Jump to content
Froxlor Forum

MeinerEiner

Members
  • Content Count

    64
  • Joined

  • Last visited

Community Reputation

0 Neutral

About MeinerEiner

  • Rank
    Advanced Froxie

Recent Profile Visitors

966 profile views
  1. wrong key size... only 4096 supported not 8192. Sorry
  2. executing: /root/.acme.sh/acme.sh --issue -d xxxx.net --test -w /var/www/froxlor/ --debug leads to same result
  3. I started the cron job manually, same result: Verify error:The key authorization file from the server did not match this challenge Can you try to reproduce this on a testserver with a test domain? System: Debian Buster
  4. Ok... I'll do it. All files remove from: /var/www/froxlor/.well-known/acme-challenge delete folders /root/.acme.sh/[domain.tld] Now i'll wait 1h
  5. Acme.conf for Apache Alias "/.well-known/acme-challenge" "/var/www/froxlor/.well-known/acme-challenge" <Directory "/var/www/froxlor/.well-known/acme-challenge"> Require all granted </Directory>
  6. actual let's encrypt report: php /var/www/froxlor/scripts/froxlor_master_cronjob.php --force --debug [information] TasksCron: Searching for tasks to do [information] TasksCron: Task10 started - setting filesystem quota [information] Running Let's Encrypt cronjob prior to regenerating webserver config files [information] Requesting/renewing Let's Encrypt certificates [information] Creating certificate for xxxxxx.net [information] Adding SAN entry: xxxxxx.net [information] Adding SAN entry: www.xxxxxx.net [information] Checking for LetsEncrypt client upgrades before renewing certificates: [Tue Apr 28 13:49:23 CEST 2020] Already uptodate! [Tue Apr 28 13:49:23 CEST 2020] Upgrade success! [Tue Apr 28 13:49:24 CEST 2020] Removing cron job [Tue Apr 28 13:49:24 CEST 2020] Lets find script dir. [Tue Apr 28 13:49:24 CEST 2020] _SCRIPT_='/root/.acme.sh/acme.sh' [Tue Apr 28 13:49:24 CEST 2020] _script='/root/.acme.sh/acme.sh' [Tue Apr 28 13:49:24 CEST 2020] _script_home='/root/.acme.sh' [Tue Apr 28 13:49:24 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:49:24 CEST 2020] Using server: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:49:24 CEST 2020] Running cmd: issue [Tue Apr 28 13:49:24 CEST 2020] _main_domain='xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] _alt_domains='www.xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:49:24 CEST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:49:24 CEST 2020] DOMAIN_PATH='/root/.acme.sh/xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:49:24 CEST 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:49:24 CEST 2020] GET [Tue Apr 28 13:49:24 CEST 2020] url='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:49:24 CEST 2020] timeout= [Tue Apr 28 13:49:24 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:24 CEST 2020] ret='0' [Tue Apr 28 13:49:24 CEST 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change' [Tue Apr 28 13:49:24 CEST 2020] ACME_NEW_AUTHZ [Tue Apr 28 13:49:24 CEST 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:49:24 CEST 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct' [Tue Apr 28 13:49:24 CEST 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert' [Tue Apr 28 13:49:24 CEST 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf' [Tue Apr 28 13:49:24 CEST 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Tue Apr 28 13:49:24 CEST 2020] ACME_VERSION='2' [Tue Apr 28 13:49:24 CEST 2020] _on_before_issue [Tue Apr 28 13:49:24 CEST 2020] _chk_main_domain='xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] _chk_alt_domains='www.xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] Le_LocalAddress [Tue Apr 28 13:49:24 CEST 2020] d='xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] Check for domain='xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:49:24 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] Check for domain='www.xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:49:24 CEST 2020] d [Tue Apr 28 13:49:24 CEST 2020] _saved_account_key_hash is not changed, skip register account. [Tue Apr 28 13:49:24 CEST 2020] Read key length: [Tue Apr 28 13:49:24 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:49:24 CEST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:49:24 CEST 2020] Use length 8192 [Tue Apr 28 13:49:24 CEST 2020] Using RSA: 8192 [Tue Apr 28 13:49:28 CEST 2020] _createcsr [Tue Apr 28 13:49:28 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:49:28 CEST 2020] d [Tue Apr 28 13:49:28 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:49:28 CEST 2020] payload='{"identifiers": [{"type":"dns","value":"xxxxxx.net"},{"type":"dns","value":"www.xxxxxx.net"}]}' [Tue Apr 28 13:49:28 CEST 2020] RSA key [Tue Apr 28 13:49:28 CEST 2020] HEAD [Tue Apr 28 13:49:28 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Tue Apr 28 13:49:28 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g -I ' [Tue Apr 28 13:49:29 CEST 2020] _ret='0' [Tue Apr 28 13:49:29 CEST 2020] POST [Tue Apr 28 13:49:29 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:49:29 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:30 CEST 2020] _ret='0' [Tue Apr 28 13:49:30 CEST 2020] code='201' [Tue Apr 28 13:49:30 CEST 2020] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/79147307/3162587417' [Tue Apr 28 13:49:30 CEST 2020] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/79147307/3162587417' [Tue Apr 28 13:49:30 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/4232150773' [Tue Apr 28 13:49:30 CEST 2020] payload [Tue Apr 28 13:49:30 CEST 2020] POST [Tue Apr 28 13:49:30 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/4232150773' [Tue Apr 28 13:49:30 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:30 CEST 2020] _ret='0' [Tue Apr 28 13:49:30 CEST 2020] code='200' [Tue Apr 28 13:49:30 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/4232150774' [Tue Apr 28 13:49:30 CEST 2020] payload [Tue Apr 28 13:49:31 CEST 2020] POST [Tue Apr 28 13:49:31 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/4232150774' [Tue Apr 28 13:49:31 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:31 CEST 2020] _ret='0' [Tue Apr 28 13:49:31 CEST 2020] code='200' [Tue Apr 28 13:49:31 CEST 2020] d='xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] _w='/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw","token":"f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA"' [Tue Apr 28 13:49:31 CEST 2020] token='f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA' [Tue Apr 28 13:49:31 CEST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:31 CEST 2020] keyauthorization='f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o' [Tue Apr 28 13:49:31 CEST 2020] dvlist='xxxxxx.net#f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw#http-01#/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] _w='/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA","token":"oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI"' [Tue Apr 28 13:49:31 CEST 2020] token='oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI' [Tue Apr 28 13:49:31 CEST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA' [Tue Apr 28 13:49:31 CEST 2020] keyauthorization='oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o' [Tue Apr 28 13:49:31 CEST 2020] dvlist='www.xxxxxx.net#oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA#http-01#/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] d [Tue Apr 28 13:49:31 CEST 2020] vlist='xxxxxx.net#f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw#http-01#/var/www/froxlor/,www.xxxxxx.net#oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA#http-01#/var/www/froxlor/,' [Tue Apr 28 13:49:31 CEST 2020] d='xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] ok, let's start to verify [Tue Apr 28 13:49:31 CEST 