DNS解析失败

[qilishenhua]

工具：阿里云香港服务器、Lets Encrypt证书，手动DNS验证。这次90天过期后总是在DNS验证步骤卡住，求指导
[root@izj6c6ajmixcunm81kq13jz ~]# acme.sh --renew --dns -d hongbaimiao.vip --yes-I-know-dns-manual-mode-enough-go-ahead-please --debug 2
[Fri Oct 22 15:16:31 CST 2021] Lets find script dir.
[Fri Oct 22 15:16:31 CST 2021] SCRIPT='/root/.acme.sh/acme.sh'
[Fri Oct 22 15:16:31 CST 2021] _script='/root/.acme.sh/acme.sh'
[Fri Oct 22 15:16:31 CST 2021] _script_home='/root/.acme.sh'
[Fri Oct 22 15:16:31 CST 2021] Using config home:/root/.acme.sh
[Fri Oct 22 15:16:31 CST 2021] LE_WORKING_DIR='/root/.acme.sh'
https://github.com/acmesh-official/acme.sh
v3.0.1
[Fri Oct 22 15:16:31 CST 2021] Running cmd: renew
[Fri Oct 22 15:16:31 CST 2021] Using config home:/root/.acme.sh
[Fri Oct 22 15:16:31 CST 2021] default_acme_server
[Fri Oct 22 15:16:31 CST 2021] ACME_DIRECTORY='https://acme.zerossl.com/v2/DV90'
[Fri Oct 22 15:16:31 CST 2021] _ACME_SERVER_HOST='acme.zerossl.com'
[Fri Oct 22 15:16:31 CST 2021] _ACME_SERVER_PATH='v2/DV90'
[Fri Oct 22 15:16:31 CST 2021] DOMAIN_PATH='/root/.acme.sh/hongbaimiao.vip'
[Fri Oct 22 15:16:31 CST 2021] Renew: 'hongbaimiao.vip'
[Fri Oct 22 15:16:31 CST 2021] Le_API='https://acme.zerossl.com/v2/DV90'
[Fri Oct 22 15:16:31 CST 2021] Using config home:/root/.acme.sh
[Fri Oct 22 15:16:31 CST 2021] ACME_DIRECTORY='https://acme.zerossl.com/v2/DV90'
[Fri Oct 22 15:16:31 CST 2021] _ACME_SERVER_HOST='acme.zerossl.com'
[Fri Oct 22 15:16:31 CST 2021] _ACME_SERVER_PATH='v2/DV90'
[Fri Oct 22 15:16:31 CST 2021] _main_domain='hongbaimiao.vip'
[Fri Oct 22 15:16:31 CST 2021] _alt_domains='no'
[Fri Oct 22 15:16:31 CST 2021] 'dns' contains 'dns'
[Fri Oct 22 15:16:31 CST 2021] 'dns' contains 'dns'
[Fri Oct 22 15:16:31 CST 2021] Le_NextRenewTime='1628477547'
[Fri Oct 22 15:16:31 CST 2021] Using ACME_DIRECTORY: https://acme.zerossl.com/v2/DV90
[Fri Oct 22 15:16:31 CST 2021] _init api for server: https://acme.zerossl.com/v2/DV90
[Fri Oct 22 15:16:31 CST 2021] Retrying GET
[Fri Oct 22 15:16:31 CST 2021] GET
[Fri Oct 22 15:16:31 CST 2021] url='https://acme.zerossl.com/v2/DV90'
[Fri Oct 22 15:16:31 CST 2021] timeout=
[Fri Oct 22 15:16:31 CST 2021] displayError='1'
[Fri Oct 22 15:16:31 CST 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.shDZmBEPgm -g '
[Fri Oct 22 15:16:32 CST 2021] ret='0'
[Fri Oct 22 15:16:32 CST 2021] _hcode='0'
[Fri Oct 22 15:16:32 CST 2021] response='{
"newNonce": "https://acme.zerossl.com/v2/DV90/newNonce",
"newAccount": "https://acme.zerossl.com/v2/DV90/newAccount",
"newOrder": "https://acme.zerossl.com/v2/DV90/newOrder",
"revokeCert": "https://acme.zerossl.com/v2/DV90/revokeCert",
"keyChange": "https://acme.zerossl.com/v2/DV90/keyChange",
"meta": {
"termsOfService": "https://secure.trust-provider.com/repository/docs/Legacy/20201020_Certificate_Subscriber_Agreement_v_2_4_click.pdf",
"website": "https://zerossl.com",
"caaIdentities": ["sectigo.com", "trust-provider.com", "usertrust.com", "comodoca.com", "comodo.com"],
"externalAccountRequired": true
