New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue with --tls --test on "asuswrt stock firmware" #1266
Comments
Tls-sni-01 has been disabled for new accounts
https://community.letsencrypt.org/t/2018-01-11-update-regarding-acme-tls-sni-and-shared-hosting-infrastructure/50188
…--
Fernando Miguel
On 15 Feb 2018 06:23, "stevebovy" ***@***.***> wrote:
Steps to reproduce
./acme.sh --issue -d home.miscbitbag.org --test --tls --pre-hook "service
stop_webdav" --home /jffs/acme.sh --debug --log
--log
Debug log
***@***.***_B1:/jffs/acme.sh# ./acme.sh --issue -d
home.miscbitbag.org --test --tls --pre-hook "service stop_webdav" --home
/jffs/acme.sh --debug --log
[Wed Feb 14 22:18:07 PST 2018] Lets find script dir.
[Wed Feb 14 22:18:07 PST 2018] *SCRIPT*='./acme.sh'
[Wed Feb 14 22:18:07 PST 2018] _script='/jffs/acme.sh/acme.sh'
[Wed Feb 14 22:18:07 PST 2018] _script_home='/jffs/acme.sh'
[Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
https://github.com/Neilpang/acme.sh
v2.7.7
[Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
[Wed Feb 14 22:18:07 PST 2018] Using stage ACME_DIRECTORY:
https://acme-staging.api.letsencrypt.org/directory
[Wed Feb 14 22:18:07 PST 2018] DOMAIN_PATH='/jffs/acme.sh/
home.miscbitbag.org'
[Wed Feb 14 22:18:08 PST 2018] Using ACME_DIRECTORY:
https://acme-staging.api.letsencrypt.org/directory
[Wed Feb 14 22:18:08 PST 2018] _init api for server:
https://acme-staging.api.letsencrypt.org/directory
[Wed Feb 14 22:18:08 PST 2018] GET
[Wed Feb 14 22:18:08 PST 2018] url='https://acme-staging.api.
letsencrypt.org/directory'
[Wed Feb 14 22:18:08 PST 2018] timeout=
[Wed Feb 14 22:18:08 PST 2018] _CURL='curl -L --silent --dump-header /jffs/
acme.sh/http.header -g '
[Wed Feb 14 22:18:08 PST 2018] ret='0'
[Wed Feb 14 22:18:08 PST 2018] ACME_KEY_CHANGE='https://acme-
staging.api.letsencrypt.org/acme/key-change'
[Wed Feb 14 22:18:08 PST 2018] ACME_NEW_AUTHZ='https://acme-
staging.api.letsencrypt.org/acme/new-authz'
[Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ORDER='https://acme-
staging.api.letsencrypt.org/acme/new-cert'
[Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ACCOUNT='https://
acme-staging.api.letsencrypt.org/acme/new-reg'
[Wed Feb 14 22:18:08 PST 2018] ACME_REVOKE_CERT='https://
acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Wed Feb 14 22:18:08 PST 2018] ACME_AGREEMENT='https://
letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Wed Feb 14 22:18:08 PST 2018] ACME_NEW_NONCE
[Wed Feb 14 22:18:08 PST 2018] ACME_VERSION
[Wed Feb 14 22:18:08 PST 2018] Le_NextRenewTime
[Wed Feb 14 22:18:09 PST 2018] _on_before_issue
[Wed Feb 14 22:18:09 PST 2018] Run pre hook:'service stop_webdav'
Done.
[Wed Feb 14 22:18:09 PST 2018] Le_LocalAddress
[Wed Feb 14 22:18:09 PST 2018] Check for domain='home.miscbitbag.org'
[Wed Feb 14 22:18:09 PST 2018] _currentRoot='tls'
[Wed Feb 14 22:18:10 PST 2018] Standalone tls mode.
[Wed Feb 14 22:18:10 PST 2018] _checkport='443'
[Wed Feb 14 22:18:10 PST 2018] _checkaddr
[Wed Feb 14 22:18:10 PST 2018] Using: netstat
[Wed Feb 14 22:18:10 PST 2018] _saved_account_key_hash is not changed,
skip register account.
[Wed Feb 14 22:18:11 PST 2018] Read key length:
[Wed Feb 14 22:18:11 PST 2018] _createcsr
[Wed Feb 14 22:18:11 PST 2018] Single domain='home.miscbitbag.org'
[Wed Feb 14 22:18:11 PST 2018] Getting domain auth token for each domain
[Wed Feb 14 22:18:11 PST 2018] Getting webroot for domain='
home.miscbitbag.org'
[Wed Feb 14 22:18:11 PST 2018] _w='tls'
[Wed Feb 14 22:18:11 PST 2018] _currentRoot='tls'
[Wed Feb 14 22:18:11 PST 2018] Getting new-authz for domain='
home.miscbitbag.org'
[Wed Feb 14 22:18:11 PST 2018] _init api for server:
https://acme-staging.api.letsencrypt.org/directory
[Wed Feb 14 22:18:11 PST 2018] Try new-authz for the 0 time.
[Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
letsencrypt.org/acme/new-authz'
[Wed Feb 14 22:18:11 PST 2018] payload='{"resource": "new-authz",
"identifier": {"type": "dns", "value": "home.miscbitbag.org"}}'
[Wed Feb 14 22:18:11 PST 2018] RSA key
[Wed Feb 14 22:18:11 PST 2018] GET
[Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
letsencrypt.org/directory'
[Wed Feb 14 22:18:11 PST 2018] timeout=
[Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header /jffs/
acme.sh/http.header -g '
[Wed Feb 14 22:18:12 PST 2018] ret='0'
[Wed Feb 14 22:18:12 PST 2018] POST
[Wed Feb 14 22:18:12 PST 2018] _post_url='https://acme-
staging.api.letsencrypt.org/acme/new-authz'
[Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header /jffs/
acme.sh/http.header -g '
[Wed Feb 14 22:18:13 PST 2018] _ret='0'
[Wed Feb 14 22:18:13 PST 2018] code='201'
[Wed Feb 14 22:18:13 PST 2018] The new-authz request is ok.
[Wed Feb 14 22:18:13 PST 2018] entry
[Wed Feb 14 22:18:13 PST 2018] Error, can not get domain token entry
home.miscbitbag.org
[Wed Feb 14 22:18:13 PST 2018] pid
[Wed Feb 14 22:18:13 PST 2018] No need to restore nginx, skip.
[Wed Feb 14 22:18:13 PST 2018] _clearupdns
[Wed Feb 14 22:18:13 PST 2018] skip dns.
[Wed Feb 14 22:18:13 PST 2018] _on_issue_err
[Wed Feb 14 22:18:13 PST 2018] Please check log file for more details:
/jffs/acme.sh/acme.sh.log
[Wed Feb 14 22:18:14 PST 2018] Diagnosis versions:
openssl:openssl
OpenSSL 1.0.2j 26 Sep 2016
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
socat:
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
Usage:
socat [options]
options:
-V print version and feature information to stdout, and exit
-h|-? print a help text describing command line options and addresses
-hh like -h, plus a list of all common address option names
-hhh like -hh, plus a list of all available address option names
-d increase verbosity (use up to 4 times; 2 are recommended)
-D analyze file descriptors before loop
-ly[facility] log to syslog, using facility (default is daemon)
-lf log to file
-ls log to stderr (default if no other log)
-lm[facility] mixed log mode (stderr during initialization, then syslog)
-lp set the program name used for logging
-lu use microseconds for logging timestamps
-lh add hostname to log messages
-v verbose data traffic, text
-x verbose data traffic, hexadecimal
-b<size_t> set data buffer size (8192)
-s sloppy (continue on error)
-t wait seconds before closing second channel
-T total inactivity timeout in seconds
-u unidirectional mode (left to right)
-U unidirectional mode (right to left)
-g do not check option groups
-L try to obtain lock, or fail
-W try to obtain lock, or wait
-4 prefer IPv4 if version is not explicitly specified
-6 prefer IPv6 if version is not explicitly specified
bi-address:
pipe[,] groups=FD,FIFO
!!
single-address:
[,]
address-head:
abstract-client: groups=FD,SOCKET,RETRY,UNIX
abstract-connect: groups=FD,SOCKET,RETRY,UNIX
abstract-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,UNIX
abstract-recv: groups=FD,SOCKET,RETRY,UNIX
abstract-recvfrom: groups=FD,SOCKET,CHILD,RETRY,UNIX
abstract-sendto: groups=FD,SOCKET,RETRY,UNIX
create: groups=FD,REG,NAMED
exec: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
fd: groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
gopen: groups=FD,FIFO,CHR,BLK,REG,SOCKET,NAMED,OPEN,TERMIOS,UNIX
interface: groups=FD,SOCKET
ip-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6
ip-recv: groups=FD,SOCKET,RANGE,IP4,IP6
ip-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6
ip-sendto:: groups=FD,SOCKET,IP4,IP6
ip4-datagram:: groups=FD,SOCKET,RANGE,IP4
ip4-recv: groups=FD,SOCKET,RANGE,IP4
ip4-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4
ip4-sendto:: groups=FD,SOCKET,IP4
ip6-datagram:: groups=FD,SOCKET,RANGE,IP6
ip6-recv: groups=FD,SOCKET,RANGE,IP6
ip6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6
ip6-sendto:: groups=FD,SOCKET,IP6
open: groups=FD,FIFO,CHR,BLK,REG,NAMED,OPEN,TERMIOS
openssl:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,OPENSSL
openssl-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP,
OPENSSL
pipe: groups=FD,FIFO,NAMED,OPEN
proxy::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,HTTP
pty groups=FD,NAMED,TERMIOS,PTY
sctp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,SCTP
sctp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,SCTP
sctp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,SCTP
sctp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,SCTP
sctp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,SCTP
sctp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,SCTP
socket-connect::: groups=FD,SOCKET,CHILD,RETRY
socket-datagram:::: groups=FD,SOCKET,RANGE
socket-listen::: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE
socket-recv:::: groups=FD,SOCKET,RANGE
socket-recvfrom:::: groups=FD,SOCKET,CHILD,RANGE
socket-sendto:::: groups=FD,SOCKET
socks4::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
socks4a::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
stderr groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdin groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdio groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdout groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
system: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
tcp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP
tcp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP
tcp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,TCP
tcp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,TCP
tcp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,TCP
tcp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,TCP
tun[:/] groups=FD,CHR,NAMED,OPEN,INTERFACE
udp-connect:: groups=FD,SOCKET,IP4,IP6,UDP
udp-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
udp-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,IP6,UDP
udp-recv: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
udp-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6,UDP
udp-sendto:: groups=FD,SOCKET,IP4,IP6,UDP
udp4-connect:: groups=FD,SOCKET,IP4,UDP
udp4-datagram:: groups=FD,SOCKET,RANGE,IP4,UDP
udp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,UDP
udp4-recv: groups=FD,SOCKET,RANGE,IP4,UDP
udp4-recvfrom:: groups=FD,SOCKET,CHILD,RANGE,IP4,UDP
udp4-sendto:: groups=FD,SOCKET,IP4,UDP
udp6-connect:: groups=FD,SOCKET,IP6,UDP
udp6-datagram:: groups=FD,SOCKET,RANGE,IP6,UDP
udp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP6,UDP
udp6-recv: groups=FD,SOCKET,RANGE,IP6,UDP
udp6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6,UDP
udp6-sendto:: groups=FD,SOCKET,IP6,UDP
unix-client: groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-connect: groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-listen: groups=FD,SOCKET,NAMED,LISTEN,CHILD,RETRY,UNIX
unix-recv: groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-recvfrom: groups=FD,SOCKET,NAMED,CHILD,RETRY,UNIX
unix-sendto: groups=FD,SOCKET,NAMED,RETRY,UNIX
***@***.***_B1:/jffs/acme.sh#
acme.sh --issue ..... --debug 2
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#1266>, or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAKRrmwiDBDhbfhXo8lkf8Bqydl2rK15ks5tU81ugaJpZM4SGY1e>
.
|
Thanks; but I do not understand what this means ; And I do not understand where I can go from here
From: Fernando Miguel [mailto:notifications@github.com]
Sent: Wednesday, February 14, 2018 10:42 PM
To: Neilpang/acme.sh <acme.sh@noreply.github.com>
Cc: stevebovy <sg.bovy@ca.rr.com>; Author <author@noreply.github.com>
Subject: Re: [Neilpang/acme.sh] Issue with --tls --test on "asuswrt stock firmware" (#1266)
Tls-sni-01 has been disabled for new accounts
https://community.letsencrypt.org/t/2018-01-11-update-regarding-acme-tls-sni-and-shared-hosting-infrastructure/50188
--
Fernando Miguel
On 15 Feb 2018 06:23, "stevebovy" ***@***.***> wrote:
Steps to reproduce
./acme.sh --issue -d home.miscbitbag.org --test --tls --pre-hook "service
stop_webdav" --home /jffs/acme.sh --debug --log
--log
Debug log
***@***.***_B1:/jffs/acme.sh# ./acme.sh --issue -d
home.miscbitbag.org --test --tls --pre-hook "service stop_webdav" --home
/jffs/acme.sh --debug --log
[Wed Feb 14 22:18:07 PST 2018] Lets find script dir.
[Wed Feb 14 22:18:07 PST 2018] *SCRIPT*='./acme.sh'
[Wed Feb 14 22:18:07 PST 2018] _script='/jffs/acme.sh/acme.sh'
[Wed Feb 14 22:18:07 PST 2018] _script_home='/jffs/acme.sh'
[Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
https://github.com/Neilpang/acme.sh
v2.7.7
[Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
[Wed Feb 14 22:18:07 PST 2018] Using stage ACME_DIRECTORY:
https://acme-staging.api.letsencrypt.org/directory
[Wed Feb 14 22:18:07 PST 2018] DOMAIN_PATH='/jffs/acme.sh/
home.miscbitbag.org'
[Wed Feb 14 22:18:08 PST 2018] Using ACME_DIRECTORY:
https://acme-staging.api.letsencrypt.org/directory
[Wed Feb 14 22:18:08 PST 2018] _init api for server:
https://acme-staging.api.letsencrypt.org/directory
[Wed Feb 14 22:18:08 PST 2018] GET
[Wed Feb 14 22:18:08 PST 2018] url='https://acme-staging.api.
letsencrypt.org/directory'
[Wed Feb 14 22:18:08 PST 2018] timeout=
[Wed Feb 14 22:18:08 PST 2018] _CURL='curl -L --silent --dump-header /jffs/
acme.sh/http.header -g '
[Wed Feb 14 22:18:08 PST 2018] ret='0'
[Wed Feb 14 22:18:08 PST 2018] ACME_KEY_CHANGE='https://acme-
staging.api.letsencrypt.org/acme/key-change'
[Wed Feb 14 22:18:08 PST 2018] ACME_NEW_AUTHZ='https://acme-
staging.api.letsencrypt.org/acme/new-authz'
[Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ORDER='https://acme-
staging.api.letsencrypt.org/acme/new-cert'
[Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ACCOUNT='https://
acme-staging.api.letsencrypt.org/acme/new-reg'
[Wed Feb 14 22:18:08 PST 2018] ACME_REVOKE_CERT='https://
acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Wed Feb 14 22:18:08 PST 2018] ACME_AGREEMENT='https://
letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Wed Feb 14 22:18:08 PST 2018] ACME_NEW_NONCE
[Wed Feb 14 22:18:08 PST 2018] ACME_VERSION
[Wed Feb 14 22:18:08 PST 2018] Le_NextRenewTime
[Wed Feb 14 22:18:09 PST 2018] _on_before_issue
[Wed Feb 14 22:18:09 PST 2018] Run pre hook:'service stop_webdav'
Done.
[Wed Feb 14 22:18:09 PST 2018] Le_LocalAddress
[Wed Feb 14 22:18:09 PST 2018] Check for domain='home.miscbitbag.org'
[Wed Feb 14 22:18:09 PST 2018] _currentRoot='tls'
[Wed Feb 14 22:18:10 PST 2018] Standalone tls mode.
[Wed Feb 14 22:18:10 PST 2018] _checkport='443'
[Wed Feb 14 22:18:10 PST 2018] _checkaddr
[Wed Feb 14 22:18:10 PST 2018] Using: netstat
[Wed Feb 14 22:18:10 PST 2018] _saved_account_key_hash is not changed,
skip register account.
[Wed Feb 14 22:18:11 PST 2018] Read key length:
[Wed Feb 14 22:18:11 PST 2018] _createcsr
[Wed Feb 14 22:18:11 PST 2018] Single domain='home.miscbitbag.org'
[Wed Feb 14 22:18:11 PST 2018] Getting domain auth token for each domain
[Wed Feb 14 22:18:11 PST 2018] Getting webroot for domain='
home.miscbitbag.org'
[Wed Feb 14 22:18:11 PST 2018] _w='tls'
[Wed Feb 14 22:18:11 PST 2018] _currentRoot='tls'
[Wed Feb 14 22:18:11 PST 2018] Getting new-authz for domain='
home.miscbitbag.org'
[Wed Feb 14 22:18:11 PST 2018] _init api for server:
https://acme-staging.api.letsencrypt.org/directory
[Wed Feb 14 22:18:11 PST 2018] Try new-authz for the 0 time.
[Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
letsencrypt.org/acme/new-authz'
[Wed Feb 14 22:18:11 PST 2018] payload='{"resource": "new-authz",
"identifier": {"type": "dns", "value": "home.miscbitbag.org"}}'
[Wed Feb 14 22:18:11 PST 2018] RSA key
[Wed Feb 14 22:18:11 PST 2018] GET
[Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
letsencrypt.org/directory'
[Wed Feb 14 22:18:11 PST 2018] timeout=
[Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header /jffs/
acme.sh/http.header -g '
[Wed Feb 14 22:18:12 PST 2018] ret='0'
[Wed Feb 14 22:18:12 PST 2018] POST
[Wed Feb 14 22:18:12 PST 2018] _post_url='https://acme-
staging.api.letsencrypt.org/acme/new-authz'
[Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header /jffs/
acme.sh/http.header -g '
[Wed Feb 14 22:18:13 PST 2018] _ret='0'
[Wed Feb 14 22:18:13 PST 2018] code='201'
[Wed Feb 14 22:18:13 PST 2018] The new-authz request is ok.
[Wed Feb 14 22:18:13 PST 2018] entry
[Wed Feb 14 22:18:13 PST 2018] Error, can not get domain token entry
home.miscbitbag.org
[Wed Feb 14 22:18:13 PST 2018] pid
[Wed Feb 14 22:18:13 PST 2018] No need to restore nginx, skip.
[Wed Feb 14 22:18:13 PST 2018] _clearupdns
[Wed Feb 14 22:18:13 PST 2018] skip dns.
[Wed Feb 14 22:18:13 PST 2018] _on_issue_err
[Wed Feb 14 22:18:13 PST 2018] Please check log file for more details:
/jffs/acme.sh/acme.sh.log
[Wed Feb 14 22:18:14 PST 2018] Diagnosis versions:
openssl:openssl
OpenSSL 1.0.2j 26 Sep 2016
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
socat:
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
Usage:
socat [options]
options:
-V print version and feature information to stdout, and exit
-h|-? print a help text describing command line options and addresses
-hh like -h, plus a list of all common address option names
-hhh like -hh, plus a list of all available address option names
-d increase verbosity (use up to 4 times; 2 are recommended)
-D analyze file descriptors before loop
-ly[facility] log to syslog, using facility (default is daemon)
-lf log to file
-ls log to stderr (default if no other log)
-lm[facility] mixed log mode (stderr during initialization, then syslog)
-lp set the program name used for logging
-lu use microseconds for logging timestamps
-lh add hostname to log messages
-v verbose data traffic, text
-x verbose data traffic, hexadecimal
-b<size_t> set data buffer size (8192)
-s sloppy (continue on error)
-t wait seconds before closing second channel
-T total inactivity timeout in seconds
-u unidirectional mode (left to right)
-U unidirectional mode (right to left)
-g do not check option groups
-L try to obtain lock, or fail
-W try to obtain lock, or wait
-4 prefer IPv4 if version is not explicitly specified
-6 prefer IPv6 if version is not explicitly specified
bi-address:
pipe[,] groups=FD,FIFO
!!
single-address:
[,]
address-head:
abstract-client: groups=FD,SOCKET,RETRY,UNIX
abstract-connect: groups=FD,SOCKET,RETRY,UNIX
abstract-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,UNIX
abstract-recv: groups=FD,SOCKET,RETRY,UNIX
abstract-recvfrom: groups=FD,SOCKET,CHILD,RETRY,UNIX
abstract-sendto: groups=FD,SOCKET,RETRY,UNIX
create: groups=FD,REG,NAMED
exec: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
fd: groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
gopen: groups=FD,FIFO,CHR,BLK,REG,SOCKET,NAMED,OPEN,TERMIOS,UNIX
interface: groups=FD,SOCKET
ip-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6
ip-recv: groups=FD,SOCKET,RANGE,IP4,IP6
ip-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6
ip-sendto:: groups=FD,SOCKET,IP4,IP6
ip4-datagram:: groups=FD,SOCKET,RANGE,IP4
ip4-recv: groups=FD,SOCKET,RANGE,IP4
ip4-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4
ip4-sendto:: groups=FD,SOCKET,IP4
ip6-datagram:: groups=FD,SOCKET,RANGE,IP6
ip6-recv: groups=FD,SOCKET,RANGE,IP6
ip6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6
ip6-sendto:: groups=FD,SOCKET,IP6
open: groups=FD,FIFO,CHR,BLK,REG,NAMED,OPEN,TERMIOS
openssl:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,OPENSSL
openssl-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP,
OPENSSL
pipe: groups=FD,FIFO,NAMED,OPEN
proxy::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,HTTP
pty groups=FD,NAMED,TERMIOS,PTY
sctp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,SCTP
sctp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,SCTP
sctp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,SCTP
sctp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,SCTP
sctp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,SCTP
sctp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,SCTP
socket-connect::: groups=FD,SOCKET,CHILD,RETRY
socket-datagram:::: groups=FD,SOCKET,RANGE
socket-listen::: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE
socket-recv:::: groups=FD,SOCKET,RANGE
socket-recvfrom:::: groups=FD,SOCKET,CHILD,RANGE
socket-sendto:::: groups=FD,SOCKET
socks4::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
socks4a::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
stderr groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdin groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdio groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdout groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
system: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
tcp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP
tcp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP
tcp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,TCP
tcp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,TCP
tcp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,TCP
tcp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,TCP
tun[:/] groups=FD,CHR,NAMED,OPEN,INTERFACE
udp-connect:: groups=FD,SOCKET,IP4,IP6,UDP
udp-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
udp-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,IP6,UDP
udp-recv: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
udp-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6,UDP
udp-sendto:: groups=FD,SOCKET,IP4,IP6,UDP
udp4-connect:: groups=FD,SOCKET,IP4,UDP
udp4-datagram:: groups=FD,SOCKET,RANGE,IP4,UDP
udp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,UDP
udp4-recv: groups=FD,SOCKET,RANGE,IP4,UDP
udp4-recvfrom:: groups=FD,SOCKET,CHILD,RANGE,IP4,UDP
udp4-sendto:: groups=FD,SOCKET,IP4,UDP
udp6-connect:: groups=FD,SOCKET,IP6,UDP
udp6-datagram:: groups=FD,SOCKET,RANGE,IP6,UDP
udp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP6,UDP
udp6-recv: groups=FD,SOCKET,RANGE,IP6,UDP
udp6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6,UDP
udp6-sendto:: groups=FD,SOCKET,IP6,UDP
unix-client: groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-connect: groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-listen: groups=FD,SOCKET,NAMED,LISTEN,CHILD,RETRY,UNIX
unix-recv: groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-recvfrom: groups=FD,SOCKET,NAMED,CHILD,RETRY,UNIX
unix-sendto: groups=FD,SOCKET,NAMED,RETRY,UNIX
***@***.***_B1:/jffs/acme.sh#
acme.sh --issue ..... --debug 2
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#1266>, or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAKRrmwiDBDhbfhXo8lkf8Bqydl2rK15ks5tU81ugaJpZM4SGY1e>
.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub <#1266 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/ALUA-7zYtbQC88hd0Gc2SyJ_FHhrG7Azks5tU9HFgaJpZM4SGY1e> .
|
Don't use tls-sni-01 mode
Instead use regular port 80, webroot, or preferably dns01 mode
…--
Fernando Miguel
On 15 Feb 2018 06:51, "stevebovy" ***@***.***> wrote:
Thanks; but I do not understand what this means ; And I do not understand
where I can go from here
From: Fernando Miguel ***@***.***
Sent: Wednesday, February 14, 2018 10:42 PM
To: Neilpang/acme.sh ***@***.***>
Cc: stevebovy ***@***.***>; Author ***@***.***>
Subject: Re: [Neilpang/acme.sh] Issue with --tls --test on "asuswrt stock
firmware" (#1266)
Tls-sni-01 has been disabled for new accounts
https://community.letsencrypt.org/t/2018-01-11-update-
regarding-acme-tls-sni-and-shared-hosting-infrastructure/50188
--
Fernando Miguel
On 15 Feb 2018 06:23, "stevebovy" ***@***.***> wrote:
> Steps to reproduce
>
> ./acme.sh --issue -d home.miscbitbag.org --test --tls --pre-hook
"service
> stop_webdav" --home /jffs/acme.sh --debug --log
>
> --log
> Debug log
>
> ***@***.***_B1:/jffs/acme.sh# ./acme.sh --issue -d
> home.miscbitbag.org --test --tls --pre-hook "service stop_webdav" --home
> /jffs/acme.sh --debug --log
> [Wed Feb 14 22:18:07 PST 2018] Lets find script dir.
> [Wed Feb 14 22:18:07 PST 2018] *SCRIPT*='./acme.sh'
> [Wed Feb 14 22:18:07 PST 2018] _script='/jffs/acme.sh/acme.sh'
> [Wed Feb 14 22:18:07 PST 2018] _script_home='/jffs/acme.sh'
> [Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
> https://github.com/Neilpang/acme.sh
> v2.7.7
> [Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
> [Wed Feb 14 22:18:07 PST 2018] Using stage ACME_DIRECTORY:
> https://acme-staging.api.letsencrypt.org/directory
> [Wed Feb 14 22:18:07 PST 2018] DOMAIN_PATH='/jffs/acme.sh/
> home.miscbitbag.org'
> [Wed Feb 14 22:18:08 PST 2018] Using ACME_DIRECTORY:
> https://acme-staging.api.letsencrypt.org/directory
> [Wed Feb 14 22:18:08 PST 2018] _init api for server:
> https://acme-staging.api.letsencrypt.org/directory
> [Wed Feb 14 22:18:08 PST 2018] GET
> [Wed Feb 14 22:18:08 PST 2018] url='https://acme-staging.api.
> letsencrypt.org/directory'
> [Wed Feb 14 22:18:08 PST 2018] timeout=
> [Wed Feb 14 22:18:08 PST 2018] _CURL='curl -L --silent --dump-header
/jffs/
> acme.sh/http.header -g '
> [Wed Feb 14 22:18:08 PST 2018] ret='0'
> [Wed Feb 14 22:18:08 PST 2018] ACME_KEY_CHANGE='https://acme-
> staging.api.letsencrypt.org/acme/key-change'
> [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_AUTHZ='https://acme-
> staging.api.letsencrypt.org/acme/new-authz'
> [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ORDER='https://acme-
> staging.api.letsencrypt.org/acme/new-cert'
> [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ACCOUNT='https://
> acme-staging.api.letsencrypt.org/acme/new-reg'
> [Wed Feb 14 22:18:08 PST 2018] ACME_REVOKE_CERT='https://
> acme-staging.api.letsencrypt.org/acme/revoke-cert'
> [Wed Feb 14 22:18:08 PST 2018] ACME_AGREEMENT='https://
> letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
> [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_NONCE
> [Wed Feb 14 22:18:08 PST 2018] ACME_VERSION
> [Wed Feb 14 22:18:08 PST 2018] Le_NextRenewTime
> [Wed Feb 14 22:18:09 PST 2018] _on_before_issue
> [Wed Feb 14 22:18:09 PST 2018] Run pre hook:'service stop_webdav'
>
> Done.
> [Wed Feb 14 22:18:09 PST 2018] Le_LocalAddress
> [Wed Feb 14 22:18:09 PST 2018] Check for domain='home.miscbitbag.org'
> [Wed Feb 14 22:18:09 PST 2018] _currentRoot='tls'
> [Wed Feb 14 22:18:10 PST 2018] Standalone tls mode.
> [Wed Feb 14 22:18:10 PST 2018] _checkport='443'
> [Wed Feb 14 22:18:10 PST 2018] _checkaddr
> [Wed Feb 14 22:18:10 PST 2018] Using: netstat
> [Wed Feb 14 22:18:10 PST 2018] _saved_account_key_hash is not changed,
> skip register account.
> [Wed Feb 14 22:18:11 PST 2018] Read key length:
> [Wed Feb 14 22:18:11 PST 2018] _createcsr
> [Wed Feb 14 22:18:11 PST 2018] Single domain='home.miscbitbag.org'
> [Wed Feb 14 22:18:11 PST 2018] Getting domain auth token for each domain
> [Wed Feb 14 22:18:11 PST 2018] Getting webroot for domain='
> home.miscbitbag.org'
> [Wed Feb 14 22:18:11 PST 2018] _w='tls'
> [Wed Feb 14 22:18:11 PST 2018] _currentRoot='tls'
> [Wed Feb 14 22:18:11 PST 2018] Getting new-authz for domain='
> home.miscbitbag.org'
> [Wed Feb 14 22:18:11 PST 2018] _init api for server:
> https://acme-staging.api.letsencrypt.org/directory
> [Wed Feb 14 22:18:11 PST 2018] Try new-authz for the 0 time.
> [Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
> letsencrypt.org/acme/new-authz'
> [Wed Feb 14 22:18:11 PST 2018] payload='{"resource": "new-authz",
> "identifier": {"type": "dns", "value": "home.miscbitbag.org"}}'
> [Wed Feb 14 22:18:11 PST 2018] RSA key
> [Wed Feb 14 22:18:11 PST 2018] GET
> [Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
> letsencrypt.org/directory'
> [Wed Feb 14 22:18:11 PST 2018] timeout=
> [Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header
/jffs/
> acme.sh/http.header -g '
> [Wed Feb 14 22:18:12 PST 2018] ret='0'
> [Wed Feb 14 22:18:12 PST 2018] POST
> [Wed Feb 14 22:18:12 PST 2018] _post_url='https://acme-
> staging.api.letsencrypt.org/acme/new-authz'
> [Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header
/jffs/
> acme.sh/http.header -g '
> [Wed Feb 14 22:18:13 PST 2018] _ret='0'
> [Wed Feb 14 22:18:13 PST 2018] code='201'
> [Wed Feb 14 22:18:13 PST 2018] The new-authz request is ok.
> [Wed Feb 14 22:18:13 PST 2018] entry
> [Wed Feb 14 22:18:13 PST 2018] Error, can not get domain token entry
> home.miscbitbag.org
> [Wed Feb 14 22:18:13 PST 2018] pid
> [Wed Feb 14 22:18:13 PST 2018] No need to restore nginx, skip.
> [Wed Feb 14 22:18:13 PST 2018] _clearupdns
> [Wed Feb 14 22:18:13 PST 2018] skip dns.
> [Wed Feb 14 22:18:13 PST 2018] _on_issue_err
> [Wed Feb 14 22:18:13 PST 2018] Please check log file for more details:
> /jffs/acme.sh/acme.sh.log
> [Wed Feb 14 22:18:14 PST 2018] Diagnosis versions:
> openssl:openssl
> OpenSSL 1.0.2j 26 Sep 2016
> apache:
> apache doesn't exists.
> nginx:
> nginx doesn't exists.
> socat:
> socat by Gerhard Rieger and contributors - see www.dest-unreach.org
> Usage:
> socat [options]
> options:
> -V print version and feature information to stdout, and exit
> -h|-? print a help text describing command line options and addresses
> -hh like -h, plus a list of all common address option names
> -hhh like -hh, plus a list of all available address option names
> -d increase verbosity (use up to 4 times; 2 are recommended)
> -D analyze file descriptors before loop
> -ly[facility] log to syslog, using facility (default is daemon)
> -lf log to file
> -ls log to stderr (default if no other log)
> -lm[facility] mixed log mode (stderr during initialization, then syslog)
> -lp set the program name used for logging
> -lu use microseconds for logging timestamps
> -lh add hostname to log messages
> -v verbose data traffic, text
> -x verbose data traffic, hexadecimal
> -b<size_t> set data buffer size (8192)
> -s sloppy (continue on error)
> -t wait seconds before closing second channel
> -T total inactivity timeout in seconds
> -u unidirectional mode (left to right)
> -U unidirectional mode (right to left)
> -g do not check option groups
> -L try to obtain lock, or fail
> -W try to obtain lock, or wait
> -4 prefer IPv4 if version is not explicitly specified
> -6 prefer IPv6 if version is not explicitly specified
> bi-address:
> pipe[,] groups=FD,FIFO
> !!
>
> single-address:
> [,]
> address-head:
> abstract-client: groups=FD,SOCKET,RETRY,UNIX
> abstract-connect: groups=FD,SOCKET,RETRY,UNIX
> abstract-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,UNIX
> abstract-recv: groups=FD,SOCKET,RETRY,UNIX
> abstract-recvfrom: groups=FD,SOCKET,CHILD,RETRY,UNIX
> abstract-sendto: groups=FD,SOCKET,RETRY,UNIX
> create: groups=FD,REG,NAMED
> exec: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
> fd: groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
> gopen: groups=FD,FIFO,CHR,BLK,REG,SOCKET,NAMED,OPEN,TERMIOS,UNIX
> interface: groups=FD,SOCKET
> ip-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6
> ip-recv: groups=FD,SOCKET,RANGE,IP4,IP6
> ip-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6
> ip-sendto:: groups=FD,SOCKET,IP4,IP6
> ip4-datagram:: groups=FD,SOCKET,RANGE,IP4
> ip4-recv: groups=FD,SOCKET,RANGE,IP4
> ip4-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4
> ip4-sendto:: groups=FD,SOCKET,IP4
> ip6-datagram:: groups=FD,SOCKET,RANGE,IP6
> ip6-recv: groups=FD,SOCKET,RANGE,IP6
> ip6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6
> ip6-sendto:: groups=FD,SOCKET,IP6
> open: groups=FD,FIFO,CHR,BLK,REG,NAMED,OPEN,TERMIOS
> openssl:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,OPENSSL
> openssl-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP,
> OPENSSL
> pipe: groups=FD,FIFO,NAMED,OPEN
> proxy::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,HTTP
> pty groups=FD,NAMED,TERMIOS,PTY
> sctp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,SCTP
> sctp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,SCTP
> sctp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,SCTP
> sctp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,SCTP
> sctp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,SCTP
> sctp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,SCTP
> socket-connect::: groups=FD,SOCKET,CHILD,RETRY
> socket-datagram:::: groups=FD,SOCKET,RANGE
> socket-listen::: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE
> socket-recv:::: groups=FD,SOCKET,RANGE
> socket-recvfrom:::: groups=FD,SOCKET,CHILD,RANGE
> socket-sendto:::: groups=FD,SOCKET
> socks4::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
> socks4a::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
> stderr groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
UDP,TCP,SCTP
> stdin groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
UDP,TCP,SCTP
> stdio groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
UDP,TCP,SCTP
> stdout groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
UDP,TCP,SCTP
> system: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
> tcp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP
> tcp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP
> tcp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,TCP
> tcp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,TCP
> tcp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,TCP
> tcp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,TCP
> tun[:/] groups=FD,CHR,NAMED,OPEN,INTERFACE
> udp-connect:: groups=FD,SOCKET,IP4,IP6,UDP
> udp-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
> udp-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,IP6,UDP
> udp-recv: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
> udp-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6,UDP
> udp-sendto:: groups=FD,SOCKET,IP4,IP6,UDP
> udp4-connect:: groups=FD,SOCKET,IP4,UDP
> udp4-datagram:: groups=FD,SOCKET,RANGE,IP4,UDP
> udp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,UDP
> udp4-recv: groups=FD,SOCKET,RANGE,IP4,UDP
> udp4-recvfrom:: groups=FD,SOCKET,CHILD,RANGE,IP4,UDP
> udp4-sendto:: groups=FD,SOCKET,IP4,UDP
> udp6-connect:: groups=FD,SOCKET,IP6,UDP
> udp6-datagram:: groups=FD,SOCKET,RANGE,IP6,UDP
> udp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP6,UDP
> udp6-recv: groups=FD,SOCKET,RANGE,IP6,UDP
> udp6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6,UDP
> udp6-sendto:: groups=FD,SOCKET,IP6,UDP
> unix-client: groups=FD,SOCKET,NAMED,RETRY,UNIX
> unix-connect: groups=FD,SOCKET,NAMED,RETRY,UNIX
> unix-listen: groups=FD,SOCKET,NAMED,LISTEN,CHILD,RETRY,UNIX
> unix-recv: groups=FD,SOCKET,NAMED,RETRY,UNIX
> unix-recvfrom: groups=FD,SOCKET,NAMED,CHILD,RETRY,UNIX
> unix-sendto: groups=FD,SOCKET,NAMED,RETRY,UNIX
> ***@***.***_B1:/jffs/acme.sh#
>
> acme.sh --issue ..... --debug 2
>
> —
> You are receiving this because you are subscribed to this thread.
> Reply to this email directly, view it on GitHub
> <#1266>, or mute the thread
> <https://github.com/notifications/unsubscribe-auth/
AAKRrmwiDBDhbfhXo8lkf8Bqydl2rK15ks5tU81ugaJpZM4SGY1e>
> .
>
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub <
#1266 (comment)> ,
or mute the thread <https://github.com/notifications/unsubscribe-
auth/ALUA-7zYtbQC88hd0Gc2SyJ_FHhrG7Azks5tU9HFgaJpZM4SGY1e> .
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#1266 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAKRrrvbkZUSDHA-jEBpEI-WCwyMP-p3ks5tU9PugaJpZM4SGY1e>
.
|
Unfortunately my routers gui is on httpd:80 and I can not find a way to kill it in order to use stand-alone mode
I would preffer to use dns mode; but I have not found a google domain api for adding the txt
From: Fernando Miguel [mailto:notifications@github.com]
Sent: Wednesday, February 14, 2018 10:42 PM
To: Neilpang/acme.sh <acme.sh@noreply.github.com>
Cc: stevebovy <sg.bovy@ca.rr.com>; Author <author@noreply.github.com>
Subject: Re: [Neilpang/acme.sh] Issue with --tls --test on "asuswrt stock firmware" (#1266)
Tls-sni-01 has been disabled for new accounts
https://community.letsencrypt.org/t/2018-01-11-update-regarding-acme-tls-sni-and-shared-hosting-infrastructure/50188
--
Fernando Miguel
On 15 Feb 2018 06:23, "stevebovy" ***@***.***> wrote:
Steps to reproduce
./acme.sh --issue -d home.miscbitbag.org --test --tls --pre-hook "service
stop_webdav" --home /jffs/acme.sh --debug --log
--log
Debug log
***@***.***_B1:/jffs/acme.sh# ./acme.sh --issue -d
home.miscbitbag.org --test --tls --pre-hook "service stop_webdav" --home
/jffs/acme.sh --debug --log
[Wed Feb 14 22:18:07 PST 2018] Lets find script dir.
[Wed Feb 14 22:18:07 PST 2018] *SCRIPT*='./acme.sh'
[Wed Feb 14 22:18:07 PST 2018] _script='/jffs/acme.sh/acme.sh'
[Wed Feb 14 22:18:07 PST 2018] _script_home='/jffs/acme.sh'
[Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
https://github.com/Neilpang/acme.sh
v2.7.7
[Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
[Wed Feb 14 22:18:07 PST 2018] Using stage ACME_DIRECTORY:
https://acme-staging.api.letsencrypt.org/directory
[Wed Feb 14 22:18:07 PST 2018] DOMAIN_PATH='/jffs/acme.sh/
home.miscbitbag.org'
[Wed Feb 14 22:18:08 PST 2018] Using ACME_DIRECTORY:
https://acme-staging.api.letsencrypt.org/directory
[Wed Feb 14 22:18:08 PST 2018] _init api for server:
https://acme-staging.api.letsencrypt.org/directory
[Wed Feb 14 22:18:08 PST 2018] GET
[Wed Feb 14 22:18:08 PST 2018] url='https://acme-staging.api.
letsencrypt.org/directory'
[Wed Feb 14 22:18:08 PST 2018] timeout=
[Wed Feb 14 22:18:08 PST 2018] _CURL='curl -L --silent --dump-header /jffs/
acme.sh/http.header -g '
[Wed Feb 14 22:18:08 PST 2018] ret='0'
[Wed Feb 14 22:18:08 PST 2018] ACME_KEY_CHANGE='https://acme-
staging.api.letsencrypt.org/acme/key-change'
[Wed Feb 14 22:18:08 PST 2018] ACME_NEW_AUTHZ='https://acme-
staging.api.letsencrypt.org/acme/new-authz'
[Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ORDER='https://acme-
staging.api.letsencrypt.org/acme/new-cert'
[Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ACCOUNT='https://
acme-staging.api.letsencrypt.org/acme/new-reg'
[Wed Feb 14 22:18:08 PST 2018] ACME_REVOKE_CERT='https://
acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Wed Feb 14 22:18:08 PST 2018] ACME_AGREEMENT='https://
letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Wed Feb 14 22:18:08 PST 2018] ACME_NEW_NONCE
[Wed Feb 14 22:18:08 PST 2018] ACME_VERSION
[Wed Feb 14 22:18:08 PST 2018] Le_NextRenewTime
[Wed Feb 14 22:18:09 PST 2018] _on_before_issue
[Wed Feb 14 22:18:09 PST 2018] Run pre hook:'service stop_webdav'
Done.
[Wed Feb 14 22:18:09 PST 2018] Le_LocalAddress
[Wed Feb 14 22:18:09 PST 2018] Check for domain='home.miscbitbag.org'
[Wed Feb 14 22:18:09 PST 2018] _currentRoot='tls'
[Wed Feb 14 22:18:10 PST 2018] Standalone tls mode.
[Wed Feb 14 22:18:10 PST 2018] _checkport='443'
[Wed Feb 14 22:18:10 PST 2018] _checkaddr
[Wed Feb 14 22:18:10 PST 2018] Using: netstat
[Wed Feb 14 22:18:10 PST 2018] _saved_account_key_hash is not changed,
skip register account.
[Wed Feb 14 22:18:11 PST 2018] Read key length:
[Wed Feb 14 22:18:11 PST 2018] _createcsr
[Wed Feb 14 22:18:11 PST 2018] Single domain='home.miscbitbag.org'
[Wed Feb 14 22:18:11 PST 2018] Getting domain auth token for each domain
[Wed Feb 14 22:18:11 PST 2018] Getting webroot for domain='
home.miscbitbag.org'
[Wed Feb 14 22:18:11 PST 2018] _w='tls'
[Wed Feb 14 22:18:11 PST 2018] _currentRoot='tls'
[Wed Feb 14 22:18:11 PST 2018] Getting new-authz for domain='
home.miscbitbag.org'
[Wed Feb 14 22:18:11 PST 2018] _init api for server:
https://acme-staging.api.letsencrypt.org/directory
[Wed Feb 14 22:18:11 PST 2018] Try new-authz for the 0 time.
[Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
letsencrypt.org/acme/new-authz'
[Wed Feb 14 22:18:11 PST 2018] payload='{"resource": "new-authz",
"identifier": {"type": "dns", "value": "home.miscbitbag.org"}}'
[Wed Feb 14 22:18:11 PST 2018] RSA key
[Wed Feb 14 22:18:11 PST 2018] GET
[Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
letsencrypt.org/directory'
[Wed Feb 14 22:18:11 PST 2018] timeout=
[Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header /jffs/
acme.sh/http.header -g '
[Wed Feb 14 22:18:12 PST 2018] ret='0'
[Wed Feb 14 22:18:12 PST 2018] POST
[Wed Feb 14 22:18:12 PST 2018] _post_url='https://acme-
staging.api.letsencrypt.org/acme/new-authz'
[Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header /jffs/
acme.sh/http.header -g '
[Wed Feb 14 22:18:13 PST 2018] _ret='0'
[Wed Feb 14 22:18:13 PST 2018] code='201'
[Wed Feb 14 22:18:13 PST 2018] The new-authz request is ok.
[Wed Feb 14 22:18:13 PST 2018] entry
[Wed Feb 14 22:18:13 PST 2018] Error, can not get domain token entry
home.miscbitbag.org
[Wed Feb 14 22:18:13 PST 2018] pid
[Wed Feb 14 22:18:13 PST 2018] No need to restore nginx, skip.
[Wed Feb 14 22:18:13 PST 2018] _clearupdns
[Wed Feb 14 22:18:13 PST 2018] skip dns.
[Wed Feb 14 22:18:13 PST 2018] _on_issue_err
[Wed Feb 14 22:18:13 PST 2018] Please check log file for more details:
/jffs/acme.sh/acme.sh.log
[Wed Feb 14 22:18:14 PST 2018] Diagnosis versions:
openssl:openssl
OpenSSL 1.0.2j 26 Sep 2016
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
socat:
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
Usage:
socat [options]
options:
-V print version and feature information to stdout, and exit
-h|-? print a help text describing command line options and addresses
-hh like -h, plus a list of all common address option names
-hhh like -hh, plus a list of all available address option names
-d increase verbosity (use up to 4 times; 2 are recommended)
-D analyze file descriptors before loop
-ly[facility] log to syslog, using facility (default is daemon)
-lf log to file
-ls log to stderr (default if no other log)
-lm[facility] mixed log mode (stderr during initialization, then syslog)
-lp set the program name used for logging
-lu use microseconds for logging timestamps
-lh add hostname to log messages
-v verbose data traffic, text
-x verbose data traffic, hexadecimal
-b<size_t> set data buffer size (8192)
-s sloppy (continue on error)
-t wait seconds before closing second channel
-T total inactivity timeout in seconds
-u unidirectional mode (left to right)
-U unidirectional mode (right to left)
-g do not check option groups
-L try to obtain lock, or fail
-W try to obtain lock, or wait
-4 prefer IPv4 if version is not explicitly specified
-6 prefer IPv6 if version is not explicitly specified
bi-address:
pipe[,] groups=FD,FIFO
!!
single-address:
[,]
address-head:
abstract-client: groups=FD,SOCKET,RETRY,UNIX
abstract-connect: groups=FD,SOCKET,RETRY,UNIX
abstract-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,UNIX
abstract-recv: groups=FD,SOCKET,RETRY,UNIX
abstract-recvfrom: groups=FD,SOCKET,CHILD,RETRY,UNIX
abstract-sendto: groups=FD,SOCKET,RETRY,UNIX
create: groups=FD,REG,NAMED
exec: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
fd: groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
gopen: groups=FD,FIFO,CHR,BLK,REG,SOCKET,NAMED,OPEN,TERMIOS,UNIX
interface: groups=FD,SOCKET
ip-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6
ip-recv: groups=FD,SOCKET,RANGE,IP4,IP6
ip-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6
ip-sendto:: groups=FD,SOCKET,IP4,IP6
ip4-datagram:: groups=FD,SOCKET,RANGE,IP4
ip4-recv: groups=FD,SOCKET,RANGE,IP4
ip4-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4
ip4-sendto:: groups=FD,SOCKET,IP4
ip6-datagram:: groups=FD,SOCKET,RANGE,IP6
ip6-recv: groups=FD,SOCKET,RANGE,IP6
ip6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6
ip6-sendto:: groups=FD,SOCKET,IP6
open: groups=FD,FIFO,CHR,BLK,REG,NAMED,OPEN,TERMIOS
openssl:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,OPENSSL
openssl-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP,
OPENSSL
pipe: groups=FD,FIFO,NAMED,OPEN
proxy::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,HTTP
pty groups=FD,NAMED,TERMIOS,PTY
sctp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,SCTP
sctp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,SCTP
sctp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,SCTP
sctp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,SCTP
sctp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,SCTP
sctp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,SCTP
socket-connect::: groups=FD,SOCKET,CHILD,RETRY
socket-datagram:::: groups=FD,SOCKET,RANGE
socket-listen::: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE
socket-recv:::: groups=FD,SOCKET,RANGE
socket-recvfrom:::: groups=FD,SOCKET,CHILD,RANGE
socket-sendto:::: groups=FD,SOCKET
socks4::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
socks4a::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
stderr groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdin groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdio groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdout groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
system: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
tcp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP
tcp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP
tcp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,TCP
tcp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,TCP
tcp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,TCP
tcp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,TCP
tun[:/] groups=FD,CHR,NAMED,OPEN,INTERFACE
udp-connect:: groups=FD,SOCKET,IP4,IP6,UDP
udp-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
udp-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,IP6,UDP
udp-recv: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
udp-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6,UDP
udp-sendto:: groups=FD,SOCKET,IP4,IP6,UDP
udp4-connect:: groups=FD,SOCKET,IP4,UDP
udp4-datagram:: groups=FD,SOCKET,RANGE,IP4,UDP
udp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,UDP
udp4-recv: groups=FD,SOCKET,RANGE,IP4,UDP
udp4-recvfrom:: groups=FD,SOCKET,CHILD,RANGE,IP4,UDP
udp4-sendto:: groups=FD,SOCKET,IP4,UDP
udp6-connect:: groups=FD,SOCKET,IP6,UDP
udp6-datagram:: groups=FD,SOCKET,RANGE,IP6,UDP
udp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP6,UDP
udp6-recv: groups=FD,SOCKET,RANGE,IP6,UDP
udp6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6,UDP
udp6-sendto:: groups=FD,SOCKET,IP6,UDP
unix-client: groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-connect: groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-listen: groups=FD,SOCKET,NAMED,LISTEN,CHILD,RETRY,UNIX
unix-recv: groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-recvfrom: groups=FD,SOCKET,NAMED,CHILD,RETRY,UNIX
unix-sendto: groups=FD,SOCKET,NAMED,RETRY,UNIX
***@***.***_B1:/jffs/acme.sh#
acme.sh --issue ..... --debug 2
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#1266>, or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAKRrmwiDBDhbfhXo8lkf8Bqydl2rK15ks5tU81ugaJpZM4SGY1e>
.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub <#1266 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/ALUA-7zYtbQC88hd0Gc2SyJ_FHhrG7Azks5tU9HFgaJpZM4SGY1e> .
|
PR welcome for a google dns api :)
…--
Fernando Miguel
On 15 Feb 2018 07:01, "stevebovy" ***@***.***> wrote:
Unfortunately my routers gui is on httpd:80 and I can not find a way to
kill it in order to use stand-alone mode
I would preffer to use dns mode; but I have not found a google domain api
for adding the txt
From: Fernando Miguel ***@***.***
Sent: Wednesday, February 14, 2018 10:42 PM
To: Neilpang/acme.sh ***@***.***>
Cc: stevebovy ***@***.***>; Author ***@***.***>
Subject: Re: [Neilpang/acme.sh] Issue with --tls --test on "asuswrt stock
firmware" (#1266)
Tls-sni-01 has been disabled for new accounts
https://community.letsencrypt.org/t/2018-01-11-update-
regarding-acme-tls-sni-and-shared-hosting-infrastructure/50188
--
Fernando Miguel
On 15 Feb 2018 06:23, "stevebovy" ***@***.***> wrote:
> Steps to reproduce
>
> ./acme.sh --issue -d home.miscbitbag.org --test --tls --pre-hook
"service
> stop_webdav" --home /jffs/acme.sh --debug --log
>
> --log
> Debug log
>
> ***@***.***_B1:/jffs/acme.sh# ./acme.sh --issue -d
> home.miscbitbag.org --test --tls --pre-hook "service stop_webdav" --home
> /jffs/acme.sh --debug --log
> [Wed Feb 14 22:18:07 PST 2018] Lets find script dir.
> [Wed Feb 14 22:18:07 PST 2018] *SCRIPT*='./acme.sh'
> [Wed Feb 14 22:18:07 PST 2018] _script='/jffs/acme.sh/acme.sh'
> [Wed Feb 14 22:18:07 PST 2018] _script_home='/jffs/acme.sh'
> [Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
> https://github.com/Neilpang/acme.sh
> v2.7.7
> [Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
> [Wed Feb 14 22:18:07 PST 2018] Using stage ACME_DIRECTORY:
> https://acme-staging.api.letsencrypt.org/directory
> [Wed Feb 14 22:18:07 PST 2018] DOMAIN_PATH='/jffs/acme.sh/
> home.miscbitbag.org'
> [Wed Feb 14 22:18:08 PST 2018] Using ACME_DIRECTORY:
> https://acme-staging.api.letsencrypt.org/directory
> [Wed Feb 14 22:18:08 PST 2018] _init api for server:
> https://acme-staging.api.letsencrypt.org/directory
> [Wed Feb 14 22:18:08 PST 2018] GET
> [Wed Feb 14 22:18:08 PST 2018] url='https://acme-staging.api.
> letsencrypt.org/directory'
> [Wed Feb 14 22:18:08 PST 2018] timeout=
> [Wed Feb 14 22:18:08 PST 2018] _CURL='curl -L --silent --dump-header
/jffs/
> acme.sh/http.header -g '
> [Wed Feb 14 22:18:08 PST 2018] ret='0'
> [Wed Feb 14 22:18:08 PST 2018] ACME_KEY_CHANGE='https://acme-
> staging.api.letsencrypt.org/acme/key-change'
> [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_AUTHZ='https://acme-
> staging.api.letsencrypt.org/acme/new-authz'
> [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ORDER='https://acme-
> staging.api.letsencrypt.org/acme/new-cert'
> [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ACCOUNT='https://
> acme-staging.api.letsencrypt.org/acme/new-reg'
> [Wed Feb 14 22:18:08 PST 2018] ACME_REVOKE_CERT='https://
> acme-staging.api.letsencrypt.org/acme/revoke-cert'
> [Wed Feb 14 22:18:08 PST 2018] ACME_AGREEMENT='https://
> letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
> [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_NONCE
> [Wed Feb 14 22:18:08 PST 2018] ACME_VERSION
> [Wed Feb 14 22:18:08 PST 2018] Le_NextRenewTime
> [Wed Feb 14 22:18:09 PST 2018] _on_before_issue
> [Wed Feb 14 22:18:09 PST 2018] Run pre hook:'service stop_webdav'
>
> Done.
> [Wed Feb 14 22:18:09 PST 2018] Le_LocalAddress
> [Wed Feb 14 22:18:09 PST 2018] Check for domain='home.miscbitbag.org'
> [Wed Feb 14 22:18:09 PST 2018] _currentRoot='tls'
> [Wed Feb 14 22:18:10 PST 2018] Standalone tls mode.
> [Wed Feb 14 22:18:10 PST 2018] _checkport='443'
> [Wed Feb 14 22:18:10 PST 2018] _checkaddr
> [Wed Feb 14 22:18:10 PST 2018] Using: netstat
> [Wed Feb 14 22:18:10 PST 2018] _saved_account_key_hash is not changed,
> skip register account.
> [Wed Feb 14 22:18:11 PST 2018] Read key length:
> [Wed Feb 14 22:18:11 PST 2018] _createcsr
> [Wed Feb 14 22:18:11 PST 2018] Single domain='home.miscbitbag.org'
> [Wed Feb 14 22:18:11 PST 2018] Getting domain auth token for each domain
> [Wed Feb 14 22:18:11 PST 2018] Getting webroot for domain='
> home.miscbitbag.org'
> [Wed Feb 14 22:18:11 PST 2018] _w='tls'
> [Wed Feb 14 22:18:11 PST 2018] _currentRoot='tls'
> [Wed Feb 14 22:18:11 PST 2018] Getting new-authz for domain='
> home.miscbitbag.org'
> [Wed Feb 14 22:18:11 PST 2018] _init api for server:
> https://acme-staging.api.letsencrypt.org/directory
> [Wed Feb 14 22:18:11 PST 2018] Try new-authz for the 0 time.
> [Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
> letsencrypt.org/acme/new-authz'
> [Wed Feb 14 22:18:11 PST 2018] payload='{"resource": "new-authz",
> "identifier": {"type": "dns", "value": "home.miscbitbag.org"}}'
> [Wed Feb 14 22:18:11 PST 2018] RSA key
> [Wed Feb 14 22:18:11 PST 2018] GET
> [Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
> letsencrypt.org/directory'
> [Wed Feb 14 22:18:11 PST 2018] timeout=
> [Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header
/jffs/
> acme.sh/http.header -g '
> [Wed Feb 14 22:18:12 PST 2018] ret='0'
> [Wed Feb 14 22:18:12 PST 2018] POST
> [Wed Feb 14 22:18:12 PST 2018] _post_url='https://acme-
> staging.api.letsencrypt.org/acme/new-authz'
> [Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header
/jffs/
> acme.sh/http.header -g '
> [Wed Feb 14 22:18:13 PST 2018] _ret='0'
> [Wed Feb 14 22:18:13 PST 2018] code='201'
> [Wed Feb 14 22:18:13 PST 2018] The new-authz request is ok.
> [Wed Feb 14 22:18:13 PST 2018] entry
> [Wed Feb 14 22:18:13 PST 2018] Error, can not get domain token entry
> home.miscbitbag.org
> [Wed Feb 14 22:18:13 PST 2018] pid
> [Wed Feb 14 22:18:13 PST 2018] No need to restore nginx, skip.
> [Wed Feb 14 22:18:13 PST 2018] _clearupdns
> [Wed Feb 14 22:18:13 PST 2018] skip dns.
> [Wed Feb 14 22:18:13 PST 2018] _on_issue_err
> [Wed Feb 14 22:18:13 PST 2018] Please check log file for more details:
> /jffs/acme.sh/acme.sh.log
> [Wed Feb 14 22:18:14 PST 2018] Diagnosis versions:
> openssl:openssl
> OpenSSL 1.0.2j 26 Sep 2016
> apache:
> apache doesn't exists.
> nginx:
> nginx doesn't exists.
> socat:
> socat by Gerhard Rieger and contributors - see www.dest-unreach.org
> Usage:
> socat [options]
> options:
> -V print version and feature information to stdout, and exit
> -h|-? print a help text describing command line options and addresses
> -hh like -h, plus a list of all common address option names
> -hhh like -hh, plus a list of all available address option names
> -d increase verbosity (use up to 4 times; 2 are recommended)
> -D analyze file descriptors before loop
> -ly[facility] log to syslog, using facility (default is daemon)
> -lf log to file
> -ls log to stderr (default if no other log)
> -lm[facility] mixed log mode (stderr during initialization, then syslog)
> -lp set the program name used for logging
> -lu use microseconds for logging timestamps
> -lh add hostname to log messages
> -v verbose data traffic, text
> -x verbose data traffic, hexadecimal
> -b<size_t> set data buffer size (8192)
> -s sloppy (continue on error)
> -t wait seconds before closing second channel
> -T total inactivity timeout in seconds
> -u unidirectional mode (left to right)
> -U unidirectional mode (right to left)
> -g do not check option groups
> -L try to obtain lock, or fail
> -W try to obtain lock, or wait
> -4 prefer IPv4 if version is not explicitly specified
> -6 prefer IPv6 if version is not explicitly specified
> bi-address:
> pipe[,] groups=FD,FIFO
> !!
>
> single-address:
> [,]
> address-head:
> abstract-client: groups=FD,SOCKET,RETRY,UNIX
> abstract-connect: groups=FD,SOCKET,RETRY,UNIX
> abstract-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,UNIX
> abstract-recv: groups=FD,SOCKET,RETRY,UNIX
> abstract-recvfrom: groups=FD,SOCKET,CHILD,RETRY,UNIX
> abstract-sendto: groups=FD,SOCKET,RETRY,UNIX
> create: groups=FD,REG,NAMED
> exec: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
> fd: groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
> gopen: groups=FD,FIFO,CHR,BLK,REG,SOCKET,NAMED,OPEN,TERMIOS,UNIX
> interface: groups=FD,SOCKET
> ip-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6
> ip-recv: groups=FD,SOCKET,RANGE,IP4,IP6
> ip-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6
> ip-sendto:: groups=FD,SOCKET,IP4,IP6
> ip4-datagram:: groups=FD,SOCKET,RANGE,IP4
> ip4-recv: groups=FD,SOCKET,RANGE,IP4
> ip4-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4
> ip4-sendto:: groups=FD,SOCKET,IP4
> ip6-datagram:: groups=FD,SOCKET,RANGE,IP6
> ip6-recv: groups=FD,SOCKET,RANGE,IP6
> ip6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6
> ip6-sendto:: groups=FD,SOCKET,IP6
> open: groups=FD,FIFO,CHR,BLK,REG,NAMED,OPEN,TERMIOS
> openssl:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,OPENSSL
> openssl-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP,
> OPENSSL
> pipe: groups=FD,FIFO,NAMED,OPEN
> proxy::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,HTTP
> pty groups=FD,NAMED,TERMIOS,PTY
> sctp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,SCTP
> sctp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,SCTP
> sctp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,SCTP
> sctp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,SCTP
> sctp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,SCTP
> sctp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,SCTP
> socket-connect::: groups=FD,SOCKET,CHILD,RETRY
> socket-datagram:::: groups=FD,SOCKET,RANGE
> socket-listen::: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE
> socket-recv:::: groups=FD,SOCKET,RANGE
> socket-recvfrom:::: groups=FD,SOCKET,CHILD,RANGE
> socket-sendto:::: groups=FD,SOCKET
> socks4::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
> socks4a::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
> stderr groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
UDP,TCP,SCTP
> stdin groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
UDP,TCP,SCTP
> stdio groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
UDP,TCP,SCTP
> stdout groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
UDP,TCP,SCTP
> system: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
> tcp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP
> tcp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP
> tcp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,TCP
> tcp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,TCP
> tcp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,TCP
> tcp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,TCP
> tun[:/] groups=FD,CHR,NAMED,OPEN,INTERFACE
> udp-connect:: groups=FD,SOCKET,IP4,IP6,UDP
> udp-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
> udp-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,IP6,UDP
> udp-recv: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
> udp-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6,UDP
> udp-sendto:: groups=FD,SOCKET,IP4,IP6,UDP
> udp4-connect:: groups=FD,SOCKET,IP4,UDP
> udp4-datagram:: groups=FD,SOCKET,RANGE,IP4,UDP
> udp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,UDP
> udp4-recv: groups=FD,SOCKET,RANGE,IP4,UDP
> udp4-recvfrom:: groups=FD,SOCKET,CHILD,RANGE,IP4,UDP
> udp4-sendto:: groups=FD,SOCKET,IP4,UDP
> udp6-connect:: groups=FD,SOCKET,IP6,UDP
> udp6-datagram:: groups=FD,SOCKET,RANGE,IP6,UDP
> udp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP6,UDP
> udp6-recv: groups=FD,SOCKET,RANGE,IP6,UDP
> udp6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6,UDP
> udp6-sendto:: groups=FD,SOCKET,IP6,UDP
> unix-client: groups=FD,SOCKET,NAMED,RETRY,UNIX
> unix-connect: groups=FD,SOCKET,NAMED,RETRY,UNIX
> unix-listen: groups=FD,SOCKET,NAMED,LISTEN,CHILD,RETRY,UNIX
> unix-recv: groups=FD,SOCKET,NAMED,RETRY,UNIX
> unix-recvfrom: groups=FD,SOCKET,NAMED,CHILD,RETRY,UNIX
> unix-sendto: groups=FD,SOCKET,NAMED,RETRY,UNIX
> ***@***.***_B1:/jffs/acme.sh#
>
> acme.sh --issue ..... --debug 2
>
> —
> You are receiving this because you are subscribed to this thread.