2020] d='xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] keyauthorization='f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o' [Tue Apr 28 13:49:31 CEST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:31 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] wellknown_path='/var/www/froxlor//.well-known/acme-challenge' [Tue Apr 28 13:49:31 CEST 2020] writing token:f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA to /var/www/froxlor//.well-known/acme-challenge/f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA [Tue Apr 28 13:49:31 CEST 2020] Changing owner/group of .well-known to froxlorlocal:froxlorlocal [Tue Apr 28 13:49:31 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:31 CEST 2020] payload='{}' [Tue Apr 28 13:49:31 CEST 2020] POST [Tue Apr 28 13:49:31 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:31 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:32 CEST 2020] _ret='0' [Tue Apr 28 13:49:32 CEST 2020] code='200' [Tue Apr 28 13:49:32 CEST 2020] trigger validation code: 200 [Tue Apr 28 13:49:32 CEST 2020] sleep 2 secs to verify [Tue Apr 28 13:49:34 CEST 2020] checking [Tue Apr 28 13:49:34 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:34 CEST 2020] payload [Tue Apr 28 13:49:34 CEST 2020] POST [Tue Apr 28 13:49:34 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:34 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:35 CEST 2020] _ret='0' [Tue Apr 28 13:49:35 CEST 2020] code='200' [Tue Apr 28 13:49:35 CEST 2020] xxxxxx.net:Verify error:The key authorization file from the server did not match this challenge [Tue Apr 28 13:49:35 CEST 2020] Debug: get token url. [Tue Apr 28 13:49:35 CEST 2020] GET [Tue Apr 28 13:49:35 CEST 2020] url='http://xxxxxx.net/.well-known/acme-challenge/f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA' [Tue Apr 28 13:49:35 CEST 2020] timeout=1 [Tue Apr 28 13:49:35 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g --connect-timeout 1' [Tue Apr 28 13:49:35 CEST 2020] ret='0' [Tue Apr 28 13:49:35 CEST 2020] Debugging, skip removing: /var/www/froxlor//.well-known/acme-challenge/f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA [Tue Apr 28 13:49:35 CEST 2020] pid [Tue Apr 28 13:49:35 CEST 2020] No need to restore nginx, skip. [Tue Apr 28 13:49:35 CEST 2020] _clearupdns [Tue Apr 28 13:49:35 CEST 2020] dns_entries [Tue Apr 28 13:49:35 CEST 2020] skip dns. [Tue Apr 28 13:49:35 CEST 2020] _on_issue_err [Tue Apr 28 13:49:35 CEST 2020] Please add '--debug' or '--log' to check more details. [Tue Apr 28 13:49:35 CEST 2020] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Tue Apr 28 13:49:35 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:35 CEST 2020] payload='{}' [Tue Apr 28 13:49:35 CEST 2020] POST [Tue Apr 28 13:49:35 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:35 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:35 CEST 2020] _ret='0' [Tue Apr 28 13:49:35 CEST 2020] code='400' [Tue Apr 28 13:49:35 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA' [Tue Apr 28 13:49:35 CEST 2020] payload='{}' [Tue Apr 28 13:49:35 CEST 2020] POST [Tue Apr 28 13:49:35 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA' [Tue Apr 28 13:49:35 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:36 CEST 2020] _ret='0' [Tue Apr 28 13:49:36 CEST 2020] code='200' [Tue Apr 28 13:49:36 CEST 2020] socat doesn't exists. [Tue Apr 28 13:49:36 CEST 2020] Diagnosis versions: openssl:openssl OpenSSL 1.1.1d 10 Sep 2019 apache: apache doesn't exists. nginx: nginx doesn't exists. socat: [debug] https://github.com/acmesh-official/acme.sh v2.8.6 [Tue Apr 28 13:49:24 CEST 2020] Creating domain key [Tue Apr 28 13:49:28 CEST 2020] The domain key is here: /root/.acme.sh/xxxxxx.net/xxxxxx.net.key [Tue Apr 28 13:49:28 CEST 2020] Multi domain='DNS:xxxxxx.net,DNS:www.xxxxxx.net' [Tue Apr 28 13:49:28 CEST 2020] Getting domain auth token for each domain [Tue Apr 28 13:49:31 CEST 2020] Getting webroot for domain='xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] Getting