New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
--preferred-chain doesn't work as expected #3252
Comments
It woks as expected here:
Can you please upgrade to the latest version first?
And give the log with |
I already updated acme.sh before using --preferred-chain.
And here is debug 2 output |
I would also like to join in this bug report to avoid duplicate issue's Just updated my acme.sh and added Commands used: Edit2: |
@raven-kg Yes, I confirmed this is a bug from your log. Can you please let me know your os version and openssl version ? Thanks. |
I am experiencing the same behaviour using acme.sh via letsencrypt-nginx-proxy-companion which we are tracking in this issue.
|
@Neilpang it's CentOS 7, openssl 1.0.2k. |
I can not reproduce it here:
|
@raven-kg Thanks. |
fixed.
|
@Neilpang now it works. Thanks for fixing it! |
It relates to acmesh-official#3252 My env: openssl version => `OpenSSL 1.1.0l 10 Sep 2019` openssl help crl2pkcs7 => `Usage: help` openssl crl2pkcs7 help => `crl2pkcs7: Use -help for summary.`
I tried to use --preferred-chain option to obtain ISRG signed certificates
acme.sh --issue -d raven5._.su --preferred-chain "ISRG Root X1" -w /usr/share/nginx/html/
And I always got the certificate signed with IdenTrust CA:
Of course, I got files signed with ISRG CA but they are saved with '.alt' suffix and doesn't work in my configuration:
the config file contains following:
Is there a way to store files issued with ISRG CA without adding '.alt' to filenames?
The text was updated successfully, but these errors were encountered: