://acme.freessl.cn/acme/acct/1187"",
   
4.   "status": 400
   
5. }
   
6. [Wed Jul 17 15:44:00 CST 2024] Please check log file for more details: /root/.acme.sh/acme.sh.log

复制代码

我已经配置了一个80端口和443端口，80端口重定向到443，但是一直这个问题，以下是log:

1. [Wed Jul 17 15:14:41 CST 2024] LE_WORKING_DIR='/root/.acme.sh'
   
2. [Wed Jul 17 15:14:41 CST 2024] Running cmd: issue
   
3. [Wed Jul 17 15:14:41 CST 2024] _main_domain='domain.com'
   
4. [Wed Jul 17 15:14:41 CST 2024] _alt_domains='no'
   
5. [Wed Jul 17 15:14:41 CST 2024] Using config home: /root/.acme.sh
   
6. [Wed Jul 17 15:14:41 CST 2024] ACME_DIRECTORY='https://acme.freessl.cn/v2/DV90/directory/xxx'
   
7. [Wed Jul 17 15:14:41 CST 2024] _ACME_SERVER_HOST='acme.freessl.cn'
   
8. [Wed Jul 17 15:14:41 CST 2024] _ACME_SERVER_PATH='v2/DV90/directory/xxx'
   
9. [Wed Jul 17 15:14:41 CST 2024] DOMAIN_PATH='/root/.acme.sh/domain.com_ecc'
   
10. [Wed Jul 17 15:14:41 CST 2024] 'dns_dp' does not contain 'dns'
    
11. [Wed Jul 17 15:14:41 CST 2024] Le_NextRenewTime
    
12. [Wed Jul 17 15:14:41 CST 2024] Using ACME_DIRECTORY: https://acme.freessl.cn/v2/DV90/directory/xxx
    
13. [Wed Jul 17 15:14:41 CST 2024] _init API for server: https://acme.freessl.cn/v2/DV90/directory/xxx
    
14. [Wed Jul 17 15:14:41 CST 2024] GET
    
15. [Wed Jul 17 15:14:41 CST 2024] url='https://acme.freessl.cn/v2/DV90/directory/xxx'
    
16. [Wed Jul 17 15:14:41 CST 2024] timeout=
    
17. [Wed Jul 17 15:14:41 CST 2024] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    
18. [Wed Jul 17 15:14:42 CST 2024] ret='0'
    
19. [Wed Jul 17 15:14:42 CST 2024] response='{
    
20.     字数限制此处省略
    
21. }'
    
22. [Wed Jul 17 15:14:42 CST 2024] ACME_KEY_CHANGE='https://acme.freessl.cn/v2/DV90/key-change/xxx'
    
23. [Wed Jul 17 15:14:42 CST 2024] ACME_NEW_AUTHZ
    
24. [Wed Jul 17 15:14:42 CST 2024] ACME_NEW_ORDER='https://acme.freessl.cn/v2/DV90/new-order/xxx'
    
25. [Wed Jul 17 15:14:42 CST 2024] ACME_NEW_ACCOUNT='https://acme.freessl.cn/v2/DV90/new-account/xxx'
    
26. [Wed Jul 17 15:14:42 CST 2024] ACME_REVOKE_CERT='https://acme.freessl.cn/v2/DV90/revoke-cert/xxx'
    
27. [Wed Jul 17 15:14:42 CST 2024] ACME_AGREEMENT='https://secure.trust-provider.com/repository/docs/Legacy/20201020_Certificate_Subscriber_Agreement_v_2_4_click.pdf'
    
28. [Wed Jul 17 15:14:42 CST 2024] ACME_NEW_NONCE='https://acme.freessl.cn/v2/DV90/new-nonce/xxx'
    
29. [Wed Jul 17 15:14:43 CST 2024] Using CA: https://acme.freessl.cn/v2/DV90/directory/xxx
    
30. [Wed Jul 17 15:14:43 CST 2024] _on_before_issue
    
31. [Wed Jul 17 15:14:43 CST 2024] _chk_main_domain='domain.com'
    
32. [Wed Jul 17 15:14:43 CST 2024] _chk_alt_domains
    
33. [Wed Jul 17 15:14:43 CST 2024] 'dns_dp' does not contain 'no'
    
34. [Wed Jul 17 15:14:43 CST 2024] Le_LocalAddress
    
35. [Wed Jul 17 15:14:43 CST 2024] d='domain.com'
    
36. [Wed Jul 17 15:14:43 CST 2024] Checking for domain='domain.com'
    
37. [Wed Jul 17 15:14:43 CST 2024] _currentRoot='dns_dp'
    
38. [Wed Jul 17 15:14:43 CST 2024] d
    
39. [Wed Jul 17 15:14:43 CST 2024] 'dns_dp' does not contain 'apache'
    
40. [Wed Jul 17 15:14:43 CST 2024] _saved_account_key_hash='SRiWDVHyGE80gxpaoQEU7R70B1rlhmYJIDfIo9oZK1g='
    
41. [Wed Jul 17 15:14:43 CST 2024] _saved_account_key_hash was not changed, skipping account registration.
    
42. [Wed Jul 17 15:14:43 CST 2024] Read key length: ec-256
    
43. [Wed Jul 17 15:14:43 CST 2024] _createcsr
    
44. [Wed Jul 17 15:14:43 CST 2024] domain='domain.com'
    
45. [Wed Jul 17 15:14:43 CST 2024] domainlist
    
46. [Wed Jul 17 15:14:43 CST 2024] csrkey='/root/.acme.sh/domain.com_ecc/domain.com.key'
    
47. [Wed Jul 17 15:14:43 CST 2024] csr='/root/.acme.sh/domain.com_ecc/domain.com.csr'
    
48. [Wed Jul 17 15:14:43 CST 2024] csrconf='/root/.acme.sh/domain.com_ecc/domain.com.csr.conf'
    
49. [Wed Jul 17 15:14:43 CST 2024] Single domain='domain.com'
    
50. [Wed Jul 17 15:14:43 CST 2024] seg='domain'
    
51. [Wed Jul 17 15:14:43 CST 2024] _is_idn_d='domain.com'
    
52. [Wed Jul 17 15:14:43 CST 2024] _idn_temp
    
53. [Wed Jul 17 15:14:43 CST 2024] _is_idn_d='domain.com'
    
54. [Wed Jul 17 15:14:43 CST 2024] _idn_temp
    
55. [Wed Jul 17 15:14:43 CST 2024] _csr_cn='domain.com'
    
56. [Wed Jul 17 15:14:43 CST 2024] seg='domain'
    
57. [Wed Jul 17 15:14:43 CST 2024] Getting domain auth token for each domain
    
58. [Wed Jul 17 15:14:43 CST 2024] seg='domain'
    
59. [Wed Jul 17 15:14:43 CST 2024] _is_idn_d='domain.com'
    
60. [Wed Jul 17 15:14:43 CST 2024] _idn_temp
    
61. [Wed Jul 17 15:14:43 CST 2024] d
    
62. [Wed Jul 17 15:14:43 CST 2024] _identifiers='{"type":"dns","value":"domain.com"}'
    
63. [Wed Jul 17 15:14:43 CST 2024] _notBefore
    
64. [Wed Jul 17 15:14:43 CST 2024] _notAfter
    
65. [Wed Jul 17 15:14:43 CST 2024] STEP 1, Ordering a Certificate
    
66. [Wed Jul 17 15:14:43 CST 2024] =======Sending Signed Request=======
    
67. [Wed Jul 17 15:14:43 CST 2024] url='https://acme.freessl.cn/v2/DV90/new-order/xxx'
    
68. [Wed Jul 17 15:14:43 CST 2024] payload='{"identifiers": [{"type":"dns","value":"domain.com"}]}'
    
69. [Wed Jul 17 15:14:43 CST 2024] RSA key
    
70. [Wed Jul 17 15:14:43 CST 2024] _URGLY_PRINTF
    
71. [Wed Jul 17 15:14:43 CST 2024] xargs
    
72. [Wed Jul 17 15:14:43 CST 2024] _URGLY_PRINTF
    
73. [Wed Jul 17 15:14:43 CST 2024] xargs
    
74. [Wed Jul 17 15:14:43 CST 2024] Get nonce with HEAD. ACME_NEW_NONCE='https://acme.freessl.cn/v2/DV90/new-nonce/xxx'
    
75. [Wed Jul 17 15:14:43 CST 2024] HEAD
    
76. [Wed Jul 17 15:14:43 CST 2024] _post_url='https://acme.freessl.cn/v2/DV90/new-nonce/xxx'
    
77. [Wed Jul 17 15:14:43 CST 2024] body
    
78. [Wed Jul 17 15:14:43 CST 2024] _postContentType='application/jose+json'
    
79. [Wed Jul 17 15:14:43 CST 2024] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g  -I  '
    
80. [Wed Jul 17 15:14:44 CST 2024] _ret='0'
    
81. [Wed Jul 17 15:14:44 CST 2024] _headers='HTTP/1.1 200 OK
    
82. Date: Wed, 17 Jul 2024 07:27:01 GMT
    
83. Connection: keep-alive
    
84. Cache-Control: no-store
    
85. Link: <https://acme.freessl.cn/v2/DV90/directory/xxx>;rel="index"
    
86. Replay-Nonce: tnjwvoL8wKi-yFZT9s9Crf8JXquWuGq-4vcrIq7a-Io
    
87. X-Trace-Id: 000c89ad320e4976f44cfb43895cef0b
    
88. Server: nginx
    
89. 
    
90. '
    
91. [Wed Jul 17 15:14:44 CST 2024] _CACHED_NONCE='tnjwvoL8wKi-yFZT9s9Crf8JXquWuGq-4vcrIq7a-Io'
    
92. [Wed Jul 17 15:14:44 CST 2024] nonce='tnjwvoL8wKi-yFZT9s9Crf8JXquWuGq-4vcrIq7a-Io'
    
93. [Wed Jul 17 15:14:44 CST 2024] POST
    
94. [Wed Jul 17 15:14:44 CST 2024] _post_url='https://acme.freessl.cn/v2/DV90/new-order/xxx'
    
95. [Wed Jul 17 15:14:44 CST 2024] body='{"protected": "eyJub25jZSI6ICJ0bmp3dm9MOHdLaS15RlpUOXM5Q3JmOEpYcXVXdUdxLTR2Y3JJcTdhLUlvIiwgInVybCI6ICJodHRwczovL2FjbWUuZnJlZXNzbC5jbi92Mi9EVjkwL25ldy1vcmRlci9iczMydm84cGZ6dWE5d2tzMTRtMiIsICJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS5mcmVlc3NsLmNuL2FjbWUvYWNjdC8xMTg3In0", "payload": "eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6InN1c2hvbWUudXMifV19", "signature": "orCWYYfOxtSSRJjwabcxuUoZwqariasJUuF0_S0tlR60tyeLt2iUzmCds9w3J8dAfCFukp7GadOE5PCroSMTg1QZklmVMymVs0QXVBZxzoK4BD81PdOKWgGgKiZRyJST_tGUSMm4T5t6AZvNoWriLKxYtFopvSlZsq5BFzgBQv46h22SueEyudFBr4hpcdL7pZKDFCNZStSNqH9qrLtisJs7MuknUUxMnZWnrSMLqRUv9IFzwojEgSOYr-YCRrb1-Xx8UhXQsUA-RWdH-hSODLYmmwG-1SxQeydFs7-cf-PqVW9VloHQf7PvTUpGUseXytjbvQO0cTigDAq5XOvxqQ"}'
    
96. [Wed Jul 17 15:14:44 CST 2024] _postContentType='application/jose+json'
    
97. [Wed Jul 17 15:14:44 CST 2024] Http already initialized.
    