webroot for domain='www.xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] Verifying: xxxxxx.net f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8 [error] Could not get Let's Encrypt certificate for xxxxxx.net: https://github.com/acmesh-official/acme.sh v2.8.6 [Tue Apr 28 13:49:24 CEST 2020] Creating domain key [Tue Apr 28 13:49:28 CEST 2020] The domain key is here: /root/.acme.sh/xxxxxx.net/xxxxxx.net.key [Tue Apr 28 13:49:28 CEST 2020] Multi domain='DNS:xxxxxxxxxxxx.net,DNS:www.xxxxxx.net' [Tue Apr 28 13:49:28 CEST 2020] Getting domain auth token for each domain [Tue Apr 28 13:49:31 CEST 2020] Getting webroot for domain='xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] Getting webroot for domain='www.xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] Verifying: xxxxxx.net f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8 [information] No new certificates or certificates due for renewal found [information] apache::createIpPort: creating ip/port settings for xx.xxx.xxx.xxx:80 [notice] xx.xxx.xxx.xxx:80 :: namevirtualhost-statement no longer needed for apache-2.4 [debug] xx.xxx.xxx.xxx:80 :: inserted vhostcontainer [information] apache::createIpPort: creating ip/port settings for xx.xxx.xxx.xxx:443 [debug] xx.xxx.xxx.xxx:443 :: inserted vhostcontainer [information] apache::createVirtualHosts: creating vhost container for domain 10, customer aos [information] apache::createVirtualHosts: creating vhost container for domain 8, customer hassinger-j [information] apache::createVirtualHosts: creating vhost container for domain 7, customer kreiselm-a [information] apache::createVirtualHosts: creating vhost container for domain 5, customer weiss-a [information] apache::createVirtualHosts: creating vhost container for domain 4, customer wolf-t [information] apache::createVirtualHosts: creating vhost container for domain 11, customer coepto [information] apache::createVirtualHosts: creating vhost container for domain 13, customer coepto [information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/ [information] apache::writeConfigs: rebuilding /etc/apache2/htpasswd/ [information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/ [information] Froxlor\Cron\Http\ApacheFcgi::reload: running service php7.3-fpm restart [information] Froxlor\Cron\Http\ApacheFcgi::reload: reloading Froxlor\Cron\Http\ApacheFcgi [notice] Creating passwd file [notice] Writing 8 entries to passwd file [notice] Succesfully wrote passwd file [notice] Creating group file [notice] Writing 6 entries to group file [notice] Succesfully wrote group file [notice] Creating shadow file [notice] Writing 8 entries to shadow file [notice] Succesfully wrote shadow file [notice] Checking system's last guid
  7. php errors are fixed... let's encrypt is still broken
  8. Ok php error fixed, by clicking ip and ports, save each ip and after that rebuild config. Seems something strange happens to vHost-Files
  9. I Still wait 4h to get new chance to request let's encrypt... There are many domains that needed to be renewed, but the failed requests matches the limit. So I decided to set let's encrypt job to once a day.
  10. Auszug aus --force --debug: [Tue Apr 28 13:01:41 CEST 2020] Lets find script dir. [Tue Apr 28 13:01:41 CEST 2020] _SCRIPT_='/root/.acme.sh/acme.sh' [Tue Apr 28 13:01:41 CEST 2020] _script='/root/.acme.sh/acme.sh' [Tue Apr 28 13:01:41 CEST 2020] _script_home='/root/.acme.sh' [Tue Apr 28 13:01:41 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:01:41 CEST 2020] Using server: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:01:41 CEST 2020] Running cmd: issue [Tue Apr 28 13:01:41 CEST 2020] _main_domain='xxxxxx.net' [Tue Apr 28 13:01:41 CEST 2020] _alt_domains='www.xxxxxx.net' [Tue Apr 28 13:01:41 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:01:41 CEST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:01:41 CEST 2020] DOMAIN_PATH='/root/.acme.sh/xxxxxx.net' [Tue Apr 28 13:01:41 CEST 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:01:41 CEST 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:01:41 CEST 2020] GET [Tue Apr 28 13:01:41 CEST 2020] url='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:01:41 CEST 2020] timeout= [Tue Apr 28 13:01:41 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:01:42 CEST 2020] ret='0' [Tue Apr 28 13:01:42 CEST 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change' [Tue Apr 28 13:01:42 CEST 2020] ACME_NEW_AUTHZ [Tue Apr 28 13:01:42 CEST 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:01:42 CEST 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct' [Tue Apr 28 13:01:42 CEST 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert' [Tue Apr 28 13:01:42 CEST 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf' [Tue Apr 28 13:01:42 CEST 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Tue Apr 28 13:01:42 CEST 2020] ACME_VERSION='2' [Tue Apr 28 13:01:42 CEST 2020] Le_NextRenewTime [Tue Apr 28 13:01:42 CEST 2020] _on_before_issue [Tue Apr 28 13:01:42 CEST 2020] _chk_main_domain='xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] _chk_alt_domains='www.xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] Le_LocalAddress [Tue Apr 28 13:01:42 CEST 2020] d='xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] Check for domain='xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:01:42 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] Check for domain='www.xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:01:42 CEST 2020] d [Tue Apr 28 13:01:42 CEST 2020] _saved_account_key_hash is not changed, skip register account. [Tue Apr 28 13:01:42 CEST 2020] Read key length:8192 [Tue Apr 28 13:01:42 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:01:42 CEST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:01:42 CEST 2020] Use length 8192 [Tue Apr 28 13:01:42 CEST 2020] Using RSA: 8192 [Tue Apr 28 13:01:46 CEST 2020] _createcsr [Tue Apr 28 13:01:46 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:01:46 CEST 2020] d [Tue Apr 28 13:01:46 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:01:46 CEST 2020] payload='{"identifiers": [{"type":"dns","value":"xxxxxx.net"},{"type":"dns","value":"www.xxxxxx.net"}]}' [Tue Apr 28 13:01:46 CEST 2020] RSA key [Tue Apr 28 13:01:46 CEST 2020] HEAD [Tue Apr 28 13:01:46 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Tue Apr 28 13:01:46 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g -I ' [Tue Apr 28 13:01:47 CEST 2020] _ret='0' [Tue Apr 28 13:01:47 CEST 2020] POST [Tue Apr 28 13:01:47 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:01:47 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:01:47 CEST 2020] _ret='0' [Tue Apr 28 13:01:47 CEST 2020] code='429' [Tue Apr 28 13:01:47 CEST 2020] Le_LinkOrder [Tue Apr 28 13:01:47 CEST 2020] Le_OrderFinalize [Tue Apr 28 13:01:47 CEST 2020] Create new order error. Le_OrderFinalize not found. { "type": "urn:ietf:params:acme:error:rateLimited", "detail": "Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/", "status": 429 } [Tue Apr 28 13:01:48 CEST 2020] pid [Tue Apr 28 13:01:48 CEST 2020] No need to restore nginx, skip. [Tue Apr 28 13:01:48 CEST 2020] _clearupdns [Tue Apr 28 13:01:48 CEST 2020] dns_entries [Tue Apr 28 13:01:48 CEST 2020] skip dns. [Tue Apr 28 13:01:48 CEST 2020] _on_issue_err [Tue Apr 28 13:01:48 CEST 2020] Please add '--debug' or '--log' to check more details. [Tue Apr 28 13:01:48 CEST 2020] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Tue Apr 28 13:01:48 CEST 2020] socat doesn't exists. [Tue Apr 28 13:01:48 CEST 2020] Diagnosis versions: openssl:openssl OpenSSL 1.1.1d 10 Sep 2019 apache: apache doesn't exists. nginx: nginx doesn't exists. socat:
