Sign failed, finalize code is not 200. 502 Bad Gateway or 504 Gateway Time-out

[great-jos]

Hi David,

Thanks for the good work you are doing.

I don't know if it's zerossl server, a bug in acme.sh or if I'm the one that did something wrong, I keep getting error when the script is finalizing the certificate order. I used below command and attached a log file.

DNS Server: FreeDNS
OS: Ubuntu 22.04
acme.sh: v3.0.8

Steps to reproduce

acme.sh --issue --debug 3 --syslog 7 --log ./prov.acme.sh.log --dns dns_freedns -d provisoft-solutions.net.ng -d '*.provisoft-solutions.net.ng'

Debug log

prov.acme.sh.log

[github-actions]

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.

[dunker1304]

I got the same problem when using webroot mode
acme.sh: v3.0.8
OS: Debian 9

acme.sh --issue -d vuonuommyhuyen.site -w /etc/openresty/ssl --debug 2 --log

[Mon May 27 03:58:10 UTC 2024] Lets find script dir.
[Mon May 27 03:58:10 UTC 2024] _SCRIPT_='/home/cc/.acme.sh/acme.sh'
[Mon May 27 03:58:10 UTC 2024] _script='/home/cc/.acme.sh/acme.sh'
[Mon May 27 03:58:10 UTC 2024] _script_home='/home/cc/.acme.sh'
[Mon May 27 03:58:10 UTC 2024] Using config home:/home/cc/.acme.sh
[Mon May 27 03:58:10 UTC 2024] LE_WORKING_DIR='/home/cc/.acme.sh'
https://github.com/acmesh-official/acme.sh
v3.0.8
[Mon May 27 03:58:10 UTC 2024] Running cmd: issue
[Mon May 27 03:58:10 UTC 2024] _main_domain='vuonuommyhuyen.site'
[Mon May 27 03:58:10 UTC 2024] _alt_domains='no'
[Mon May 27 03:58:10 UTC 2024] Using config home:/home/cc/.acme.sh
[Mon May 27 03:58:10 UTC 2024] default_acme_server
[Mon May 27 03:58:10 UTC 2024] ACME_DIRECTORY='https://acme.zerossl.com/v2/DV90'
[Mon May 27 03:58:10 UTC 2024] _ACME_SERVER_HOST='acme.zerossl.com'
[Mon May 27 03:58:10 UTC 2024] _ACME_SERVER_PATH='v2/DV90'
[Mon May 27 03:58:10 UTC 2024] DOMAIN_PATH='/home/cc/.acme.sh/certs/vuonuommyhuyen.site_ecc'
[Mon May 27 03:58:10 UTC 2024] '/etc/openresty/ssl' does not contain 'dns'
[Mon May 27 03:58:10 UTC 2024] Le_NextRenewTime
[Mon May 27 03:58:10 UTC 2024] Using ACME_DIRECTORY: https://acme.zerossl.com/v2/DV90
[Mon May 27 03:58:10 UTC 2024] _init api for server: https://acme.zerossl.com/v2/DV90
[Mon May 27 03:58:10 UTC 2024] GET
[Mon May 27 03:58:10 UTC 2024] url='https://acme.zerossl.com/v2/DV90'
[Mon May 27 03:58:10 UTC 2024] timeout=
[Mon May 27 03:58:10 UTC 2024] _CURL='curl --silent --dump-header /home/cc/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.fRogQyi3qs  -g '
[Mon May 27 03:58:11 UTC 2024] ret='0'
[Mon May 27 03:58:11 UTC 2024] response='{
  "newNonce": "https://acme.zerossl.com/v2/DV90/newNonce",
  "newAccount": "https://acme.zerossl.com/v2/DV90/newAccount",
  "newOrder": "https://acme.zerossl.com/v2/DV90/newOrder",
  "revokeCert": "https://acme.zerossl.com/v2/DV90/revokeCert",
  "keyChange": "https://acme.zerossl.com/v2/DV90/keyChange",
  "meta": {
    "termsOfService": "https://secure.trust-provider.com/repository/docs/Legacy/20230516_Certificate_Subscriber_Agreement_v_2_6_click.pdf",
    "website": "https://zerossl.com",
    "caaIdentities": ["sectigo.com", "trust-provider.com", "usertrust.com", "comodoca.com", "comodo.com"],
    "externalAccountRequired": true
  }
}'
[Mon May 27 03:58:11 UTC 2024] ACME_KEY_CHANGE='https://acme.zerossl.com/v2/DV90/keyChange'
[Mon May 27 03:58:11 UTC 2024] ACME_NEW_AUTHZ
[Mon May 27 03:58:11 UTC 2024] ACME_NEW_ORDER='https://acme.zerossl.com/v2/DV90/newOrder'
[Mon May 27 03:58:11 UTC 2024] ACME_NEW_ACCOUNT='https://acme.zerossl.com/v2/DV90/newAccount'
[Mon May 27 03:58:11 UTC 2024] ACME_REVOKE_CERT='https://acme.zerossl.com/v2/DV90/revokeCert'
[Mon May 27 03:58:11 UTC 2024] ACME_AGREEMENT='https://secure.trust-provider.com/repository/docs/Legacy/20230516_Certificate_Subscriber_Agreement_v_2_6_click.pdf'
[Mon May 27 03:58:11 UTC 2024] ACME_NEW_NONCE='https://acme.zerossl.com/v2/DV90/newNonce'