> Reply to this email directly, view it on GitHub
> <#1266>, or mute the thread
> <https://github.com/notifications/unsubscribe-auth/
AAKRrmwiDBDhbfhXo8lkf8Bqydl2rK15ks5tU81ugaJpZM4SGY1e>
> .
>
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub <
#1266 (comment)> ,
or mute the thread <https://github.com/notifications/unsubscribe-
auth/ALUA-7zYtbQC88hd0Gc2SyJ_FHhrG7Azks5tU9HFgaJpZM4SGY1e> .
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#1266 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAKRrsjz_2JSYfxaeLk3B-zYgWTmumV3ks5tU9YzgaJpZM4SGY1e>
.
|
Yes lots of laughs >>>>>> there is an api for ddns but I have not found any other info
From: Fernando Miguel [mailto:notifications@github.com]
Sent: Wednesday, February 14, 2018 11:25 PM
To: Neilpang/acme.sh <acme.sh@noreply.github.com>
Cc: stevebovy <sg.bovy@ca.rr.com>; Author <author@noreply.github.com>
Subject: Re: [Neilpang/acme.sh] Issue with --tls --test on "asuswrt stock firmware" (#1266)
PR welcome for a google dns api :)
--
Fernando Miguel
On 15 Feb 2018 07:01, "stevebovy" ***@***.***> wrote:
Unfortunately my routers gui is on httpd:80 and I can not find a way to
kill it in order to use stand-alone mode
I would preffer to use dns mode; but I have not found a google domain api
for adding the txt
From: Fernando Miguel ***@***.***
Sent: Wednesday, February 14, 2018 10:42 PM
To: Neilpang/acme.sh ***@***.***>
Cc: stevebovy ***@***.***>; Author ***@***.***>
Subject: Re: [Neilpang/acme.sh] Issue with --tls --test on "asuswrt stock
firmware" (#1266)
Tls-sni-01 has been disabled for new accounts
https://community.letsencrypt.org/t/2018-01-11-update-
regarding-acme-tls-sni-and-shared-hosting-infrastructure/50188
--
Fernando Miguel
On 15 Feb 2018 06:23, "stevebovy" ***@***.***> wrote:
> Steps to reproduce
>
> ./acme.sh --issue -d home.miscbitbag.org --test --tls --pre-hook
"service
> stop_webdav" --home /jffs/acme.sh --debug --log
>
> --log
> Debug log
>
> ***@***.***_B1:/jffs/acme.sh# ./acme.sh --issue -d
> home.miscbitbag.org --test --tls --pre-hook "service stop_webdav" --home
> /jffs/acme.sh --debug --log
> [Wed Feb 14 22:18:07 PST 2018] Lets find script dir.
> [Wed Feb 14 22:18:07 PST 2018] *SCRIPT*='./acme.sh'
> [Wed Feb 14 22:18:07 PST 2018] _script='/jffs/acme.sh/acme.sh'
> [Wed Feb 14 22:18:07 PST 2018] _script_home='/jffs/acme.sh'
> [Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
> https://github.com/Neilpang/acme.sh
> v2.7.7
> [Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
> [Wed Feb 14 22:18:07 PST 2018] Using stage ACME_DIRECTORY:
> https://acme-staging.api.letsencrypt.org/directory
> [Wed Feb 14 22:18:07 PST 2018] DOMAIN_PATH='/jffs/acme.sh/
> home.miscbitbag.org'
> [Wed Feb 14 22:18:08 PST 2018] Using ACME_DIRECTORY:
> https://acme-staging.api.letsencrypt.org/directory
> [Wed Feb 14 22:18:08 PST 2018] _init api for server:
> https://acme-staging.api.letsencrypt.org/directory
> [Wed Feb 14 22:18:08 PST 2018] GET
> [Wed Feb 14 22:18:08 PST 2018] url='https://acme-staging.api.
> letsencrypt.org/directory'
> [Wed Feb 14 22:18:08 PST 2018] timeout=
> [Wed Feb 14 22:18:08 PST 2018] _CURL='curl -L --silent --dump-header
/jffs/
> acme.sh/http.header -g '
> [Wed Feb 14 22:18:08 PST 2018] ret='0'
> [Wed Feb 14 22:18:08 PST 2018] ACME_KEY_CHANGE='https://acme-
> staging.api.letsencrypt.org/acme/key-change'
> [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_AUTHZ='https://acme-
> staging.api.letsencrypt.org/acme/new-authz'
> [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ORDER='https://acme-
> staging.api.letsencrypt.org/acme/new-cert'
> [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ACCOUNT='https://
> acme-staging.api.letsencrypt.org/acme/new-reg'
> [Wed Feb 14 22:18:08 PST 2018] ACME_REVOKE_CERT='https://
> acme-staging.api.letsencrypt.org/acme/revoke-cert'
> [Wed Feb 14 22:18:08 PST 2018] ACME_AGREEMENT='https://
> letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
> [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_NONCE
> [Wed Feb 14 22:18:08 PST 2018] ACME_VERSION
> [Wed Feb 14 22:18:08 PST 2018] Le_NextRenewTime
> [Wed Feb 14 22:18:09 PST 2018] _on_before_issue
> [Wed Feb 14 22:18:09 PST 2018] Run pre hook:'service stop_webdav'
>
> Done.
> [Wed Feb 14 22:18:09 PST 2018] Le_LocalAddress
> [Wed Feb 14 22:18:09 PST 2018] Check for domain='home.miscbitbag.org'
> [Wed Feb 14 22:18:09 PST 2018] _currentRoot='tls'
> [Wed Feb 14 22:18:10 PST 2018] Standalone tls mode.
> [Wed Feb 14 22:18:10 PST 2018] _checkport='443'
> [Wed Feb 14 22:18:10 PST 2018] _checkaddr
> [Wed Feb 14 22:18:10 PST 2018] Using: netstat
> [Wed Feb 14 22:18:10 PST 2018] _saved_account_key_hash is not changed,
> skip register account.
> [Wed Feb 14 22:18:11 PST 2018] Read key length:
> [Wed Feb 14 22:18:11 PST 2018] _createcsr
> [Wed Feb 14 22:18:11 PST 2018] Single domain='home.miscbitbag.org'
> [Wed Feb 14 22:18:11 PST 2018] Getting domain auth token for each domain
> [Wed Feb 14 22:18:11 PST 2018] Getting webroot for domain='
> home.miscbitbag.org'
> [Wed Feb 14 22:18:11 PST 2018] _w='tls'
> [Wed Feb 14 22:18:11 PST 2018] _currentRoot='tls'
> [Wed Feb 14 22:18:11 PST 2018] Getting new-authz for domain='
> home.miscbitbag.org'
> [Wed Feb 14 22:18:11 PST 2018] _init api for server:
> https://acme-staging.api.letsencrypt.org/directory
> [Wed Feb 14 22:18:11 PST 2018] Try new-authz for the 0 time.
> [Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
> letsencrypt.org/acme/new-authz'
> [Wed Feb 14 22:18:11 PST 2018] payload='{"resource": "new-authz",
> "identifier": {"type": "dns", "value": "home.miscbitbag.org"}}'
> [Wed Feb 14 22:18:11 PST 2018] RSA key
> [Wed Feb 14 22:18:11 PST 2018] GET
> [Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
> letsencrypt.org/directory'
> [Wed Feb 14 22:18:11 PST 2018] timeout=
> [Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header
/jffs/
> acme.sh/http.header -g '
> [Wed Feb 14 22:18:12 PST 2018] ret='0'
> [Wed Feb 14 22:18:12 PST 2018] POST
> [Wed Feb 14 22:18:12 PST 2018] _post_url='https://acme-
> staging.api.letsencrypt.org/acme/new-authz'
> [Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header
/jffs/
> acme.sh/http.header -g '
> [Wed Feb 14 22:18:13 PST 2018] _ret='0'
> [Wed Feb 14 22:18:13 PST 2018] code='201'
> [Wed Feb 14 22:18:13 PST 2018] The new-authz request is ok.
> [Wed Feb 14 22:18:13 PST 2018] entry
> [Wed Feb 14 22:18:13 PST 2018] Error, can not get domain token entry
> home.miscbitbag.org
> [Wed Feb 14 22:18:13 PST 2018] pid
> [Wed Feb 14 22:18:13 PST 2018] No need to restore nginx, skip.
> [Wed Feb 14 22:18:13 PST 2018] _clearupdns
> [Wed Feb 14 22:18:13 PST 2018] skip dns.
> [Wed Feb 14 22:18:13 PST 2018] _on_issue_err
> [Wed Feb 14 22:18:13 PST 2018] Please check log file for more details:
> /jffs/acme.sh/acme.sh.log
> [Wed Feb 14 22:18:14 PST 2018] Diagnosis versions:
> openssl:openssl
> OpenSSL 1.0.2j 26 Sep 2016
> apache:
> apache doesn't exists.
> nginx:
> nginx doesn't exists.
> socat:
> socat by Gerhard Rieger and contributors - see www.dest-unreach.org
> Usage:
> socat [options]
> options:
> -V print version and feature information to stdout, and exit
> -h|-? print a help text describing command line options and addresses
> -hh like -h, plus a list of all common address option names
> -hhh like -hh, plus a list of all available address option names
> -d increase verbosity (use up to 4 times; 2 are recommended)
> -D analyze file descriptors before loop
> -ly[facility] log to syslog, using facility (default is daemon)
> -lf log to file
> -ls log to stderr (default if no other log)
> -lm[facility] mixed log mode (stderr during initialization, then syslog)
> -lp set the program name used for logging
> -lu use microseconds for logging timestamps
> -lh add hostname to log messages
> -v verbose data traffic, text
> -x verbose data traffic, hexadecimal
> -b<size_t> set data buffer size (8192)
> -s sloppy (continue on error)
> -t wait seconds before closing second channel
> -T total inactivity timeout in seconds
> -u unidirectional mode (left to right)
> -U unidirectional mode (right to left)
> -g do not check option groups
> -L try to obtain lock, or fail
> -W try to obtain lock, or wait
> -4 prefer IPv4 if version is not explicitly specified
> -6 prefer IPv6 if version is not explicitly specified
> bi-address:
> pipe[,] groups=FD,FIFO
> !!
>
> single-address:
> [,]
> address-head:
> abstract-client: groups=FD,SOCKET,RETRY,UNIX
> abstract-connect: groups=FD,SOCKET,RETRY,UNIX
> abstract-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,UNIX
> abstract-recv: groups=FD,SOCKET,RETRY,UNIX
> abstract-recvfrom: groups=FD,SOCKET,CHILD,RETRY,UNIX
> abstract-sendto: groups=FD,SOCKET,RETRY,UNIX
> create: groups=FD,REG,NAMED
> exec: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
> fd: groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
> gopen: groups=FD,FIFO,CHR,BLK,REG,SOCKET,NAMED,OPEN,TERMIOS,UNIX
> interface: groups=FD,SOCKET
> ip-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6
> ip-recv: groups=FD,SOCKET,RANGE,IP4,IP6
> ip-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6
> ip-sendto:: groups=FD,SOCKET,IP4,IP6
> ip4-datagram:: groups=FD,SOCKET,RANGE,IP4
> ip4-recv: groups=FD,SOCKET,RANGE,IP4
> ip4-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4
> ip4-sendto:: groups=FD,SOCKET,IP4
> ip6-datagram:: groups=FD,SOCKET,RANGE,IP6
> ip6-recv: groups=FD,SOCKET,RANGE,IP6
> ip6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6
> ip6-sendto:: groups=FD,SOCKET,IP6
> open: groups=FD,FIFO,CHR,BLK,REG,NAMED,OPEN,TERMIOS
> openssl:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,OPENSSL
> openssl-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP,
> OPENSSL
> pipe: groups=FD,FIFO,NAMED,OPEN
> proxy::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,HTTP
> pty groups=FD,NAMED,TERMIOS,PTY
> sctp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,SCTP
> sctp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,SCTP
> sctp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,SCTP
> sctp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,SCTP
> sctp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,SCTP
> sctp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,SCTP
> socket-connect::: groups=FD,SOCKET,CHILD,RETRY
> socket-datagram:::: groups=FD,SOCKET,RANGE
> socket-listen::: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE
> socket-recv:::: groups=FD,SOCKET,RANGE
> socket-recvfrom:::: groups=FD,SOCKET,CHILD,RANGE
> socket-sendto:::: groups=FD,SOCKET
> socks4::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
> socks4a::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
> stderr groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
UDP,TCP,SCTP
> stdin groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
UDP,TCP,SCTP
> stdio groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
UDP,TCP,SCTP
> stdout groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
UDP,TCP,SCTP
> system: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
> tcp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP
> tcp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP
> tcp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,TCP
> tcp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,TCP
> tcp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,TCP
> tcp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,TCP
> tun[:/] groups=FD,CHR,NAMED,OPEN,INTERFACE
> udp-connect:: groups=FD,SOCKET,IP4,IP6,UDP
> udp-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
> udp-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,IP6,UDP
> udp-recv: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
> udp-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6,UDP
> udp-sendto:: groups=FD,SOCKET,IP4,IP6,UDP
> udp4-connect:: groups=FD,SOCKET,IP4,UDP
> udp4-datagram:: groups=FD,SOCKET,RANGE,IP4,UDP
> udp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,UDP
> udp4-recv: groups=FD,SOCKET,RANGE,IP4,UDP
> udp4-recvfrom:: groups=FD,SOCKET,CHILD,RANGE,IP4,UDP
> udp4-sendto:: groups=FD,SOCKET,IP4,UDP
> udp6-connect:: groups=FD,SOCKET,IP6,UDP
> udp6-datagram:: groups=FD,SOCKET,RANGE,IP6,UDP
> udp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP6,UDP
> udp6-recv: groups=FD,SOCKET,RANGE,IP6,UDP
> udp6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6,UDP
> udp6-sendto:: groups=FD,SOCKET,IP6,UDP
> unix-client: groups=FD,SOCKET,NAMED,RETRY,UNIX
> unix-connect: groups=FD,SOCKET,NAMED,RETRY,UNIX
> unix-listen: groups=FD,SOCKET,NAMED,LISTEN,CHILD,RETRY,UNIX
> unix-recv: groups=FD,SOCKET,NAMED,RETRY,UNIX
> unix-recvfrom: groups=FD,SOCKET,NAMED,CHILD,RETRY,UNIX
> unix-sendto: groups=FD,SOCKET,NAMED,RETRY,UNIX
> ***@***.***_B1:/jffs/acme.sh#
>
> acme.sh --issue ..... --debug 2
>
> —
> You are receiving this because you are subscribed to this thread.
> Reply to this email directly, view it on GitHub
> <#1266>, or mute the thread
> <https://github.com/notifications/unsubscribe-auth/
AAKRrmwiDBDhbfhXo8lkf8Bqydl2rK15ks5tU81ugaJpZM4SGY1e>
> .
>
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub <
#1266 (comment)> ,
or mute the thread <https://github.com/notifications/unsubscribe-
auth/ALUA-7zYtbQC88hd0Gc2SyJ_FHhrG7Azks5tU9HFgaJpZM4SGY1e> .
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#1266 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAKRrsjz_2JSYfxaeLk3B-zYgWTmumV3ks5tU9YzgaJpZM4SGY1e>
.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub <#1266 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/ALUA-9mkWwPBCGRrBOw3kD9vEZK2jgdiks5tU9u1gaJpZM4SGY1e> .
|
You could always point the domain of your router to another provider that
has a supported api
Or you could use the new alias method
…--
Fernando Miguel
On 15 Feb 2018 07:49, "stevebovy" ***@***.***> wrote:
Yes lots of laughs >>>>>> there is an api for ddns but I have not found
any other info
From: Fernando Miguel ***@***.***
Sent: Wednesday, February 14, 2018 11:25 PM
To: Neilpang/acme.sh ***@***.***>
Cc: stevebovy ***@***.***>; Author ***@***.***>
Subject: Re: [Neilpang/acme.sh] Issue with --tls --test on "asuswrt stock
firmware" (#1266)
PR welcome for a google dns api :)
--
Fernando Miguel
On 15 Feb 2018 07:01, "stevebovy" ***@***.***> wrote:
> Unfortunately my routers gui is on httpd:80 and I can not find a way to
> kill it in order to use stand-alone mode
>
>
>
> I would preffer to use dns mode; but I have not found a google domain api
> for adding the txt
>
>
>
> From: Fernando Miguel ***@***.***
> Sent: Wednesday, February 14, 2018 10:42 PM
> To: Neilpang/acme.sh ***@***.***>
> Cc: stevebovy ***@***.***>; Author ***@***.***>
> Subject: Re: [Neilpang/acme.sh] Issue with --tls --test on "asuswrt stock
> firmware" (#1266)
>
>
>
> Tls-sni-01 has been disabled for new accounts
>
>
> https://community.letsencrypt.org/t/2018-01-11-update-
> regarding-acme-tls-sni-and-shared-hosting-infrastructure/50188
>
> --
> Fernando Miguel
>
> On 15 Feb 2018 06:23, "stevebovy" ***@***.***> wrote:
>
> > Steps to reproduce
> >
> > ./acme.sh --issue -d home.miscbitbag.org --test --tls --pre-hook
> "service
> > stop_webdav" --home /jffs/acme.sh --debug --log
> >
> > --log
> > Debug log
> >
> > ***@***.***_B1:/jffs/acme.sh# ./acme.sh --issue -d
> > home.miscbitbag.org --test --tls --pre-hook "service stop_webdav"
--home
> > /jffs/acme.sh --debug --log
> > [Wed Feb 14 22:18:07 PST 2018] Lets find script dir.
> > [Wed Feb 14 22:18:07 PST 2018] *SCRIPT*='./acme.sh'
> > [Wed Feb 14 22:18:07 PST 2018] _script='/jffs/acme.sh/acme.sh'
> > [Wed Feb 14 22:18:07 PST 2018] _script_home='/jffs/acme.sh'
> > [Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
> > https://github.com/Neilpang/acme.sh
> > v2.7.7
> > [Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
> > [Wed Feb 14 22:18:07 PST 2018] Using stage ACME_DIRECTORY:
> > https://acme-staging.api.letsencrypt.org/directory
> > [Wed Feb 14 22:18:07 PST 2018] DOMAIN_PATH='/jffs/acme.sh/
> > home.miscbitbag.org'
> > [Wed Feb 14 22:18:08 PST 2018] Using ACME_DIRECTORY:
> > https://acme-staging.api.letsencrypt.org/directory
> > [Wed Feb 14 22:18:08 PST 2018] _init api for server:
> > https://acme-staging.api.letsencrypt.org/directory
> > [Wed Feb 14 22:18:08 PST 2018] GET
> > [Wed Feb 14 22:18:08 PST 2018] url='https://acme-staging.api.
> > letsencrypt.org/directory'
> > [Wed Feb 14 22:18:08 PST 2018] timeout=
> > [Wed Feb 14 22:18:08 PST 2018] _CURL='curl -L --silent --dump-header
> /jffs/
> > acme.sh/http.header -g '
> > [Wed Feb 14 22:18:08 PST 2018] ret='0'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_KEY_CHANGE='https://acme-
> > staging.api.letsencrypt.org/acme/key-change'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_AUTHZ='https://acme-
> > staging.api.letsencrypt.org/acme/new-authz'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ORDER='https://acme-
> > staging.api.letsencrypt.org/acme/new-cert'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ACCOUNT='https://
> > acme-staging.api.letsencrypt.org/acme/new-reg'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_REVOKE_CERT='https://
> > acme-staging.api.letsencrypt.org/acme/revoke-cert'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_AGREEMENT='https://
> > letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_NONCE
> > [Wed Feb 14 22:18:08 PST 2018] ACME_VERSION
> > [Wed Feb 14 22:18:08 PST 2018] Le_NextRenewTime
> > [Wed Feb 14 22:18:09 PST 2018] _on_before_issue
> > [Wed Feb 14 22:18:09 PST 2018] Run pre hook:'service stop_webdav'
> >
> > Done.
> > [Wed Feb 14 22:18:09 PST 2018] Le_LocalAddress
> > [Wed Feb 14 22:18:09 PST 2018] Check for domain='home.miscbitbag.org'
> > [Wed Feb 14 22:18:09 PST 2018] _currentRoot='tls'
> > [Wed Feb 14 22:18:10 PST 2018] Standalone tls mode.
> > [Wed Feb 14 22:18:10 PST 2018] _checkport='443'
> > [Wed Feb 14 22:18:10 PST 2018] _checkaddr
> > [Wed Feb 14 22:18:10 PST 2018] Using: netstat
> > [Wed Feb 14 22:18:10 PST 2018] _saved_account_key_hash is not changed,
> > skip register account.