  11. Hello, we have upgraded the systems to 0.10.15. Now lets encrypt is not working anymore for domains. Previous version 0.10.13 works well. I get this error from lets encrypt: { "type": "urn:ietf:params:acme:error:malformed", "detail": "Method not allowed", "status": 405 } [information] TasksCron: Searching for tasks to do [information] TasksCron: Task10 started - setting filesystem quota [information] Running Let's Encrypt cronjob prior to regenerating webserver config files [information] Requesting/renewing Let's Encrypt certificates [information] Creating certificate for xxxxx.net [information] Adding SAN entry: xxxxx.net [information] Adding SAN entry: www.xxxxx.net [information] Checking for LetsEncrypt client upgrades before renewing certificates: [Tue Apr 28 11:31:18 CEST 2020] Already uptodate! [Tue Apr 28 11:31:18 CEST 2020] Upgrade success! [Tue Apr 28 11:31:18 CEST 2020] Removing cron job [debug] https://github.com/acmesh-official/acme.sh v2.8.6 [Tue Apr 28 11:31:19 CEST 2020] Creating domain key [Tue Apr 28 11:31:22 CEST 2020] The domain key is here: /root/.acme.sh/xxxxx.net/xxxxx.net.key [Tue Apr 28 11:31:22 CEST 2020] Multi domain='DNS:xxxxx.net,DNS:www.xxxxx.net' [Tue Apr 28 11:31:22 CEST 2020] Getting domain auth token for each domain [Tue Apr 28 11:31:25 CEST 2020] Getting webroot for domain='xxxxx.net' [Tue Apr 28 11:31:25 CEST 2020] Getting webroot for domain='www.xxxxx.net' [Tue Apr 28 11:31:25 CEST 2020] Verifying: xxxxx.net fqIIDl1N0TVk25kM3t8VF7NR-dFV1jUl1XF358An8K0.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8 [error] Could not get Let's Encrypt certificate for xxxxx.net: https://github.com/acmesh-official/acme.sh v2.8.6 [Tue Apr 28 11:31:19 CEST 2020] Creating domain key [Tue Apr 28 11:31:22 CEST 2020] The domain key is here: /root/.acme.sh/xxxxx.net/xxxxx.net.key [Tue Apr 28 11:31:22 CEST 2020] Multi domain='DNS:xxxxx.net,DNS:www.xxxxx.net' [Tue Apr 28 11:31:22 CEST 2020] Getting domain auth token for each domain [Tue Apr 28 11:31:25 CEST 2020] Getting webroot for domain='xxxxx.net' [Tue Apr 28 11:31:25 CEST 2020] Getting webroot for domain='www.xxxxx.net' [Tue Apr 28 11:31:25 CEST 2020] Verifying: xxxxx.net fqIIDl1N0TVk25kM3t8VF7NR-dFV1jUl1XF358An8K0.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8 Settings: SSL Let's Encrypt enabled with 8192 key. Kind regards, Daniel
  12. Hello, PHP-FPM versions: System default -> default froxlor as described above (No overide deamon settings possible) PHP-CONFIGURATIONS: PHP-FPM config: System default Add "-pass-header Authorization" / "CGIPassAuth On" to vhosts: is deactivated Override FPM-daemon settings (pm, max_children, etc.): is activated Process manager control (pm): dynamic The number of child processes: 1 The number of child processes created on startup: 20 The desired minimum number of idle server processes: 5 The desired maximum number of idle server processes: 35 Requests per child before respawning: 0 Idle Timeout: 30
  13. Hello, System: Debian Buster with Froxlor 0.10.12, PHP7.3 and activated php-fpm Settings php-fpm: Process manager control (pm): dynamic The number of child processes: 1 The number of child processes created on startup: 20 The desired minimum number of idle server processes: 5 The desired maximum number of idle server processes: 35 Requests per child before respawning: 0 Idle Timeout: 30 Now rebuild config for domains and the files in /etc/php/7.3/fpm/pool.d contains following php-fpm settings: pm = dynamic pm.max_children = 1 pm.start_servers = 1 pm.min_spare_servers = 1 pm.max_spare_servers = 1 pm.max_requests = 0 request_terminate_timeout = 60s request_slowlog_timeout = 5s so the values are not the configured ones. Did i do something wrong? Php-fpm values are not overriden in custom php-config for domains.
  14. Strange things happend. With current version 0.10.11 it is working without changes. I created that customer with 0.9.x and migrate to 0.10.x so something must happend before. But now it is working thanks alot.
×
×
  • Create New...