}
}'
[Fri Oct 22 15:16:32 CST 2021] ACME_KEY_CHANGE='https://acme.zerossl.com/v2/DV90/keyChange'
[Fri Oct 22 15:16:32 CST 2021] ACME_NEW_AUTHZ
[Fri Oct 22 15:16:32 CST 2021] ACME_NEW_ORDER='https://acme.zerossl.com/v2/DV90/newOrder'
[Fri Oct 22 15:16:32 CST 2021] ACME_NEW_ACCOUNT='https://acme.zerossl.com/v2/DV90/newAccount'
[Fri Oct 22 15:16:32 CST 2021] ACME_REVOKE_CERT='https://acme.zerossl.com/v2/DV90/revokeCert'
[Fri Oct 22 15:16:32 CST 2021] ACME_AGREEMENT='https://secure.trust-provider.com/repository/docs/Legacy/20201020_Certificate_Subscriber_Agreement_v_2_4_click.pdf'
[Fri Oct 22 15:16:32 CST 2021] ACME_NEW_NONCE='https://acme.zerossl.com/v2/DV90/newNonce'
[Fri Oct 22 15:16:32 CST 2021] Using CA: https://acme.zerossl.com/v2/DV90
[Fri Oct 22 15:16:32 CST 2021] _on_before_issue
[Fri Oct 22 15:16:32 CST 2021] _chk_main_domain='hongbaimiao.vip'
[Fri Oct 22 15:16:32 CST 2021] _chk_alt_domains
[Fri Oct 22 15:16:32 CST 2021] 'dns' does not contain 'no'
[Fri Oct 22 15:16:32 CST 2021] Le_LocalAddress
[Fri Oct 22 15:16:32 CST 2021] d='hongbaimiao.vip'
[Fri Oct 22 15:16:32 CST 2021] Check for domain='hongbaimiao.vip'
[Fri Oct 22 15:16:32 CST 2021] _currentRoot='dns'
[Fri Oct 22 15:16:32 CST 2021] d
[Fri Oct 22 15:16:32 CST 2021] 'dns' does not contain 'apache'
[Fri Oct 22 15:16:32 CST 2021] _saved_account_key_hash='42zGg2LcoujYxqSaV0ZWq//XqrVPU51ydRwX3pr8h+o='
[Fri Oct 22 15:16:32 CST 2021] _saved_account_key_hash is not changed, skip register account.
[Fri Oct 22 15:16:32 CST 2021] Read key length:
[Fri Oct 22 15:16:32 CST 2021] _createcsr
[Fri Oct 22 15:16:32 CST 2021] domain='hongbaimiao.vip'
[Fri Oct 22 15:16:32 CST 2021] domainlist
[Fri Oct 22 15:16:32 CST 2021] csrkey='/root/.acme.sh/hongbaimiao.vip/hongbaimiao.vip.key'
[Fri Oct 22 15:16:32 CST 2021] csr='/root/.acme.sh/hongbaimiao.vip/hongbaimiao.vip.csr'
[Fri Oct 22 15:16:32 CST 2021] csrconf='/root/.acme.sh/hongbaimiao.vip/hongbaimiao.vip.csr.conf'
[Fri Oct 22 15:16:32 CST 2021] Single domain='hongbaimiao.vip'
[Fri Oct 22 15:16:32 CST 2021] _is_idn_d='hongbaimiao.vip'
[Fri Oct 22 15:16:32 CST 2021] _idn_temp
[Fri Oct 22 15:16:32 CST 2021] _is_idn_d='hongbaimiao.vip'
[Fri Oct 22 15:16:32 CST 2021] _idn_temp
[Fri Oct 22 15:16:32 CST 2021] _csr_cn='hongbaimiao.vip'
[Fri Oct 22 15:16:32 CST 2021] Getting domain auth token for each domain
[Fri Oct 22 15:16:32 CST 2021] ok, let's start to verify
[Fri Oct 22 15:16:32 CST 2021] Verifying: hongbaimiao.vip
[Fri Oct 22 15:16:32 CST 2021] d='hongbaimiao.vip'
[Fri Oct 22 15:16:32 CST 2021] keyauthorization='izquGu_5PwoLG9yLgF7Y2auuz-eA4xZIJEUitezXE2M.29Wu-nDUQmYDPh70VKU6pa5EbGKoWGMQ4wZoK_GiwPo'
[Fri Oct 22 15:16:32 CST 2021] uri='https://acme.zerossl.com/v2/DV90/chall/_QSkajxWrc2S9dygeFWncA'
[Fri Oct 22 15:16:32 CST 2021] _currentRoot='dns'
[Fri Oct 22 15:16:32 CST 2021] Trigger domain validation.
[Fri Oct 22 15:16:32 CST 2021] _t_url='https://acme.zerossl.com/v2/DV90/chall/_QSkajxWrc2S9dygeFWncA'
[Fri Oct 22 15:16:32 CST 2021] _t_key_authz='izquGu_5PwoLG9yLgF7Y2auuz-eA4xZIJEUitezXE2M.29Wu-nDUQmYDPh70VKU6pa5EbGKoWGMQ4wZoK_GiwPo'
[Fri Oct 22 15:16:32 CST 2021] _t_vtype='dns-01'
[Fri Oct 22 15:16:32 CST 2021] url='https://acme.zerossl.com/v2/DV90/chall/_QSkajxWrc2S9dygeFWncA'
[Fri Oct 22 15:16:32 CST 2021] payload='{}'
[Fri Oct 22 15:16:32 CST 2021] RSA key
[Fri Oct 22 15:16:32 CST 2021] Get nonce with HEAD. ACME_NEW_NONCE='https://acme.zerossl.com/v2/DV90/newNonce'
[Fri Oct 22 15:16:32 CST 2021] Retrying post
[Fri Oct 22 15:16:32 CST 2021] HEAD
[Fri Oct 22 15:16:32 CST 2021] _post_url='https://acme.zerossl.com/v2/DV90/newNonce'
[Fri Oct 22 15:16:32 CST 2021] body
[Fri Oct 22 15:16:32 CST 2021] _postContentType='application/jose+json'
[Fri Oct 22 15:16:32 CST 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.V10XZJ8Swp -g -I '
[Fri Oct 22 15:16:35 CST 2021] _ret='0'
[Fri Oct 22 15:16:35 CST 2021] _hcode='0'
[Fri Oct 22 15:16:35 CST 2021] _headers='HTTP/1.1 200 OK
Server: nginx
Date: Fri, 22 Oct 2021 07:16:35 GMT
Content-Type: application/octet-stream
Connection: keep-alive
Replay-Nonce: -YCTAwRZ4lHyBUlam_7Dh-NmoD6LuMXcfMemxKi373c
Cache-Control: max-age=-1
Access-Control-Allow-Origin: *
Link: https://acme.zerossl.com/v2/DV90;rel="index"
Strict-Transport-Security: max-age=15552000
'
[Fri Oct 22 15:16:35 CST 2021] _CACHED_NONCE='-YCTAwRZ4lHyBUlam_7Dh-NmoD6LuMXcfMemxKi373c'
[Fri Oct 22 15:16:35 CST 2021] nonce='-YCTAwRZ4lHyBUlam_7Dh-NmoD6LuMXcfMemxKi373c'
[Fri Oct 22 15:16:35 CST 2021] Retrying post
[Fri Oct 22 15:16:35 CST 2021] POST
[Fri Oct 22 15:16:35 CST 2021] _post_url='https://acme.zerossl.com/v2/DV90/chall/_QSkajxWrc2S9dygeFWncA'
[Fri Oct 22 15:16:35 CST 2021] body='{"protected": "eyJub25jZSI6ICItWUNUQXdSWjRsSHlCVWxhbV83RGgtTm1vRDZMdU1YY2ZNZW14S2kzNzNjIiwgInVybCI6ICJodHRwczovL2FjbWUuemVyb3NzbC5jb20vdjIvRFY5MC9jaGFsbC9fUVNrYWp4V3JjMlM5ZHlnZUZXbmNBIiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLnplcm9zc2wuY29tL3YyL0RWOTAvYWNjb3VudC9LR0ZkWXlDeno1amhwX2hxbmpLOXJ3In0", "payload": "e30", "signature": "tLaVns3KnVxhfFuou8hNhksYlW4Zxu4QQ1Up84kYM0bfjYTSaOC1uxate8naqbuI9U-tnuK7JlRu9OzP1vHNn_dtzT-HFDOJrJE7GNAEyBpqYn6lwcZa0vga8LVe_VJfd_9n2NTEZOFKdKXbZNhlpA50CaBSO86Mmu_Ad0LWrkFWXsJv5TUYTRN5AD_pNV30cInkKfWS5gi8zcSw6hnM-9N1JY396qev-KS53m-dB38l8OxkECg27FNGfwiEB8NKOPMUpy6oHGm3pdkFSPcZdL1FIhNWX_O77FeLvxiKl-1SMhuW5R3_iMpLU1ma5F0HdTqknfdsZ_YZ2GaTszUrYQ"}'
[Fri Oct 22 15:16:35 CST 2021] _postContentType='application/jose+json'
[Fri Oct 22 15:16:35 CST 2021] Http already initialized.
[Fri Oct 22 15:16:35 CST 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.V10XZJ8Swp -g '
[Fri Oct 22 15:16:37 CST 2021] _ret='0'
[Fri Oct 22 15:16:37 CST 2021] _hcode='0'
[Fri Oct 22 15:16:37 CST 2021] responseHeaders='HTTP/1.1 200 OK
Server: nginx
Date: Fri, 22 Oct 2021 07:16:37 GMT
Content-Type: application/json
Content-Length: 163
Connection: keep-alive
Replay-Nonce: ZAlMH0hxEubTZv1qWGHGTUaWbx0SmfK5rp96THM_W-U
Cache-Control: max-age=-1
Access-Control-Allow-Origin: *
Link: https://acme.zerossl.com/v2/DV90;rel="index"
Link: https://acme.zerossl.com/v2/DV90/authz/tt-OpYEWqB0CXNdQsjj88Q;rel="up"
Retry-After: 10
Strict-Transport-Security: max-age=15552000
'
[Fri Oct 22 15:16:37 CST 2021] code='200'
[Fri Oct 22 15:16:37 CST 2021] original='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/_QSkajxWrc2S9dygeFWncA","status":"processing","token":"izquGu_5PwoLG9yLgF7Y2auuz-eA4xZIJEUitezXE2M"}'
[Fri Oct 22 15:16:37 CST 2021] response='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/_QSkajxWrc2S9dygeFWncA","status":"processing","token":"izquGu_5PwoLG9yLgF7Y2auuz-eA4xZIJEUitezXE2M"}'
[Fri Oct 22 15:16:37 CST 2021] trigger validation code: 200
[Fri Oct 22 15:16:37 CST 2021] original='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/_QSkajxWrc2S9dygeFWncA","status":"processing","token":"izquGu_5PwoLG9yLgF7Y2auuz-eA4xZIJEUitezXE2M"}'
[Fri Oct 22 15:16:37 CST 2021] response='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/_QSkajxWrc2S9dygeFWncA","status":"processing","token":"izquGu_5PwoLG9yLgF7Y2auuz-eA4xZIJEUitezXE2M"}'
[Fri Oct 22 15:16:37 CST 2021] status='processing'
[Fri Oct 22 15:16:37 CST 2021] Processing, The CA is processing your order, please just wait. (1/30)
[Fri Oct 22 15:16:37 CST 2021] sleep 2 secs to verify again
[Fri Oct 22 15:16:39 CST 2021] checking
[Fri Oct 22 15:16:39 CST 2021] url='https://acme.zerossl.com/v2/DV90/chall/_QSkajxWrc2S9dygeFWncA'
[Fri Oct 22 15:16:39 CST 2021] payload
[Fri Oct 22 15:16:39 CST 2021] Use cached jwk for file: /root/.acme.sh/ca/acme.zerossl.com/v2/DV90/account.key
[Fri Oct 22 15:16:39 CST 2021] Use _CACHED_NONCE='ZAlMH0hxEubTZv1qWGHGTUaWbx0SmfK5rp96THM_W-U'
[Fri Oct 22 15:16:39 CST 2021] nonce='ZAlMH0hxEubTZv1qWGHGTUaWbx0SmfK5rp96THM_W-U'
[Fri Oct 22 15:16:39 CST 2021] Retrying post
[Fri Oct 22 15:16:39 CST 2021] POST
[Fri Oct 22 15:16:39 CST 2021] _post_url='https://acme.zerossl.com/v2/DV90/chall/_QSkajxWrc2S9dygeFWncA'
[Fri Oct 22 15:16:39 CST 2021] body='{"protected": "eyJub25jZSI6ICJaQWxNSDBoeEV1YlRadjFxV0dIR1RVYVdieDBTbWZLNXJwOTZUSE1fVy1VIiwgInVybCI6ICJodHRwczovL2FjbWUuemVyb3NzbC5jb20vdjIvRFY5MC9jaGFsbC9fUVNrYWp4V3JjMlM5ZHlnZUZXbmNBIiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLnplcm9zc2wuY29tL3YyL0RWOTAvYWNjb3VudC9LR0ZkWXlDeno1amhwX2hxbmpLOXJ3In0", "payload": "", "signature": "3k3jmYbL54TbLG7Zwp2h3L4H3LVAAcPapQNX32-tScncxHAUPmub-BqPy5vG1mk2l8rdCn5aDDZUB1U4sDPnwFTJ3Du-NWgGUbust7IOew-6G-fTPIilKoRputNJ2NXvkMFAw7M3l4-6gTTZzTp1sG4IxFftbv4x_0lcUycVel2ybXTrMQ1L4cxXzV0n5GAfrb4yvb8SFyM945ONnHca8MVN7ouFjPL0UnjE6nqrsh0Nu1mwVBfMvhbEHeeGu2ozxmEmfLbpHORj3Y3w0YWcOsRREFj9AeZRPCtDLRVvWAhk5UFEwX8X05OKXQ_W2cPRjHRavEEUyuaj1e3SPROsWQ"}'
[Fri Oct 22 15:16:39 CST 2021] _postContentType='application/jose+json'
[Fri Oct 22 15:16:39 CST 2021] Http already initialized.
[Fri Oct 22 15:16:39 CST 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.V10XZJ8Swp -g '
[Fri Oct 22 15:16:41 CST 2021] _ret='0'
[Fri Oct 22 15:16:41 CST 2021] _hcode='0'