> > [Wed Feb 14 22:18:11 PST 2018] Read key length:
> > [Wed Feb 14 22:18:11 PST 2018] _createcsr
> > [Wed Feb 14 22:18:11 PST 2018] Single domain='home.miscbitbag.org'
> > [Wed Feb 14 22:18:11 PST 2018] Getting domain auth token for each
domain
> > [Wed Feb 14 22:18:11 PST 2018] Getting webroot for domain='
> > home.miscbitbag.org'
> > [Wed Feb 14 22:18:11 PST 2018] _w='tls'
> > [Wed Feb 14 22:18:11 PST 2018] _currentRoot='tls'
> > [Wed Feb 14 22:18:11 PST 2018] Getting new-authz for domain='
> > home.miscbitbag.org'
> > [Wed Feb 14 22:18:11 PST 2018] _init api for server:
> > https://acme-staging.api.letsencrypt.org/directory
> > [Wed Feb 14 22:18:11 PST 2018] Try new-authz for the 0 time.
> > [Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
> > letsencrypt.org/acme/new-authz'
> > [Wed Feb 14 22:18:11 PST 2018] payload='{"resource": "new-authz",
> > "identifier": {"type": "dns", "value": "home.miscbitbag.org"}}'
> > [Wed Feb 14 22:18:11 PST 2018] RSA key
> > [Wed Feb 14 22:18:11 PST 2018] GET
> > [Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
> > letsencrypt.org/directory'
> > [Wed Feb 14 22:18:11 PST 2018] timeout=
> > [Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header
> /jffs/
> > acme.sh/http.header -g '
> > [Wed Feb 14 22:18:12 PST 2018] ret='0'
> > [Wed Feb 14 22:18:12 PST 2018] POST
> > [Wed Feb 14 22:18:12 PST 2018] _post_url='https://acme-
> > staging.api.letsencrypt.org/acme/new-authz'
> > [Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header
> /jffs/
> > acme.sh/http.header -g '
> > [Wed Feb 14 22:18:13 PST 2018] _ret='0'
> > [Wed Feb 14 22:18:13 PST 2018] code='201'
> > [Wed Feb 14 22:18:13 PST 2018] The new-authz request is ok.
> > [Wed Feb 14 22:18:13 PST 2018] entry
> > [Wed Feb 14 22:18:13 PST 2018] Error, can not get domain token entry
> > home.miscbitbag.org
> > [Wed Feb 14 22:18:13 PST 2018] pid
> > [Wed Feb 14 22:18:13 PST 2018] No need to restore nginx, skip.
> > [Wed Feb 14 22:18:13 PST 2018] _clearupdns
> > [Wed Feb 14 22:18:13 PST 2018] skip dns.
> > [Wed Feb 14 22:18:13 PST 2018] _on_issue_err
> > [Wed Feb 14 22:18:13 PST 2018] Please check log file for more details:
> > /jffs/acme.sh/acme.sh.log
> > [Wed Feb 14 22:18:14 PST 2018] Diagnosis versions:
> > openssl:openssl
> > OpenSSL 1.0.2j 26 Sep 2016
> > apache:
> > apache doesn't exists.
> > nginx:
> > nginx doesn't exists.
> > socat:
> > socat by Gerhard Rieger and contributors - see www.dest-unreach.org
> > Usage:
> > socat [options]
> > options:
> > -V print version and feature information to stdout, and exit
> > -h|-? print a help text describing command line options and addresses
> > -hh like -h, plus a list of all common address option names
> > -hhh like -hh, plus a list of all available address option names
> > -d increase verbosity (use up to 4 times; 2 are recommended)
> > -D analyze file descriptors before loop
> > -ly[facility] log to syslog, using facility (default is daemon)
> > -lf log to file
> > -ls log to stderr (default if no other log)
> > -lm[facility] mixed log mode (stderr during initialization, then
syslog)
> > -lp set the program name used for logging
> > -lu use microseconds for logging timestamps
> > -lh add hostname to log messages
> > -v verbose data traffic, text
> > -x verbose data traffic, hexadecimal
> > -b<size_t> set data buffer size (8192)
> > -s sloppy (continue on error)
> > -t wait seconds before closing second channel
> > -T total inactivity timeout in seconds
> > -u unidirectional mode (left to right)
> > -U unidirectional mode (right to left)
> > -g do not check option groups
> > -L try to obtain lock, or fail
> > -W try to obtain lock, or wait
> > -4 prefer IPv4 if version is not explicitly specified
> > -6 prefer IPv6 if version is not explicitly specified
> > bi-address:
> > pipe[,] groups=FD,FIFO
> > !!
> >
> > single-address:
> > [,]
> > address-head:
> > abstract-client: groups=FD,SOCKET,RETRY,UNIX
> > abstract-connect: groups=FD,SOCKET,RETRY,UNIX
> > abstract-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,UNIX
> > abstract-recv: groups=FD,SOCKET,RETRY,UNIX
> > abstract-recvfrom: groups=FD,SOCKET,CHILD,RETRY,UNIX
> > abstract-sendto: groups=FD,SOCKET,RETRY,UNIX
> > create: groups=FD,REG,NAMED
> > exec: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
> > fd: groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
UDP,TCP,SCTP
> > gopen: groups=FD,FIFO,CHR,BLK,REG,SOCKET,NAMED,OPEN,TERMIOS,UNIX
> > interface: groups=FD,SOCKET
> > ip-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6
> > ip-recv: groups=FD,SOCKET,RANGE,IP4,IP6
> > ip-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6
> > ip-sendto:: groups=FD,SOCKET,IP4,IP6
> > ip4-datagram:: groups=FD,SOCKET,RANGE,IP4
> > ip4-recv: groups=FD,SOCKET,RANGE,IP4
> > ip4-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4
> > ip4-sendto:: groups=FD,SOCKET,IP4
> > ip6-datagram:: groups=FD,SOCKET,RANGE,IP6
> > ip6-recv: groups=FD,SOCKET,RANGE,IP6
> > ip6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6
> > ip6-sendto:: groups=FD,SOCKET,IP6
> > open: groups=FD,FIFO,CHR,BLK,REG,NAMED,OPEN,TERMIOS
> > openssl:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,OPENSSL
> > openssl-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP,
> > OPENSSL
> > pipe: groups=FD,FIFO,NAMED,OPEN
> > proxy::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,HTTP
> > pty groups=FD,NAMED,TERMIOS,PTY
> > sctp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,SCTP
> > sctp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,SCTP
> > sctp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,SCTP
> > sctp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,SCTP
> > sctp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,SCTP
> > sctp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,SCTP
> > socket-connect::: groups=FD,SOCKET,CHILD,RETRY
> > socket-datagram:::: groups=FD,SOCKET,RANGE
> > socket-listen::: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE
> > socket-recv:::: groups=FD,SOCKET,RANGE
> > socket-recvfrom:::: groups=FD,SOCKET,CHILD,RANGE
> > socket-sendto:::: groups=FD,SOCKET
> > socks4::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
> > socks4a::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
> > stderr groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
> UDP,TCP,SCTP
> > stdin groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
> UDP,TCP,SCTP
> > stdio groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
> UDP,TCP,SCTP
> > stdout groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
> UDP,TCP,SCTP
> > system: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
> > tcp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP
> > tcp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP
> > tcp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,TCP
> > tcp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,TCP
> > tcp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,TCP
> > tcp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,TCP
> > tun[:/] groups=FD,CHR,NAMED,OPEN,INTERFACE
> > udp-connect:: groups=FD,SOCKET,IP4,IP6,UDP
> > udp-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
> > udp-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,IP6,UDP
> > udp-recv: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
> > udp-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6,UDP
> > udp-sendto:: groups=FD,SOCKET,IP4,IP6,UDP
> > udp4-connect:: groups=FD,SOCKET,IP4,UDP
> > udp4-datagram:: groups=FD,SOCKET,RANGE,IP4,UDP
> > udp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,UDP
> > udp4-recv: groups=FD,SOCKET,RANGE,IP4,UDP
> > udp4-recvfrom:: groups=FD,SOCKET,CHILD,RANGE,IP4,UDP
> > udp4-sendto:: groups=FD,SOCKET,IP4,UDP
> > udp6-connect:: groups=FD,SOCKET,IP6,UDP
> > udp6-datagram:: groups=FD,SOCKET,RANGE,IP6,UDP
> > udp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP6,UDP
> > udp6-recv: groups=FD,SOCKET,RANGE,IP6,UDP
> > udp6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6,UDP
> > udp6-sendto:: groups=FD,SOCKET,IP6,UDP
> > unix-client: groups=FD,SOCKET,NAMED,RETRY,UNIX
> > unix-connect: groups=FD,SOCKET,NAMED,RETRY,UNIX
> > unix-listen: groups=FD,SOCKET,NAMED,LISTEN,CHILD,RETRY,UNIX
> > unix-recv: groups=FD,SOCKET,NAMED,RETRY,UNIX
> > unix-recvfrom: groups=FD,SOCKET,NAMED,CHILD,RETRY,UNIX
> > unix-sendto: groups=FD,SOCKET,NAMED,RETRY,UNIX
> > ***@***.***_B1:/jffs/acme.sh#
> >
> > acme.sh --issue ..... --debug 2
> >
> > —
> > You are receiving this because you are subscribed to this thread.
> > Reply to this email directly, view it on GitHub
> > <#1266>, or mute the thread
> > <https://github.com/notifications/unsubscribe-auth/
> AAKRrmwiDBDhbfhXo8lkf8Bqydl2rK15ks5tU81ugaJpZM4SGY1e>
> > .
> >
>
>
>
> —
> You are receiving this because you authored the thread.
> Reply to this email directly, view it on GitHub <
> #1266 (comment)>
,
> or mute the thread <https://github.com/notifications/unsubscribe-
> auth/ALUA-7zYtbQC88hd0Gc2SyJ_FHhrG7Azks5tU9HFgaJpZM4SGY1e> .
>
> —
> You are receiving this because you commented.
> Reply to this email directly, view it on GitHub
> <#1266 (comment)
>,
> or mute the thread
> <https://github.com/notifications/unsubscribe-
auth/AAKRrsjz_2JSYfxaeLk3B-zYgWTmumV3ks5tU9YzgaJpZM4SGY1e>
> .
>
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub <
#1266 (comment)> ,
or mute the thread <https://github.com/notifications/unsubscribe-
auth/ALUA-9mkWwPBCGRrBOw3kD9vEZK2jgdiks5tU9u1gaJpZM4SGY1e> .
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#1266 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAKRroi8MEF79sBYfHPvtP99TtKFgu5Aks5tU-GNgaJpZM4SGY1e>
.
|
Thanks I do not understand the alias method
From: Fernando Miguel [mailto:notifications@github.com]
Sent: Thursday, February 15, 2018 12:04 AM
To: Neilpang/acme.sh <acme.sh@noreply.github.com>
Cc: stevebovy <sg.bovy@ca.rr.com>; Author <author@noreply.github.com>
Subject: Re: [Neilpang/acme.sh] Issue with --tls --test on "asuswrt stock firmware" (#1266)
You could always point the domain of your router to another provider that
has a supported api
Or you could use the new alias method
--
Fernando Miguel
On 15 Feb 2018 07:49, "stevebovy" ***@***.*** ***@***.***> > wrote:
Yes lots of laughs >>>>>> there is an api for ddns but I have not found
any other info
From: Fernando Miguel ***@***.***
Sent: Wednesday, February 14, 2018 11:25 PM
To: Neilpang/acme.sh ***@***.*** ***@***.***> >
Cc: stevebovy ***@***.*** ***@***.***> >; Author ***@***.*** ***@***.***> >
Subject: Re: [Neilpang/acme.sh] Issue with --tls --test on "asuswrt stock
firmware" (#1266)
PR welcome for a google dns api :)
--
Fernando Miguel
On 15 Feb 2018 07:01, "stevebovy" ***@***.*** ***@***.***> > wrote:
> Unfortunately my routers gui is on httpd:80 and I can not find a way to
> kill it in order to use stand-alone mode
>
>
>
> I would preffer to use dns mode; but I have not found a google domain api
> for adding the txt
>
>
>
> From: Fernando Miguel ***@***.***
> Sent: Wednesday, February 14, 2018 10:42 PM
> To: Neilpang/acme.sh ***@***.*** ***@***.***> >
> Cc: stevebovy ***@***.*** ***@***.***> >; Author ***@***.*** ***@***.***> >
> Subject: Re: [Neilpang/acme.sh] Issue with --tls --test on "asuswrt stock
> firmware" (#1266)
>
>
>
> Tls-sni-01 has been disabled for new accounts
>
>
> https://community.letsencrypt.org/t/2018-01-11-update-
> regarding-acme-tls-sni-and-shared-hosting-infrastructure/50188
>
> --
> Fernando Miguel
>
> On 15 Feb 2018 06:23, "stevebovy" ***@***.*** ***@***.***> > wrote:
>
> > Steps to reproduce
> >
> > ./acme.sh --issue -d home.miscbitbag.org <http://home.miscbitbag.org> --test --tls --pre-hook
> "service
> > stop_webdav" --home /jffs/acme.sh --debug --log
> >
> > --log
> > Debug log
> >
> > ***@***.***_B1:/jffs/acme.sh# ***@***.***_B1:/jffs/acme.sh#> ./acme.sh --issue -d
> > home.miscbitbag.org <http://home.miscbitbag.org> --test --tls --pre-hook "service stop_webdav"
--home
> > /jffs/acme.sh --debug --log
> > [Wed Feb 14 22:18:07 PST 2018] Lets find script dir.
> > [Wed Feb 14 22:18:07 PST 2018] *SCRIPT*='./acme.sh'
> > [Wed Feb 14 22:18:07 PST 2018] _script='/jffs/acme.sh/acme.sh'
> > [Wed Feb 14 22:18:07 PST 2018] _script_home='/jffs/acme.sh'
> > [Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
> > https://github.com/Neilpang/acme.sh
> > v2.7.7
> > [Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
> > [Wed Feb 14 22:18:07 PST 2018] Using stage ACME_DIRECTORY:
> > https://acme-staging.api.letsencrypt.org/directory
> > [Wed Feb 14 22:18:07 PST 2018] DOMAIN_PATH='/jffs/acme.sh/
> > home.miscbitbag.org <http://home.miscbitbag.org> '
> > [Wed Feb 14 22:18:08 PST 2018] Using ACME_DIRECTORY:
> > https://acme-staging.api.letsencrypt.org/directory
> > [Wed Feb 14 22:18:08 PST 2018] _init api for server:
> > https://acme-staging.api.letsencrypt.org/directory
> > [Wed Feb 14 22:18:08 PST 2018] GET
> > [Wed Feb 14 22:18:08 PST 2018] url='https://acme-staging.api.
> > letsencrypt.org/directory'
> > [Wed Feb 14 22:18:08 PST 2018] timeout=
> > [Wed Feb 14 22:18:08 PST 2018] _CURL='curl -L --silent --dump-header
> /jffs/
> > acme.sh/http.header -g '
> > [Wed Feb 14 22:18:08 PST 2018] ret='0'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_KEY_CHANGE='https://acme-
> > staging.api.letsencrypt.org/acme/key-change'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_AUTHZ='https://acme-
> > staging.api.letsencrypt.org/acme/new-authz'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ORDER='https://acme-
> > staging.api.letsencrypt.org/acme/new-cert'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ACCOUNT='https://
> > acme-staging.api.letsencrypt.org/acme/new-reg'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_REVOKE_CERT='https://
> > acme-staging.api.letsencrypt.org/acme/revoke-cert'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_AGREEMENT='https://
> > letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_NONCE
> > [Wed Feb 14 22:18:08 PST 2018] ACME_VERSION
> > [Wed Feb 14 22:18:08 PST 2018] Le_NextRenewTime
> > [Wed Feb 14 22:18:09 PST 2018] _on_before_issue
> > [Wed Feb 14 22:18:09 PST 2018] Run pre hook:'service stop_webdav'
> >
> > Done.
> > [Wed Feb 14 22:18:09 PST 2018] Le_LocalAddress
> > [Wed Feb 14 22:18:09 PST 2018] Check for domain='home.miscbitbag.org'
> > [Wed Feb 14 22:18:09 PST 2018] _currentRoot='tls'
> > [Wed Feb 14 22:18:10 PST 2018] Standalone tls mode.
> > [Wed Feb 14 22:18:10 PST 2018] _checkport='443'
> > [Wed Feb 14 22:18:10 PST 2018] _checkaddr
> > [Wed Feb 14 22:18:10 PST 2018] Using: netstat
> > [Wed Feb 14 22:18:10 PST 2018] _saved_account_key_hash is not changed,
> > skip register account.
> > [Wed Feb 14 22:18:11 PST 2018] Read key length:
> > [Wed Feb 14 22:18:11 PST 2018] _createcsr
> > [Wed Feb 14 22:18:11 PST 2018] Single domain='home.miscbitbag.org'
> > [Wed Feb 14 22:18:11 PST 2018] Getting domain auth token for each
domain
> > [Wed Feb 14 22:18:11 PST 2018] Getting webroot for domain='
> > home.miscbitbag.org <http://home.miscbitbag.org> '
> > [Wed Feb 14 22:18:11 PST 2018] _w='tls'
> > [Wed Feb 14 22:18:11 PST 2018] _currentRoot='tls'
> > [Wed Feb 14 22:18:11 PST 2018] Getting new-authz for domain='
> > home.miscbitbag.org <http://home.miscbitbag.org> '
> > [Wed Feb 14 22:18:11 PST 2018] _init api for server:
> > https://acme-staging.api.letsencrypt.org/directory
> > [Wed Feb 14 22:18:11 PST 2018] Try new-authz for the 0 time.
> > [Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
> > letsencrypt.org/acme/new-authz'
> > [Wed Feb 14 22:18:11 PST 2018] payload='{"resource": "new-authz",
> > "identifier": {"type": "dns", "value": "home.miscbitbag.org <http://home.miscbitbag.org> "}}'
> > [Wed Feb 14 22:18:11 PST 2018] RSA key
> > [Wed Feb 14 22:18:11 PST 2018] GET
> > [Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
> > letsencrypt.org/directory'
> > [Wed Feb 14 22:18:11 PST 2018] timeout=
> > [Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header
> /jffs/
> > acme.sh/http.header -g '
> > [Wed Feb 14 22:18:12 PST 2018] ret='0'
> > [Wed Feb 14 22:18:12 PST 2018] POST
> > [Wed Feb 14 22:18:12 PST 2018] _post_url='https://acme-
> > staging.api.letsencrypt.org/acme/new-authz'
> > [Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header
> /jffs/
> > acme.sh/http.header -g '
> > [Wed Feb 14 22:18:13 PST 2018] _ret='0'
> > [Wed Feb 14 22:18:13 PST 2018] code='201'
> > [Wed Feb 14 22:18:13 PST 2018] The new-authz request is ok.
> > [Wed Feb 14 22:18:13 PST 2018] entry
> > [Wed Feb 14 22:18:13 PST 2018] Error, can not get domain token entry
> > home.miscbitbag.org <http://home.miscbitbag.org>
> > [Wed Feb 14 22:18:13 PST 2018] pid
> > [Wed Feb 14 22:18:13 PST 2018] No need to restore nginx, skip.
> > [Wed Feb 14 22:18:13 PST 2018] _clearupdns
> > [Wed Feb 14 22:18:13 PST 2018] skip dns.
> > [Wed Feb 14 22:18:13 PST 2018] _on_issue_err
> > [Wed Feb 14 22:18:13 PST 2018] Please check log file for more details:
> > /jffs/acme.sh/acme.sh.log
> > [Wed Feb 14 22:18:14 PST 2018] Diagnosis versions:
> > openssl:openssl
> > OpenSSL 1.0.2j 26 Sep 2016
> > apache:
> > apache doesn't exists.
> > nginx:
> > nginx doesn't exists.
> > socat:
> > socat by Gerhard Rieger and contributors - see www.dest-unreach.org <http://www.dest-unreach.org>
> > Usage:
> > socat [options]
> > options:
> > -V print version and feature information to stdout, and exit
> > -h|-? print a help text describing command line options and addresses
> > -hh like -h, plus a list of all common address option names
> > -hhh like -hh, plus a list of all available address option names
> > -d increase verbosity (use up to 4 times; 2 are recommended)
> > -D analyze file descriptors before loop
> > -ly[facility] log to syslog, using facility (default is daemon)
> > -lf log to file
> > -ls log to stderr (default if no other log)
> > -lm[facility] mixed log mode (stderr during initialization, then
syslog)
> > -lp set the program name used for logging
> > -lu use microseconds for logging timestamps
> > -lh add hostname to log messages
> > -v verbose data traffic, text
> > -x verbose data traffic, hexadecimal
> > -b<size_t> set data buffer size (8192)
> > -s sloppy (continue on error)
> > -t wait seconds before closing second channel
> > -T total inactivity timeout in seconds
> > -u unidirectional mode (left to right)
> > -U unidirectional mode (right to left)
> > -g do not check option groups
> > -L try to obtain lock, or fail
> > -W try to obtain lock, or wait
> > -4 prefer IPv4 if version is not explicitly specified
> > -6 prefer IPv6 if version is not explicitly specified
> > bi-address:
> > pipe[,] groups=FD,FIFO
> > !!
> >
> > single-address:
> > [,]
> > address-head:
> > abstract-client: groups=FD,SOCKET,RETRY,UNIX
> > abstract-connect: groups=FD,SOCKET,RETRY,UNIX
> > abstract-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,UNIX
> > abstract-recv: groups=FD,SOCKET,RETRY,UNIX
> > abstract-recvfrom: groups=FD,SOCKET,CHILD,RETRY,UNIX
> > abstract-sendto: groups=FD,SOCKET,RETRY,UNIX
> > create: groups=FD,REG,NAMED
> > exec: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
> > fd: groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
UDP,TCP,SCTP
> > gopen: groups=FD,FIFO,CHR,BLK,REG,SOCKET,NAMED,OPEN,TERMIOS,UNIX
> > interface: groups=FD,SOCKET
> > ip-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6
> > ip-recv: groups=FD,SOCKET,RANGE,IP4,IP6
> > ip-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6
> > ip-sendto:: groups=FD,SOCKET,IP4,IP6
> > ip4-datagram:: groups=FD,SOCKET,RANGE,IP4
> > ip4-recv: groups=FD,SOCKET,RANGE,IP4
> > ip4-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4
> > ip4-sendto:: groups=FD,SOCKET,IP4
> > ip6-datagram:: groups=FD,SOCKET,RANGE,IP6
> > ip6-recv: groups=FD,SOCKET,RANGE,IP6
> > ip6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6
> > ip6-sendto:: groups=FD,SOCKET,IP6
> > open: groups=FD,FIFO,CHR,BLK,REG,NAMED,OPEN,TERMIOS
> > openssl:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,OPENSSL
> > openssl-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP,
> > OPENSSL
> > pipe: groups=FD,FIFO,NAMED,OPEN
> > proxy::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,HTTP
> > pty groups=FD,NAMED,TERMIOS,PTY
> > sctp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,SCTP
> > sctp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,SCTP
> > sctp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,SCTP
> > sctp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,SCTP
> > sctp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,SCTP
> > sctp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,SCTP
> > socket-connect::: groups=FD,SOCKET,CHILD,RETRY
> > socket-datagram:::: groups=FD,SOCKET,RANGE
> > socket-listen::: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE
> > socket-recv:::: groups=FD,SOCKET,RANGE
> > socket-recvfrom:::: groups=FD,SOCKET,CHILD,RANGE
> > socket-sendto:::: groups=FD,SOCKET
> > socks4::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
> > socks4a::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
> > stderr groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
> UDP,TCP,SCTP
> > stdin groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
> UDP,TCP,SCTP
> > stdio groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
> UDP,TCP,SCTP
> > stdout groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
> UDP,TCP,SCTP
> > system: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
> > tcp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP
> > tcp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP
> > tcp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,TCP
> > tcp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,TCP
> > tcp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,TCP
> > tcp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,TCP
> > tun[:/] groups=FD,CHR,NAMED,OPEN,INTERFACE
> > udp-connect:: groups=FD,SOCKET,IP4,IP6,UDP
> > udp-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
> > udp-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,IP6,UDP
> > udp-recv: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
> > udp-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6,UDP
> > udp-sendto:: groups=FD,SOCKET,IP4,IP6,UDP
> > udp4-connect:: groups=FD,SOCKET,IP4,UDP
> > udp4-datagram:: groups=FD,SOCKET,RANGE,IP4,UDP
> > udp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,UDP
> > udp4-recv: groups=FD,SOCKET,RANGE,IP4,UDP
> > udp4-recvfrom:: groups=FD,SOCKET,CHILD,RANGE,IP4,UDP
> > udp4-sendto:: groups=FD,SOCKET,IP4,UDP
> > udp6-connect:: groups=FD,SOCKET,IP6,UDP
> > udp6-datagram:: groups=FD,SOCKET,RANGE,IP6,UDP
> > udp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP6,UDP
> > udp6-recv: groups=FD,SOCKET,RANGE,IP6,UDP
> > udp6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6,UDP
> > udp6-sendto:: groups=FD,SOCKET,IP6,UDP
> > unix-client: groups=FD,SOCKET,NAMED,RETRY,UNIX
> > unix-connect: groups=FD,SOCKET,NAMED,RETRY,UNIX
> > unix-listen: groups=FD,SOCKET,NAMED,LISTEN,CHILD,RETRY,UNIX
> > unix-recv: groups=FD,SOCKET,NAMED,RETRY,UNIX
> > unix-recvfrom: groups=FD,SOCKET,NAMED,CHILD,RETRY,UNIX
> > unix-sendto: groups=FD,SOCKET,NAMED,RETRY,UNIX
> > ***@***.***_B1:/jffs/acme.sh# ***@***.***_B1:/jffs/acme.sh#>
> >
> > acme.sh --issue ..... --debug 2
> >
> > —
> > You are receiving this because you are subscribed to this thread.
> > Reply to this email directly, view it on GitHub
> > <#1266>, or mute the thread
> > <https://github.com/notifications/unsubscribe-auth/ <https://github.com/notifications/unsubscribe-auth/%0b>
> AAKRrmwiDBDhbfhXo8lkf8Bqydl2rK15ks5tU81ugaJpZM4SGY1e>
> > .
> >
>
>
>
> —
> You are receiving this because you authored the thread.
> Reply to this email directly, view it on GitHub <
> #1266 (comment)>
,
> or mute the thread <https://github.com/notifications/unsubscribe- <https://github.com/notifications/unsubscribe-%0b>
> auth/ALUA-7zYtbQC88hd0Gc2SyJ_FHhrG7Azks5tU9HFgaJpZM4SGY1e> .
>
> —
> You are receiving this because you commented.
> Reply to this email directly, view it on GitHub
> <#1266 (comment) <#1266 (comment)>
>,
> or mute the thread
> <https://github.com/notifications/unsubscribe- <https://github.com/notifications/unsubscribe-%0b>
auth/AAKRrsjz_2JSYfxaeLk3B-zYgWTmumV3ks5tU9YzgaJpZM4SGY1e>
> .
>
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub <
#1266 (comment)> ,
or mute the thread <https://github.com/notifications/unsubscribe- <https://github.com/notifications/unsubscribe-%0b>
auth/ALUA-9mkWwPBCGRrBOw3kD9vEZK2jgdiks5tU9u1gaJpZM4SGY1e> .
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#1266 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAKRroi8MEF79sBYfHPvtP99TtKFgu5Aks5tU-GNgaJpZM4SGY1e>
.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub <#1266 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/ALUA-6r8zYPUXQQioTJlquq5PbU4BWCbks5tU-T6gaJpZM4SGY1e> . <https://github.com/notifications/beacon/ALUA--KeQBveMS0zQdT0I3-C1-86JHyeks5tU-T6gaJpZM4SGY1e.gif>
|
Ok I free-d up port 80 but stand alone mode is still not working
admin-280@RT-AC66U_B1:/tmp/mnt/Data/acmesh# ./acme.sh --test --issue --standalone -d home.miscbitbag.org --home . -f
[Thu Feb 15 08:23:02 GMT 2018] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Thu Feb 15 08:23:02 GMT 2018] Standalone mode.
[Thu Feb 15 08:23:08 GMT 2018] Registering account
[Thu Feb 15 08:23:09 GMT 2018] Registered
[Thu Feb 15 08:23:10 GMT 2018] ACCOUNT_THUMBPRINT='xFklr_EqQHQG6AGJtxUHm1hVFJMEjOMHb4os_hH8BpI'
[Thu Feb 15 08:23:10 GMT 2018] Creating domain key
[Thu Feb 15 08:23:19 GMT 2018] The domain key is here: ./home.miscbitbag.org/home.miscbitbag.org.key
[Thu Feb 15 08:23:19 GMT 2018] Single domain='home.miscbitbag.org'
[Thu Feb 15 08:23:19 GMT 2018] Getting domain auth token for each domain
[Thu Feb 15 08:23:19 GMT 2018] Getting webroot for domain='home.miscbitbag.org'
[Thu Feb 15 08:23:19 GMT 2018] Getting new-authz for domain='home.miscbitbag.org'
[Thu Feb 15 08:23:20 GMT 2018] The new-authz request is ok.
[Thu Feb 15 08:23:20 GMT 2018] Verifying:home.miscbitbag.org
[Thu Feb 15 08:23:21 GMT 2018] Standalone mode server
[Thu Feb 15 08:23:25 GMT 2018] Pending
[Thu Feb 15 08:23:27 GMT 2018] Pending
[Thu Feb 15 08:23:29 GMT 2018] Pending
[Thu Feb 15 08:23:32 GMT 2018] Pending
[Thu Feb 15 08:23:34 GMT 2018] home.miscbitbag.org:Verify error:Fetching http://home.miscbitbag.org/.well-known/acme-challenge/27R74FS_aLkjtRIPzHiOUPc7_pFGPvvrob9eOKaA4OI: Timeout
[Thu Feb 15 08:23:34 GMT 2018] Please add '--debug' or '--log' to check more details.
[Thu Feb 15 08:23:34 GMT 2018] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
admin-280@RT-AC66U_B1:/tmp/mnt/Data/acmesh#
--log
[Thu Feb 15 08:28:11 GMT 2018] Using config home:.
[Thu Feb 15 08:28:11 GMT 2018] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Thu Feb 15 08:28:11 GMT 2018] DOMAIN_PATH='./home.miscbitbag.org'
[Thu Feb 15 08:28:11 GMT 2018] Using ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Thu Feb 15 08:28:11 GMT 2018] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Thu Feb 15 08:28:11 GMT 2018] GET
[Thu Feb 15 08:28:11 GMT 2018] url='https://acme-staging.api.letsencrypt.org/directory'
[Thu Feb 15 08:28:11 GMT 2018] timeout=
[Thu Feb 15 08:28:12 GMT 2018] _CURL='curl -L --silent --dump-header ./http.header -g '
[Thu Feb 15 08:28:12 GMT 2018] ret='0'
[Thu Feb 15 08:28:12 GMT 2018] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Thu Feb 15 08:28:12 GMT 2018] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Thu Feb 15 08:28:12 GMT 2018] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Thu Feb 15 08:28:13 GMT 2018] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Thu Feb 15 08:28:13 GMT 2018] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Thu Feb 15 08:28:13 GMT 2018] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Thu Feb 15 08:28:13 GMT 2018] ACME_NEW_NONCE
[Thu Feb 15 08:28:13 GMT 2018] ACME_VERSION
[Thu Feb 15 08:28:13 GMT 2018] Le_NextRenewTime
[Thu Feb 15 08:28:13 GMT 2018] _on_before_issue
[Thu Feb 15 08:28:13 GMT 2018] Le_LocalAddress
[Thu Feb 15 08:28:13 GMT 2018] Check for domain='home.miscbitbag.org'
[Thu Feb 15 08:28:13 GMT 2018] _currentRoot='no'
[Thu Feb 15 08:28:13 GMT 2018] Standalone mode.
[Thu Feb 15 08:28:13 GMT 2018] _checkport='80'
[Thu Feb 15 08:28:13 GMT 2018] _checkaddr
[Thu Feb 15 08:28:13 GMT 2018] Using: netstat
[Thu Feb 15 08:28:14 GMT 2018] _saved_account_key_hash is not changed, skip register account.
[Thu Feb 15 08:28:14 GMT 2018] Read key length:
[Thu Feb 15 08:28:14 GMT 2018] _createcsr
[Thu Feb 15 08:28:14 GMT 2018] Single domain='home.miscbitbag.org'
[Thu Feb 15 08:28:14 GMT 2018] Getting domain auth token for each domain
[Thu Feb 15 08:28:14 GMT 2018] Getting webroot for domain='home.miscbitbag.org'
[Thu Feb 15 08:28:14 GMT 2018] _w='no'
[Thu Feb 15 08:28:14 GMT 2018] _currentRoot='no'
[Thu Feb 15 08:28:14 GMT 2018] Getting new-authz for domain='home.miscbitbag.org'
[Thu Feb 15 08:28:14 GMT 2018] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Thu Feb 15 08:28:15 GMT 2018] Try new-authz for the 0 time.
[Thu Feb 15 08:28:15 GMT 2018] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Thu Feb 15 08:28:15 GMT 2018] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "home.miscbitbag.org"}}'
[Thu Feb 15 08:28:15 GMT 2018] RSA key
[Thu Feb 15 08:28:15 GMT 2018] GET
[Thu Feb 15 08:28:15 GMT 2018] url='https://acme-staging.api.letsencrypt.org/directory'
[Thu Feb 15 08:28:15 GMT 2018] timeout=
[Thu Feb 15 08:28:15 GMT 2018] _CURL='curl -L --silent --dump-header ./http.header -g '
[Thu Feb 15 08:28:15 GMT 2018] ret='0'
[Thu Feb 15 08:28:16 GMT 2018] POST
[Thu Feb 15 08:28:16 GMT 2018] _post_url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Thu Feb 15 08:28:16 GMT 2018] _CURL='curl -L --silent --dump-header ./http.header -g '
[Thu Feb 15 08:28:16 GMT 2018] _ret='0'
[Thu Feb 15 08:28:16 GMT 2018] code='201'
[Thu Feb 15 08:28:16 GMT 2018] The new-authz request is ok.
[Thu Feb 15 08:28:16 GMT 2018] entry='"type":"http-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/HDWB6ubaqbyIroX--wqbKYii1BMl3QDZybCFdzQnlSY/101581045","token":"7SzHcIaRIkaLD6rdPjS-5QMp-_uwwfTxQFkUhN7VKuE"'
[Thu Feb 15 08:28:16 GMT 2018] token='7SzHcIaRIkaLD6rdPjS-5QMp-_uwwfTxQFkUhN7VKuE'
[Thu Feb 15 08:28:16 GMT 2018] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/HDWB6ubaqbyIroX--wqbKYii1BMl3QDZybCFdzQnlSY/101581045'
[Thu Feb 15 08:28:16 GMT 2018] keyauthorization='7SzHcIaRIkaLD6rdPjS-5QMp-_uwwfTxQFkUhN7VKuE.xFklr_EqQHQG6AGJtxUHm1hVFJMEjOMHb4os_hH8BpI'
[Thu Feb 15 08:28:16 GMT 2018] dvlist='home.miscbitbag.org#7SzHcIaRIkaLD6rdPjS-5QMp-_uwwfTxQFkUhN7VKuE.xFklr_EqQHQG6AGJtxUHm1hVFJMEjOMHb4os_hH8BpI#https://acme-staging.api.letsencrypt.org/acme/challenge/HDWB6ubaqbyIroX--wqbKYii1BMl3QDZybCFdzQnlSY/101581045#http-01#no'
[Thu Feb 15 08:28:16 GMT 2018] vlist='home.miscbitbag.org#7SzHcIaRIkaLD6rdPjS-5QMp-_uwwfTxQFkUhN7VKuE.xFklr_EqQHQG6AGJtxUHm1hVFJMEjOMHb4os_hH8BpI#https://acme-staging.api.letsencrypt.org/acme/challenge/HDWB6ubaqbyIroX--wqbKYii1BMl3QDZybCFdzQnlSY/101581045#http-01#no,'
[Thu Feb 15 08:28:16 GMT 2018] d='home.miscbitbag.org'
[Thu Feb 15 08:28:17 GMT 2018] ok, let's start to verify
[Thu Feb 15 08:28:17 GMT 2018] Verifying:home.miscbitbag.org
[Thu Feb 15 08:28:17 GMT 2018] d='home.miscbitbag.org'
[Thu Feb 15 08:28:17 GMT 2018] keyauthorization='7SzHcIaRIkaLD6rdPjS-5QMp-_uwwfTxQFkUhN7VKuE.xFklr_EqQHQG6AGJtxUHm1hVFJMEjOMHb4os_hH8BpI'
[Thu Feb 15 08:28:17 GMT 2018] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/HDWB6ubaqbyIroX--wqbKYii1BMl3QDZybCFdzQnlSY/101581045'
[Thu Feb 15 08:28:17 GMT 2018] _currentRoot='no'
[Thu Feb 15 08:28:17 GMT 2018] Standalone mode server
[Thu Feb 15 08:28:17 GMT 2018] ncaddr
[Thu Feb 15 08:28:17 GMT 2018] startserver: 5208
[Thu Feb 15 08:28:17 GMT 2018] Le_HTTPPort='80'
[Thu Feb 15 08:28:17 GMT 2018] Le_Listen_V4
[Thu Feb 15 08:28:17 GMT 2018] Le_Listen_V6
[Thu Feb 15 08:28:17 GMT 2018] _NC='socat'
[Thu Feb 15 08:28:18 GMT 2018] serverproc='5818'
[Thu Feb 15 08:28:18 GMT 2018] url='https://acme-staging.api.letsencrypt.org/acme/challenge/HDWB6ubaqbyIroX--wqbKYii1BMl3QDZybCFdzQnlSY/101581045'
[Thu Feb 15 08:28:18 GMT 2018] payload='{"resource": "challenge", "keyAuthorization": "7SzHcIaRIkaLD6rdPjS-5QMp-_uwwfTxQFkUhN7VKuE.xFklr_EqQHQG6AGJtxUHm1hVFJMEjOMHb4os_hH8BpI"}'
[Thu Feb 15 08:28:18 GMT 2018] POST
[Thu Feb 15 08:28:18 GMT 2018] _post_url='https://acme-staging.api.letsencrypt.org/acme/challenge/HDWB6ubaqbyIroX--wqbKYii1BMl3QDZybCFdzQnlSY/101581045'
[Thu Feb 15 08:28:18 GMT 2018] _CURL='curl -L --silent --dump-header ./http.header -g '
[Thu Feb 15 08:28:19 GMT 2018] _ret='0'
[Thu Feb 15 08:28:19 GMT 2018] code='202'
[Thu Feb 15 08:28:19 GMT 2018] sleep 2 secs to verify
[Thu Feb 15 08:28:21 GMT 2018] checking
[Thu Feb 15 08:28:21 GMT 2018] GET
[Thu Feb 15 08:28:21 GMT 2018] url='https://acme-staging.api.letsencrypt.org/acme/challenge/HDWB6ubaqbyIroX--wqbKYii1BMl3QDZybCFdzQnlSY/101581045'
[Thu Feb 15 08:28:21 GMT 2018] timeout=
[Thu Feb 15 08:28:21 GMT 2018] _CURL='curl -L --silent --dump-header ./http.header -g '
[Thu Feb 15 08:28:21 GMT 2018] ret='0'
[Thu Feb 15 08:28:21 GMT 2018] Pending
[Thu Feb 15 08:28:21 GMT 2018] sleep 2 secs to verify
[Thu Feb 15 08:28:23 GMT 2018] checking
[Thu Feb 15 08:28:23 GMT 2018] GET
[Thu Feb 15 08:28:23 GMT 2018] url='https://acme-staging.api.letsencrypt.org/acme/challenge/HDWB6ubaqbyIroX--wqbKYii1BMl3QDZybCFdzQnlSY/101581045'
[Thu Feb 15 08:28:23 GMT 2018] timeout=
[Thu Feb 15 08:28:24 GMT 2018] _CURL='curl -L --silent --dump-header ./http.header -g '
[Thu Feb 15 08:28:24 GMT 2018] ret='0'
[Thu Feb 15 08:28:24 GMT 2018] Pending
[Thu Feb 15 08:28:24 GMT 2018] sleep 2 secs to verify
[Thu Feb 15 08:28:26 GMT 2018] checking
[Thu Feb 15 08:28:26 GMT 2018] GET
[Thu Feb 15 08:28:26 GMT 2018] url='https://acme-staging.api.letsencrypt.org/acme/challenge/HDWB6ubaqbyIroX--wqbKYii1BMl3QDZybCFdzQnlSY/101581045'
[Thu Feb 15 08:28:26 GMT 2018] timeout=
[Thu Feb 15 08:28:26 GMT 2018] _CURL='curl -L --silent --dump-header ./http.header -g '
[Thu Feb 15 08:28:26 GMT 2018] ret='0'
[Thu Feb 15 08:28:26 GMT 2018] Pending
[Thu Feb 15 08:28:26 GMT 2018] sleep 2 secs to verify
[Thu Feb 15 08:28:28 GMT 2018] checking
[Thu Feb 15 08:28:28 GMT 2018] GET
[Thu Feb 15 08:28:28 GMT 2018] url='https://acme-staging.api.letsencrypt.org/acme/challenge/HDWB6ubaqbyIroX--wqbKYii1BMl3QDZybCFdzQnlSY/101581045'
[Thu Feb 15 08:28:28 GMT 2018] timeout=
[Thu Feb 15 08:28:29 GMT 2018] _CURL='curl -L --silent --dump-header ./http.header -g '
[Thu Feb 15 08:28:29 GMT 2018] ret='0'
[Thu Feb 15 08:28:29 GMT 2018] Pending
[Thu Feb 15 08:28:29 GMT 2018] sleep 2 secs to verify
[Thu Feb 15 08:28:31 GMT 2018] checking
[Thu Feb 15 08:28:31 GMT 2018] GET
[Thu Feb 15 08:28:31 GMT 2018] url='https://acme-staging.api.letsencrypt.org/acme/challenge/HDWB6ubaqbyIroX--wqbKYii1BMl3QDZybCFdzQnlSY/101581045'
[Thu Feb 15 08:28:31 GMT 2018] timeout=
[Thu Feb 15 08:28:31 GMT 2018] _CURL='curl -L --silent --dump-header ./http.header -g '
[Thu Feb 15 08:28:31 GMT 2018] ret='0'
[Thu Feb 15 08:28:31 GMT 2018] home.miscbitbag.org:Verify error:Fetching http://home.miscbitbag.org/.well-known/acme-challenge/7SzHcIaRIkaLD6rdPjS-5QMp-_uwwfTxQFkUhN7VKuE: Timeout
[Thu Feb 15 08:28:31 GMT 2018] Debug: get token url.