98. [Wed Jul 17 15:14:44 CST 2024] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    
99. [Wed Jul 17 15:14:46 CST 2024] _ret='0'
    
100. [Wed Jul 17 15:14:46 CST 2024] responseHeaders='HTTP/1.1 400 Bad Request
     
101. Date: Wed, 17 Jul 2024 07:27:03 GMT
     
102. Content-Type: application/problem+json
     
103. Content-Length: 218
     
104. Connection: keep-alive
     
105. Cache-Control: no-store
     
106. Link: <https://acme.freessl.cn/v2/DV90/directory/xxx>;rel="index"
     
107. Replay-Nonce: P5ClDaTWcHsQptuPzxYNgNEs3HE_p1r-g6OGarrxVdE
     
108. X-Trace-Id: 33edf47a336eb04e262ec0d0f82be84f
     
109. Server: nginx
     
110. 
     
111. '
     
112. [Wed Jul 17 15:14:46 CST 2024] code='400'
     
113. [Wed Jul 17 15:14:46 CST 2024] original='{
     
114.   "type": "urn:ietf:params:acme:error:malformed",
     
115.   "detail": "Trace-ID: 33edf47a336eb04e262ec0d0f82be84f, KeyID header contained an invalid account URL: "https://acme.freessl.cn/acme/acct/1187"",
     
116.   "status": 400
     
117. }'
     
118. [Wed Jul 17 15:14:46 CST 2024] response='{
     
119.   "type": "urn:ietf:params:acme:error:malformed",
     
120.   "detail": "Trace-ID: 33edf47a336eb04e262ec0d0f82be84f, KeyID header contained an invalid account URL: "https://acme.freessl.cn/acme/acct/1187"",
     
121.   "status": 400
     
122. }'
     
123. [Wed Jul 17 15:14:46 CST 2024] Le_LinkOrder
     
124. [Wed Jul 17 15:14:46 CST 2024] Le_OrderFinalize
     
125. [Wed Jul 17 15:14:46 CST 2024] Error creating new order. Le_OrderFinalize not found. {
     
126.   "type": "urn:ietf:params:acme:error:malformed",
     
127.   "detail": "Trace-ID: 33edf47a336eb04e262ec0d0f82be84f, KeyID header contained an invalid account URL: "https://acme.freessl.cn/acme/acct/1187"",
     
128.   "status": 400
     
129. }
     
130. [Wed Jul 17 15:14:46 CST 2024] pid
     
131. [Wed Jul 17 15:14:46 CST 2024] No need to restore nginx config, skipping.
     
132. [Wed Jul 17 15:14:46 CST 2024] _clearupdns
     
133. [Wed Jul 17 15:14:46 CST 2024] dns_entries
     
134. [Wed Jul 17 15:14:46 CST 2024] Skipping dns.
     
135. [Wed Jul 17 15:14:46 CST 2024] _on_issue_err
     
136. [Wed Jul 17 15:14:46 CST 2024] Please check log file for more details: /root/.acme.sh/acme.sh.log
     
137. [Wed Jul 17 15:14:46 CST 2024] _chk_vlist
     

复制代码

---

作者: sushome    时间: 2024-7-17 16:10
一直不知道咋整，一发帖立马就找到原因，已解决：
卸载acme.sh，清理acme.sh缓存信息，重装acme.sh，重新生成证书。

a. 卸载acme.sh

acme.sh –uninstall

b. 清理acme.sh缓存

cd /root/.acme.sh

rm -rf *

c. 重装acme.sh

---

欢迎光临 VPS侦探论坛 (https://bbs.lnmp.com/)

Powered by Discuz! X3.4