[Fri Oct 22 15:16:41 CST 2021] responseHeaders='HTTP/1.1 200 OK
Server: nginx
Date: Fri, 22 Oct 2021 07:16:40 GMT
Content-Type: application/json
Content-Length: 193
Connection: keep-alive
Replay-Nonce: vYuZ4unltdh4xMTHipV9BLe1A5YCNArYna8j2rLL-lQ
Cache-Control: max-age=-1
Access-Control-Allow-Origin: *
Link: https://acme.zerossl.com/v2/DV90;rel="index"
Link: https://acme.zerossl.com/v2/DV90/authz/tt-OpYEWqB0CXNdQsjj88Q;rel="up"
Retry-After: 10
Strict-Transport-Security: max-age=15552000
'
[Fri Oct 22 15:16:41 CST 2021] code='200'
[Fri Oct 22 15:16:41 CST 2021] original='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/_QSkajxWrc2S9dygeFWncA","status":"valid","validated":"2021-10-22T07:16:38Z","token":"izquGu_5PwoLG9yLgF7Y2auuz-eA4xZIJEUitezXE2M"}'
[Fri Oct 22 15:16:41 CST 2021] response='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/_QSkajxWrc2S9dygeFWncA","status":"valid","validated":"2021-10-22T07:16:38Z","token":"izquGu_5PwoLG9yLgF7Y2auuz-eA4xZIJEUitezXE2M"}'
[Fri Oct 22 15:16:41 CST 2021] original='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/_QSkajxWrc2S9dygeFWncA","status":"valid","validated":"2021-10-22T07:16:38Z","token":"izquGu_5PwoLG9yLgF7Y2auuz-eA4xZIJEUitezXE2M"}'
[Fri Oct 22 15:16:41 CST 2021] response='{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/_QSkajxWrc2S9dygeFWncA","status":"valid","validated":"2021-10-22T07:16:38Z","token":"izquGu_5PwoLG9yLgF7Y2auuz-eA4xZIJEUitezXE2M"}'
[Fri Oct 22 15:16:41 CST 2021] status='valid'
[Fri Oct 22 15:16:41 CST 2021] Success
[Fri Oct 22 15:16:41 CST 2021] pid
[Fri Oct 22 15:16:41 CST 2021] Skip for removelevel:
[Fri Oct 22 15:16:41 CST 2021] pid
[Fri Oct 22 15:16:41 CST 2021] No need to restore nginx, skip.
[Fri Oct 22 15:16:41 CST 2021] clearupdns
[Fri Oct 22 15:16:41 CST 2021] dns_entries
[Fri Oct 22 15:16:41 CST 2021] skip dns.
[Fri Oct 22 15:16:41 CST 2021] Verify finished, start to sign.
[Fri Oct 22 15:16:41 CST 2021] i='2'
[Fri Oct 22 15:16:41 CST 2021] j='15'
[Fri Oct 22 15:16:41 CST 2021] Lets finalize the order.
[Fri Oct 22 15:16:41 CST 2021] Le_OrderFinalize='https://acme.zerossl.com/v2/DV90/order/jo-baTG5niB4owXC5B_Tyg/finalize'
[Fri Oct 22 15:16:41 CST 2021] url='https://acme.zerossl.com/v2/DV90/order/jo-baTG5niB4owXC5B_Tyg/finalize'
[Fri Oct 22 15:16:41 CST 2021] payload='{"csr": "MIICjDCCAXQCAQAwGjEYMBYGA1UEAxMPaG9uZ2JhaW1pYW8udmlwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGc2X5qROfKMniF_8_4tv4lmktW6--FRodUxOq-zpFsS6UrIH5Jufy1vYNnvC5Js8FZ7MIzRlJD5_oGyk-ymOeGosE5kgnTotNqv7d0Ckq6iLhFszlnMYwYYEIEPSuatobzT38uRcKvm8Z_AMfia325S5Lk1ZkIbp_gno-y2j3IfVGXM0-pex8U_wv0NZePHRkGMneXC_muTrQeDwJAWtjB6wDV_O3BlDytXVgFWjvOWAMBeojVfyOOxtrZd8b5cNWQ_foJ14tnh95akhLlvc3WevRhEhXcGA3g-VwnChquu_u5tBT_98Ct5VNQ9ZfHuY8RSgYYkZk7_Q9QfyScFQIDAQABoC0wKwYJKoZIhvcNAQkOMR4wHDAaBgNVHREEEzARgg9ob25nYmFpbWlhby52aXAwDQYJKoZIhvcNAQELBQADggEBAFz8XY8NRQgndTLvtAAaLJmo4GivKx0Clj1I4CCxDQbLYfvvkvuOsVi352HHyzN_bjnUo984UBr_1mVmrFJjdIv3fIor4Y3pFhszZ0RjzptLXfmkDXt5uG6f5NK8B4bzePU5Yi09hwInVpoaHFlzxvwvmHST_PioqepxUUG03GoYyOHZ4x107G0XGjZXvQMbnLQONILAynsR66hqXdUdOgAIEZW7pIsk7FyYUfVFLDbPSN5kvMh1WXPKnpQFVMSMRynkG0HWknA90mpoU2XjfsVTZgj45yo015Q8jfC_xViIjN1YGboKgNheCfd_I6SrHYWithWlLcZsu6v4zHYDPr4"}'
[Fri Oct 22 15:16:41 CST 2021] Use cached jwk for file: /root/.acme.sh/ca/acme.zerossl.com/v2/DV90/account.key
[Fri Oct 22 15:16:41 CST 2021] Use _CACHED_NONCE='vYuZ4unltdh4xMTHipV9BLe1A5YCNArYna8j2rLL-lQ'
[Fri Oct 22 15:16:41 CST 2021] nonce='vYuZ4unltdh4xMTHipV9BLe1A5YCNArYna8j2rLL-lQ'
[Fri Oct 22 15:16:41 CST 2021] Retrying post
[Fri Oct 22 15:16:41 CST 2021] POST
[Fri Oct 22 15:16:41 CST 2021] _post_url='https://acme.zerossl.com/v2/DV90/order/jo-baTG5niB4owXC5B_Tyg/finalize'
[Fri Oct 22 15:16:41 CST 2021] body='{"protected": "eyJub25jZSI6ICJ2WXVaNHVubHRkaDR4TVRIaXBWOUJMZTFBNVlDTkFyWW5hOGoyckxMLWxRIiwgInVybCI6ICJodHRwczovL2FjbWUuemVyb3NzbC5jb20vdjIvRFY5MC9vcmRlci9qby1iYVRHNW5pQjRvd1hDNUJfVHlnL2ZpbmFsaXplIiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLnplcm9zc2wuY29tL3YyL0RWOTAvYWNjb3VudC9LR0ZkWXlDeno1amhwX2hxbmpLOXJ3In0", "payload": "eyJjc3IiOiAiTUlJQ2pEQ0NBWFFDQVFBd0dqRVlNQllHQTFVRUF4TVBhRzl1WjJKaGFXMXBZVzh1ZG1sd01JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBdkdjMlg1cVJPZktNbmlGXzhfNHR2NGxta3RXNi0tRlJvZFV4T3EtenBGc1M2VXJJSDVKdWZ5MXZZTm52QzVKczhGWjdNSXpSbEpENV9vR3lrLXltT2VHb3NFNWtnblRvdE5xdjdkMENrcTZpTGhGc3psbk1Zd1lZRUlFUFN1YXRvYnpUMzh1UmNLdm04Wl9BTWZpYTMyNVM1TGsxWmtJYnBfZ25vXy15MmozSWZWR1hNMC1wZXg4VV93djBOWmVQSFJrR01uZVhDX211VHJRZUR3SkFXdGpCNndEVl9PM0JsRHl0WFZnRldqdk9XQU1CZW9qVmZ5T094dHJaZDhiNWNOV1FfZm9KMTR0bmg5NWFraExsdmMzV2V2UmhFaFhjR0EzZy1Wd25DaHF1dV91NXRCVF85OEN0NVZOUTlaZkh1WThSU2dZWWtaazdfUTlRZnlTY0ZRSURBUUFCb0Mwd0t3WUpLb1pJaHZjTkFRa09NUjR3SERBYUJnTlZIUkVFRXpBUmdnOW9iMjVuWW1GcGJXbGhieTUyYVhBd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFGejhYWThOUlFnbmRUTHZ0QUFhTEptbzRHaXZLeDBDbGoxSTRDQ3hEUWJMWWZ2dmt2dU9zVmkzNTJISHl6Tl9iam5Vbzk4NFVCcl8xbVZtckZKamRJdjNmSW9yNFkzcEZoc3paMFJqenB0TFhmbWtEWHQ1dUc2ZjVOSzhCNGJ6ZVBVNVlpMDlod0luVnBvYUhGbHp4dnd2bUhTVF9QaW9xZXB4VVVHMDNHb1l5T0haNHgxMDdHMFhHalpYdlFNYm5MUU9OSUxBeW5zUjY2aHFYZFVkT2dBSUVaVzdwSXNrN0Z5WVVmVkZMRGJQU041a3ZNaDFXWFBLbnBRRlZNU01SeW5rRzBIV2tuQTkwbXBvVTJYamZzVlRaZ2o0NXlvMDE1UThqZkNfeFZpSWpOMVlHYm9LZ05oZUNmZF9JNlNySFlXaXRoV2xMY1pzdTZ2NHpIWURQcjQifQ", "signature": "TlgnJzBvj_uD7OkA09_Npu3ZCxVHMP91OyxVwUsI91uCtE-1Kx0VvBZXRhkRovFzPOc-mr6UiUCPU5IZQCMJ9cClz7KCeLZ-xHsuejfgkKHZdcY-3F6dNy_fGWJ5zs-H6dKIgKJInCyNllrqkbrhKjgDpotj6JQR9jwG5q4vqIF5oiwtertGFZgB2tM2uYdDtqJSyQP-1NZtFxMrntCRo20s3E37mI6MZ0tL1x4kvJg1ALifjqOk4cYzzTtG1ZRG9Ybs3GGBu79jmg3FiUi_Zry-pIPR5EtEv-HlUg0R6Hol5TuGIHNNARA43Q8mCzVlDZ-ls-w2UUpRTRrNWjoZhw"}'
[Fri Oct 22 15:16:41 CST 2021] _postContentType='application/jose+json'
[Fri Oct 22 15:16:41 CST 2021] Http already initialized.
[Fri Oct 22 15:16:41 CST 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.V10XZJ8Swp -g '
[Fri Oct 22 15:16:42 CST 2021] _ret='0'
[Fri Oct 22 15:16:42 CST 2021] _hcode='0'
[Fri Oct 22 15:16:42 CST 2021] responseHeaders='HTTP/1.1 100 Continue

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 22 Oct 2021 07:16:42 GMT
Content-Type: application/json
Content-Length: 280
Connection: keep-alive
Status:
Replay-Nonce: meKmSYoBKdmcMD704I-hfQVn0WqCoKb3QdjeyPj8zTo
Cache-Control: max-age=-1
Access-Control-Allow-Origin: *
Location: https://acme.zerossl.com/v2/DV90/order/jo-baTG5niB4owXC5B_Tyg
Retry-After: 15
Strict-Transport-Security: max-age=15552000
'
[Fri Oct 22 15:16:42 CST 2021] code='200'
[Fri Oct 22 15:16:42 CST 2021] original='{"status":"processing","expires":"2022-01-20T07:15:44Z","identifiers":[{"type":"dns","value":"hongbaimiao.vip"}],"authorizations":["https://acme.zerossl.com/v2/DV90/authz/tt-OpYEWqB0CXNdQsjj88Q"],"finalize":"https://acme.zerossl.com/v2/DV90/order/jo-baTG5niB4owXC5B_Tyg/finalize"}'
[Fri Oct 22 15:16:42 CST 2021] response='{"status":"processing","expires":"2022-01-20T07:15:44Z","identifiers":[{"type":"dns","value":"hongbaimiao.vip"}],"authorizations":["https://acme.zerossl.com/v2/DV90/authz/tt-OpYEWqB0CXNdQsjj88Q"],"finalize":"https://acme.zerossl.com/v2/DV90/order/jo-baTG5niB4owXC5B_Tyg/finalize"}'
[Fri Oct 22 15:16:42 CST 2021] Order status is processing, lets sleep and retry.
[Fri Oct 22 15:16:42 CST 2021] _retryafter='15'
[Fri Oct 22 15:16:42 CST 2021] Retry after: 15
[Fri Oct 22 15:16:58 CST 2021] Polling order status: https://acme-v02.api.letsencrypt.org/acme/order/115194894/10313587113
[Fri Oct 22 15:16:58 CST 2021] url='https://acme-v02.api.letsencrypt.org/acme/order/115194894/10313587113'
[Fri Oct 22 15:16:58 CST 2021] payload
[Fri Oct 22 15:16:58 CST 2021] Use cached jwk for file: /root/.acme.sh/ca/acme.zerossl.com/v2/DV90/account.key
[Fri Oct 22 15:16:58 CST 2021] Use _CACHED_NONCE='meKmSYoBKdmcMD704I-hfQVn0WqCoKb3QdjeyPj8zTo'
[Fri Oct 22 15:16:58 CST 2021] nonce='meKmSYoBKdmcMD704I-hfQVn0WqCoKb3QdjeyPj8zTo'
[Fri Oct 22 15:16:58 CST 2021] Retrying post
[Fri Oct 22 15:16:58 CST 2021] POST
[Fri Oct 22 15:16:58 CST 2021] _post_url='https://acme-v02.api.letsencrypt.org/acme/order/115194894/10313587113'
[Fri Oct 22 15:16:58 CST 2021] body='{"protected": "eyJub25jZSI6ICJtZUttU1lvQktkbWNNRDcwNEktaGZRVm4wV3FDb0tiM1FkamV5UGo4elRvIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9vcmRlci8xMTUxOTQ4OTQvMTAzMTM1ODcxMTMiLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUuemVyb3NzbC5jb20vdjIvRFY5MC9hY2NvdW50L0tHRmRZeUN6ejVqaHBfaHFuaks5cncifQ", "payload": "", "signature": "giUjcwloShNHrTtCDIqD8UMXmaF7nO8lXNrWUMl2s0E0d56r3LgCg4IjpRAJnr1G5dCAYkQtW3wwmGIZHGAQ3KvMn-4XcBLQdbnT5Ukj6wp8R55D0qdLSi-FEDDctMiMAiuz58LCV_2rY_6HezNXI1Inq6gUdk6xBexLf11jDbiRHvPRyyxiSHHGUIqp7YmKRdB74H82hM8_YWvwtqo76r0-o5KBRMshXpOCf2WYobb90jH-W-0Bt5nIRR8kZtVCzcrNvsbRXHZl29V_jqN2wPAoQn9kooTeTE1Uyv_dQmRtiQKNLn2SD_RRwbj2fismtanVguWRDT98620ZN6sgVg"}'
[Fri Oct 22 15:16:58 CST 2021] _postContentType='application/jose+json'
[Fri Oct 22 15:16:58 CST 2021] Http already initialized.
[Fri Oct 22 15:16:58 CST 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.V10XZJ8Swp -g '
[Fri Oct 22 15:16:59 CST 2021] _ret='0'
[Fri Oct 22 15:16:59 CST 2021] _hcode='0'
[Fri Oct 22 15:16:59 CST 2021] responseHeaders='HTTP/1.1 400 Bad Request
Server: nginx
Date: Fri, 22 Oct 2021 07:16:59 GMT
Content-Type: application/problem+json
Content-Length: 199
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: 0102t7TqLVCHm1QES1sK9epdb1LbdpSYxD3zXcqew4kdLPA
'
[Fri Oct 22 15:16:59 CST 2021] code='400'
[Fri Oct 22 15:16:59 CST 2021] original='{
"type": "urn:ietf:params:acme:error:malformed",
"detail": "KeyID header contained an invalid account URL: "https://acme.zerossl.com/v2/DV90/account/KGFdYyCzz5jhp_hqnjK9rw\"",
"status": 400
}'
[Fri Oct 22 15:16:59 CST 2021] response='{
"type": "urn:ietf:params:acme:error:malformed",
"detail": "KeyID header contained an invalid account URL: "https://acme.zerossl.com/v2/DV90/account/KGFdYyCzz5jhp_hqnjK9rw\"",
"status": 400
}'
[Fri Oct 22 15:16:59 CST 2021] Sign error, wrong status
[Fri Oct 22 15:16:59 CST 2021] {
"type": "urn:ietf:params:acme:error:malformed",
"detail": "KeyID header contained an invalid account URL: "https://acme.zerossl.com/v2/DV90/account/KGFdYyCzz5jhp_hqnjK9rw\"",
"status": 400
}
[Fri Oct 22 15:16:59 CST 2021] _on_issue_err
[Fri Oct 22 15:16:59 CST 2021] Please add '--debug' or '--log' to check more details.
[Fri Oct 22 15:16:59 CST 2021] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
[Fri Oct 22 15:16:59 CST 2021] _chk_vlist
[Fri Oct 22 15:16:59 CST 2021] 'dns' contains 'dns'
[Fri Oct 22 15:16:59 CST 2021] The dns manual mode can not renew automatically, you must issue it again manually. You'd better use the other modes instead.
[Fri Oct 22 15:16:59 CST 2021] socat doesn't exist.
[Fri Oct 22 15:16:59 CST 2021] Diagnosis versions:
openssl:openssl
OpenSSL 1.0.1e-fips 11 Feb 2013
apache:
apache doesn't exist.
nginx:
nginx doesn't exist.
socat:

[climba03003]

I have reverted back to Let's Encrypt instead of using ZeroSSL.
It seems like ZeroSSL is either not stable or it restricted each host for only 3 domain. (It is the Free Plan on their website.)

[winds365]

acme.sh --set-default-ca --server letsencrypt
ZeroSSL 不是504就是timeout 不想吐槽

[mayocream]

acme.sh --set-default-ca --server letsencrypt ZeroSSL 不是504就是timeout 不想吐槽

ZeroSSL occurs 504 Gateway Timeout error in our cluster.
Same problem :|

[qilishenhua]

I have reverted back to Let's Encrypt instead of using ZeroSSL. It seems like ZeroSSL is either not stable or it restricted each host for only 3 domain. (It is the Free Plan on their website.)

You mean after three certificates expire, I can no longer apply for certificates in this way. So I need to change a new domain?

[climba03003]

I have reverted back to Let's Encrypt instead of using ZeroSSL. It seems like ZeroSSL is either not stable or it restricted each host for only 3 domain. (It is the Free Plan on their website.)

You mean after three certificates expire, I can no longer apply for certificates in this way. So I need to change a new domain?

I am not sure if it is the Free Plan limitation, it should be unlimited for ACME certification.
Currently, the only way to get acme.sh works is migrate out of ZeroSSL.

You need to use the issue command to change the existing record.

acme.sh --issue -d example.com --server  letsencrypt

For the newly created record, use the below command to change the default issuer.

acme.sh --set-default-ca --server letsencrypt

[qilishenhua]

I have reverted back to Let's Encrypt instead of using ZeroSSL. It seems like ZeroSSL is either not stable or it restricted each host for only 3 domain. (It is the Free Plan on their website.)

You mean after three certificates expire, I can no longer apply for certificates in this way. So I need to change a new domain?

I am not sure if it is the Free Plan limitation, it should be unlimited for ACME certification. Currently, the only way to get acme.sh works is migrate out of ZeroSSL.

You need to use the issue command to change the existing record.

acme.sh --issue -d example.com --server  letsencrypt

For the newly created record, use the below command to change the default issuer.

acme.sh --set-default-ca --server letsencrypt

I succeeded by using your command, thank you.