[Mon May 27 03:58:12 UTC 2024] Using CA: https://acme.zerossl.com/v2/DV90
[Mon May 27 03:58:12 UTC 2024] _on_before_issue
[Mon May 27 03:58:12 UTC 2024] _chk_main_domain='vuonuommyhuyen.site'
[Mon May 27 03:58:12 UTC 2024] _chk_alt_domains
[Mon May 27 03:58:12 UTC 2024] '/etc/openresty/ssl' does not contain 'no'
[Mon May 27 03:58:12 UTC 2024] Le_LocalAddress
[Mon May 27 03:58:12 UTC 2024] d='vuonuommyhuyen.site'
[Mon May 27 03:58:12 UTC 2024] Check for domain='vuonuommyhuyen.site'
[Mon May 27 03:58:12 UTC 2024] _currentRoot='/etc/openresty/ssl'
[Mon May 27 03:58:12 UTC 2024] d
[Mon May 27 03:58:12 UTC 2024] '/etc/openresty/ssl' does not contain 'apache'
[Mon May 27 03:58:12 UTC 2024] _saved_account_key_hash='H4xfSQAYmAK5c4JbO8U/+zULjz7jb852ir6Odlf/bEI='
[Mon May 27 03:58:12 UTC 2024] _saved_account_key_hash is not changed, skip register account.
[Mon May 27 03:58:12 UTC 2024] Read key length:ec-256
[Mon May 27 03:58:12 UTC 2024] _createcsr
[Mon May 27 03:58:12 UTC 2024] domain='vuonuommyhuyen.site'
[Mon May 27 03:58:12 UTC 2024] domainlist
[Mon May 27 03:58:12 UTC 2024] csrkey='/home/cc/.acme.sh/certs/vuonuommyhuyen.site_ecc/vuonuommyhuyen.site.key'
[Mon May 27 03:58:12 UTC 2024] csr='/home/cc/.acme.sh/certs/vuonuommyhuyen.site_ecc/vuonuommyhuyen.site.csr'
[Mon May 27 03:58:12 UTC 2024] csrconf='/home/cc/.acme.sh/certs/vuonuommyhuyen.site_ecc/vuonuommyhuyen.site.csr.conf'
[Mon May 27 03:58:12 UTC 2024] Single domain='vuonuommyhuyen.site'
[Mon May 27 03:58:12 UTC 2024] seg='vuonuommyhuyen'
[Mon May 27 03:58:12 UTC 2024] _is_idn_d='vuonuommyhuyen.site'
[Mon May 27 03:58:12 UTC 2024] _idn_temp
[Mon May 27 03:58:12 UTC 2024] _is_idn_d='vuonuommyhuyen.site'
[Mon May 27 03:58:12 UTC 2024] _idn_temp
[Mon May 27 03:58:12 UTC 2024] _csr_cn='vuonuommyhuyen.site'
[Mon May 27 03:58:12 UTC 2024] seg='vuonuommyhuyen'
[Mon May 27 03:58:12 UTC 2024] Getting domain auth token for each domain
[Mon May 27 03:58:12 UTC 2024] seg='vuonuommyhuyen'
[Mon May 27 03:58:12 UTC 2024] _is_idn_d='vuonuommyhuyen.site'
[Mon May 27 03:58:12 UTC 2024] _idn_temp
[Mon May 27 03:58:12 UTC 2024] d
[Mon May 27 03:58:12 UTC 2024] _identifiers='{"type":"dns","value":"vuonuommyhuyen.site"}'
[Mon May 27 03:58:12 UTC 2024] _notBefore
[Mon May 27 03:58:12 UTC 2024] _notAfter
[Mon May 27 03:58:12 UTC 2024] STEP 1, Ordering a Certificate
[Mon May 27 03:58:12 UTC 2024] =======Begin Send Signed Request=======
[Mon May 27 03:58:12 UTC 2024] url='https://acme.zerossl.com/v2/DV90/newOrder'
[Mon May 27 03:58:12 UTC 2024] payload='{"identifiers": [{"type":"dns","value":"vuonuommyhuyen.site"}]}'
[Mon May 27 03:58:12 UTC 2024] EC key
[Mon May 27 03:58:12 UTC 2024] Get nonce with HEAD. ACME_NEW_NONCE='https://acme.zerossl.com/v2/DV90/newNonce'
[Mon May 27 03:58:12 UTC 2024] HEAD
[Mon May 27 03:58:12 UTC 2024] _post_url='https://acme.zerossl.com/v2/DV90/newNonce'
[Mon May 27 03:58:12 UTC 2024] body
[Mon May 27 03:58:12 UTC 2024] _postContentType='application/jose+json'
[Mon May 27 03:58:12 UTC 2024] _CURL='curl --silent --dump-header /home/cc/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.XstBqpPFLs  -g  -I  '
[Mon May 27 03:58:14 UTC 2024] _ret='0'
[Mon May 27 03:58:14 UTC 2024] _headers='HTTP/2 200
server: nginx
date: Mon, 27 May 2024 03:58:13 GMT
content-type: application/octet-stream
replay-nonce: 22_P_bZV8W27CnYjjutT8hKetC0lPls8ltXG76sQzbs
cache-control: max-age=0, no-cache, no-store
access-control-allow-origin: *
link: <https://acme.zerossl.com/v2/DV90>;rel="index"
strict-transport-security: max-age=15724800; includeSubDomains
'
[Mon May 27 03:58:14 UTC 2024] _CACHED_NONCE='22_P_bZV8W27CnYjjutT8hKetC0lPls8ltXG76sQzbs'
[Mon May 27 03:58:14 UTC 2024] nonce='22_P_bZV8W27CnYjjutT8hKetC0lPls8ltXG76sQzbs'
[Mon May 27 03:58:14 UTC 2024] POST
[Mon May 27 03:58:14 UTC 2024] _post_url='https://acme.zerossl.com/v2/DV90/newOrder'
[Mon May 27 03:58:14 UTC 2024] body='{"protected": "eyJub25jZSI6ICIyMl9QX2JaVjhXMjdDbllqanV0VDhoS2V0QzBsUGxzOGx0WEc3NnNRemJzIiwgInVybCI6ICJodHRwczovL2FjbWUuemVyb3NzbC5jb20vdjIvRFY5MC9uZXdPcmRlciIsICJhbGciOiAiRVMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS56ZXJvc3NsLmNvbS92Mi9EVjkwL2FjY291bnQvMkRmY2NUMkQ2MmRGVjVORzlVZFd1USJ9", "payload": "eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6InZ1b251b21teWh1eWVuLnNpdGUifV19", "signature": "FUXAWtKk3JqkrDTcSObmvrLd8QbXzloZ633WVZJHulgx44a6l6oIbM9p3YJsjmQadMxiz2RjclyriFAsC9RMXg"}'
[Mon May 27 03:58:14 UTC 2024] _postContentType='application/jose+json'
[Mon May 27 03:58:14 UTC 2024] Http already initialized.
[Mon May 27 03:58:14 UTC 2024] _CURL='curl --silent --dump-header /home/cc/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.XstBqpPFLs  -g '
[Mon May 27 03:58:15 UTC 2024] _ret='0'
[Mon May 27 03:58:15 UTC 2024] responseHeaders='HTTP/2 201
server: nginx
date: Mon, 27 May 2024 03:58:15 GMT
content-type: application/json
content-length: 281
replay-nonce: yEpcDxLZgqs-TPzN51jJKeZ1qokAmyExd-_HdAZmSNE
cache-control: max-age=0, no-cache, no-store
access-control-allow-origin: *
location: https://acme.zerossl.com/v2/DV90/order/MSlgjqOt_nbVUi3LZOV2YA
strict-transport-security: max-age=15724800; includeSubDomains
'
[Mon May 27 03:58:15 UTC 2024] code='201'
[Mon May 27 03:58:15 UTC 2024] original='{"status":"pending","expires":"2024-08-25T03:05:57Z","identifiers":[{"type":"dns","value":"vuonuommyhuyen.site"}],"authorizations":["https://acme.zerossl.com/v2/DV90/authz/WKPPOdT6fgMenj8PyENlEA"],"finalize":"https://acme.zerossl.com/v2/DV90/order/MSlgjqOt_nbVUi3LZOV2YA/finalize"}'
[Mon May 27 03:58:15 UTC 2024] response='{"status":"pending","expires":"2024-08-25T03:05:57Z","identifiers":[{"type":"dns","value":"vuonuommyhuyen.site"}],"authorizations":["https://acme.zerossl.com/v2/DV90/authz/WKPPOdT6fgMenj8PyENlEA"],"finalize":"https://acme.zerossl.com/v2/DV90/order/MSlgjqOt_nbVUi3LZOV2YA/finalize"}'
[Mon May 27 03:58:15 UTC 2024] Le_LinkOrder='https://acme.zerossl.com/v2/DV90/order/MSlgjqOt_nbVUi3LZOV2YA'
[Mon May 27 03:58:15 UTC 2024] Le_OrderFinalize='https://acme.zerossl.com/v2/DV90/order/MSlgjqOt_nbVUi3LZOV2YA/finalize'
[Mon May 27 03:58:15 UTC 2024] _authorizations_seg='https://acme.zerossl.com/v2/DV90/authz/WKPPOdT6fgMenj8PyENlEA'
[Mon May 27 03:58:15 UTC 2024] STEP 2, Get the authorizations of each domain
[Mon May 27 03:58:15 UTC 2024] _authz_url='https://acme.zerossl.com/v2/DV90/authz/WKPPOdT6fgMenj8PyENlEA'
[Mon May 27 03:58:15 UTC 2024] =======Begin Send Signed Request=======
[Mon May 27 03:58:15 UTC 2024] url='https://acme.zerossl.com/v2/DV90/authz/WKPPOdT6fgMenj8PyENlEA'
[Mon May 27 03:58:15 UTC 2024] payload
[Mon May 27 03:58:15 UTC 2024] Use cached jwk for file: /home/cc/.acme.sh/ca/acme.zerossl.com/v2/DV90/account.key
[Mon May 27 03:58:15 UTC 2024] Use _CACHED_NONCE='yEpcDxLZgqs-TPzN51jJKeZ1qokAmyExd-_HdAZmSNE'
[Mon May 27 03:58:15 UTC 2024] nonce='yEpcDxLZgqs-TPzN51jJKeZ1qokAmyExd-_HdAZmSNE'
[Mon May 27 03:58:15 UTC 2024] POST
[Mon May 27 03:58:15 UTC 2024] _post_url='https://acme.zerossl.com/v2/DV90/authz/WKPPOdT6fgMenj8PyENlEA'
[Mon May 27 03:58:15 UTC 2024] body='{"protected": "eyJub25jZSI6ICJ5RXBjRHhMWmdxcy1UUHpONTFqSktlWjFxb2tBbXlFeGQtX0hkQVptU05FIiwgInVybCI6ICJodHRwczovL2FjbWUuemVyb3NzbC5jb20vdjIvRFY5MC9hdXRoei9XS1BQT2RUNmZnTWVuajhQeUVObEVBIiwgImFsZyI6ICJFUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLnplcm9zc2wuY29tL3YyL0RWOTAvYWNjb3VudC8yRGZjY1QyRDYyZEZWNU5HOVVkV3VRIn0", "payload": "", "signature": "0_v4mO0-s5KgXtYDfyKFdZXCK-8R6OtP3WodVzQ--B42ccYo_4Z4eU3EWNgJDRbDHomTDtI9oAHLRI77PRDotQ"}'
[Mon May 27 03:58:15 UTC 2024] _postContentType='application/jose+json'
[Mon May 27 03:58:15 UTC 2024] Http already initialized.
[Mon May 27 03:58:15 UTC 2024] _CURL='curl --silent --dump-header /home/cc/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.XstBqpPFLs  -g '
[Mon May 27 03:58:17 UTC 2024] _ret='0'
[Mon May 27 03:58:17 UTC 2024] responseHeaders='HTTP/2 200
server: nginx
date: Mon, 27 May 2024 03:58:17 GMT
content-type: application/json
content-length: 449
replay-nonce: 9hwNTbVybkYh43mR8VXTJinDBRJahKAmXw9qIOnj4rs
cache-control: max-age=0, no-cache, no-store
access-control-allow-origin: *
link: <https://acme.zerossl.com/v2/DV90>;rel="index"
retry-after: 86400
strict-transport-security: max-age=15724800; includeSubDomains
'
[Mon May 27 03:58:17 UTC 2024] code='200'
[Mon May 27 03:58:17 UTC 2024] original='{"identifier":{"type":"dns","value":"vuonuommyhuyen.site"},"status":"pending","expires":"2024-06-26T03:05:57Z","challenges":[{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw","status":"pending","token":"uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk"},{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/PImsb1-MsXURKQ1qJgGyag","status":"pending","token":"_2fADZ95aHYlAACXywGeFjo867zMLvDCRp_F16JZAuk"}]}'
[Mon May 27 03:58:17 UTC 2024] response='{"identifier":{"type":"dns","value":"vuonuommyhuyen.site"},"status":"pending","expires":"2024-06-26T03:05:57Z","challenges":[{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw","status":"pending","token":"uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk"},{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/PImsb1-MsXURKQ1qJgGyag","status":"pending","token":"_2fADZ95aHYlAACXywGeFjo867zMLvDCRp_F16JZAuk"}]}'
[Mon May 27 03:58:17 UTC 2024] response='{"identifier":{"type":"dns","value":"vuonuommyhuyen.site"},"status":"pending","expires":"2024-06-26T03:05:57Z","challenges":[{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw","status":"pending","token":"uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk"},{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/PImsb1-MsXURKQ1qJgGyag","status":"pending","token":"_2fADZ95aHYlAACXywGeFjo867zMLvDCRp_F16JZAuk"}]}'
[Mon May 27 03:58:17 UTC 2024] _d='vuonuommyhuyen.site'
[Mon May 27 03:58:17 UTC 2024] _authorizations_map='vuonuommyhuyen.site,{"identifier":{"type":"dns","value":"vuonuommyhuyen.site"},"status":"pending","expires":"2024-06-26T03:05:57Z","challenges":[{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw","status":"pending","token":"uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk"},{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/PImsb1-MsXURKQ1qJgGyag","status":"pending","token":"_2fADZ95aHYlAACXywGeFjo867zMLvDCRp_F16JZAuk"}]}#https://acme.zerossl.com/v2/DV90/authz/WKPPOdT6fgMenj8PyENlEA
'
[Mon May 27 03:58:17 UTC 2024] d='vuonuommyhuyen.site'
[Mon May 27 03:58:17 UTC 2024] Getting webroot for domain='vuonuommyhuyen.site'
[Mon May 27 03:58:17 UTC 2024] _w='/etc/openresty/ssl'
[Mon May 27 03:58:17 UTC 2024] _currentRoot='/etc/openresty/ssl'
[Mon May 27 03:58:17 UTC 2024] _is_idn_d='vuonuommyhuyen.site'
[Mon May 27 03:58:17 UTC 2024] _idn_temp
[Mon May 27 03:58:17 UTC 2024] _candidates='vuonuommyhuyen.site,{"identifier":{"type":"dns","value":"vuonuommyhuyen.site"},"status":"pending","expires":"2024-06-26T03:05:57Z","challenges":[{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw","status":"pending","token":"uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk"},{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/PImsb1-MsXURKQ1qJgGyag","status":"pending","token":"_2fADZ95aHYlAACXywGeFjo867zMLvDCRp_F16JZAuk"}]}#https://acme.zerossl.com/v2/DV90/authz/WKPPOdT6fgMenj8PyENlEA'
[Mon May 27 03:58:17 UTC 2024] response='{"identifier":{"type":"dns","value":"vuonuommyhuyen.site"},"status":"pending","expires":"2024-06-26T03:05:57Z","challenges":[{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw","status":"pending","token":"uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk"},{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/PImsb1-MsXURKQ1qJgGyag","status":"pending","token":"_2fADZ95aHYlAACXywGeFjo867zMLvDCRp_F16JZAuk"}]}#https://acme.zerossl.com/v2/DV90/authz/WKPPOdT6fgMenj8PyENlEA'
[Mon May 27 03:58:17 UTC 2024] _authz_url='https://acme.zerossl.com/v2/DV90/authz/WKPPOdT6fgMenj8PyENlEA'
[Mon May 27 03:58:17 UTC 2024] entry='"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw","status":"pending","token":"uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk"'
[Mon May 27 03:58:17 UTC 2024] token='uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk'
[Mon May 27 03:58:17 UTC 2024] uri='https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw'
[Mon May 27 03:58:17 UTC 2024] keyauthorization='uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk.dvxP2oeXw-eEaR9vFHR_XzZOr_XUpTRIPGdsdpHZ4Uw'
[Mon May 27 03:58:17 UTC 2024] dvlist='vuonuommyhuyen.site#uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk.dvxP2oeXw-eEaR9vFHR_XzZOr_XUpTRIPGdsdpHZ4Uw#https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw#http-01#/etc/openresty/ssl#https://acme.zerossl.com/v2/DV90/authz/WKPPOdT6fgMenj8PyENlEA'
[Mon May 27 03:58:17 UTC 2024] d
[Mon May 27 03:58:17 UTC 2024] vlist='vuonuommyhuyen.site#uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk.dvxP2oeXw-eEaR9vFHR_XzZOr_XUpTRIPGdsdpHZ4Uw#https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw#http-01#/etc/openresty/ssl#https://acme.zerossl.com/v2/DV90/authz/WKPPOdT6fgMenj8PyENlEA,'
[Mon May 27 03:58:17 UTC 2024] d='vuonuommyhuyen.site'
[Mon May 27 03:58:17 UTC 2024] ok, let's start to verify
[Mon May 27 03:58:17 UTC 2024] Verifying: vuonuommyhuyen.site
[Mon May 27 03:58:17 UTC 2024] d='vuonuommyhuyen.site'
[Mon May 27 03:58:17 UTC 2024] keyauthorization='uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk.dvxP2oeXw-eEaR9vFHR_XzZOr_XUpTRIPGdsdpHZ4Uw'
[Mon May 27 03:58:17 UTC 2024] uri='https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw'
[Mon May 27 03:58:17 UTC 2024] _authz_url='https://acme.zerossl.com/v2/DV90/authz/WKPPOdT6fgMenj8PyENlEA'
[Mon May 27 03:58:17 UTC 2024] _currentRoot='/etc/openresty/ssl'
[Mon May 27 03:58:17 UTC 2024] wellknown_path='/etc/openresty/ssl/.well-known/acme-challenge'
[Mon May 27 03:58:17 UTC 2024] writing token:uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk to /etc/openresty/ssl/.well-known/acme-challenge/uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk
[Mon May 27 03:58:17 UTC 2024] Trigger domain validation.
[Mon May 27 03:58:17 UTC 2024] _t_url='https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw'
[Mon May 27 03:58:17 UTC 2024] _t_key_authz='uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk.dvxP2oeXw-eEaR9vFHR_XzZOr_XUpTRIPGdsdpHZ4Uw'
[Mon May 27 03:58:17 UTC 2024] _t_vtype='http-01'
[Mon May 27 03:58:17 UTC 2024] =======Begin Send Signed Request=======
[Mon May 27 03:58:17 UTC 2024] url='https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw'
[Mon May 27 03:58:17 UTC 2024] payload='{}'
[Mon May 27 03:58:17 UTC 2024] Use cached jwk for file: /home/cc/.acme.sh/ca/acme.zerossl.com/v2/DV90/account.key
[Mon May 27 03:58:17 UTC 2024] Use _CACHED_NONCE='9hwNTbVybkYh43mR8VXTJinDBRJahKAmXw9qIOnj4rs'
[Mon May 27 03:58:17 UTC 2024] nonce='9hwNTbVybkYh43mR8VXTJinDBRJahKAmXw9qIOnj4rs'
[Mon May 27 03:58:17 UTC 2024] POST
[Mon May 27 03:58:17 UTC 2024] _post_url='https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw'
[Mon May 27 03:58:17 UTC 2024] body='{"protected": "eyJub25jZSI6ICI5aHdOVGJWeWJrWWg0M21SOFZYVEppbkRCUkphaEtBbVh3OXFJT25qNHJzIiwgInVybCI6ICJodHRwczovL2FjbWUuemVyb3NzbC5jb20vdjIvRFY5MC9jaGFsbC9kdm92TUJodXUtU25NeUlOTWVKSW13IiwgImFsZyI6ICJFUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLnplcm9zc2wuY29tL3YyL0RWOTAvYWNjb3VudC8yRGZjY1QyRDYyZEZWNU5HOVVkV3VRIn0", "payload": "e30", "signature": "V0I1WiY1xDqNwotapTf9N6NaeglCggRPvMA9G-R0UfV4Ei3kOl-cpYdiL5Lqvjs1yrX-jEx5H9wp7GM-X7Gwmw"}'
[Mon May 27 03:58:17 UTC 2024] _postContentType='application/jose+json'
[Mon May 27 03:58:17 UTC 2024] Http already initialized.
[Mon May 27 03:58:17 UTC 2024] _CURL='curl --silent --dump-header /home/cc/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.XstBqpPFLs  -g '
[Mon May 27 03:59:02 UTC 2024] _ret='0'
[Mon May 27 03:59:02 UTC 2024] responseHeaders='HTTP/2 200
server: nginx
date: Mon, 27 May 2024 03:59:02 GMT
content-type: application/json
content-length: 164
replay-nonce: 1xqNgYaxPjP7oG_GWoVtZTnyoaj06nFPCiF5QyF-eRU
cache-control: max-age=0, no-cache, no-store
access-control-allow-origin: *
link: <https://acme.zerossl.com/v2/DV90/authz/WKPPOdT6fgMenj8PyENlEA>;rel="up"
retry-after: 60
strict-transport-security: max-age=15724800; includeSubDomains
'
[Mon May 27 03:59:02 UTC 2024] code='200'
[Mon May 27 03:59:02 UTC 2024] original='{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw","status":"processing","token":"uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk"}'
[Mon May 27 03:59:02 UTC 2024] response='{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw","status":"processing","token":"uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk"}'
[Mon May 27 03:59:02 UTC 2024] trigger validation code: 200
[Mon May 27 03:59:02 UTC 2024] Lets check the status of the authz
[Mon May 27 03:59:02 UTC 2024] original='{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw","status":"processing","token":"uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk"}'
[Mon May 27 03:59:02 UTC 2024] response='{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw","status":"processing","token":"uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk"}'
[Mon May 27 03:59:02 UTC 2024] status='processing'
[Mon May 27 03:59:02 UTC 2024] Processing, The CA is processing your order, please just wait. (1/30)
[Mon May 27 03:59:02 UTC 2024] sleep 2 secs to verify again
[Mon May 27 03:59:05 UTC 2024] checking
[Mon May 27 03:59:05 UTC 2024] =======Begin Send Signed Request=======
[Mon May 27 03:59:05 UTC 2024] url='https://acme.zerossl.com/v2/DV90/authz/WKPPOdT6fgMenj8PyENlEA'
[Mon May 27 03:59:05 UTC 2024] payload
[Mon May 27 03:59:05 UTC 2024] Use cached jwk for file: /home/cc/.acme.sh/ca/acme.zerossl.com/v2/DV90/account.key
[Mon May 27 03:59:05 UTC 2024] Use _CACHED_NONCE='1xqNgYaxPjP7oG_GWoVtZTnyoaj06nFPCiF5QyF-eRU'
[Mon May 27 03:59:05 UTC 2024] nonce='1xqNgYaxPjP7oG_GWoVtZTnyoaj06nFPCiF5QyF-eRU'
[Mon May 27 03:59:05 UTC 2024] POST
[Mon May 27 03:59:05 UTC 2024] _post_url='https://acme.zerossl.com/v2/DV90/authz/WKPPOdT6fgMenj8PyENlEA'
[Mon May 27 03:59:05 UTC 2024] body='{"protected": "eyJub25jZSI6ICIxeHFOZ1lheFBqUDdvR19HV29WdFpUbnlvYWowNm5GUENpRjVReUYtZVJVIiwgInVybCI6ICJodHRwczovL2FjbWUuemVyb3NzbC5jb20vdjIvRFY5MC9hdXRoei9XS1BQT2RUNmZnTWVuajhQeUVObEVBIiwgImFsZyI6ICJFUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLnplcm9zc2wuY29tL3YyL0RWOTAvYWNjb3VudC8yRGZjY1QyRDYyZEZWNU5HOVVkV3VRIn0", "payload": "", "signature": "d-XbOGU3Jcxi99UDcqcPHJxEUBZbQrge0GXaPO9PBI1u6S1uj7XZUUPWaiV9_h0fSlXj41Hin9ALUhy8o_21WA"}'
[Mon May 27 03:59:05 UTC 2024] _postContentType='application/jose+json'
[Mon May 27 03:59:05 UTC 2024] Http already initialized.
[Mon May 27 03:59:05 UTC 2024] _CURL='curl --silent --dump-header /home/cc/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.XstBqpPFLs  -g '
[Mon May 27 03:59:59 UTC 2024] _ret='0'
[Mon May 27 03:59:59 UTC 2024] responseHeaders='HTTP/2 200
server: nginx
date: Mon, 27 May 2024 03:59:59 GMT
content-type: application/json
content-length: 319
replay-nonce: 4Vz6vRcjHhAavDAecVen7OZqJR50S7ShMVlCcyCB5pQ
cache-control: max-age=0, no-cache, no-store
access-control-allow-origin: *
link: <https://acme.zerossl.com/v2/DV90>;rel="index"
strict-transport-security: max-age=15724800; includeSubDomains

-age=15724800; includeSubDomains
'
[Mon May 27 03:59:59 UTC 2024] code='200'
[Mon May 27 03:59:59 UTC 2024] original='{"identifier":{"type":"dns","value":"vuonuommyhuyen.site"},"status":"valid","expires":"2024-06-26T03:05:57Z","challenges":[{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw","status":"valid","validated":"2024-05-27T03:59:03Z","token":"uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk"}]}'
[Mon May 27 03:59:59 UTC 2024] response='{"identifier":{"type":"dns","value":"vuonuommyhuyen.site"},"status":"valid","expires":"2024-06-26T03:05:57Z","challenges":[{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw","status":"valid","validated":"2024-05-27T03:59:03Z","token":"uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk"}]}'
[Mon May 27 03:59:59 UTC 2024] original='{"identifier":{"type":"dns","value":"vuonuommyhuyen.site"},"status":"valid","expires":"2024-06-26T03:05:57Z","challenges":[{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw","status":"valid","validated":"2024-05-27T03:59:03Z","token":"uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk"}]}'
[Mon May 27 03:59:59 UTC 2024] response='{"identifier":{"type":"dns","value":"vuonuommyhuyen.site"},"status":"valid","expires":"2024-06-26T03:05:57Z","challenges":[{"type":"http-01","url":"https://acme.zerossl.com/v2/DV90/chall/dvovMBhuu-SnMyINMeJImw","status":"valid","validated":"2024-05-27T03:59:03Z","token":"uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk"}]}'
[Mon May 27 03:59:59 UTC 2024] status='valid
valid'
[Mon May 27 03:59:59 UTC 2024] Success
[Mon May 27 03:59:59 UTC 2024] pid
[Mon May 27 03:59:59 UTC 2024] Debugging, skip removing: /etc/openresty/ssl/.well-known/acme-challenge/uCdwuswKuugqXYdiA4rpibRurTL5TLP7ZnB1CV5U9bk
[Mon May 27 03:59:59 UTC 2024] pid
[Mon May 27 03:59:59 UTC 2024] No need to restore nginx, skip.
[Mon May 27 03:59:59 UTC 2024] _clearupdns
[Mon May 27 03:59:59 UTC 2024] dns_entries
[Mon May 27 03:59:59 UTC 2024] skip dns.
[Mon May 27 03:59:59 UTC 2024] Verify finished, start to sign.
[Mon May 27 03:59:59 UTC 2024] i='2'
[Mon May 27 03:59:59 UTC 2024] j='8'
[Mon May 27 03:59:59 UTC 2024] Lets finalize the order.
[Mon May 27 03:59:59 UTC 2024] Le_OrderFinalize='https://acme.zerossl.com/v2/DV90/order/MSlgjqOt_nbVUi3LZOV2YA/finalize'
[Mon May 27 03:59:59 UTC 2024] =======Begin Send Signed Request=======
[Mon May 27 03:59:59 UTC 2024] url='https://acme.zerossl.com/v2/DV90/order/MSlgjqOt_nbVUi3LZOV2YA/finalize'
[Mon May 27 03:59:59 UTC 2024] payload='{"csr": "MIIBKTCB0AIBADAeMRwwGgYDVQQDDBN2dW9udW9tbXlodXllbi5zaXRlMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWIsDqA_nExUSmIUpNsNh_jmrcTfhDKDPusnhyOKgAwVqeskyGecostMU8KstSnPC04E4_11Okp0IWN_1DvP_4qBQME4GCSqGSIb3DQEJDjFBMD8wHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB4GA1UdEQQXMBWCE3Z1b251b21teWh1eWVuLnNpdGUwCgYIKoZIzj0EAwIDSAAwRQIhAP70xu_b4oN4AiyEHL9MaObOhyJYIQDGfQfC1Ma9l9RyAiBsYa1tOFy94xK15LOujDUzkT9-44sM9gK1RdK7oxKOZA"}'
[Mon May 27 03:59:59 UTC 2024] Use cached jwk for file: /home/cc/.acme.sh/ca/acme.zerossl.com/v2/DV90/account.key
[Mon May 27 03:59:59 UTC 2024] Use _CACHED_NONCE='4Vz6vRcjHhAavDAecVen7OZqJR50S7ShMVlCcyCB5pQ'
[Mon May 27 03:59:59 UTC 2024] nonce='4Vz6vRcjHhAavDAecVen7OZqJR50S7ShMVlCcyCB5pQ'
[Mon May 27 03:59:59 UTC 2024] POST
[Mon May 27 03:59:59 UTC 2024] _post_url='https://acme.zerossl.com/v2/DV90/order/MSlgjqOt_nbVUi3LZOV2YA/finalize'
[Mon May 27 03:59:59 UTC 2024] body='{"protected": "eyJub25jZSI6ICI0Vno2dlJjakhoQWF2REFlY1ZlbjdPWnFKUjUwUzdTaE1WbENjeUNCNXBRIiwgInVybCI6ICJodHRwczovL2FjbWUuemVyb3NzbC5jb20vdjIvRFY5MC9vcmRlci9NU2xnanFPdF9uYlZVaTNMWk9WMllBL2ZpbmFsaXplIiwgImFsZyI6ICJFUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLnplcm9zc2wuY29tL3YyL0RWOTAvYWNjb3VudC8yRGZjY1QyRDYyZEZWNU5HOVVkV3VRIn0", "payload": "eyJjc3IiOiAiTUlJQktUQ0IwQUlCQURBZU1Sd3dHZ1lEVlFRRERCTjJkVzl1ZFc5dGJYbG9kWGxsYmk1emFYUmxNRmt3RXdZSEtvWkl6ajBDQVFZSUtvWkl6ajBEQVFjRFFnQUVXSXNEcUFfbkV4VVNtSVVwTnNOaF9qbXJjVGZoREtEUHVzbmh5T0tnQXdWcWVza3lHZWNvc3RNVThLc3RTblBDMDRFNF8xMU9rcDBJV05fMUR2UF80cUJRTUU0R0NTcUdTSWIzRFFFSkRqRkJNRDh3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01CNEdBMVVkRVFRWE1CV0NFM1oxYjI1MWIyMXRlV2gxZVdWdUxuTnBkR1V3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUloQVA3MHh1X2I0b040QWl5RUhMOU1hT2JPaHlKWUlRREdmUWZDMU1hOWw5UnlBaUJzWWExdE9GeTk0eEsxNUxPdWpEVXprVDktNDRzTTlnSzFSZEs3b3hLT1pBIn0", "signature": "KZhQ9kcj8JytXaf6m60LyW8LQUqlT0oCFKNGUkxjpeUIoS_U639lgsLsiTvFX7gfBbdUFP5reVjNtqD0OGsxqA"}'
[Mon May 27 03:59:59 UTC 2024] _postContentType='application/jose+json'
[Mon May 27 03:59:59 UTC 2024] Http already initialized.
[Mon May 27 03:59:59 UTC 2024] _CURL='curl --silent --dump-header /home/cc/.acme.sh/http.header  -L  --trace-ascii /tmp/tmp.XstBqpPFLs  -g '
[Mon May 27 04:01:00 UTC 2024] _ret='0'
[Mon May 27 04:01:00 UTC 2024] responseHeaders='HTTP/2 504
server: nginx
date: Mon, 27 May 2024 04:01:00 GMT
content-type: text/html
content-length: 160
'
[Mon May 27 04:01:00 UTC 2024] code='504'
[Mon May 27 04:01:01 UTC 2024] original='<html>
<head><title>504 Gateway Time-out</title></head>
<body>
<center><h1>504 Gateway Time-out</h1></center>
<hr><center>nginx</center>
</body>
'/html>
[Mon May 27 04:01:01 UTC 2024] response='<html>
<head><title>504 Gateway Time-out</title></head>
<body>
<center><h1>504 Gateway Time-out</h1></center>
<hr><center>nginx</center>
</body>
'/html>
[Mon May 27 04:01:01 UTC 2024] Sign failed, finalize code is not 200.
[Mon May 27 04:01:01 UTC 2024] <html>
<head><title>504 Gateway Time-out</title></head>
<body>
<center><h1>504 Gateway Time-out</h1></center>
<hr><center>nginx</center>
</body>
</html>
[Mon May 27 04:01:01 UTC 2024] _on_issue_err
[Mon May 27 04:01:01 UTC 2024] Please check log file for more details: /home/cc/.acme.sh/acme.sh.log
[Mon May 27 04:01:01 UTC 2024] _chk_vlist
[Mon May 27 04:01:01 UTC 2024] Diagnosis versions:
openssl:openssl
OpenSSL 1.1.0j  20 Nov 2018 (Library: OpenSSL 1.1.0l  10 Sep 2019)
apache:
apache doesn't exist.
nginx:
nginx doesn't exist.
socat:
socat by Gerhard Rieger - see www.dest-unreach.org
socat version 1.7.3.1 on Jul 14 2017 13:52:03
   running on Linux version #1 SMP Debian 4.9.130-2 (2018-10-27), release 4.9.0-8-amd64, machine x86_64
features:
  #define WITH_STDIO 1
  #define WITH_FDNUM 1
  #define WITH_FILE 1
  #define WITH_CREAT 1
  #define WITH_GOPEN 1
  #define WITH_TERMIOS 1
  #define WITH_PIPE 1
  #define WITH_UNIX 1
  #define WITH_ABSTRACT_UNIXSOCKET 1
  #define WITH_IP4 1
  #define WITH_IP6 1
  #define WITH_RAWIP 1
  #define WITH_GENERICSOCKET 1
  #define WITH_INTERFACE 1
  #define WITH_TCP 1
  #define WITH_UDP 1
  #define WITH_SCTP 1
  #define WITH_LISTEN 1
  #define WITH_SOCKS4 1
  #define WITH_SOCKS4A 1
  #define WITH_PROXY 1
  #define WITH_SYSTEM 1
  #define WITH_EXEC 1
  #undef WITH_READLINE
  #define WITH_TUN 1
  #define WITH_PTY 1
  #define WITH_OPENSSL 1
  #undef WITH_FIPS
  #define WITH_LIBWRAP 1
  #define WITH_SYCLS 1
  #define WITH_FILAN 1
  #define WITH_RETRY 1
  #define WITH_MSGLEVEL 0 /*debug*/

[SSRVodka]

@dunker1304
It looks like the zeroSSL server is dead. Maybe you can try another CA server:

acme.sh --set-default-ca --server letsencrypt

[great-jos]

@dunker1304 It looks like the zeroSSL server is dead. Maybe you can try another CA server:

acme.sh --set-default-ca --server letsencrypt

Big thanks @SSRVodka this resolved the issue. Guess Zerossl is down