[Thu Feb 15 08:28:31 GMT 2018] GET
[Thu Feb 15 08:28:31 GMT 2018] url='http://home.miscbitbag.org/.well-known/acme-challenge/7SzHcIaRIkaLD6rdPjS-5QMp-_uwwfTxQFkUhN7VKuE'
[Thu Feb 15 08:28:31 GMT 2018] timeout=1
[Thu Feb 15 08:28:32 GMT 2018] _CURL='curl -L --silent --dump-header ./http.header -g --connect-timeout 1'
[Thu Feb 15 08:28:32 GMT 2018] ret='0'
[Thu Feb 15 08:28:32 GMT 2018] Skip for removelevel:
[Thu Feb 15 08:28:32 GMT 2018] pid='5818'
[Thu Feb 15 08:28:32 GMT 2018] No need to restore nginx, skip.
[Thu Feb 15 08:28:32 GMT 2018] _clearupdns
[Thu Feb 15 08:28:32 GMT 2018] skip dns.
[Thu Feb 15 08:28:32 GMT 2018] _on_issue_err
[Thu Feb 15 08:28:32 GMT 2018] Please check log file for more details: ./acme.sh.log
[Thu Feb 15 08:28:32 GMT 2018] url='https://acme-staging.api.letsencrypt.org/acme/challenge/HDWB6ubaqbyIroX--wqbKYii1BMl3QDZybCFdzQnlSY/101581045'
[Thu Feb 15 08:28:32 GMT 2018] payload='{"resource": "challenge", "keyAuthorization": "7SzHcIaRIkaLD6rdPjS-5QMp-_uwwfTxQFkUhN7VKuE.xFklr_EqQHQG6AGJtxUHm1hVFJMEjOMHb4os_hH8BpI"}'
[Thu Feb 15 08:28:32 GMT 2018] POST
[Thu Feb 15 08:28:32 GMT 2018] _post_url='https://acme-staging.api.letsencrypt.org/acme/challenge/HDWB6ubaqbyIroX--wqbKYii1BMl3QDZybCFdzQnlSY/101581045'
[Thu Feb 15 08:28:32 GMT 2018] _CURL='curl -L --silent --dump-header ./http.header -g '
[Thu Feb 15 08:28:33 GMT 2018] _ret='0'
[Thu Feb 15 08:28:33 GMT 2018] code='400'
[Thu Feb 15 08:28:33 GMT 2018] Diagnosis versions:
openssl:openssl
OpenSSL 1.0.2j 26 Sep 2016
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
socat:
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
Usage:
socat [options] <bi-address> <bi-address>
options:
-V print version and feature information to stdout, and exit
-h|-? print a help text describing command line options and addresses
-hh like -h, plus a list of all common address option names
-hhh like -hh, plus a list of all available address option names
-d increase verbosity (use up to 4 times; 2 are recommended)
-D analyze file descriptors before loop
-ly[facility] log to syslog, using facility (default is daemon)
-lf<logfile> log to file
-ls log to stderr (default if no other log)
-lm[facility] mixed log mode (stderr during initialization, then syslog)
-lp<progname> set the program name used for logging
-lu use microseconds for logging timestamps
-lh add hostname to log messages
-v verbose data traffic, text
-x verbose data traffic, hexadecimal
-b<size_t> set data buffer size (8192)
-s sloppy (continue on error)
-t<timeout> wait seconds before closing second channel
-T<timeout> total inactivity timeout in seconds
-u unidirectional mode (left to right)
-U unidirectional mode (right to left)
-g do not check option groups
-L <lockfile> try to obtain lock, or fail
-W <lockfile> try to obtain lock, or wait
-4 prefer IPv4 if version is not explicitly specified
-6 prefer IPv6 if version is not explicitly specified
bi-address:
pipe[,<opts>] groups=FD,FIFO
<single-address>!!<single-address>
<single-address>
single-address:
<address-head>[,<opts>]
address-head:
abstract-client:<filename> groups=FD,SOCKET,RETRY,UNIX
abstract-connect:<filename> groups=FD,SOCKET,RETRY,UNIX
abstract-listen:<filename> groups=FD,SOCKET,LISTEN,CHILD,RETRY,UNIX
abstract-recv:<filename> groups=FD,SOCKET,RETRY,UNIX
abstract-recvfrom:<filename> groups=FD,SOCKET,CHILD,RETRY,UNIX
abstract-sendto:<filename> groups=FD,SOCKET,RETRY,UNIX
create:<filename> groups=FD,REG,NAMED
exec:<command-line> groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
fd:<num> groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
gopen:<filename> groups=FD,FIFO,CHR,BLK,REG,SOCKET,NAMED,OPEN,TERMIOS,UNIX
interface:<interface> groups=FD,SOCKET
ip-datagram:<host>:<protocol> groups=FD,SOCKET,RANGE,IP4,IP6
ip-recv:<protocol> groups=FD,SOCKET,RANGE,IP4,IP6
ip-recvfrom:<protocol> groups=FD,SOCKET,CHILD,RANGE,IP4,IP6
ip-sendto:<host>:<protocol> groups=FD,SOCKET,IP4,IP6
ip4-datagram:<host>:<protocol> groups=FD,SOCKET,RANGE,IP4
ip4-recv:<protocol> groups=FD,SOCKET,RANGE,IP4
ip4-recvfrom:<protocol> groups=FD,SOCKET,CHILD,RANGE,IP4
ip4-sendto:<host>:<protocol> groups=FD,SOCKET,IP4
ip6-datagram:<host>:<protocol> groups=FD,SOCKET,RANGE,IP6
ip6-recv:<protocol> groups=FD,SOCKET,RANGE,IP6
ip6-recvfrom:<protocol> groups=FD,SOCKET,CHILD,RANGE,IP6
ip6-sendto:<host>:<protocol> groups=FD,SOCKET,IP6
open:<filename> groups=FD,FIFO,CHR,BLK,REG,NAMED,OPEN,TERMIOS
openssl:<host>:<port> groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,OPENSSL
openssl-listen:<port> groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP,OPENSSL
pipe:<filename> groups=FD,FIFO,NAMED,OPEN
proxy:<proxy-server>:<host>:<port> groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,HTTP
pty groups=FD,NAMED,TERMIOS,PTY
sctp-connect:<host>:<port> groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,SCTP
sctp-listen:<port> groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,SCTP
sctp4-connect:<host>:<port> groups=FD,SOCKET,CHILD,RETRY,IP4,SCTP
sctp4-listen:<port> groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,SCTP
sctp6-connect:<host>:<port> groups=FD,SOCKET,CHILD,RETRY,IP6,SCTP
sctp6-listen:<port> groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,SCTP
socket-connect:<domain>:<protocol>:<remote-address> groups=FD,SOCKET,CHILD,RETRY
socket-datagram:<domain>:<type>:<protocol>:<remote-address> groups=FD,SOCKET,RANGE
socket-listen:<domain>:<protocol>:<local-address> groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE
socket-recv:<domain>:<type>:<protocol>:<local-address> groups=FD,SOCKET,RANGE
socket-recvfrom:<domain>:<type>:<protocol>:<local-address> groups=FD,SOCKET,CHILD,RANGE
socket-sendto:<domain>:<type>:<protocol>:<remote-address> groups=FD,SOCKET
socks4:<socks-server>:<host>:<port> groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
socks4a:<socks-server>:<host>:<port> groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
stderr groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdin groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdio groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdout groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
system:<shell-command> groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
tcp-connect:<host>:<port> groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP
tcp-listen:<port> groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP
tcp4-connect:<host>:<port> groups=FD,SOCKET,CHILD,RETRY,IP4,TCP
tcp4-listen:<port> groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,TCP
tcp6-connect:<host>:<port> groups=FD,SOCKET,CHILD,RETRY,IP6,TCP
tcp6-listen:<port> groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,TCP
tun[:<ip-addr>/<bits>] groups=FD,CHR,NAMED,OPEN,INTERFACE
udp-connect:<host>:<port> groups=FD,SOCKET,IP4,IP6,UDP
udp-datagram:<host>:<port> groups=FD,SOCKET,RANGE,IP4,IP6,UDP
udp-listen:<port> groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,IP6,UDP
udp-recv:<port> groups=FD,SOCKET,RANGE,IP4,IP6,UDP
udp-recvfrom:<port> groups=FD,SOCKET,CHILD,RANGE,IP4,IP6,UDP
udp-sendto:<host>:<port> groups=FD,SOCKET,IP4,IP6,UDP
udp4-connect:<host>:<port> groups=FD,SOCKET,IP4,UDP
udp4-datagram:<remote-address>:<port> groups=FD,SOCKET,RANGE,IP4,UDP
udp4-listen:<port> groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,UDP
udp4-recv:<port> groups=FD,SOCKET,RANGE,IP4,UDP
udp4-recvfrom:<host>:<port> groups=FD,SOCKET,CHILD,RANGE,IP4,UDP
udp4-sendto:<host>:<port> groups=FD,SOCKET,IP4,UDP
udp6-connect:<host>:<port> groups=FD,SOCKET,IP6,UDP
udp6-datagram:<host>:<port> groups=FD,SOCKET,RANGE,IP6,UDP
udp6-listen:<port> groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP6,UDP
udp6-recv:<port> groups=FD,SOCKET,RANGE,IP6,UDP
udp6-recvfrom:<port> groups=FD,SOCKET,CHILD,RANGE,IP6,UDP
udp6-sendto:<host>:<port> groups=FD,SOCKET,IP6,UDP
unix-client:<filename> groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-connect:<filename> groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-listen:<filename> groups=FD,SOCKET,NAMED,LISTEN,CHILD,RETRY,UNIX
unix-recv:<filename> groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-recvfrom:<filename> groups=FD,SOCKET,NAMED,CHILD,RETRY,UNIX
unix-sendto:<filename> groups=FD,SOCKET,NAMED,RETRY,UNIX
From: Fernando Miguel [mailto:notifications@github.com]
Sent: Thursday, February 15, 2018 12:04 AM
To: Neilpang/acme.sh <acme.sh@noreply.github.com>
Cc: stevebovy <sg.bovy@ca.rr.com>; Author <author@noreply.github.com>
Subject: Re: [Neilpang/acme.sh] Issue with --tls --test on "asuswrt stock firmware" (#1266)
You could always point the domain of your router to another provider that
has a supported api
Or you could use the new alias method
--
Fernando Miguel
On 15 Feb 2018 07:49, "stevebovy" ***@***.*** ***@***.***> > wrote:
Yes lots of laughs >>>>>> there is an api for ddns but I have not found
any other info
From: Fernando Miguel ***@***.***
Sent: Wednesday, February 14, 2018 11:25 PM
To: Neilpang/acme.sh ***@***.*** ***@***.***> >
Cc: stevebovy ***@***.*** ***@***.***> >; Author ***@***.*** ***@***.***> >
Subject: Re: [Neilpang/acme.sh] Issue with --tls --test on "asuswrt stock
firmware" (#1266)
PR welcome for a google dns api :)
--
Fernando Miguel
On 15 Feb 2018 07:01, "stevebovy" ***@***.*** ***@***.***> > wrote:
> Unfortunately my routers gui is on httpd:80 and I can not find a way to
> kill it in order to use stand-alone mode
>
>
>
> I would preffer to use dns mode; but I have not found a google domain api
> for adding the txt
>
>
>
> From: Fernando Miguel ***@***.***
> Sent: Wednesday, February 14, 2018 10:42 PM
> To: Neilpang/acme.sh ***@***.*** ***@***.***> >
> Cc: stevebovy ***@***.*** ***@***.***> >; Author ***@***.*** ***@***.***> >
> Subject: Re: [Neilpang/acme.sh] Issue with --tls --test on "asuswrt stock
> firmware" (#1266)
>
>
>
> Tls-sni-01 has been disabled for new accounts
>
>
> https://community.letsencrypt.org/t/2018-01-11-update-
> regarding-acme-tls-sni-and-shared-hosting-infrastructure/50188
>
> --
> Fernando Miguel
>
> On 15 Feb 2018 06:23, "stevebovy" ***@***.*** ***@***.***> > wrote:
>
> > Steps to reproduce
> >
> > ./acme.sh --issue -d home.miscbitbag.org <http://home.miscbitbag.org> --test --tls --pre-hook
> "service
> > stop_webdav" --home /jffs/acme.sh --debug --log
> >
> > --log
> > Debug log
> >
> > ***@***.***_B1:/jffs/acme.sh# ***@***.***_B1:/jffs/acme.sh#> ./acme.sh --issue -d
> > home.miscbitbag.org <http://home.miscbitbag.org> --test --tls --pre-hook "service stop_webdav"
--home
> > /jffs/acme.sh --debug --log
> > [Wed Feb 14 22:18:07 PST 2018] Lets find script dir.
> > [Wed Feb 14 22:18:07 PST 2018] *SCRIPT*='./acme.sh'
> > [Wed Feb 14 22:18:07 PST 2018] _script='/jffs/acme.sh/acme.sh'
> > [Wed Feb 14 22:18:07 PST 2018] _script_home='/jffs/acme.sh'
> > [Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
> > https://github.com/Neilpang/acme.sh
> > v2.7.7
> > [Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
> > [Wed Feb 14 22:18:07 PST 2018] Using stage ACME_DIRECTORY:
> > https://acme-staging.api.letsencrypt.org/directory
> > [Wed Feb 14 22:18:07 PST 2018] DOMAIN_PATH='/jffs/acme.sh/
> > home.miscbitbag.org <http://home.miscbitbag.org> '
> > [Wed Feb 14 22:18:08 PST 2018] Using ACME_DIRECTORY:
> > https://acme-staging.api.letsencrypt.org/directory
> > [Wed Feb 14 22:18:08 PST 2018] _init api for server:
> > https://acme-staging.api.letsencrypt.org/directory
> > [Wed Feb 14 22:18:08 PST 2018] GET
> > [Wed Feb 14 22:18:08 PST 2018] url='https://acme-staging.api.
> > letsencrypt.org/directory'
> > [Wed Feb 14 22:18:08 PST 2018] timeout=
> > [Wed Feb 14 22:18:08 PST 2018] _CURL='curl -L --silent --dump-header
> /jffs/
> > acme.sh/http.header -g '
> > [Wed Feb 14 22:18:08 PST 2018] ret='0'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_KEY_CHANGE='https://acme-
> > staging.api.letsencrypt.org/acme/key-change'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_AUTHZ='https://acme-
> > staging.api.letsencrypt.org/acme/new-authz'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ORDER='https://acme-
> > staging.api.letsencrypt.org/acme/new-cert'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ACCOUNT='https://
> > acme-staging.api.letsencrypt.org/acme/new-reg'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_REVOKE_CERT='https://
> > acme-staging.api.letsencrypt.org/acme/revoke-cert'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_AGREEMENT='https://
> > letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
> > [Wed Feb 14 22:18:08 PST 2018] ACME_NEW_NONCE
> > [Wed Feb 14 22:18:08 PST 2018] ACME_VERSION
> > [Wed Feb 14 22:18:08 PST 2018] Le_NextRenewTime
> > [Wed Feb 14 22:18:09 PST 2018] _on_before_issue
> > [Wed Feb 14 22:18:09 PST 2018] Run pre hook:'service stop_webdav'
> >
> > Done.
> > [Wed Feb 14 22:18:09 PST 2018] Le_LocalAddress
> > [Wed Feb 14 22:18:09 PST 2018] Check for domain='home.miscbitbag.org'
> > [Wed Feb 14 22:18:09 PST 2018] _currentRoot='tls'
> > [Wed Feb 14 22:18:10 PST 2018] Standalone tls mode.
> > [Wed Feb 14 22:18:10 PST 2018] _checkport='443'
> > [Wed Feb 14 22:18:10 PST 2018] _checkaddr
> > [Wed Feb 14 22:18:10 PST 2018] Using: netstat
> > [Wed Feb 14 22:18:10 PST 2018] _saved_account_key_hash is not changed,
> > skip register account.
> > [Wed Feb 14 22:18:11 PST 2018] Read key length:
> > [Wed Feb 14 22:18:11 PST 2018] _createcsr
> > [Wed Feb 14 22:18:11 PST 2018] Single domain='home.miscbitbag.org'
> > [Wed Feb 14 22:18:11 PST 2018] Getting domain auth token for each
domain
> > [Wed Feb 14 22:18:11 PST 2018] Getting webroot for domain='
> > home.miscbitbag.org <http://home.miscbitbag.org> '
> > [Wed Feb 14 22:18:11 PST 2018] _w='tls'
> > [Wed Feb 14 22:18:11 PST 2018] _currentRoot='tls'
> > [Wed Feb 14 22:18:11 PST 2018] Getting new-authz for domain='
> > home.miscbitbag.org <http://home.miscbitbag.org> '
> > [Wed Feb 14 22:18:11 PST 2018] _init api for server:
> > https://acme-staging.api.letsencrypt.org/directory
> > [Wed Feb 14 22:18:11 PST 2018] Try new-authz for the 0 time.
> > [Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
> > letsencrypt.org/acme/new-authz'
> > [Wed Feb 14 22:18:11 PST 2018] payload='{"resource": "new-authz",
> > "identifier": {"type": "dns", "value": "home.miscbitbag.org <http://home.miscbitbag.org> "}}'
> > [Wed Feb 14 22:18:11 PST 2018] RSA key
> > [Wed Feb 14 22:18:11 PST 2018] GET
> > [Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.
> > letsencrypt.org/directory'
> > [Wed Feb 14 22:18:11 PST 2018] timeout=
> > [Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header
> /jffs/
> > acme.sh/http.header -g '
> > [Wed Feb 14 22:18:12 PST 2018] ret='0'
> > [Wed Feb 14 22:18:12 PST 2018] POST
> > [Wed Feb 14 22:18:12 PST 2018] _post_url='https://acme-
> > staging.api.letsencrypt.org/acme/new-authz'
> > [Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header
> /jffs/
> > acme.sh/http.header -g '
> > [Wed Feb 14 22:18:13 PST 2018] _ret='0'
> > [Wed Feb 14 22:18:13 PST 2018] code='201'
> > [Wed Feb 14 22:18:13 PST 2018] The new-authz request is ok.
> > [Wed Feb 14 22:18:13 PST 2018] entry
> > [Wed Feb 14 22:18:13 PST 2018] Error, can not get domain token entry
> > home.miscbitbag.org <http://home.miscbitbag.org>
> > [Wed Feb 14 22:18:13 PST 2018] pid
> > [Wed Feb 14 22:18:13 PST 2018] No need to restore nginx, skip.
> > [Wed Feb 14 22:18:13 PST 2018] _clearupdns
> > [Wed Feb 14 22:18:13 PST 2018] skip dns.
> > [Wed Feb 14 22:18:13 PST 2018] _on_issue_err
> > [Wed Feb 14 22:18:13 PST 2018] Please check log file for more details:
> > /jffs/acme.sh/acme.sh.log
> > [Wed Feb 14 22:18:14 PST 2018] Diagnosis versions:
> > openssl:openssl
> > OpenSSL 1.0.2j 26 Sep 2016
> > apache:
> > apache doesn't exists.
> > nginx:
> > nginx doesn't exists.
> > socat:
> > socat by Gerhard Rieger and contributors - see www.dest-unreach.org <http://www.dest-unreach.org>
> > Usage:
> > socat [options]
> > options:
> > -V print version and feature information to stdout, and exit
> > -h|-? print a help text describing command line options and addresses
> > -hh like -h, plus a list of all common address option names
> > -hhh like -hh, plus a list of all available address option names
> > -d increase verbosity (use up to 4 times; 2 are recommended)
> > -D analyze file descriptors before loop
> > -ly[facility] log to syslog, using facility (default is daemon)
> > -lf log to file
> > -ls log to stderr (default if no other log)
> > -lm[facility] mixed log mode (stderr during initialization, then
syslog)
> > -lp set the program name used for logging
> > -lu use microseconds for logging timestamps
> > -lh add hostname to log messages
> > -v verbose data traffic, text
> > -x verbose data traffic, hexadecimal
> > -b<size_t> set data buffer size (8192)
> > -s sloppy (continue on error)
> > -t wait seconds before closing second channel
> > -T total inactivity timeout in seconds
> > -u unidirectional mode (left to right)
> > -U unidirectional mode (right to left)
> > -g do not check option groups
> > -L try to obtain lock, or fail
> > -W try to obtain lock, or wait
> > -4 prefer IPv4 if version is not explicitly specified
> > -6 prefer IPv6 if version is not explicitly specified
> > bi-address:
> > pipe[,] groups=FD,FIFO
> > !!
> >
> > single-address:
> > [,]
> > address-head:
> > abstract-client: groups=FD,SOCKET,RETRY,UNIX
> > abstract-connect: groups=FD,SOCKET,RETRY,UNIX
> > abstract-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,UNIX
> > abstract-recv: groups=FD,SOCKET,RETRY,UNIX
> > abstract-recvfrom: groups=FD,SOCKET,CHILD,RETRY,UNIX
> > abstract-sendto: groups=FD,SOCKET,RETRY,UNIX
> > create: groups=FD,REG,NAMED
> > exec: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
> > fd: groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
UDP,TCP,SCTP
> > gopen: groups=FD,FIFO,CHR,BLK,REG,SOCKET,NAMED,OPEN,TERMIOS,UNIX
> > interface: groups=FD,SOCKET
> > ip-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6
> > ip-recv: groups=FD,SOCKET,RANGE,IP4,IP6
> > ip-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6
> > ip-sendto:: groups=FD,SOCKET,IP4,IP6
> > ip4-datagram:: groups=FD,SOCKET,RANGE,IP4
> > ip4-recv: groups=FD,SOCKET,RANGE,IP4
> > ip4-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4
> > ip4-sendto:: groups=FD,SOCKET,IP4
> > ip6-datagram:: groups=FD,SOCKET,RANGE,IP6
> > ip6-recv: groups=FD,SOCKET,RANGE,IP6
> > ip6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6
> > ip6-sendto:: groups=FD,SOCKET,IP6
> > open: groups=FD,FIFO,CHR,BLK,REG,NAMED,OPEN,TERMIOS
> > openssl:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,OPENSSL
> > openssl-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP,
> > OPENSSL
> > pipe: groups=FD,FIFO,NAMED,OPEN
> > proxy::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,HTTP
> > pty groups=FD,NAMED,TERMIOS,PTY
> > sctp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,SCTP
> > sctp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,SCTP
> > sctp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,SCTP
> > sctp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,SCTP
> > sctp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,SCTP
> > sctp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,SCTP
> > socket-connect::: groups=FD,SOCKET,CHILD,RETRY
> > socket-datagram:::: groups=FD,SOCKET,RANGE
> > socket-listen::: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE
> > socket-recv:::: groups=FD,SOCKET,RANGE
> > socket-recvfrom:::: groups=FD,SOCKET,CHILD,RANGE
> > socket-sendto:::: groups=FD,SOCKET
> > socks4::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
> > socks4a::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
> > stderr groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
> UDP,TCP,SCTP
> > stdin groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
> UDP,TCP,SCTP
> > stdio groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
> UDP,TCP,SCTP
> > stdout groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,
> UDP,TCP,SCTP
> > system: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
> > tcp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP
> > tcp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP
> > tcp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,TCP
> > tcp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,TCP
> > tcp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,TCP
> > tcp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,TCP
> > tun[:/] groups=FD,CHR,NAMED,OPEN,INTERFACE
> > udp-connect:: groups=FD,SOCKET,IP4,IP6,UDP
> > udp-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
> > udp-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,IP6,UDP
> > udp-recv: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
> > udp-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6,UDP
> > udp-sendto:: groups=FD,SOCKET,IP4,IP6,UDP
> > udp4-connect:: groups=FD,SOCKET,IP4,UDP
> > udp4-datagram:: groups=FD,SOCKET,RANGE,IP4,UDP
> > udp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,UDP
> > udp4-recv: groups=FD,SOCKET,RANGE,IP4,UDP
> > udp4-recvfrom:: groups=FD,SOCKET,CHILD,RANGE,IP4,UDP
> > udp4-sendto:: groups=FD,SOCKET,IP4,UDP
> > udp6-connect:: groups=FD,SOCKET,IP6,UDP
> > udp6-datagram:: groups=FD,SOCKET,RANGE,IP6,UDP
> > udp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP6,UDP
> > udp6-recv: groups=FD,SOCKET,RANGE,IP6,UDP
> > udp6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6,UDP
> > udp6-sendto:: groups=FD,SOCKET,IP6,UDP
> > unix-client: groups=FD,SOCKET,NAMED,RETRY,UNIX
> > unix-connect: groups=FD,SOCKET,NAMED,RETRY,UNIX
> > unix-listen: groups=FD,SOCKET,NAMED,LISTEN,CHILD,RETRY,UNIX
> > unix-recv: groups=FD,SOCKET,NAMED,RETRY,UNIX
> > unix-recvfrom: groups=FD,SOCKET,NAMED,CHILD,RETRY,UNIX
> > unix-sendto: groups=FD,SOCKET,NAMED,RETRY,UNIX
> > ***@***.***_B1:/jffs/acme.sh# ***@***.***_B1:/jffs/acme.sh#>
> >
> > acme.sh --issue ..... --debug 2
> >
> > —
> > You are receiving this because you are subscribed to this thread.
> > Reply to this email directly, view it on GitHub
> > <#1266>, or mute the thread
> > <https://github.com/notifications/unsubscribe-auth/ <https://github.com/notifications/unsubscribe-auth/%0b>
> AAKRrmwiDBDhbfhXo8lkf8Bqydl2rK15ks5tU81ugaJpZM4SGY1e>
> > .
> >
>
>
>
> —
> You are receiving this because you authored the thread.
> Reply to this email directly, view it on GitHub <
> #1266 (comment)>
,
> or mute the thread <https://github.com/notifications/unsubscribe- <https://github.com/notifications/unsubscribe-%0b>
> auth/ALUA-7zYtbQC88hd0Gc2SyJ_FHhrG7Azks5tU9HFgaJpZM4SGY1e> .
>
> —
> You are receiving this because you commented.
> Reply to this email directly, view it on GitHub
> <#1266 (comment) <#1266 (comment)>
>,
> or mute the thread
> <https://github.com/notifications/unsubscribe- <https://github.com/notifications/unsubscribe-%0b>
auth/AAKRrsjz_2JSYfxaeLk3B-zYgWTmumV3ks5tU9YzgaJpZM4SGY1e>
> .
>
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub <
#1266 (comment)> ,
or mute the thread <https://github.com/notifications/unsubscribe- <https://github.com/notifications/unsubscribe-%0b>
auth/ALUA-9mkWwPBCGRrBOw3kD9vEZK2jgdiks5tU9u1gaJpZM4SGY1e> .
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#1266 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAKRroi8MEF79sBYfHPvtP99TtKFgu5Aks5tU-GNgaJpZM4SGY1e>
.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub <#1266 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/ALUA-6r8zYPUXQQioTJlquq5PbU4BWCbks5tU-T6gaJpZM4SGY1e> . <https://github.com/notifications/beacon/ALUA--KeQBveMS0zQdT0I3-C1-86JHyeks5tU-T6gaJpZM4SGY1e.gif>
|
this doesnt seem to load ps: please use |
Yes ; so question in stand-alone-mode how is (where is)
“.well-known/acme-challenge/7SzHcIaRIkaLD6rdPjS-5QMp-_uwwfTxQFkUhN7VKuE” created ????
From: Fernando Miguel [mailto:notifications@github.com]
Sent: Thursday, February 15, 2018 2:36 AM
To: Neilpang/acme.sh <acme.sh@noreply.github.com>
Cc: stevebovy <sg.bovy@ca.rr.com>; Author <author@noreply.github.com>
Subject: Re: [Neilpang/acme.sh] Issue with --tls --test on "asuswrt stock firmware" (#1266)
this doesnt seem to load
http://home.miscbitbag.org/.well-known/acme-challenge/7SzHcIaRIkaLD6rdPjS-5QMp-_uwwfTxQFkUhN7VKuE
ps: please use code to make comments more readable
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub <#1266 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/ALUA-6LUtQe0WFi8-I6HS2oLvPE240jCks5tVAh8gaJpZM4SGY1e> . <https://github.com/notifications/beacon/ALUA-xOey_G9Uz_Pkhdwmmym52wN7rAIks5tVAh8gaJpZM4SGY1e.gif>
|
That's because it does not exist !!! When the cert was created it was not saved in the stand-alone In Stand - Alone Mode where is the web-root ????? When the cert is issued it should be saved somewhere (I hope ) ??? In stand alone mode where is it saved ??? |
Note: I do not see anything in my firewall iptables that would block port 80: admin-280@RT-AC66U_B1:/tmp/home/root# iptables -L Chain FORWARD (policy ACCEPT) Chain OUTPUT (policy ACCEPT) Chain ACCESS_RESTRICTION (0 references) Chain FUPNP (0 references) Chain INPUT_ICMP (1 references) Chain PControls (0 references) Chain PTCSRVLAN (1 references) Chain PTCSRVWAN (1 references) Chain SECURITY (0 references) Chain default_block (0 references) Chain logaccept (0 references) Chain logdrop (0 references) |
Your SOCAT server command is not compatible with my ROUTER OS #todo listen address Most ROUTERS us busybox admin-280@RT-AC66U_B1:/tmp/home/root# sleep 0.5 admin-280@RT-AC66U_B1:/tmp/home/root# sleep Usage: sleep [N]... Pause for a time equal to the total of the args given, where each arg can |
@stevebovy how about |
Sure; I just wonder why we need it at all :)
From: neil [mailto:notifications@github.com]
Sent: Friday, February 16, 2018 6:07 PM
To: Neilpang/acme.sh <acme.sh@noreply.github.com>
Cc: stevebovy <sg.bovy@ca.rr.com>; Mention <mention@noreply.github.com>
Subject: Re: [Neilpang/acme.sh] Issue with --tls --test on "asuswrt stock firmware" (#1266)
@stevebovy <https://github.com/stevebovy> how about sleep 1 ?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub <#1266 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/ALUA-1YB_6SaxQbCZosjjp2SWFEwPVI2ks5tVjQ4gaJpZM4SGY1e> . <https://github.com/notifications/beacon/ALUA-031VtZ2D8C8oT4drKm144DaTrvtks5tVjQ4gaJpZM4SGY1e.gif>
|
sleep 1, fixed. |
Thanks !!!!!!
From: neil [mailto:notifications@github.com]
Sent: Tuesday, February 20, 2018 5:46 PM
To: Neilpang/acme.sh <acme.sh@noreply.github.com>
Cc: stevebovy <sg.bovy@ca.rr.com>; Mention <mention@noreply.github.com>
Subject: Re: [Neilpang/acme.sh] Issue with --tls --test on "asuswrt stock firmware" (#1266)
sleep 1, fixed.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub <#1266 (comment)> , or mute the thread <https://github.com/notifications/unsubscribe-auth/ALUA-yy25SFVtYq0WUEGCGv_A5gWvNl-ks5tW3VogaJpZM4SGY1e> . <https://github.com/notifications/beacon/ALUA-xLd4fbJpFvHnQihb4fBz0WosdGeks5tW3VogaJpZM4SGY1e.gif>
|
Steps to reproduce
./acme.sh --issue -d home.miscbitbag.org --test --tls --pre-hook "service stop_webdav" --home /jffs/acme.sh --debug --log
--log
Debug log
admin-280@RT-AC66U_B1:/jffs/acme.sh# ./acme.sh --issue -d home.miscbitbag.org --test --tls --pre-hook "service stop_webdav" --home
/jffs/acme.sh --debug --log
[Wed Feb 14 22:18:07 PST 2018] Lets find script dir.
[Wed Feb 14 22:18:07 PST 2018] SCRIPT='./acme.sh'
[Wed Feb 14 22:18:07 PST 2018] _script='/jffs/acme.sh/acme.sh'
[Wed Feb 14 22:18:07 PST 2018] _script_home='/jffs/acme.sh'
[Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
https://github.com/Neilpang/acme.sh
v2.7.7
[Wed Feb 14 22:18:07 PST 2018] Using config home:/jffs/acme.sh
[Wed Feb 14 22:18:07 PST 2018] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Wed Feb 14 22:18:07 PST 2018] DOMAIN_PATH='/jffs/acme.sh/home.miscbitbag.org'
[Wed Feb 14 22:18:08 PST 2018] Using ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Wed Feb 14 22:18:08 PST 2018] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Wed Feb 14 22:18:08 PST 2018] GET
[Wed Feb 14 22:18:08 PST 2018] url='https://acme-staging.api.letsencrypt.org/directory'
[Wed Feb 14 22:18:08 PST 2018] timeout=
[Wed Feb 14 22:18:08 PST 2018] _CURL='curl -L --silent --dump-header /jffs/acme.sh/http.header -g '
[Wed Feb 14 22:18:08 PST 2018] ret='0'
[Wed Feb 14 22:18:08 PST 2018] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Wed Feb 14 22:18:08 PST 2018] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Wed Feb 14 22:18:08 PST 2018] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Wed Feb 14 22:18:08 PST 2018] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Wed Feb 14 22:18:08 PST 2018] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Wed Feb 14 22:18:08 PST 2018] ACME_NEW_NONCE
[Wed Feb 14 22:18:08 PST 2018] ACME_VERSION
[Wed Feb 14 22:18:08 PST 2018] Le_NextRenewTime
[Wed Feb 14 22:18:09 PST 2018] _on_before_issue
[Wed Feb 14 22:18:09 PST 2018] Run pre hook:'service stop_webdav'
Done.
[Wed Feb 14 22:18:09 PST 2018] Le_LocalAddress
[Wed Feb 14 22:18:09 PST 2018] Check for domain='home.miscbitbag.org'
[Wed Feb 14 22:18:09 PST 2018] _currentRoot='tls'
[Wed Feb 14 22:18:10 PST 2018] Standalone tls mode.
[Wed Feb 14 22:18:10 PST 2018] _checkport='443'
[Wed Feb 14 22:18:10 PST 2018] _checkaddr
[Wed Feb 14 22:18:10 PST 2018] Using: netstat
[Wed Feb 14 22:18:10 PST 2018] _saved_account_key_hash is not changed, skip register account.
[Wed Feb 14 22:18:11 PST 2018] Read key length:
[Wed Feb 14 22:18:11 PST 2018] _createcsr
[Wed Feb 14 22:18:11 PST 2018] Single domain='home.miscbitbag.org'
[Wed Feb 14 22:18:11 PST 2018] Getting domain auth token for each domain
[Wed Feb 14 22:18:11 PST 2018] Getting webroot for domain='home.miscbitbag.org'
[Wed Feb 14 22:18:11 PST 2018] _w='tls'
[Wed Feb 14 22:18:11 PST 2018] _currentRoot='tls'
[Wed Feb 14 22:18:11 PST 2018] Getting new-authz for domain='home.miscbitbag.org'
[Wed Feb 14 22:18:11 PST 2018] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Wed Feb 14 22:18:11 PST 2018] Try new-authz for the 0 time.
[Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Wed Feb 14 22:18:11 PST 2018] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "home.miscbitbag.org"}}'
[Wed Feb 14 22:18:11 PST 2018] RSA key
[Wed Feb 14 22:18:11 PST 2018] GET
[Wed Feb 14 22:18:11 PST 2018] url='https://acme-staging.api.letsencrypt.org/directory'
[Wed Feb 14 22:18:11 PST 2018] timeout=
[Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header /jffs/acme.sh/http.header -g '
[Wed Feb 14 22:18:12 PST 2018] ret='0'
[Wed Feb 14 22:18:12 PST 2018] POST
[Wed Feb 14 22:18:12 PST 2018] _post_url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Wed Feb 14 22:18:12 PST 2018] _CURL='curl -L --silent --dump-header /jffs/acme.sh/http.header -g '
[Wed Feb 14 22:18:13 PST 2018] _ret='0'
[Wed Feb 14 22:18:13 PST 2018] code='201'
[Wed Feb 14 22:18:13 PST 2018] The new-authz request is ok.
[Wed Feb 14 22:18:13 PST 2018] entry
[Wed Feb 14 22:18:13 PST 2018] Error, can not get domain token entry home.miscbitbag.org
[Wed Feb 14 22:18:13 PST 2018] pid
[Wed Feb 14 22:18:13 PST 2018] No need to restore nginx, skip.
[Wed Feb 14 22:18:13 PST 2018] _clearupdns
[Wed Feb 14 22:18:13 PST 2018] skip dns.
[Wed Feb 14 22:18:13 PST 2018] _on_issue_err
[Wed Feb 14 22:18:13 PST 2018] Please check log file for more details: /jffs/acme.sh/acme.sh.log
[Wed Feb 14 22:18:14 PST 2018] Diagnosis versions:
openssl:openssl
OpenSSL 1.0.2j 26 Sep 2016
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
socat:
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
Usage:
socat [options]
options:
-V print version and feature information to stdout, and exit
-h|-? print a help text describing command line options and addresses
-hh like -h, plus a list of all common address option names
-hhh like -hh, plus a list of all available address option names
-d increase verbosity (use up to 4 times; 2 are recommended)
-D analyze file descriptors before loop
-ly[facility] log to syslog, using facility (default is daemon)
-lf log to file
-ls log to stderr (default if no other log)
-lm[facility] mixed log mode (stderr during initialization, then syslog)
-lp set the program name used for logging
-lu use microseconds for logging timestamps
-lh add hostname to log messages
-v verbose data traffic, text
-x verbose data traffic, hexadecimal
-b<size_t> set data buffer size (8192)
-s sloppy (continue on error)
-t wait seconds before closing second channel
-T total inactivity timeout in seconds
-u unidirectional mode (left to right)
-U unidirectional mode (right to left)
-g do not check option groups
-L try to obtain lock, or fail
-W try to obtain lock, or wait
-4 prefer IPv4 if version is not explicitly specified
-6 prefer IPv6 if version is not explicitly specified
bi-address:
pipe[,] groups=FD,FIFO
!!
single-address:
[,]
address-head:
abstract-client: groups=FD,SOCKET,RETRY,UNIX
abstract-connect: groups=FD,SOCKET,RETRY,UNIX
abstract-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,UNIX
abstract-recv: groups=FD,SOCKET,RETRY,UNIX
abstract-recvfrom: groups=FD,SOCKET,CHILD,RETRY,UNIX
abstract-sendto: groups=FD,SOCKET,RETRY,UNIX
create: groups=FD,REG,NAMED
exec: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
fd: groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
gopen: groups=FD,FIFO,CHR,BLK,REG,SOCKET,NAMED,OPEN,TERMIOS,UNIX
interface: groups=FD,SOCKET
ip-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6
ip-recv: groups=FD,SOCKET,RANGE,IP4,IP6
ip-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6
ip-sendto:: groups=FD,SOCKET,IP4,IP6
ip4-datagram:: groups=FD,SOCKET,RANGE,IP4
ip4-recv: groups=FD,SOCKET,RANGE,IP4
ip4-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4
ip4-sendto:: groups=FD,SOCKET,IP4
ip6-datagram:: groups=FD,SOCKET,RANGE,IP6
ip6-recv: groups=FD,SOCKET,RANGE,IP6
ip6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6
ip6-sendto:: groups=FD,SOCKET,IP6
open: groups=FD,FIFO,CHR,BLK,REG,NAMED,OPEN,TERMIOS
openssl:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,OPENSSL
openssl-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP,OPENSSL
pipe: groups=FD,FIFO,NAMED,OPEN
proxy::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,HTTP
pty groups=FD,NAMED,TERMIOS,PTY
sctp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,SCTP
sctp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,SCTP
sctp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,SCTP
sctp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,SCTP
sctp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,SCTP
sctp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,SCTP
socket-connect::: groups=FD,SOCKET,CHILD,RETRY
socket-datagram:::: groups=FD,SOCKET,RANGE
socket-listen::: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE
socket-recv:::: groups=FD,SOCKET,RANGE
socket-recvfrom:::: groups=FD,SOCKET,CHILD,RANGE
socket-sendto:::: groups=FD,SOCKET
socks4::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
socks4a::: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
stderr groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdin groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdio groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
stdout groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
system: groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
tcp-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP
tcp-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP
tcp4-connect:: groups=FD,SOCKET,CHILD,RETRY,IP4,TCP
tcp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,TCP
tcp6-connect:: groups=FD,SOCKET,CHILD,RETRY,IP6,TCP
tcp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,TCP
tun[:/] groups=FD,CHR,NAMED,OPEN,INTERFACE
udp-connect:: groups=FD,SOCKET,IP4,IP6,UDP
udp-datagram:: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
udp-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,IP6,UDP
udp-recv: groups=FD,SOCKET,RANGE,IP4,IP6,UDP
udp-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP4,IP6,UDP
udp-sendto:: groups=FD,SOCKET,IP4,IP6,UDP
udp4-connect:: groups=FD,SOCKET,IP4,UDP
udp4-datagram:: groups=FD,SOCKET,RANGE,IP4,UDP
udp4-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,UDP
udp4-recv: groups=FD,SOCKET,RANGE,IP4,UDP
udp4-recvfrom:: groups=FD,SOCKET,CHILD,RANGE,IP4,UDP
udp4-sendto:: groups=FD,SOCKET,IP4,UDP
udp6-connect:: groups=FD,SOCKET,IP6,UDP
udp6-datagram:: groups=FD,SOCKET,RANGE,IP6,UDP
udp6-listen: groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP6,UDP
udp6-recv: groups=FD,SOCKET,RANGE,IP6,UDP
udp6-recvfrom: groups=FD,SOCKET,CHILD,RANGE,IP6,UDP
udp6-sendto:: groups=FD,SOCKET,IP6,UDP
unix-client: groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-connect: groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-listen: groups=FD,SOCKET,NAMED,LISTEN,CHILD,RETRY,UNIX
unix-recv: groups=FD,SOCKET,NAMED,RETRY,UNIX
unix-recvfrom: groups=FD,SOCKET,NAMED,CHILD,RETRY,UNIX
unix-sendto: groups=FD,SOCKET,NAMED,RETRY,UNIX
admin-280@RT-AC66U_B1:/jffs/acme.sh#
The text was updated successfully, but these errors were encountered: