DD-WRT NGINX proxy gives error sed: bad regex '.$"error":\{[^\}]$.*': Invalid contents of {} #968

justClouds · 2017-08-10T13:57:15Z

acme.sh.log.txt
I installed the latest acme.sh on DD-WRT v3.0 latest build. Used opkg to install nginx and followed the wiki steps.

Steps to reproduce

./acme.sh --issue --tls -d <mydomain> --home /jffs/usr/ssl --ca-path /opt/etc/ssl/certs --pre-hook "stopservice lighttpd" --post-hook "startservice lighttpd" --debug 2

Debug log

Attached.

The text was updated successfully, but these errors were encountered:

Neilpang · 2017-08-10T14:08:07Z

please give --debug 2 log

justClouds · 2017-08-10T14:15:00Z

I did run acme.sh with --debug 2 (didn't mention it in the 'steps to reproduce as it was not relevant for reproducing the error, but added it now) and attached the resulting log file. Or is there something more/else to do?

Neilpang · 2017-08-10T14:28:24Z

just paste the output of --debug 2 here.

justClouds · 2017-08-10T15:03:11Z

I had the log file attached to to first post, but here you are:

`[Wed Aug 9 21:27:07 CEST 2017] Using config home:/jffs/ssl
[Wed Aug 9 21:27:07 CEST 2017] DOMAIN_PATH='/jffs/ssl/sickrage.moerman.cc'
[Wed Aug 9 21:27:07 CEST 2017] Using ACME_DIRECTORY: https://acme-v01.api.letsencrypt.org/directory
[Wed Aug 9 21:27:07 CEST 2017] _init api for server: https://acme-v01.api.letsencrypt.org/directory
[Wed Aug 9 21:27:08 CEST 2017] ACME_KEY_CHANGE='https://acme-v01.api.letsencrypt.org/acme/key-change'
[Wed Aug 9 21:27:08 CEST 2017] ACME_NEW_AUTHZ='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Wed Aug 9 21:27:08 CEST 2017] ACME_NEW_ORDER='https://acme-v01.api.letsencrypt.org/acme/new-cert'
[Wed Aug 9 21:27:08 CEST 2017] ACME_NEW_ACCOUNT='https://acme-v01.api.letsencrypt.org/acme/new-reg'
[Wed Aug 9 21:27:08 CEST 2017] ACME_REVOKE_CERT='https://acme-v01.api.letsencrypt.org/acme/revoke-cert'
[Wed Aug 9 21:27:08 CEST 2017] Le_NextRenewTime
[Wed Aug 9 21:27:08 CEST 2017] _on_before_issue
[Wed Aug 9 21:27:08 CEST 2017] Le_LocalAddress
[Wed Aug 9 21:27:08 CEST 2017] Check for domain='sickrage.moerman.cc'
[Wed Aug 9 21:27:08 CEST 2017] _currentRoot='tls'
[Wed Aug 9 21:27:08 CEST 2017] Standalone tls mode.
[Wed Aug 9 21:27:08 CEST 2017] _checkport='443'
[Wed Aug 9 21:27:08 CEST 2017] _checkaddr
[Wed Aug 9 21:27:08 CEST 2017] Using: netstat
[Wed Aug 9 21:27:08 CEST 2017] _saved_account_key_hash is not changed, skip register account.
[Wed Aug 9 21:27:08 CEST 2017] Read key length:
[Wed Aug 9 21:27:08 CEST 2017] _createcsr
[Wed Aug 9 21:27:08 CEST 2017] Single domain='sickrage.moerman.cc'
[Wed Aug 9 21:27:08 CEST 2017] Getting domain auth token for each domain
[Wed Aug 9 21:27:08 CEST 2017] Getting webroot for domain='sickrage.moerman.cc'
[Wed Aug 9 21:27:08 CEST 2017] _w='tls'
[Wed Aug 9 21:27:08 CEST 2017] _currentRoot='tls'
[Wed Aug 9 21:27:08 CEST 2017] Getting new-authz for domain='sickrage.moerman.cc'
[Wed Aug 9 21:27:08 CEST 2017] _init api for server: https://acme-v01.api.letsencrypt.org/directory
[Wed Aug 9 21:27:08 CEST 2017] ACME_KEY_CHANGE='https://acme-v01.api.letsencrypt.org/acme/key-change'
[Wed Aug 9 21:27:08 CEST 2017] ACME_NEW_AUTHZ='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Wed Aug 9 21:27:08 CEST 2017] ACME_NEW_ORDER='https://acme-v01.api.letsencrypt.org/acme/new-cert'
[Wed Aug 9 21:27:08 CEST 2017] ACME_NEW_ACCOUNT='https://acme-v01.api.letsencrypt.org/acme/new-reg'
[Wed Aug 9 21:27:08 CEST 2017] ACME_REVOKE_CERT='https://acme-v01.api.letsencrypt.org/acme/revoke-cert'
[Wed Aug 9 21:27:08 CEST 2017] Try new-authz for the 0 time.
[Wed Aug 9 21:27:08 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Wed Aug 9 21:27:08 CEST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "sickrage.moerman.cc"}}'
[Wed Aug 9 21:27:08 CEST 2017] RSA key
[Wed Aug 9 21:27:08 CEST 2017] GET
[Wed Aug 9 21:27:08 CEST 2017] url='https://acme-v01.api.letsencrypt.org/directory'
[Wed Aug 9 21:27:08 CEST 2017] timeout
[Wed Aug 9 21:27:08 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs '
[Wed Aug 9 21:27:09 CEST 2017] ret='0'
[Wed Aug 9 21:27:09 CEST 2017] POST
[Wed Aug 9 21:27:09 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Wed Aug 9 21:27:09 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs '
[Wed Aug 9 21:27:10 CEST 2017] _ret='0'
[Wed Aug 9 21:27:10 CEST 2017] code='201'
[Wed Aug 9 21:27:10 CEST 2017] The new-authz request is ok.
[Wed Aug 9 21:27:10 CEST 2017] entry='"type":"tls-sni-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/NC2Mgm3mkDH_ydbVgi2tuwOBBOJ8-odpmbixsRre9Z4/1717758986","token":"oqFJGc_t0QyMCKVkn7EAsgaE6dm60BH-2L_PwfLTOFw"'
[Wed Aug 9 21:27:10 CEST 2017] token='oqFJGc_t0QyMCKVkn7EAsgaE6dm60BH-2L_PwfLTOFw'
[Wed Aug 9 21:27:10 CEST 2017] uri='https://acme-v01.api.letsencrypt.org/acme/challenge/NC2Mgm3mkDH_ydbVgi2tuwOBBOJ8-odpmbixsRre9Z4/1717758986'
[Wed Aug 9 21:27:10 CEST 2017] keyauthorization='oqFJGc_t0QyMCKVkn7EAsgaE6dm60BH-2L_PwfLTOFw.IXQ31DYP3D0cMublV3Q9zcy2ZZ1sNmANEeqoZeinNfo'
[Wed Aug 9 21:27:10 CEST 2017] dvlist='sickrage.moerman.cc#oqFJGc_t0QyMCKVkn7EAsgaE6dm60BH-2L_PwfLTOFw.IXQ31DYP3D0cMublV3Q9zcy2ZZ1sNmANEeqoZeinNfo#https://acme-v01.api.letsencrypt.org/acme/challenge/NC2Mgm3mkDH_ydbVgi2tuwOBBOJ8-odpmbixsRre9Z4/1717758986#tls-sni-01#tls'
[Wed Aug 9 21:27:10 CEST 2017] vlist='sickrage.moerman.cc#oqFJGc_t0QyMCKVkn7EAsgaE6dm60BH-2L_PwfLTOFw.IXQ31DYP3D0cMublV3Q9zcy2ZZ1sNmANEeqoZeinNfo#https://acme-v01.api.letsencrypt.org/acme/challenge/NC2Mgm3mkDH_ydbVgi2tuwOBBOJ8-odpmbixsRre9Z4/1717758986#tls-sni-01#tls,'
[Wed Aug 9 21:27:10 CEST 2017] ok, let's start to verify
[Wed Aug 9 21:27:10 CEST 2017] Verifying:sickrage.moerman.cc
[Wed Aug 9 21:27:10 CEST 2017] d='sickrage.moerman.cc'
[Wed Aug 9 21:27:10 CEST 2017] keyauthorization='oqFJGc_t0QyMCKVkn7EAsgaE6dm60BH-2L_PwfLTOFw.IXQ31DYP3D0cMublV3Q9zcy2ZZ1sNmANEeqoZeinNfo'
[Wed Aug 9 21:27:10 CEST 2017] uri='https://acme-v01.api.letsencrypt.org/acme/challenge/NC2Mgm3mkDH_ydbVgi2tuwOBBOJ8-odpmbixsRre9Z4/1717758986'
[Wed Aug 9 21:27:10 CEST 2017] _currentRoot='tls'
[Wed Aug 9 21:27:10 CEST 2017] Starting tls server.
[Wed Aug 9 21:27:10 CEST 2017] san_a='27193dda6dd8e5c020adca81799bc882.043e465764de061d2d0d9e0de8a77b02.acme.invalid'
[Wed Aug 9 21:27:10 CEST 2017] san_b
[Wed Aug 9 21:27:10 CEST 2017] port='443'
[Wed Aug 9 21:27:10 CEST 2017] Use length 2048
[Wed Aug 9 21:27:10 CEST 2017] Using RSA: 2048
[Wed Aug 9 21:27:16 CEST 2017] _createcsr
[Wed Aug 9 21:27:16 CEST 2017] Multi domain='DNS:27193dda6dd8e5c020adca81799bc882.043e465764de061d2d0d9e0de8a77b02.acme.invalid'
[Wed Aug 9 21:27:16 CEST 2017] _signcsr
[Wed Aug 9 21:27:16 CEST 2017] Signature ok
subject=/CN=tls.acme.sh
Getting Private key
[Wed Aug 9 21:27:16 CEST 2017] Le_Listen_V4
[Wed Aug 9 21:27:16 CEST 2017] Le_Listen_V6
[Wed Aug 9 21:27:16 CEST 2017] openssl s_server -cert /jffs/ssl/sickrage.moerman.cc/tls.validation.cert -key /jffs/ssl/sickrage.moerman.cc/tls.validation.key -accept 443
[Wed Aug 9 21:27:17 CEST 2017] serverproc='23551'
[Wed Aug 9 21:27:17 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/NC2Mgm3mkDH_ydbVgi2tuwOBBOJ8-odpmbixsRre9Z4/1717758986'
[Wed Aug 9 21:27:17 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "oqFJGc_t0QyMCKVkn7EAsgaE6dm60BH-2L_PwfLTOFw.IXQ31DYP3D0cMublV3Q9zcy2ZZ1sNmANEeqoZeinNfo"}'
[Wed Aug 9 21:27:17 CEST 2017] POST
[Wed Aug 9 21:27:17 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/NC2Mgm3mkDH_ydbVgi2tuwOBBOJ8-odpmbixsRre9Z4/1717758986'
[Wed Aug 9 21:27:18 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs '
[Wed Aug 9 21:27:18 CEST 2017] _ret='0'
[Wed Aug 9 21:27:18 CEST 2017] code='202'
[Wed Aug 9 21:27:18 CEST 2017] sleep 2 secs to verify
[Wed Aug 9 21:27:20 CEST 2017] checking
[Wed Aug 9 21:27:20 CEST 2017] GET
[Wed Aug 9 21:27:20 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/NC2Mgm3mkDH_ydbVgi2tuwOBBOJ8-odpmbixsRre9Z4/1717758986'
[Wed Aug 9 21:27:20 CEST 2017] timeout
[Wed Aug 9 21:27:21 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs '
[Wed Aug 9 21:27:21 CEST 2017] ret='0'
[Wed Aug 9 21:27:21 CEST 2017] Pending
[Wed Aug 9 21:27:21 CEST 2017] sleep 2 secs to verify
[Wed Aug 9 21:27:23 CEST 2017] checking
[Wed Aug 9 21:27:23 CEST 2017] GET
[Wed Aug 9 21:27:23 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/NC2Mgm3mkDH_ydbVgi2tuwOBBOJ8-odpmbixsRre9Z4/1717758986'
[Wed Aug 9 21:27:23 CEST 2017] timeout
[Wed Aug 9 21:27:23 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs '
[Wed Aug 9 21:27:23 CEST 2017] ret='0'
[Wed Aug 9 21:27:23 CEST 2017] Pending
[Wed Aug 9 21:27:23 CEST 2017] sleep 2 secs to verify
[Wed Aug 9 21:27:25 CEST 2017] checking
[Wed Aug 9 21:27:25 CEST 2017] GET
[Wed Aug 9 21:27:25 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/NC2Mgm3mkDH_ydbVgi2tuwOBBOJ8-odpmbixsRre9Z4/1717758986'
[Wed Aug 9 21:27:25 CEST 2017] timeout
[Wed Aug 9 21:27:25 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs '
[Wed Aug 9 21:27:26 CEST 2017] ret='0'
[Wed Aug 9 21:27:26 CEST 2017] sickrage.moerman.cc:Verify error:
[Wed Aug 9 21:27:26 CEST 2017] Skip for removelevel:
[Wed Aug 9 21:27:26 CEST 2017] pid='23551'
[Wed Aug 9 21:27:26 CEST 2017] GET
[Wed Aug 9 21:27:26 CEST 2017] url='https://localhost:443'
[Wed Aug 9 21:27:26 CEST 2017] timeout='1'
[Wed Aug 9 21:27:26 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs --connect-timeout 1'
[Wed Aug 9 21:27:26 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 60
[Wed Aug 9 21:27:26 CEST 2017] ret='60'
[Wed Aug 9 21:27:26 CEST 2017] GET
[Wed Aug 9 21:27:26 CEST 2017] url='https://localhost:443'
[Wed Aug 9 21:27:26 CEST 2017] timeout='1'
[Wed Aug 9 21:27:26 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs --connect-timeout 1'
[Wed Aug 9 21:27:26 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 35
[Wed Aug 9 21:27:26 CEST 2017] ret='35'
[Wed Aug 9 21:27:26 CEST 2017] No need to restore nginx, skip.
[Wed Aug 9 21:27:26 CEST 2017] _clearupdns
[Wed Aug 9 21:27:26 CEST 2017] skip dns.
[Wed Aug 9 21:27:26 CEST 2017] _on_issue_err
[Wed Aug 9 21:27:26 CEST 2017] Please check log file for more details: /jffs/ssl/acme.sh.log
[Wed Aug 9 21:27:26 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/NC2Mgm3mkDH_ydbVgi2tuwOBBOJ8-odpmbixsRre9Z4/1717758986'
[Wed Aug 9 21:27:26 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "oqFJGc_t0QyMCKVkn7EAsgaE6dm60BH-2L_PwfLTOFw.IXQ31DYP3D0cMublV3Q9zcy2ZZ1sNmANEeqoZeinNfo"}'
[Wed Aug 9 21:27:26 CEST 2017] POST
[Wed Aug 9 21:27:26 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/NC2Mgm3mkDH_ydbVgi2tuwOBBOJ8-odpmbixsRre9Z4/1717758986'
[Wed Aug 9 21:27:26 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs '
[Wed Aug 9 21:27:27 CEST 2017] _ret='0'
[Wed Aug 9 21:27:27 CEST 2017] code='400'
[Thu Aug 10 15:42:39 CEST 2017] Using config home:/jffs/ssl
[Thu Aug 10 15:42:39 CEST 2017] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Thu Aug 10 15:42:39 CEST 2017] DOMAIN_PATH='/jffs/ssl/sickrage.moerman.cc'
[Thu Aug 10 15:42:39 CEST 2017] Using ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Thu Aug 10 15:42:39 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Thu Aug 10 15:42:39 CEST 2017] GET
[Thu Aug 10 15:42:39 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Thu Aug 10 15:42:39 CEST 2017] timeout
[Thu Aug 10 15:42:39 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:42:39 CEST 2017] ret='0'
[Thu Aug 10 15:42:39 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Thu Aug 10 15:42:39 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Thu Aug 10 15:42:39 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Thu Aug 10 15:42:39 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Thu Aug 10 15:42:40 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Thu Aug 10 15:42:40 CEST 2017] Le_NextRenewTime
[Thu Aug 10 15:42:40 CEST 2017] _on_before_issue
[Thu Aug 10 15:42:40 CEST 2017] Run pre hook:'stopservice lighttpd'
[Thu Aug 10 15:42:40 CEST 2017] Le_LocalAddress
[Thu Aug 10 15:42:40 CEST 2017] Check for domain='sickrage.moerman.cc'
[Thu Aug 10 15:42:40 CEST 2017] _currentRoot='tls'
[Thu Aug 10 15:42:40 CEST 2017] Standalone tls mode.
[Thu Aug 10 15:42:40 CEST 2017] _checkport='443'
[Thu Aug 10 15:42:40 CEST 2017] _checkaddr
[Thu Aug 10 15:42:40 CEST 2017] Using: netstat
[Thu Aug 10 15:42:40 CEST 2017] config file is empty, can not read CA_KEY_HASH
[Thu Aug 10 15:42:40 CEST 2017] Using config home:/jffs/ssl
[Thu Aug 10 15:42:40 CEST 2017] Use default length 2048
[Thu Aug 10 15:42:40 CEST 2017] length='2048'
[Thu Aug 10 15:42:40 CEST 2017] Using config home:/jffs/ssl
[Thu Aug 10 15:42:40 CEST 2017] Use length 2048
[Thu Aug 10 15:42:40 CEST 2017] Using RSA: 2048
[Thu Aug 10 15:42:42 CEST 2017] RSA key
[Thu Aug 10 15:42:42 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Thu Aug 10 15:42:42 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Thu Aug 10 15:42:42 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Thu Aug 10 15:42:42 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Thu Aug 10 15:42:42 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Thu Aug 10 15:42:42 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Thu Aug 10 15:42:42 CEST 2017] AGREEMENT
[Thu Aug 10 15:42:42 CEST 2017] Registering account
[Thu Aug 10 15:42:42 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Thu Aug 10 15:42:42 CEST 2017] payload='{"resource": "new-reg", "agreement": ""}'
[Thu Aug 10 15:42:42 CEST 2017] GET
[Thu Aug 10 15:42:42 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Thu Aug 10 15:42:42 CEST 2017] timeout
[Thu Aug 10 15:42:42 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:42:42 CEST 2017] ret='0'
[Thu Aug 10 15:42:42 CEST 2017] POST
[Thu Aug 10 15:42:42 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Thu Aug 10 15:42:42 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:42:43 CEST 2017] _ret='0'
[Thu Aug 10 15:42:43 CEST 2017] code='201'
[Thu Aug 10 15:42:43 CEST 2017] Registered
[Thu Aug 10 15:42:43 CEST 2017] _accUri='https://acme-staging.api.letsencrypt.org/acme/reg/2924823'
[Thu Aug 10 15:42:43 CEST 2017] _tos='https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf'
[Thu Aug 10 15:42:43 CEST 2017] AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf'
[Thu Aug 10 15:42:43 CEST 2017] Update tos: https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf
[Thu Aug 10 15:42:43 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/reg/2924823'
[Thu Aug 10 15:42:43 CEST 2017] payload='{"resource": "reg", "agreement": "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"}'
[Thu Aug 10 15:42:44 CEST 2017] POST
[Thu Aug 10 15:42:44 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/reg/2924823'
[Thu Aug 10 15:42:44 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:42:44 CEST 2017] _ret='0'
[Thu Aug 10 15:42:44 CEST 2017] code='202'
[Thu Aug 10 15:42:44 CEST 2017] Update account tos info success.
[Thu Aug 10 15:42:45 CEST 2017] Calc CA_KEY_HASH='yO70XYrB73c7BXeqAHOvOqcSG6jjJevjfJFUXRyQuI4='
[Thu Aug 10 15:42:45 CEST 2017] ACCOUNT_THUMBPRINT='FLQNgF_XJdfJLSaAjfBO1d1iWgBL5DXiTqBXqhrPCNA'
[Thu Aug 10 15:42:45 CEST 2017] Read key length:
[Thu Aug 10 15:42:45 CEST 2017] _createcsr
[Thu Aug 10 15:42:45 CEST 2017] Single domain='sickrage.moerman.cc'
[Thu Aug 10 15:42:45 CEST 2017] Getting domain auth token for each domain
[Thu Aug 10 15:42:45 CEST 2017] Getting webroot for domain='sickrage.moerman.cc'
[Thu Aug 10 15:42:45 CEST 2017] _w='tls'
[Thu Aug 10 15:42:45 CEST 2017] _currentRoot='tls'
[Thu Aug 10 15:42:45 CEST 2017] Getting new-authz for domain='sickrage.moerman.cc'
[Thu Aug 10 15:42:45 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Thu Aug 10 15:42:45 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Thu Aug 10 15:42:45 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Thu Aug 10 15:42:45 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Thu Aug 10 15:42:45 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Thu Aug 10 15:42:45 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Thu Aug 10 15:42:45 CEST 2017] Try new-authz for the 0 time.
[Thu Aug 10 15:42:45 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Thu Aug 10 15:42:45 CEST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "sickrage.moerman.cc"}}'
[Thu Aug 10 15:42:45 CEST 2017] POST
[Thu Aug 10 15:42:45 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Thu Aug 10 15:42:45 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:42:46 CEST 2017] _ret='0'
[Thu Aug 10 15:42:46 CEST 2017] code='201'
[Thu Aug 10 15:42:46 CEST 2017] The new-authz request is ok.
[Thu Aug 10 15:42:46 CEST 2017] entry='"type":"tls-sni-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/rmRwJpYEGYjBXrUvrD1AIJMzNbikPYgu6qXERVjZx5c/51449812","token":"4xqUxRWhHRuXAcuyo82IZLYPS5_Q7sz_cgNhdHTRpVA"'
[Thu Aug 10 15:42:46 CEST 2017] token='4xqUxRWhHRuXAcuyo82IZLYPS5_Q7sz_cgNhdHTRpVA'
[Thu Aug 10 15:42:46 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/rmRwJpYEGYjBXrUvrD1AIJMzNbikPYgu6qXERVjZx5c/51449812'
[Thu Aug 10 15:42:46 CEST 2017] keyauthorization='4xqUxRWhHRuXAcuyo82IZLYPS5_Q7sz_cgNhdHTRpVA.FLQNgF_XJdfJLSaAjfBO1d1iWgBL5DXiTqBXqhrPCNA'
[Thu Aug 10 15:42:46 CEST 2017] dvlist='sickrage.moerman.cc#4xqUxRWhHRuXAcuyo82IZLYPS5_Q7sz_cgNhdHTRpVA.FLQNgF_XJdfJLSaAjfBO1d1iWgBL5DXiTqBXqhrPCNA#https://acme-staging.api.letsencrypt.org/acme/challenge/rmRwJpYEGYjBXrUvrD1AIJMzNbikPYgu6qXERVjZx5c/51449812#tls-sni-01#tls'
[Thu Aug 10 15:42:46 CEST 2017] vlist='sickrage.moerman.cc#4xqUxRWhHRuXAcuyo82IZLYPS5_Q7sz_cgNhdHTRpVA.FLQNgF_XJdfJLSaAjfBO1d1iWgBL5DXiTqBXqhrPCNA#https://acme-staging.api.letsencrypt.org/acme/challenge/rmRwJpYEGYjBXrUvrD1AIJMzNbikPYgu6qXERVjZx5c/51449812#tls-sni-01#tls,'
[Thu Aug 10 15:42:46 CEST 2017] ok, let's start to verify
[Thu Aug 10 15:42:46 CEST 2017] Verifying:sickrage.moerman.cc
[Thu Aug 10 15:42:46 CEST 2017] d='sickrage.moerman.cc'
[Thu Aug 10 15:42:46 CEST 2017] keyauthorization='4xqUxRWhHRuXAcuyo82IZLYPS5_Q7sz_cgNhdHTRpVA.FLQNgF_XJdfJLSaAjfBO1d1iWgBL5DXiTqBXqhrPCNA'
[Thu Aug 10 15:42:46 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/rmRwJpYEGYjBXrUvrD1AIJMzNbikPYgu6qXERVjZx5c/51449812'
[Thu Aug 10 15:42:46 CEST 2017] _currentRoot='tls'
[Thu Aug 10 15:42:46 CEST 2017] Starting tls server.
[Thu Aug 10 15:42:46 CEST 2017] san_a='743f95e8f670d496ff74786c447bd5a3.df3666aa68c3be2980a35f3b94e77245.acme.invalid'
[Thu Aug 10 15:42:46 CEST 2017] san_b
[Thu Aug 10 15:42:46 CEST 2017] port='443'
[Thu Aug 10 15:42:46 CEST 2017] Use length 2048
[Thu Aug 10 15:42:46 CEST 2017] Using RSA: 2048
[Thu Aug 10 15:42:50 CEST 2017] _createcsr
[Thu Aug 10 15:42:50 CEST 2017] Multi domain='DNS:743f95e8f670d496ff74786c447bd5a3.df3666aa68c3be2980a35f3b94e77245.acme.invalid'
[Thu Aug 10 15:42:50 CEST 2017] _signcsr
[Thu Aug 10 15:42:50 CEST 2017] Signature ok
subject=/CN=tls.acme.sh
Getting Private key
[Thu Aug 10 15:42:50 CEST 2017] Le_Listen_V4
[Thu Aug 10 15:42:50 CEST 2017] Le_Listen_V6
[Thu Aug 10 15:42:50 CEST 2017] openssl s_server -cert /jffs/ssl/sickrage.moerman.cc/tls.validation.cert -key /jffs/ssl/sickrage.moerman.cc/tls.validation.key -accept 443
[Thu Aug 10 15:42:51 CEST 2017] serverproc='2781'
[Thu Aug 10 15:42:51 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/rmRwJpYEGYjBXrUvrD1AIJMzNbikPYgu6qXERVjZx5c/51449812'
[Thu Aug 10 15:42:51 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "4xqUxRWhHRuXAcuyo82IZLYPS5_Q7sz_cgNhdHTRpVA.FLQNgF_XJdfJLSaAjfBO1d1iWgBL5DXiTqBXqhrPCNA"}'
[Thu Aug 10 15:42:51 CEST 2017] POST
[Thu Aug 10 15:42:51 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/rmRwJpYEGYjBXrUvrD1AIJMzNbikPYgu6qXERVjZx5c/51449812'
[Thu Aug 10 15:42:51 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:42:52 CEST 2017] _ret='0'
[Thu Aug 10 15:42:52 CEST 2017] code='202'
[Thu Aug 10 15:42:52 CEST 2017] sleep 2 secs to verify
[Thu Aug 10 15:42:54 CEST 2017] checking
[Thu Aug 10 15:42:54 CEST 2017] GET
[Thu Aug 10 15:42:54 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/rmRwJpYEGYjBXrUvrD1AIJMzNbikPYgu6qXERVjZx5c/51449812'
[Thu Aug 10 15:42:54 CEST 2017] timeout
[Thu Aug 10 15:42:54 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:42:54 CEST 2017] ret='0'
[Thu Aug 10 15:42:54 CEST 2017] Pending
[Thu Aug 10 15:42:54 CEST 2017] sleep 2 secs to verify
[Thu Aug 10 15:42:56 CEST 2017] checking
[Thu Aug 10 15:42:56 CEST 2017] GET
[Thu Aug 10 15:42:56 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/rmRwJpYEGYjBXrUvrD1AIJMzNbikPYgu6qXERVjZx5c/51449812'
[Thu Aug 10 15:42:56 CEST 2017] timeout
[Thu Aug 10 15:42:56 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:42:57 CEST 2017] ret='0'
[Thu Aug 10 15:42:57 CEST 2017] Pending
[Thu Aug 10 15:42:57 CEST 2017] sleep 2 secs to verify
[Thu Aug 10 15:42:59 CEST 2017] checking
[Thu Aug 10 15:42:59 CEST 2017] GET
[Thu Aug 10 15:42:59 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/rmRwJpYEGYjBXrUvrD1AIJMzNbikPYgu6qXERVjZx5c/51449812'
[Thu Aug 10 15:42:59 CEST 2017] timeout
[Thu Aug 10 15:42:59 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:42:59 CEST 2017] ret='0'
[Thu Aug 10 15:42:59 CEST 2017] sickrage.moerman.cc:Verify error:
[Thu Aug 10 15:42:59 CEST 2017] Skip for removelevel:
[Thu Aug 10 15:42:59 CEST 2017] pid='2781'
[Thu Aug 10 15:42:59 CEST 2017] GET
[Thu Aug 10 15:42:59 CEST 2017] url='https://localhost:443'
[Thu Aug 10 15:42:59 CEST 2017] timeout='1'
[Thu Aug 10 15:42:59 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs --connect-timeout 1'
[Thu Aug 10 15:42:59 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 60
[Thu Aug 10 15:42:59 CEST 2017] ret='60'
[Thu Aug 10 15:42:59 CEST 2017] GET
[Thu Aug 10 15:42:59 CEST 2017] url='https://localhost:443'
[Thu Aug 10 15:42:59 CEST 2017] timeout='1'
[Thu Aug 10 15:43:00 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs --connect-timeout 1'
[Thu Aug 10 15:43:00 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 35
[Thu Aug 10 15:43:00 CEST 2017] ret='35'
[Thu Aug 10 15:43:00 CEST 2017] No need to restore nginx, skip.
[Thu Aug 10 15:43:00 CEST 2017] _clearupdns
[Thu Aug 10 15:43:00 CEST 2017] skip dns.
[Thu Aug 10 15:43:00 CEST 2017] _on_issue_err
[Thu Aug 10 15:43:00 CEST 2017] Please check log file for more details: /jffs/ssl/acme.sh.log
[Thu Aug 10 15:43:00 CEST 2017] Run post hook:'startservice lighttpd'
[Thu Aug 10 15:43:00 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/rmRwJpYEGYjBXrUvrD1AIJMzNbikPYgu6qXERVjZx5c/51449812'
[Thu Aug 10 15:43:00 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "4xqUxRWhHRuXAcuyo82IZLYPS5_Q7sz_cgNhdHTRpVA.FLQNgF_XJdfJLSaAjfBO1d1iWgBL5DXiTqBXqhrPCNA"}'
[Thu Aug 10 15:43:00 CEST 2017] POST
[Thu Aug 10 15:43:00 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/rmRwJpYEGYjBXrUvrD1AIJMzNbikPYgu6qXERVjZx5c/51449812'
[Thu Aug 10 15:43:00 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:43:01 CEST 2017] _ret='0'
[Thu Aug 10 15:43:01 CEST 2017] code='400'
[Thu Aug 10 15:51:14 CEST 2017] Using config home:/jffs/ssl
[Thu Aug 10 15:51:14 CEST 2017] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Thu Aug 10 15:51:14 CEST 2017] DOMAIN_PATH='/jffs/ssl/sickrage.moerman.cc'
[Thu Aug 10 15:51:14 CEST 2017] Using ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Thu Aug 10 15:51:14 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Thu Aug 10 15:51:14 CEST 2017] GET
[Thu Aug 10 15:51:14 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Thu Aug 10 15:51:14 CEST 2017] timeout
[Thu Aug 10 15:51:14 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1502373074.tmp --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:51:15 CEST 2017] ret='0'
[Thu Aug 10 15:51:15 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Thu Aug 10 15:51:15 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Thu Aug 10 15:51:15 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Thu Aug 10 15:51:15 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Thu Aug 10 15:51:15 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Thu Aug 10 15:51:15 CEST 2017] Le_NextRenewTime
[Thu Aug 10 15:51:15 CEST 2017] _on_before_issue
[Thu Aug 10 15:51:15 CEST 2017] Run pre hook:'stopservice lighttpd'
[Thu Aug 10 15:51:15 CEST 2017] Le_LocalAddress
[Thu Aug 10 15:51:15 CEST 2017] Check for domain='sickrage.moerman.cc'
[Thu Aug 10 15:51:15 CEST 2017] _currentRoot='tls'
[Thu Aug 10 15:51:15 CEST 2017] Standalone tls mode.
[Thu Aug 10 15:51:15 CEST 2017] _checkport='443'
[Thu Aug 10 15:51:15 CEST 2017] _checkaddr
[Thu Aug 10 15:51:15 CEST 2017] Using: netstat
[Thu Aug 10 15:51:15 CEST 2017] _saved_account_key_hash is not changed, skip register account.
[Thu Aug 10 15:51:15 CEST 2017] Read key length:
[Thu Aug 10 15:51:15 CEST 2017] _createcsr
[Thu Aug 10 15:51:15 CEST 2017] Single domain='sickrage.moerman.cc'
[Thu Aug 10 15:51:16 CEST 2017] Getting domain auth token for each domain
[Thu Aug 10 15:51:16 CEST 2017] Getting webroot for domain='sickrage.moerman.cc'
[Thu Aug 10 15:51:16 CEST 2017] _w='tls'
[Thu Aug 10 15:51:16 CEST 2017] _currentRoot='tls'
[Thu Aug 10 15:51:16 CEST 2017] Getting new-authz for domain='sickrage.moerman.cc'
[Thu Aug 10 15:51:16 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Thu Aug 10 15:51:16 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Thu Aug 10 15:51:16 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Thu Aug 10 15:51:16 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Thu Aug 10 15:51:16 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Thu Aug 10 15:51:16 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Thu Aug 10 15:51:16 CEST 2017] Try new-authz for the 0 time.
[Thu Aug 10 15:51:16 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Thu Aug 10 15:51:16 CEST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "sickrage.moerman.cc"}}'
[Thu Aug 10 15:51:16 CEST 2017] RSA key
[Thu Aug 10 15:51:16 CEST 2017] GET
[Thu Aug 10 15:51:16 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Thu Aug 10 15:51:16 CEST 2017] timeout
[Thu Aug 10 15:51:16 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1502373076.tmp --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:51:16 CEST 2017] ret='0'
[Thu Aug 10 15:51:16 CEST 2017] POST
[Thu Aug 10 15:51:16 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Thu Aug 10 15:51:16 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1502373076.tmp --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:51:17 CEST 2017] _ret='0'
[Thu Aug 10 15:51:17 CEST 2017] code='201'
[Thu Aug 10 15:51:17 CEST 2017] The new-authz request is ok.
[Thu Aug 10 15:51:17 CEST 2017] entry='"type":"tls-sni-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/RaCJftT8A_JSSPL170Pozl09DqKByyf0DYLYkUakQuk/51450691","token":"RbyMDgVrT264uH1uG0aqQ8hz3AYBoLyQ0WiLa3BL9xc"'
[Thu Aug 10 15:51:17 CEST 2017] token='RbyMDgVrT264uH1uG0aqQ8hz3AYBoLyQ0WiLa3BL9xc'
[Thu Aug 10 15:51:17 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/RaCJftT8A_JSSPL170Pozl09DqKByyf0DYLYkUakQuk/51450691'
[Thu Aug 10 15:51:17 CEST 2017] keyauthorization='RbyMDgVrT264uH1uG0aqQ8hz3AYBoLyQ0WiLa3BL9xc.FLQNgF_XJdfJLSaAjfBO1d1iWgBL5DXiTqBXqhrPCNA'
[Thu Aug 10 15:51:18 CEST 2017] dvlist='sickrage.moerman.cc#RbyMDgVrT264uH1uG0aqQ8hz3AYBoLyQ0WiLa3BL9xc.FLQNgF_XJdfJLSaAjfBO1d1iWgBL5DXiTqBXqhrPCNA#https://acme-staging.api.letsencrypt.org/acme/challenge/RaCJftT8A_JSSPL170Pozl09DqKByyf0DYLYkUakQuk/51450691#tls-sni-01#tls'
[Thu Aug 10 15:51:18 CEST 2017] vlist='sickrage.moerman.cc#RbyMDgVrT264uH1uG0aqQ8hz3AYBoLyQ0WiLa3BL9xc.FLQNgF_XJdfJLSaAjfBO1d1iWgBL5DXiTqBXqhrPCNA#https://acme-staging.api.letsencrypt.org/acme/challenge/RaCJftT8A_JSSPL170Pozl09DqKByyf0DYLYkUakQuk/51450691#tls-sni-01#tls,'
[Thu Aug 10 15:51:18 CEST 2017] ok, let's start to verify
[Thu Aug 10 15:51:18 CEST 2017] Verifying:sickrage.moerman.cc
[Thu Aug 10 15:51:18 CEST 2017] d='sickrage.moerman.cc'
[Thu Aug 10 15:51:18 CEST 2017] keyauthorization='RbyMDgVrT264uH1uG0aqQ8hz3AYBoLyQ0WiLa3BL9xc.FLQNgF_XJdfJLSaAjfBO1d1iWgBL5DXiTqBXqhrPCNA'
[Thu Aug 10 15:51:18 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/RaCJftT8A_JSSPL170Pozl09DqKByyf0DYLYkUakQuk/51450691'
[Thu Aug 10 15:51:18 CEST 2017] _currentRoot='tls'
[Thu Aug 10 15:51:18 CEST 2017] Starting tls server.
[Thu Aug 10 15:51:18 CEST 2017] san_a='79b2c7be5fb62c16efbff814204e8977.26101fc80481453c652c23a2a2275bec.acme.invalid'
[Thu Aug 10 15:51:18 CEST 2017] san_b
[Thu Aug 10 15:51:18 CEST 2017] port='443'
[Thu Aug 10 15:51:18 CEST 2017] Use length 2048
[Thu Aug 10 15:51:18 CEST 2017] Using RSA: 2048
[Thu Aug 10 15:51:31 CEST 2017] _createcsr
[Thu Aug 10 15:51:31 CEST 2017] Multi domain='DNS:79b2c7be5fb62c16efbff814204e8977.26101fc80481453c652c23a2a2275bec.acme.invalid'
[Thu Aug 10 15:51:31 CEST 2017] _signcsr
[Thu Aug 10 15:51:31 CEST 2017] Signature ok
subject=/CN=tls.acme.sh
Getting Private key
[Thu Aug 10 15:51:31 CEST 2017] Le_Listen_V4
[Thu Aug 10 15:51:31 CEST 2017] Le_Listen_V6
[Thu Aug 10 15:51:31 CEST 2017] openssl s_server -cert /jffs/ssl/sickrage.moerman.cc/tls.validation.cert -key /jffs/ssl/sickrage.moerman.cc/tls.validation.key -accept 443
[Thu Aug 10 15:51:32 CEST 2017] serverproc='3782'
[Thu Aug 10 15:51:32 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/RaCJftT8A_JSSPL170Pozl09DqKByyf0DYLYkUakQuk/51450691'
[Thu Aug 10 15:51:32 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "RbyMDgVrT264uH1uG0aqQ8hz3AYBoLyQ0WiLa3BL9xc.FLQNgF_XJdfJLSaAjfBO1d1iWgBL5DXiTqBXqhrPCNA"}'
[Thu Aug 10 15:51:32 CEST 2017] POST
[Thu Aug 10 15:51:33 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/RaCJftT8A_JSSPL170Pozl09DqKByyf0DYLYkUakQuk/51450691'
[Thu Aug 10 15:51:33 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1502373093.tmp --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:51:34 CEST 2017] _ret='0'
[Thu Aug 10 15:51:34 CEST 2017] code='202'
[Thu Aug 10 15:51:34 CEST 2017] sleep 2 secs to verify
[Thu Aug 10 15:51:36 CEST 2017] checking
[Thu Aug 10 15:51:36 CEST 2017] GET
[Thu Aug 10 15:51:36 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/RaCJftT8A_JSSPL170Pozl09DqKByyf0DYLYkUakQuk/51450691'
[Thu Aug 10 15:51:36 CEST 2017] timeout
[Thu Aug 10 15:51:36 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1502373096.tmp --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:51:36 CEST 2017] ret='0'
[Thu Aug 10 15:51:36 CEST 2017] Pending
[Thu Aug 10 15:51:36 CEST 2017] sleep 2 secs to verify
[Thu Aug 10 15:51:38 CEST 2017] checking
[Thu Aug 10 15:51:38 CEST 2017] GET
[Thu Aug 10 15:51:38 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/RaCJftT8A_JSSPL170Pozl09DqKByyf0DYLYkUakQuk/51450691'
[Thu Aug 10 15:51:38 CEST 2017] timeout
[Thu Aug 10 15:51:38 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1502373098.tmp --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:51:38 CEST 2017] ret='0'
[Thu Aug 10 15:51:39 CEST 2017] Pending
[Thu Aug 10 15:51:39 CEST 2017] sleep 2 secs to verify
[Thu Aug 10 15:51:41 CEST 2017] checking
[Thu Aug 10 15:51:41 CEST 2017] GET
[Thu Aug 10 15:51:41 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/RaCJftT8A_JSSPL170Pozl09DqKByyf0DYLYkUakQuk/51450691'
[Thu Aug 10 15:51:41 CEST 2017] timeout
[Thu Aug 10 15:51:41 CEST 2017] CURL='curl -L --silent --dump-header /jffs/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1502373101.tmp --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:51:41 CEST 2017] ret='0'
[Thu Aug 10 15:51:41 CEST 2017] sickrage.moerman.cc:Verify error:
[Thu Aug 10 15:51:41 CEST 2017] Skip for removelevel:
[Thu Aug 10 15:51:41 CEST 2017] pid='3782'
[Thu Aug 10 15:51:41 CEST 2017] GET
[Thu Aug 10 15:51:41 CEST 2017] url='https://localhost:443'
[Thu Aug 10 15:51:41 CEST 2017] timeout='1'
[Thu Aug 10 15:51:41 CEST 2017] CURL='curl -L --silent --dump-header /jffs/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1502373101.tmp --capath /opt/etc/ssl/certs --connect-timeout 1'
[Thu Aug 10 15:51:41 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 60
[Thu Aug 10 15:51:41 CEST 2017] Here is the curl dump log:
[Thu Aug 10 15:51:41 CEST 2017] == Info: Rebuilt URL to: https://localhost:443/
== Info: Trying 127.0.0.1...
== Info: Connected to localhost (127.0.0.1) port 443 (#0)
== Info: ALPN, offering http/1.1
== Info: Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@strength
== Info: successfully set certificate verify locations:
== Info: CAfile: none
CApath: /opt/etc/ssl/certs
== Info: TLSv1.2 (OUT), TLS header, Certificate Status (22):
=> Send SSL data, 5 bytes (0x5)
0000: .....
== Info: TLSv1.2 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: ........t.G..�.l,..]}5.f.,d9y%...r........0.,.(.$.............k.
0040: j.i.h.9.8.7.6.............2...*.&.......=.5./.+.'.#.............
0080: g.@.?.>.3.2.1.0.........1.-.).%.......<./.......................
00c0: ..=.........localhost............................... ...........
0100: ..........................3t.........http/1.1...................
0140: ................................................................
0180: ................................................................
01c0: ................................................................
<= Recv SSL data, 5 bytes (0x5)
0000: ....^
== Info: TLSv1.2 (IN), TLS handshake, Server hello (2):
<= Recv SSL data, 94 bytes (0x5e)
0000: ...Z......+....s...S .$M..2...9..."... *................L.'.d...
0040: .e-=...0.....................
<= Recv SSL data, 5 bytes (0x5)
0000: ....'
== Info: TLSv1.2 (IN), TLS handshake, Certificate (11):
<= Recv SSL data, 807 bytes (0x327)
0000: ...#.. ...0...0..............E8...0....H........0.1.0...U....tl
0040: s.acme.sh0...170810135131Z..180810135131Z0.1.0...U....tls.acme.s
0080: h0.."0....H.............0.........^.Mw.....c...�}....}....n...
00c0: hq.._nY1.....c....J.'.e...g.k.....Vf.^|..C:25..�q.1Jj........n..
0100: ?i....B.......mlj<..()....&..@v.gx$..D..f4...$.[....,D..D..Sg..
0140: ...!..n.....6.ay.^.g. o.g4/XAU...._K...i.df....Et.y...Y..D..:t)
0180: P.�!j<..W..8P..W.1qg.$......Z...........j0h0...U........0Y..U...
01c0: R0P.N79b2c7be5fb62c16efbff814204e8977.26101fc80481453c652c23a2a2
0200: 275bec.acme.invalid0....H..............M.X'..HBm.M......].....1
0240: ~v.Xc ....V4..{...2....D...FO....JJ..#.L..=..Q9<X..d.'....qR.4.
0280: hS.......@....z/{...N5.u.F..nft....n....P�...FJ.v+.D.FR@.7'.Z.v@
02c0: .......P%.%J...?..$bGe.�...s#?.v..E/...3N..d.j.-.&O..Xl-X.f....
0300: .<v...Byi5$.&I.l..x........|.<|Z.|..I..
=> Send SSL data, 5 bytes (0x5)
0000: .....
== Info: TLSv1.2 (OUT), TLS alert, Server hello (2):
=> Send SSL data, 2 bytes (0x2)
0000: .0
== Info: SSL certificate problem: unable to get local issuer certificate
== Info: Closing connection 0
=> Send SSL data, 5 bytes (0x5)
0000: .....
== Info: TLSv1.2 (OUT), TLS alert, Client hello (1):
=> Send SSL data, 2 bytes (0x2)
0000: ..
[Thu Aug 10 15:51:41 CEST 2017] ret='60'
[Thu Aug 10 15:51:41 CEST 2017] GET
[Thu Aug 10 15:51:41 CEST 2017] url='https://localhost:443'
[Thu Aug 10 15:51:41 CEST 2017] timeout='1'
[Thu Aug 10 15:51:41 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1502373101.tmp --capath /opt/etc/ssl/certs --connect-timeout 1'
[Thu Aug 10 15:51:41 CEST 2017] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 35
[Thu Aug 10 15:51:41 CEST 2017] Here is the curl dump log:
[Thu Aug 10 15:51:41 CEST 2017] == Info: Rebuilt URL to: https://localhost:443/
== Info: Trying 127.0.0.1...
== Info: Connected to localhost (127.0.0.1) port 443 (#0)
== Info: ALPN, offering http/1.1
== Info: Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@strength
== Info: successfully set certificate verify locations:
== Info: CAfile: none
CApath: /opt/etc/ssl/certs
== Info: TLSv1.2 (OUT), TLS header, Certificate Status (22):
=> Send SSL data, 5 bytes (0x5)
0000: .....
== Info: TLSv1.2 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: ........0....=......bL..n ..."1n..%+.....0.,.(.$.............k.
0040: j.i.h.9.8.7.6.............2....&.......=.5./.+.'.#.............
0080: g.@.?.>.3.2.1.0.........1.-.).%.......<./.......................
00c0: ..=.........localhost............................... ...........
0100: ..........................3t.........http/1.1...................
0140: ................................................................
0180: ................................................................
01c0: ................................................................
== Info: Unknown SSL protocol error in connection to localhost:443
== Info: Closing connection 0
[Thu Aug 10 15:51:41 CEST 2017] ret='35'
[Thu Aug 10 15:51:41 CEST 2017] No need to restore nginx, skip.
[Thu Aug 10 15:51:41 CEST 2017] _clearupdns
[Thu Aug 10 15:51:41 CEST 2017] skip dns.
[Thu Aug 10 15:51:41 CEST 2017] _on_issue_err
[Thu Aug 10 15:51:41 CEST 2017] Please check log file for more details: /jffs/ssl/acme.sh.log
[Thu Aug 10 15:51:41 CEST 2017] Run post hook:'startservice lighttpd'
[Thu Aug 10 15:51:41 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/RaCJftT8A_JSSPL170Pozl09DqKByyf0DYLYkUakQuk/51450691'
[Thu Aug 10 15:51:42 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "RbyMDgVrT264uH1uG0aqQ8hz3AYBoLyQ0WiLa3BL9xc.FLQNgF_XJdfJLSaAjfBO1d1iWgBL5DXiTqBXqhrPCNA"}'
[Thu Aug 10 15:51:42 CEST 2017] POST
[Thu Aug 10 15:51:42 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/RaCJftT8A_JSSPL170Pozl09DqKByyf0DYLYkUakQuk/51450691'
[Thu Aug 10 15:51:42 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1502373101.tmp --capath /opt/etc/ssl/certs '
[Thu Aug 10 15:51:43 CEST 2017] _ret='0'
[Thu Aug 10 15:51:43 CEST 2017] code='400'
[Thu Aug 10 15:51:43 CEST 2017] Diagnosis versions:
openssl:openssl
apache:
apache doesn't exists.
nginx:
nginx version: nginx/1.10.3
built by gcc 5.3.0 (OpenWrt GCC 5.3.0 r49031)
built with OpenSSL 1.0.2h 3 May 2016 (running with OpenSSL 1.0.2k 26 Jan 2017)
TLS SNI support enabled
configure arguments: --crossbuild=Linux::arm --prefix=/usr --conf-path=/etc/nginx/nginx.conf --add-module=/home/bluebat/Build/KWRT/build_dir/target-arm_cortex-a9_musl-1.1.14_eabi/nginx-1.10.3/nginx-naxsi/naxsi_src --with-ipv6 --with-http_ssl_module --with-http_auth_request_module --with-http_v2_module --error-log-path=/var/log/nginx/error.log --pid-path=/var/run/nginx.pid --lock-path=/var/lock/nginx.lock --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/body --http-proxy-temp-path=/var/lib/nginx/proxy --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --with-cc=arm-openwrt-linux-muslgnueabi-gcc --with-cc-opt='-I/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/usr/include -I/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/include -I/home/bluebat/Build/KWRT/staging_dir/toolchain-arm_cortex-a9_gcc-5.3.0_musl-1.1.14_eabi/usr/include -I/home/bluebat/Build/KWRT/staging_dir/toolchain-arm_cortex-a9_gcc-5.3.0_musl-1.1.14_eabi/include/fortify -I/home/bluebat/Build/KWRT/staging_dir/toolchain-arm_cortex-a9_gcc-5.3.0_musl-1.1.14_eabi/include -Os -pipe -march=armv7-a -mtune=cortex-a9 -fno-caller-saves -fno-plt -fhonour-copts -Wno-error=unused-but-set-variable -Wno-error=unused-result -mfloat-abi=soft -iremap /home/bluebat/Build/KWRT/build_dir/target-arm_cortex-a9_musl-1.1.14_eabi/nginx-1.10.3:nginx-1.10.3 -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -fvisibility=hidden -ffunction-sections -fdata-sections -DNGX_LUA_NO_BY_LUA_BLOCK' --with-ld-opt='-L/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/opt/usr/lib -L/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/opt/lib -L/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/usr/lib -L/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/lib -Wl,--dynamic-linker=/opt/lib/ld-musl-arm.so.1 -Wl,-rpath,/opt/usr/lib:/opt/lib -L/home/bluebat/Build/KWRT/staging_dir/toolchain-arm_cortex-a9_gcc-5.3.0_musl-1.1.14_eabi/usr/lib -L/home/bluebat/Build/KWRT/staging_dir/toolchain-arm_cortex-a9_gcc-5.3.0_musl-1.1.14_eabi/lib -znow -zrelro -Wl,--gc-sections' --without-http_upstream_zone_module
nc:
nc: unrecognized option: h
BusyBox v1.26.2 (2017-06-11 12:42:31 CEST) multi-call binary.

Usage: nc [-iN] [-wN] [-l] [-p PORT] [-f FILE|IPADDR PORT] [-e PROG]

Open a pipe to IP:PORT or FILE

-l	Listen mode, for inbound connects
	(use -ll with -e for persistent server)
-p PORT	Local port
-w SEC	Connect timeout
-i SEC	Delay interval for lines sent
-f FILE	Use file (ala /dev/ttyS0) instead of network
-e PROG	Run PROG after connect

`

Neilpang · 2017-08-11T01:06:31Z

don't paste the log file.

copy and paste the output of the command in your terminal window.

acme.sh  ......   --debug 2

justClouds · 2017-08-11T12:28:44Z

`[Fri Aug 11 14:17:35 CEST 2017] Using config home:/jffs/usr/ssl
[Fri Aug 11 14:17:35 CEST 2017] LE_WORKING_DIR='/jffs/usr/ssl'
[Fri Aug 11 14:17:35 CEST 2017] Using config home:/jffs/usr/ssl
[Fri Aug 11 14:17:35 CEST 2017] _ACME_SERVER_HOST='acme-v01.api.letsencrypt.org'
[Fri Aug 11 14:17:35 CEST 2017] DOMAIN_PATH='/jffs/usr/ssl/sub.moerman.cc'
[Fri Aug 11 14:17:35 CEST 2017] Using ACME_DIRECTORY: https://acme-v01.api.letsencrypt.org/directory
[Fri Aug 11 14:17:35 CEST 2017] _init api for server: https://acme-v01.api.letsencrypt.org/directory
[Fri Aug 11 14:17:35 CEST 2017] ACME_KEY_CHANGE='https://acme-v01.api.letsencrypt.org/acme/key-change'
[Fri Aug 11 14:17:35 CEST 2017] ACME_NEW_AUTHZ='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Fri Aug 11 14:17:35 CEST 2017] ACME_NEW_ORDER='https://acme-v01.api.letsencrypt.org/acme/new-cert'
[Fri Aug 11 14:17:35 CEST 2017] ACME_NEW_ACCOUNT='https://acme-v01.api.letsencrypt.org/acme/new-reg'
[Fri Aug 11 14:17:35 CEST 2017] ACME_REVOKE_CERT='https://acme-v01.api.letsencrypt.org/acme/revoke-cert'
[Fri Aug 11 14:17:35 CEST 2017] Le_NextRenewTime
[Fri Aug 11 14:17:35 CEST 2017] _on_before_issue
[Fri Aug 11 14:17:35 CEST 2017] 'tls' does not contain 'no'
[Fri Aug 11 14:17:35 CEST 2017] Le_LocalAddress
[Fri Aug 11 14:17:35 CEST 2017] Check for domain='sub.moerman.cc'
[Fri Aug 11 14:17:35 CEST 2017] _currentRoot='tls'
[Fri Aug 11 14:17:35 CEST 2017] _checkport='443'
[Fri Aug 11 14:17:35 CEST 2017] _checkaddr
[Fri Aug 11 14:17:35 CEST 2017] Using: netstat
[Fri Aug 11 14:17:35 CEST 2017] 'tls' does not contain 'apache'
[Fri Aug 11 14:17:35 CEST 2017] _saved_account_key_hash='xffCGMRBfKEU5UBPOM+HGOQe6W24cU/c41jmQE8172c='
[Fri Aug 11 14:17:35 CEST 2017] _saved_account_key_hash is not changed, skip register account.
[Fri Aug 11 14:17:35 CEST 2017] Read key length:
[Fri Aug 11 14:17:35 CEST 2017] _createcsr
[Fri Aug 11 14:17:35 CEST 2017] domain='sub.moerman.cc'
[Fri Aug 11 14:17:35 CEST 2017] domainlist
[Fri Aug 11 14:17:35 CEST 2017] csrkey='/jffs/usr/ssl/sub.moerman.cc/sub.moerman.cc.key'
[Fri Aug 11 14:17:35 CEST 2017] csr='/jffs/usr/ssl/sub.moerman.cc/sub.moerman.cc.csr'
[Fri Aug 11 14:17:35 CEST 2017] csrconf='/jffs/usr/ssl/sub.moerman.cc/sub.moerman.cc.csr.conf'
[Fri Aug 11 14:17:35 CEST 2017] _is_idn_d='sub.moerman.cc'
[Fri Aug 11 14:17:35 CEST 2017] _idn_temp
[Fri Aug 11 14:17:35 CEST 2017] _csr_cn='sub.moerman.cc'
[Fri Aug 11 14:17:35 CEST 2017] _w='tls'
[Fri Aug 11 14:17:35 CEST 2017] _currentRoot='tls'
[Fri Aug 11 14:17:35 CEST 2017] _init api for server: https://acme-v01.api.letsencrypt.org/directory
[Fri Aug 11 14:17:35 CEST 2017] ACME_KEY_CHANGE='https://acme-v01.api.letsencrypt.org/acme/key-change'
[Fri Aug 11 14:17:35 CEST 2017] ACME_NEW_AUTHZ='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Fri Aug 11 14:17:35 CEST 2017] ACME_NEW_ORDER='https://acme-v01.api.letsencrypt.org/acme/new-cert'
[Fri Aug 11 14:17:35 CEST 2017] ACME_NEW_ACCOUNT='https://acme-v01.api.letsencrypt.org/acme/new-reg'
[Fri Aug 11 14:17:35 CEST 2017] ACME_REVOKE_CERT='https://acme-v01.api.letsencrypt.org/acme/revoke-cert'
[Fri Aug 11 14:17:35 CEST 2017] Try new-authz for the 0 time.
[Fri Aug 11 14:17:35 CEST 2017] _is_idn_d='sub.moerman.cc'
[Fri Aug 11 14:17:35 CEST 2017] _idn_temp
[Fri Aug 11 14:17:35 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Fri Aug 11 14:17:35 CEST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "sub.moerman.cc"}}'
[Fri Aug 11 14:17:35 CEST 2017] RSA key
[Fri Aug 11 14:17:36 CEST 2017] _URGLY_PRINTF
[Fri Aug 11 14:17:36 CEST 2017] xargs
[Fri Aug 11 14:17:36 CEST 2017] _URGLY_PRINTF
[Fri Aug 11 14:17:36 CEST 2017] xargs
[Fri Aug 11 14:17:36 CEST 2017] Get nonce. ACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory'
[Fri Aug 11 14:17:36 CEST 2017] GET
[Fri Aug 11 14:17:36 CEST 2017] url='https://acme-v01.api.letsencrypt.org/directory'
[Fri Aug 11 14:17:36 CEST 2017] timeout
[Fri Aug 11 14:17:36 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1502453856.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 11 14:17:36 CEST 2017] ret='0'
[Fri Aug 11 14:17:36 CEST 2017] _headers='HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Content-Length: 460
Boulder-Request-Id: 3kfZt42QqPuDVqrBZMmgEFJJoWcRYbWNZ1ZV3ChAwAY
Replay-Nonce: xhUGgvbd3FknnvQUOfofIPRCU9Ql_DKnvC-sutYwO9c
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 11 Aug 2017 12:17:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 11 Aug 2017 12:17:36 GMT
Connection: keep-alive

'
[Fri Aug 11 14:17:36 CEST 2017] _CACHED_NONCE='xhUGgvbd3FknnvQUOfofIPRCU9Ql_DKnvC-sutYwO9c'
[Fri Aug 11 14:17:36 CEST 2017] nonce='xhUGgvbd3FknnvQUOfofIPRCU9Ql_DKnvC-sutYwO9c'
[Fri Aug 11 14:17:36 CEST 2017] POST
[Fri Aug 11 14:17:36 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Fri Aug 11 14:17:36 CEST 2017] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "uZAwQDkXiDgfxfNiPqbMmEnblp4u9LTogHo_N-bHvhGPcafY0-FmWeSH2Df-ZgpiCZCSw5QxY5KPOod_SgvBVbfAiWjgMfGtlL5Y3B-QEtK89qwdMdMScpx9AhPMEcOV_G6u7iPn28SSYqSCVVybOVnoEoHhar48D8m5Pdx18Wx0oRWAiLCnuN_Lwy3B5aTJuV_K3L0xqHLFIJScHzGsOk681H32lWz_okycPp21tGZBBPDJDyseqPb-CYWyBunzFSlctTqTwE-VIST2jmn7ESIwmqeMv_0LIINskgaOPmx51d6yl2MJQszTTQaEWcteew8eJQhbEF5aXrJ8dit-Rw"}}, "protected": "eyJub25jZSI6ICJ4aFVHZ3ZiZDNGa25udlFVT2ZvZklQUkNVOVFsX0RLbnZDLXN1dFl3TzljIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctYXV0aHoiLCAiYWxnIjogIlJTMjU2IiwgImp3ayI6IHsiZSI6ICJBUUFCIiwgImt0eSI6ICJSU0EiLCAibiI6ICJ1WkF3UURrWGlEZ2Z4Zk5pUHFiTW1FbmJscDR1OUxUb2dIb19OLWJIdmhHUGNhZlkwLUZtV2VTSDJEZi1aZ3BpQ1pDU3c1UXhZNUtQT29kX1NndkJWYmZBaVdqZ01mR3RsTDVZM0ItUUV0Szg5cXdkTWRNU2NweDlBaFBNRWNPVl9HNnU3aVBuMjhTU1lxU0NWVnliT1Zub0VvSGhhcjQ4RDhtNVBkeDE4V3gwb1JXQWlMQ251Tl9Md3kzQjVhVEp1Vl9LM0wweHFITEZJSlNjSHpHc09rNjgxSDMybFd6X29reWNQcDIxdEdaQkJQREpEeXNlcVBiLUNZV3lCdW56RlNsY3RUcVR3RS1WSVNUMmptbjdFU0l3bXFlTXZfMExJSU5za2dhT1BteDUxZDZ5bDJNSlFzelRUUWFFV2N0ZWV3OGVKUWhiRUY1YVhySjhkaXQtUncifX0", "payload": "eyJyZXNvdXJjZSI6ICJuZXctYXV0aHoiLCAiaWRlbnRpZmllciI6IHsidHlwZSI6ICJkbnMiLCAidmFsdWUiOiAic2lja3JhZ2UubW9lcm1hbi5jYyJ9fQ", "signature": "dGcHgv8VN5egBNDhhuwa1J_k23ljyzT1RqZNuMEBRdB8flef06SxasMklGgXZOYQ-fYoAavImuKreX8PSzUO1lis-FgnUP8es_sNl2zQkGx65z_qbcbcUVoHm8HHN08B18BjAZVrXSspYKk8lW-kw_TEB-xWgP_wfJg_qSRF1svVLUpOq8CHWX6dDLjFgDd1t6BbWDum388VMGnIlVTpQANdUjjx23wN7KT80pOpIUBU4BNAK5J9O4bxC32sMTlvTGnLPvU758F1qmSqM3-ibGYGAHt20Y4PS8DREK_vs67uV1rINQkbUyaFJrZ5PXirCyFE9Jf9fJnDu7Y6ehza_Q"}'
[Fri Aug 11 14:17:36 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1502453856.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 11 14:17:37 CEST 2017] _ret='0'
[Fri Aug 11 14:17:37 CEST 2017] original='{
"identifier": {
"type": "dns",
"value": "sub.moerman.cc"
},
"status": "pending",
"expires": "2017-08-18T12:17:37.511968968Z",
"challenges": [
{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107",
"token": "EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo"
},
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287108",
"token": "80hHiVlRYTDZaW3HVStle95CmYLuJCXE2wGcbeVnMSU"
},
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287109",
"token": "PRYciqQy9rIu6G_8jVYRjCvDI2j7r-CDLNIrMxkrpWk"
}
],
"combinations": [
[
1
],
[
0
],
[
2
]
]
}'
[Fri Aug 11 14:17:37 CEST 2017] responseHeaders='HTTP/1.1 100 Continue
Expires: Fri, 11 Aug 2017 12:17:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 201 Created
Server: nginx
Content-Type: application/json
Content-Length: 1007
Boulder-Request-Id: ElR-XPUSZOPntAEv2m1VFp_4EN64-HosIJ4qjB-cPhg
Boulder-Requester: 19786440
Link: https://acme-v01.api.letsencrypt.org/acme/new-cert;rel="next"
Location: https://acme-v01.api.letsencrypt.org/acme/authz/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY
Replay-Nonce: I8o_AAxkuGURRul9oTs6B7QSa1ak7mYKsfu7zS5F6Ag
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 11 Aug 2017 12:17:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 11 Aug 2017 12:17:37 GMT
Connection: keep-alive

'
[Fri Aug 11 14:17:37 CEST 2017] response='{"identifier":{"type":"dns","value":"sub.moerman.cc"},"status":"pending","expires":"2017-08-18T12:17:37.511968968Z","challenges":[{"type":"tls-sni-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107","token":"EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo"},{"type":"dns-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287108","token":"80hHiVlRYTDZaW3HVStle95CmYLuJCXE2wGcbeVnMSU"},{"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287109","token":"PRYciqQy9rIu6G_8jVYRjCvDI2j7r-CDLNIrMxkrpWk"}],"combinations":[[1],[0],[2]]}'
[Fri Aug 11 14:17:37 CEST 2017] code='201'
[Fri Aug 11 14:17:37 CEST 2017] entry='"type":"tls-sni-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107","token":"EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo"'
[Fri Aug 11 14:17:37 CEST 2017] token='EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo'
[Fri Aug 11 14:17:37 CEST 2017] uri='https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107'
[Fri Aug 11 14:17:37 CEST 2017] keyauthorization='EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo.uxYMCnLuhB_dEXW3hUf4RmCLCH2Mt4NzZzLQk7-quSY'
[Fri Aug 11 14:17:37 CEST 2017] dvlist='sub.moerman.cc#EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo.uxYMCnLuhB_dEXW3hUf4RmCLCH2Mt4NzZzLQk7-quSY#https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107#tls-sni-01#tls'
[Fri Aug 11 14:17:37 CEST 2017] vlist='sub.moerman.cc#EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo.uxYMCnLuhB_dEXW3hUf4RmCLCH2Mt4NzZzLQk7-quSY#https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107#tls-sni-01#tls,'
[Fri Aug 11 14:17:37 CEST 2017] ok, let's start to verify
[Fri Aug 11 14:17:37 CEST 2017] d='sub.moerman.cc'
[Fri Aug 11 14:17:37 CEST 2017] keyauthorization='EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo.uxYMCnLuhB_dEXW3hUf4RmCLCH2Mt4NzZzLQk7-quSY'
[Fri Aug 11 14:17:37 CEST 2017] uri='https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107'
[Fri Aug 11 14:17:37 CEST 2017] _currentRoot='tls'
[Fri Aug 11 14:17:37 CEST 2017] _hash_B='13183c9a18ac4b72cc955217340bed0e91089b8f27eab3ecf99ac68d4e7b7410'
[Fri Aug 11 14:17:38 CEST 2017] _x='13183c9a18ac4b72cc955217340bed0e'
[Fri Aug 11 14:17:38 CEST 2017] _y='91089b8f27eab3ecf99ac68d4e7b7410'
[Fri Aug 11 14:17:38 CEST 2017] _SAN_B='13183c9a18ac4b72cc955217340bed0e.91089b8f27eab3ecf99ac68d4e7b7410.acme.invalid'
[Fri Aug 11 14:17:38 CEST 2017] san_a='13183c9a18ac4b72cc955217340bed0e.91089b8f27eab3ecf99ac68d4e7b7410.acme.invalid'
[Fri Aug 11 14:17:38 CEST 2017] san_b
[Fri Aug 11 14:17:38 CEST 2017] port='443'
[Fri Aug 11 14:17:38 CEST 2017] _createkey for file:/jffs/usr/ssl/sub.moerman.cc/tls.validation.key
[Fri Aug 11 14:17:38 CEST 2017] Use length 2048
[Fri Aug 11 14:17:38 CEST 2017] Using RSA: 2048
[Fri Aug 11 14:17:45 CEST 2017] _createcsr
[Fri Aug 11 14:17:45 CEST 2017] domain='tls.acme.sh'
[Fri Aug 11 14:17:45 CEST 2017] domainlist='13183c9a18ac4b72cc955217340bed0e.91089b8f27eab3ecf99ac68d4e7b7410.acme.invalid'
[Fri Aug 11 14:17:45 CEST 2017] csrkey='/jffs/usr/ssl/sub.moerman.cc/tls.validation.key'
[Fri Aug 11 14:17:45 CEST 2017] csr='/jffs/usr/ssl/sub.moerman.cc/tls.validation.csr'
[Fri Aug 11 14:17:45 CEST 2017] csrconf='/jffs/usr/ssl/sub.moerman.cc/tls.validation.conf'
[Fri Aug 11 14:17:45 CEST 2017] _is_idn_d='13183c9a18ac4b72cc955217340bed0e.91089b8f27eab3ecf99ac68d4e7b7410.acme.invalid'
[Fri Aug 11 14:17:45 CEST 2017] _idn_temp
[Fri Aug 11 14:17:45 CEST 2017] domainlist='13183c9a18ac4b72cc955217340bed0e.91089b8f27eab3ecf99ac68d4e7b7410.acme.invalid'
[Fri Aug 11 14:17:45 CEST 2017] _is_idn_d='tls.acme.sh'
[Fri Aug 11 14:17:45 CEST 2017] _idn_temp
[Fri Aug 11 14:17:45 CEST 2017] _csr_cn='tls.acme.sh'
[Fri Aug 11 14:17:45 CEST 2017] _signcsr
[Fri Aug 11 14:17:45 CEST 2017] Signature ok
subject=/CN=tls.acme.sh
Getting Private key
[Fri Aug 11 14:17:45 CEST 2017] Le_Listen_V4
[Fri Aug 11 14:17:45 CEST 2017] Le_Listen_V6
[Fri Aug 11 14:17:45 CEST 2017] openssl s_server -cert /jffs/usr/ssl/sub.moerman.cc/tls.validation.cert -key /jffs/usr/ssl/sub.moerman.cc/tls.validation.key -accept 443
[Fri Aug 11 14:17:46 CEST 2017] serverproc='25442'
[Fri Aug 11 14:17:46 CEST 2017] tigger domain validation.
[Fri Aug 11 14:17:47 CEST 2017] _t_url='https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107'
[Fri Aug 11 14:17:47 CEST 2017] _t_key_authz='EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo.uxYMCnLuhB_dEXW3hUf4RmCLCH2Mt4NzZzLQk7-quSY'
[Fri Aug 11 14:17:47 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107'
[Fri Aug 11 14:17:47 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo.uxYMCnLuhB_dEXW3hUf4RmCLCH2Mt4NzZzLQk7-quSY"}'
[Fri Aug 11 14:17:47 CEST 2017] Use cached jwk for file: /jffs/usr/ssl/ca/acme-v01.api.letsencrypt.org/account.key
[Fri Aug 11 14:17:47 CEST 2017] Use _CACHED_NONCE='I8o_AAxkuGURRul9oTs6B7QSa1ak7mYKsfu7zS5F6Ag'
[Fri Aug 11 14:17:47 CEST 2017] nonce='I8o_AAxkuGURRul9oTs6B7QSa1ak7mYKsfu7zS5F6Ag'
[Fri Aug 11 14:17:47 CEST 2017] POST
[Fri Aug 11 14:17:47 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107'
[Fri Aug 11 14:17:47 CEST 2017] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "uZAwQDkXiDgfxfNiPqbMmEnblp4u9LTogHo_N-bHvhGPcafY0-FmWeSH2Df-ZgpiCZCSw5QxY5KPOod_SgvBVbfAiWjgMfGtlL5Y3B-QEtK89qwdMdMScpx9AhPMEcOV_G6u7iPn28SSYqSCVVybOVnoEoHhar48D8m5Pdx18Wx0oRWAiLCnuN_Lwy3B5aTJuV_K3L0xqHLFIJScHzGsOk681H32lWz_okycPp21tGZBBPDJDyseqPb-CYWyBunzFSlctTqTwE-VIST2jmn7ESIwmqeMv_0LIINskgaOPmx51d6yl2MJQszTTQaEWcteew8eJQhbEF5aXrJ8dit-Rw"}}, "protected": "eyJub25jZSI6ICJJOG9fQUF4a3VHVVJSdWw5b1RzNkI3UVNhMWFrN21ZS3NmdTd6UzVGNkFnIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UvNFVqZFkxXzJkOGpqNGhBLTExMUtQNENqU1JNc0VTZGwzblpnWEdJbUdYWS8xNzI5Mjg3MTA3IiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAidVpBd1FEa1hpRGdmeGZOaVBxYk1tRW5ibHA0dTlMVG9nSG9fTi1iSHZoR1BjYWZZMC1GbVdlU0gyRGYtWmdwaUNaQ1N3NVF4WTVLUE9vZF9TZ3ZCVmJmQWlXamdNZkd0bEw1WTNCLVFFdEs4OXF3ZE1kTVNjcHg5QWhQTUVjT1ZfRzZ1N2lQbjI4U1NZcVNDVlZ5Yk9Wbm9Fb0hoYXI0OEQ4bTVQZHgxOFd4MG9SV0FpTENudU5fTHd5M0I1YVRKdVZfSzNMMHhxSExGSUpTY0h6R3NPazY4MUgzMmxXel9va3ljUHAyMXRHWkJCUERKRHlzZXFQYi1DWVd5QnVuekZTbGN0VHFUd0UtVklTVDJqbW43RVNJd21xZU12XzBMSUlOc2tnYU9QbXg1MWQ2eWwyTUpRc3pUVFFhRVdjdGVldzhlSlFoYkVGNWFYcko4ZGl0LVJ3In19", "payload": "eyJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLCAia2V5QXV0aG9yaXphdGlvbiI6ICJFSW5XMEM0OVR5T2RrLURoMkhGd3FFSEd0cW1ncFNLY1MxODFLaUlOV0VvLnV4WU1Dbkx1aEJfZEVYVzNoVWY0Um1DTENIMk10NE56WnpMUWs3LXF1U1kifQ", "signature": "fYBHmhzamXLZxp4dFGab3MFzLyvf65rrzGMQu8XRMllYTBf6w4pQljjT2EjHMEnlekng-iwSc5Wp1loYn9GFtvsfPHD_dGItOj5IjkDmib8yoIryExsNPNFA9TxEJ6foQKbxf4cbcdh9SdmIHH-LC_rhysKDMA7mC-dGXVtDlFJmp0cmtSjZWODWzwBGxagUhiWpXWATkKnDTSQ92cQUreS52nKZ4cgGJqSn5P4kw5BEaN3QGhVskiCSop2rwzpNCn1mkY652fJq8pGirEFfDtaTUNvlXQizCNe21BN3xxyD7UIvJjt64o6o9KFBHGFtL4w7edqzgVToI_TS9CDf7g"}'
[Fri Aug 11 14:17:47 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1502453867.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 11 14:17:48 CEST 2017] _ret='0'
[Fri Aug 11 14:17:48 CEST 2017] original='{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107",
"token": "EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo",
"keyAuthorization": "EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo.uxYMCnLuhB_dEXW3hUf4RmCLCH2Mt4NzZzLQk7-quSY"
}'
[Fri Aug 11 14:17:48 CEST 2017] responseHeaders='HTTP/1.1 100 Continue
Expires: Fri, 11 Aug 2017 12:17:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 202 Accepted77.
Server: nginx
Content-Type: application/json
Content-Length: 339
Boulder-Request-Id: d6XjUeV996_XDR-xh9pdBJEsQ5ETASe2WKdI_TW2OBE
Boulder-Requester: 19786440
Link: https://acme-v01.api.letsencrypt.org/acme/authz/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY;rel="up"
Location: https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107
Replay-Nonce: wrgWUTmQTWAvbc0p42rk8Rot9V0U87-CbWGyTbSVzCg
Expires: Fri, 11 Aug 2017 12:17:48 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 11 Aug 2017 12:17:48 GMT
Connection: keep-alive

'
[Fri Aug 11 14:17:48 CEST 2017] response='{"type":"tls-sni-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107","token":"EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo","keyAuthorization":"EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo.uxYMCnLuhB_dEXW3hUf4RmCLCH2Mt4NzZzLQk7-quSY"}'
[Fri Aug 11 14:17:48 CEST 2017] code='202'
[Fri Aug 11 14:17:48 CEST 2017] sleep 2 secs to verify
[Fri Aug 11 14:17:50 CEST 2017] checking
[Fri Aug 11 14:17:50 CEST 2017] GET
[Fri Aug 11 14:17:50 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107'
[Fri Aug 11 14:17:50 CEST 2017] timeout
[Fri Aug 11 14:17:50 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1502453870.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 11 14:17:50 CEST 2017] ret='0'
[Fri Aug 11 14:17:50 CEST 2017] original='{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107",
"token": "EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo",
"keyAuthorization": "EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo.uxYMCnLuhB_dEXW3hUf4RmCLCH2Mt4NzZzLQk7-quSY"
}'
[Fri Aug 11 14:17:50 CEST 2017] response='{"type":"tls-sni-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107","token":"EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo","keyAuthorization":"EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo.uxYMCnLuhB_dEXW3hUf4RmCLCH2Mt4NzZzLQk7-quSY"}'
[Fri Aug 11 14:17:50 CEST 2017] sleep 2 secs to verify
[Fri Aug 11 14:17:52 CEST 2017] checking
[Fri Aug 11 14:17:52 CEST 2017] GET
[Fri Aug 11 14:17:52 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107'
[Fri Aug 11 14:17:52 CEST 2017] timeout
[Fri Aug 11 14:17:52 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1502453872.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 11 14:17:53 CEST 2017] ret='0'
[Fri Aug 11 14:17:53 CEST 2017] original='{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107",
"token": "EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo",
"keyAuthorization": "EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo.uxYMCnLuhB_dEXW3hUf4RmCLCH2Mt4NzZzLQk7-quSY"
}'
[Fri Aug 11 14:17:53 CEST 2017] response='{"type":"tls-sni-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107","token":"EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo","keyAuthorization":"EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo.uxYMCnLuhB_dEXW3hUf4RmCLCH2Mt4NzZzLQk7-quSY"}'
[Fri Aug 11 14:17:53 CEST 2017] sleep 2 secs to verify
[Fri Aug 11 14:17:55 CEST 2017] checking
[Fri Aug 11 14:17:55 CEST 2017] GET
[Fri Aug 11 14:17:55 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107'
[Fri Aug 11 14:17:55 CEST 2017] timeout
[Fri Aug 11 14:17:55 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1502453875.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 11 14:17:55 CEST 2017] ret='0'
[Fri Aug 11 14:17:55 CEST 2017] original='{
"type": "tls-sni-01",
"status": "invalid",
"error": {
"type": "urn:acme:error:connection",
"detail": "Timeout",
"status": 400
},
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107",
"token": "EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo",
"keyAuthorization": "EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo.uxYMCnLuhB_dEXW3hUf4RmCLCH2Mt4NzZzLQk7-quSY",
"validationRecord": [
{
"hostname": "sub.moerman.cc",
"port": "443",
"addressesResolved": [
"78.251.187.159"
],
"addressUsed": "78.251.187.159",
"addressesTried": []
}
]
}'
[Fri Aug 11 14:17:55 CEST 2017] response='{"type":"tls-sni-01","status":"invalid","error":{"type":"urn:acme:error:connection","detail":"Timeout","status": 400},"uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107","token":"EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo","keyAuthorization":"EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo.uxYMCnLuhB_dEXW3hUf4RmCLCH2Mt4NzZzLQk7-quSY","validationRecord":[{"hostname":"sub.moerman.cc","port":"443","addressesResolved":["78.251.187.159"],"addressUsed":"78.251.187.159","addressesTried":[]}]}'
sed: bad regex '.("error":{[^\}]).*': Invalid contents of {}
[Fri Aug 11 14:17:55 CEST 2017] error
[Fri Aug 11 14:17:55 CEST 2017] errordetail
[Fri Aug 11 14:17:55 CEST 2017] sub.moerman.cc:Verify error:
[Fri Aug 11 14:17:55 CEST 2017] Skip for removelevel:
[Fri Aug 11 14:17:55 CEST 2017] pid='25442'
[Fri Aug 11 14:17:55 CEST 2017] Le_HTTPPort
[Fri Aug 11 14:17:55 CEST 2017] Le_TLSPort='443'
1995887808:error:14094418:lib(20):func(148):reason(1048):NA:0:SSL alert number 48
1995887808:error:140790E5:lib(20):func(121):reason(229):NA:0:
shutdown accept socket
[Fri Aug 11 14:17:55 CEST 2017] No need to restore nginx, skip.
[Fri Aug 11 14:17:55 CEST 2017] _clearupdns
[Fri Aug 11 14:17:55 CEST 2017] skip dns.
[Fri Aug 11 14:17:55 CEST 2017] _on_issue_err
[Fri Aug 11 14:17:55 CEST 2017] Please add '--debug' or '--log' to check more details.
[Fri Aug 11 14:17:55 CEST 2017] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
[Fri Aug 11 14:17:55 CEST 2017] _chk_vlist='sub.moerman.cc#EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo.uxYMCnLuhB_dEXW3hUf4RmCLCH2Mt4NzZzLQk7-quSY#https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107#tls-sni-01#tls,'
[Fri Aug 11 14:17:55 CEST 2017] start to deactivate authz
[Fri Aug 11 14:17:55 CEST 2017] tigger domain validation.
[Fri Aug 11 14:17:55 CEST 2017] _t_url='https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107'
[Fri Aug 11 14:17:55 CEST 2017] _t_key_authz='EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo.uxYMCnLuhB_dEXW3hUf4RmCLCH2Mt4NzZzLQk7-quSY'
[Fri Aug 11 14:17:55 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107'
[Fri Aug 11 14:17:55 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "EInW0C49TyOdk-Dh2HFwqEHGtqmgpSKcS181KiINWEo.uxYMCnLuhB_dEXW3hUf4RmCLCH2Mt4NzZzLQk7-quSY"}'
[Fri Aug 11 14:17:55 CEST 2017] Use cached jwk for file: /jffs/usr/ssl/ca/acme-v01.api.letsencrypt.org/account.key
[Fri Aug 11 14:17:55 CEST 2017] Use _CACHED_NONCE='wrgWUTmQTWAvbc0p42rk8Rot9V0U87-CbWGyTbSVzCg'
[Fri Aug 11 14:17:55 CEST 2017] nonce='wrgWUTmQTWAvbc0p42rk8Rot9V0U87-CbWGyTbSVzCg'
[Fri Aug 11 14:17:56 CEST 2017] POST
[Fri Aug 11 14:17:56 CEST 2017] url='https://acme-v01.api.letsencrypt.org/acme/challenge/4UjdY1_2d8jj4hA-111KP4CjSRMsESdl3nZgXGImGXY/1729287107'
[Fri Aug 11 14:17:56 CEST 2017] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "uZAwQDkXiDgfxfNiPqbMmEnblp4u9LTogHo_N-bHvhGPcafY0-FmWeSH2Df-ZgpiCZCSw5QxY5KPOod_SgvBVbfAiWjgMfGtlL5Y3B-QEtK89qwdMdMScpx9AhPMEcOV_G6u7iPn28SSYqSCVVybOVnoEoHhar48D8m5Pdx18Wx0oRWAiLCnuN_Lwy3B5aTJuV_K3L0xqHLFIJScHzGsOk681H32lWz_okycPp21tGZBBPDJDyseqPb-CYWyBunzFSlctTqTwE-VIST2jmn7ESIwmqeMv_0LIINskgaOPmx51d6yl2MJQszTTQaEWcteew8eJQhbEF5aXrJ8dit-Rw"}}, "protected": "eyJub25jZSI6ICJ3cmdXVVRtUVRXQXZiYzBwNDJyazhSb3Q5VjBVODctQ2JXR3lUYlNWekNnIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UvNFVqZFkxXzJkOGpqNGhBLTExMUtQNENqU1JNc0VTZGwzblpnWEdJbUdYWS8xNzI5Mjg3MTA3IiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAidVpBd1FEa1hpRGdmeGZOaVBxYk1tRW5ibHA0dTlMVG9nSG9fTi1iSHZoR1BjYWZZMC1GbVdlU0gyRGYtWmdwaUNaQ1N3NVF4WTVLUE9vZF9TZ3ZCVmJmQWlXamdNZkd0bEw1WTNCLVFFdEs4OXF3ZE1kTVNjcHg5QWhQTUVjT1ZfRzZ1N2lQbjI4U1NZcVNDVlZ5Yk9Wbm9Fb0hoYXI0OEQ4bTVQZHgxOFd4MG9SV0FpTENudU5fTHd5M0I1YVRKdVZfSzNMMHhxSExGSUpTY0h6R3NPazY4MUgzMmxXel9va3ljUHAyMXRHWkJCUERKRHlzZXFQYi1DWVd5QnVuekZTbGN0VHFUd0UtVklTVDJqbW43RVNJd21xZU12XzBMSUlOc2tnYU9QbXg1MWQ2eWwyTUpRc3pUVFFhRVdjdGVldzhlSlFoYkVGNWFYcko4ZGl0LVJ3In19", "payload": "eyJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLCAia2V5QXV0aG9yaXphdGlvbiI6ICJFSW5XMEM0OVR5T2RrLURoMkhGd3FFSEd0cW1ncFNLY1MxODFLaUlOV0VvLnV4WU1Dbkx1aEJfZEVYVzNoVWY0Um1DTENIMk10NE56WnpMUWs3LXF1U1kifQ", "signature": "EdE3OAN-siydbusRJr3c2WHpxu2ZUvxx-XITfxF0M5O8VyGD4uTZAuT67nZSWNSxydmSqBjbAN75OMdwDc-aEKG1YaH6p6sjYdmuFGG3E8JoQMVCxaQ1tVuJ25U_5p4f-s7AO24j6bPIQkrcnjjDtUdc13w4bOe5-sWDhIezahqtNd7eTpSt02w_PD7ddDmDJUG2GNLItSyFwCDBzvzeKj10C3oTw8NGdwlyDaKh-dLiYSLdGzzpMNuBEXJwBEUJMWRkotop_orcY0AFPh_K0pi4f2hVecKM4xmNWHIzh2QI6-4pp5EKo6QFtTIp-6rgQ0Cx1eTn_bu8MWyKp7pL8g"}'
[Fri Aug 11 14:17:56 CEST 2017] Http already initialized.
[Fri Aug 11 14:17:56 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1502453875.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 11 14:17:57 CEST 2017] _ret='0'
[Fri Aug 11 14:17:57 CEST 2017] original='{
"type": "urn:acme:error:malformed",
"detail": "Unable to update challenge :: The challenge is not pending.",
"status": 400
}'
[Fri Aug 11 14:17:57 CEST 2017] responseHeaders='HTTP/1.1 100 Continue
Expires: Fri, 11 Aug 2017 12:17:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: application/problem+json
Content-Length: 132
Boulder-Request-Id: d5g3_m3T-rP-V3BBTn0OqKh28f3kYlTweYLk2zeygcY
Boulder-Requester: 19786440
Replay-Nonce: 7OZQfiomaESbI8T0L8pKjvTBA9bPm0VyO9ZA8cSg1IM
Expires: Fri, 11 Aug 2017 12:17:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 11 Aug 2017 12:17:57 GMT
Connection: close

'
[Fri Aug 11 14:17:57 CEST 2017] response='{"type":"urn:acme:error:malformed","detail":"Unable to update challenge :: The challenge is not pending.","status": 400}'
[Fri Aug 11 14:17:57 CEST 2017] code='400'
[Fri Aug 11 14:17:57 CEST 2017] Diagnosis versions:
openssl:openssl
apache:
apache doesn't exists.
nginx:
nginx version: nginx/1.10.3
built by gcc 5.3.0 (OpenWrt GCC 5.3.0 r49031)
built with OpenSSL 1.0.2h 3 May 2016 (running with OpenSSL 1.0.2k 26 Jan 2017)
TLS SNI support enabled
configure arguments: --crossbuild=Linux::arm --prefix=/usr --conf-path=/etc/nginx/nginx.conf --add-module=/home/bluebat/Build/KWRT/build_dir/target-arm_cortex-a9_musl-1.1.14_eabi/nginx-1.10.3/nginx-naxsi/naxsi_src --with-ipv6 --with-http_ssl_module --with-http_auth_request_module --with-http_v2_module --error-log-path=/var/log/nginx/error.log --pid-path=/var/run/nginx.pid --lock-path=/var/lock/nginx.lock --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/body --http-proxy-temp-path=/var/lib/nginx/proxy --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --with-cc=arm-openwrt-linux-muslgnueabi-gcc --with-cc-opt='-I/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/usr/include -I/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/include -I/home/bluebat/Build/KWRT/staging_dir/toolchain-arm_cortex-a9_gcc-5.3.0_musl-1.1.14_eabi/usr/include -I/home/bluebat/Build/KWRT/staging_dir/toolchain-arm_cortex-a9_gcc-5.3.0_musl-1.1.14_eabi/include/fortify -I/home/bluebat/Build/KWRT/staging_dir/toolchain-arm_cortex-a9_gcc-5.3.0_musl-1.1.14_eabi/include -Os -pipe -march=armv7-a -mtune=cortex-a9 -fno-caller-saves -fno-plt -fhonour-copts -Wno-error=unused-but-set-variable -Wno-error=unused-result -mfloat-abi=soft -iremap /home/bluebat/Build/KWRT/build_dir/target-arm_cortex-a9_musl-1.1.14_eabi/nginx-1.10.3:nginx-1.10.3 -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -fvisibility=hidden -ffunction-sections -fdata-sections -DNGX_LUA_NO_BY_LUA_BLOCK' --with-ld-opt='-L/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/opt/usr/lib -L/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/opt/lib -L/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/usr/lib -L/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/lib -Wl,--dynamic-linker=/opt/lib/ld-musl-arm.so.1 -Wl,-rpath,/opt/usr/lib:/opt/lib -L/home/bluebat/Build/KWRT/staging_dir/toolchain-arm_cortex-a9_gcc-5.3.0_musl-1.1.14_eabi/usr/lib -L/home/bluebat/Build/KWRT/staging_dir/toolchain-arm_cortex-a9_gcc-5.3.0_musl-1.1.14_eabi/lib -znow -zrelro -Wl,--gc-sections' --without-http_upstream_zone_module
nc:
nc: unrecognized option: h
BusyBox v1.26.2 (2017-06-11 12:42:31 CEST) multi-call binary.

Usage: nc [-iN] [-wN] [-l] [-p PORT] [-f FILE|IPADDR PORT] [-e PROG]

Open a pipe to IP:PORT or FILE

-l	Listen mode, for inbound connects
	(use -ll with -e for persistent server)
-p PORT	Local port
-w SEC	Connect timeout
-i SEC	Delay interval for lines sent
-f FILE	Use file (ala /dev/ttyS0) instead of network
-e PROG	Run PROG after connect

`

Neilpang · 2017-08-12T13:24:29Z

why do you use --tls mode ?
it seems that your 443 port is timeout.

can you please use --standalone instead ?

justClouds · 2017-08-13T06:48:16Z

Gives similar result:

[Sun Aug 13 08:36:07 CEST 2017] Using config home:/jffs/usr/ssl
[Sun Aug 13 08:36:07 CEST 2017] LE_WORKING_DIR='/jffs/usr/ssl'
[Sun Aug 13 08:36:07 CEST 2017] Using config home:/jffs/usr/ssl
[Sun Aug 13 08:36:07 CEST 2017] _ACME_SERVER_HOST='acme-staging.api.letsencrypt.org'
[Sun Aug 13 08:36:07 CEST 2017] DOMAIN_PATH='/jffs/usr/ssl/sub.domain.com'
[Sun Aug 13 08:36:07 CEST 2017] Using ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Sun Aug 13 08:36:07 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Sun Aug 13 08:36:07 CEST 2017] GET
[Sun Aug 13 08:36:07 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Sun Aug 13 08:36:07 CEST 2017] timeout
[Sun Aug 13 08:36:07 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header  --trace-ascii /tmp/acme.shwefADf24sf.1502606167.tmp  --capath /opt/etc/ssl/certs '
[Sun Aug 13 08:36:08 CEST 2017] ret='0'
[Sun Aug 13 08:36:08 CEST 2017] response='{
  "kWZlmEaD9M8": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "key-change": "https://acme-staging.api.letsencrypt.org/acme/key-change",
  "meta": {
    "terms-of-service": "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"
  },
  "new-authz": "https://acme-staging.api.letsencrypt.org/acme/new-authz",
  "new-cert": "https://acme-staging.api.letsencrypt.org/acme/new-cert",
  "new-reg": "https://acme-staging.api.letsencrypt.org/acme/new-reg",
  "revoke-cert": "https://acme-staging.api.letsencrypt.org/acme/revoke-cert"
}'
[Sun Aug 13 08:36:08 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Sun Aug 13 08:36:08 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Sun Aug 13 08:36:08 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Sun Aug 13 08:36:08 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Sun Aug 13 08:36:08 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Sun Aug 13 08:36:08 CEST 2017] Le_NextRenewTime
[Sun Aug 13 08:36:08 CEST 2017] _on_before_issue
[Sun Aug 13 08:36:08 CEST 2017] 'no' contains 'no'
[Sun Aug 13 08:36:08 CEST 2017] Le_LocalAddress
[Sun Aug 13 08:36:08 CEST 2017] Check for domain='sub.domain.com'
[Sun Aug 13 08:36:08 CEST 2017] _currentRoot='no'
[Sun Aug 13 08:36:08 CEST 2017] _checkport='80'
[Sun Aug 13 08:36:08 CEST 2017] _checkaddr
[Sun Aug 13 08:36:08 CEST 2017] Using: netstat
[Sun Aug 13 08:36:08 CEST 2017] 'no' does not contain 'apache'
[Sun Aug 13 08:36:08 CEST 2017] _saved_account_key_hash='dkDN4XH/uo1Sr0VrCKOtBkJ27R9UIUmh/Jy+7uVpDD4='
[Sun Aug 13 08:36:08 CEST 2017] _saved_account_key_hash is not changed, skip register account.
[Sun Aug 13 08:36:08 CEST 2017] Read key length:
[Sun Aug 13 08:36:08 CEST 2017] _createcsr
[Sun Aug 13 08:36:08 CEST 2017] domain='sub.domain.com'
[Sun Aug 13 08:36:08 CEST 2017] domainlist
[Sun Aug 13 08:36:08 CEST 2017] csrkey='/jffs/usr/ssl/sub.domain.com/sub.domain.com.key'
[Sun Aug 13 08:36:08 CEST 2017] csr='/jffs/usr/ssl/sub.domain.com/sub.domain.com.csr'
[Sun Aug 13 08:36:08 CEST 2017] csrconf='/jffs/usr/ssl/sub.domain.com/sub.domain.com.csr.conf'
[Sun Aug 13 08:36:08 CEST 2017] _is_idn_d='sub.domain.com'
[Sun Aug 13 08:36:08 CEST 2017] _idn_temp
[Sun Aug 13 08:36:08 CEST 2017] _csr_cn='sub.domain.com'
[Sun Aug 13 08:36:08 CEST 2017] _w='no'
[Sun Aug 13 08:36:08 CEST 2017] _currentRoot='no'
[Sun Aug 13 08:36:08 CEST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Sun Aug 13 08:36:08 CEST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Sun Aug 13 08:36:08 CEST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Sun Aug 13 08:36:08 CEST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Sun Aug 13 08:36:08 CEST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Sun Aug 13 08:36:09 CEST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Sun Aug 13 08:36:09 CEST 2017] Try new-authz for the 0 time.
[Sun Aug 13 08:36:09 CEST 2017] _is_idn_d='sub.domain.com'
[Sun Aug 13 08:36:09 CEST 2017] _idn_temp
[Sun Aug 13 08:36:09 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Sun Aug 13 08:36:09 CEST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "sub.domain.com"}}'
[Sun Aug 13 08:36:09 CEST 2017] RSA key
[Sun Aug 13 08:36:09 CEST 2017] _URGLY_PRINTF
[Sun Aug 13 08:36:09 CEST 2017] xargs
[Sun Aug 13 08:36:09 CEST 2017] _URGLY_PRINTF
[Sun Aug 13 08:36:09 CEST 2017] xargs
[Sun Aug 13 08:36:09 CEST 2017] Get nonce. ACME_DIRECTORY='https://acme-staging.api.letsencrypt.org/directory'
[Sun Aug 13 08:36:09 CEST 2017] GET
[Sun Aug 13 08:36:09 CEST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Sun Aug 13 08:36:09 CEST 2017] timeout
[Sun Aug 13 08:36:09 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header  --trace-ascii /tmp/acme.shwefADf24sf.1502606169.tmp  --capath /opt/etc/ssl/certs '
[Sun Aug 13 08:36:09 CEST 2017] ret='0'
[Sun Aug 13 08:36:09 CEST 2017] _headers='HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Content-Length: 581
Boulder-Request-Id: n_T0ZPwHLKQc7SVI0zJjud1S-tJwwQHSI2W6FgktkwE
Replay-Nonce: W4I5-VSE52n0MyoxwTvil31NzXUggqdtqSUI75mZlmE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sun, 13 Aug 2017 06:36:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 13 Aug 2017 06:36:09 GMT
Connection: keep-alive

'
[Sun Aug 13 08:36:09 CEST 2017] _CACHED_NONCE='W4I5-VSE52n0MyoxWTvil31NzXuggqdtqSUI75mZlmE'
[Sun Aug 13 08:36:09 CEST 2017] nonce='W4I5-VSE52n0MyoxWTvil31NzXuggqdtqSUI75mZlmE'
[Sun Aug 13 08:36:09 CEST 2017] POST
[Sun Aug 13 08:36:09 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Sun Aug 13 08:36:09 CEST 2017] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "u_8Li-wEmT_x20KlaVzXA-rDWVZlrR7BYuIGYXUQkWxk_oSFohjbHXFsNU3Hcy3qX8xaku6tQbIHzITCBxiAz-r-v_5syPhR_G2PcatzPSXixyd269JlYR2jbm06qBjN4pUEfhWdXB7kLyWjEskmUi8hl4porRAyQkKGRd_lmAO4a1PwWE8UsF4d8pcb0-2pu1x7SW8QmkMd0V6WhH6Hn0pVpLF_pWxbUrogz8Xe-rL3Qo9q8pHoiRDBtUwriT0xYzTJK1VF8hMaaWkGMsvLpvjJbn67PXWjWiNfhpFVAU13vrJSLhuDLSzIUX3eWbYMo-su1Puzb7rXuXovq0Kvxw"}}, "protected": "eyJub25jZSI6ICJXNEk1LVZTRTUybjBNeW94d1R2aWwzMU56WHVnZ3FkdHFTVUk3NW1abG1FIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LWF1dGh6IiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAidV84TGktd0VtVF94MjBLbGFWelhBLXJEd1ZabHJSN0JZdUlHWVhVUWtXeGtfb1NGb2hqYkhYRnNOVTNIY3kzcVg4eGFrdTZ0UWJJSHpJVENCeGlBei1yLXZfNXN5UGhSX0cyUGNhdHpQU1hpeHlkMjY5SmxZUjJqYm0wNnFCak40cFVFZmhXZFhCN2tMeVdqRXNrbVVpOGhsNHBvclJBeVFrS0dSZF9sbUFPNGExUHdXRThVc0Y0ZDhwY2IwLTJwdTF4N1NXOFFta01kMFY2V2hINkhuMHBWcExGX3BXeGJVcm9nejhYZS1yTDNRbzlxOHBIb2lSREJ0VXdyaVQweFl6VEpLMVZGOGhNYWFXa0dNc3ZMcHZqSmJuNjdQWFdqV2lOZmhwRlZBVTEzdnJKU0xodURMU3pJVVgzZVdiWU1vLXN1MVB1emI3clh1WG92cTBLdnh3In19", "payload": "eyJyZXNvdXJjZSI6ICJuZXctYXV0aHoiLCAiaWRlbnRpZmllciI6IHsidHlwZSI6ICJkbnMiLCAidmFsdWUiOiAic2lja3JhZ2UubW9lcm1hbi5jYyJ9fQ", "signature": "Sw2pVZNH8zQZqNS___9nFkkD1TefGoHgSCgTlJz4sklf9Y2BD0FmtHNmnvDbMRNiFg2JN--iXCjO29gsRSemUZ_TC0-dD2-Rb7O7jEeAPSkMA21q-Gn-G_uMlr4z7keUfdbPagVhPmoQPHStRAAmvVYjA0SsAjXCoZz6VGQvWByRzPneaytlYxZmxahaDNHTQ8md_904wIG75WDZq0EvZC3nBBpIRJGL7P9bD9tnpeLPCjc8K2YbpFRHwORvlu_dtZz_n0gU0IqXqT4O14QzPeiFiwjA3nNQ9JUDkxiNj7dPsSBgEZoihRAy0D6qsRRoE5OYvrTJuE1mxS9XaIG1vA"}'
[Sun Aug 13 08:36:09 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header  --trace-ascii /tmp/acme.shwefADf24sf.1502606169.tmp  --capath /opt/etc/ssl/certs '
[Sun Aug 13 08:36:10 CEST 2017] _ret='0'
[Sun Aug 13 08:36:10 CEST 2017] original='{
  "identifier": {
    "type": "dns",
    "value": "sub.domain.com"
  },
  "status": "pending",
  "expires": "2017-08-20T06:36:10.51407694Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "pending",
      "uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-WjBkldJNi1M_yY2lkortdYc/51799568",
      "token": "y-XUHpeNVuzqKSwZbSq56q9FnQDeH1HvCr9qYti7jmw"
    },
    {
      "type": "http-01",
      "status": "pending",
      "uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-WjBkldJNi1M_yY2lkortdYc/51799569",
      "token": "D9tUg7vT4MalW8IhnNU-4c0vpeMrWda29IWigK-iymI"
    },
    {
      "type": "tls-sni-01",
      "status": "pending",
      "uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-WjBkldJNi1M_yY2lkortdYc/51799570",
      "token": "x-PzYwRJqT--upJ1DPa1v9JlEQBz6KPQ4oVWJyxHl2Q"
    }
  ],
  "combinations": [
    [
      0
    ],
    [
      2
    ],
    [
      1
    ]
  ]
}'
[Sun Aug 13 08:36:10 CEST 2017] responseHeaders='HTTP/1.1 100 Continue
Expires: Sun, 13 Aug 2017 06:36:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 201 Created
Server: nginx
Content-Type: application/json
Content-Length: 1012
Boulder-Request-Id: wYsvIDQKOfrV0WU5XML24vZGpZTWfQiiKyNzW_bktF4
Boulder-Requester: 2931736
Link: <https://acme-staging.api.letsencrypt.org/acme/new-cert>;rel="next"
Location: https://acme-staging.api.letsencrypt.org/acme/authz/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc
Replay-Nonce: vzcKcUN8H4cUppq7CEKdl9jlvbWLCfvR4D6rkjXQu8c
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sun, 13 Aug 2017 06:36:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 13 Aug 2017 06:36:10 GMT
Connection: keep-alive

'
[Sun Aug 13 08:36:10 CEST 2017] response='{"identifier":{"type":"dns","value":"sub.domain.com"},"status":"pending","expires":"2017-08-20T06:36:10.51407694Z","challenges":[{"type":"dns-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-VjBkldJNi1M_yY2lkortdYc/51799568","token":"y-XUHpeNVuzqKSWZbSq56q9FnQDeH1HvCr9qYti7jmw"},{"type":"http-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-VjBkldJNi1M_yY2lkortdYc/51799569","token":"D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI"},{"type":"tls-sni-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-VjBkldJNi1M_yY2lkortdYc/51799570","token":"x-PzYwRJqT--upJ1dPa1v9JlEQBz6KPQ4oVWJyxHl2Q"}],"combinations":[[0],[2],[1]]}'
[Sun Aug 13 08:36:10 CEST 2017] code='201'
[Sun Aug 13 08:36:10 CEST 2017] entry='"type":"http-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569","token":"D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI"'
[Sun Aug 13 08:36:10 CEST 2017] token='D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI'
[Sun Aug 13 08:36:10 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569'
[Sun Aug 13 08:36:10 CEST 2017] keyauthorization='D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI.yLft1km2qpdHpwqyy1Ad4sm3310feT94XxeMDLbBLCE'
[Sun Aug 13 08:36:10 CEST 2017] dvlist='sub.domain.com#D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IwigK-iymI.yLft1km2qpdHpwqyy1Ad4sm3310feT94XxeMDLbBLCE#https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-VjBkldJNi1M_yY2lkortdYc/51799569#http-01#no'
[Sun Aug 13 08:36:10 CEST 2017] vlist='sub.domain.com#D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IwigK-iymI.yLft1km2qpdHpwqyy1Ad4sm3310feT94XxeMDLbBLCE#https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-VjBkldJNi1M_yY2lkortdYc/51799569#http-01#no,'
[Sun Aug 13 08:36:10 CEST 2017] ok, let's start to verify
[Sun Aug 13 08:36:10 CEST 2017] d='sub.domain.com'
[Sun Aug 13 08:36:10 CEST 2017] keyauthorization='D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IwigK-iymI.yLft1km2qpdHpwqyy1Ad4sm3310feT94XxeMDLbBLCE'
[Sun Aug 13 08:36:10 CEST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569'
[Sun Aug 13 08:36:10 CEST 2017] _currentRoot='no'
[Sun Aug 13 08:36:10 CEST 2017] ncaddr
[Sun Aug 13 08:36:10 CEST 2017] startserver: 24002
[Sun Aug 13 08:36:10 CEST 2017] Le_HTTPPort='80'
[Sun Aug 13 08:36:10 CEST 2017] Le_Listen_V4
[Sun Aug 13 08:36:10 CEST 2017] Le_Listen_V6
[Sun Aug 13 08:36:11 CEST 2017] _NC='nc -l '
[Sun Aug 13 08:36:11 CEST 2017] serverproc='24495'
[Sun Aug 13 08:36:11 CEST 2017] tigger domain validation.
[Sun Aug 13 08:36:11 CEST 2017] _t_url='https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569'
[Sun Aug 13 08:36:11 CEST 2017] _t_key_authz='D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI.yLft1km2qpdHpwqyy1Ad4sm3310feT94XxeMDLbBLCE'
[Sun Aug 13 08:36:11 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569'
[Sun Aug 13 08:36:12 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI.yLft1km2qpdHpwqyy1Ad4sm3310feT94XxeMDLbBLCE"}'
[Sun Aug 13 08:36:12 CEST 2017] Use cached jwk for file: /jffs/usr/ssl/ca/acme-staging.api.letsencrypt.org/account.key
[Sun Aug 13 08:36:12 CEST 2017] Use _CACHED_NONCE='vzcKcUN8H4cUppq7CEKdl9jlvbWLCfvR4D6rkjXQu8c'
[Sun Aug 13 08:36:12 CEST 2017] nonce='vzcKcUN8H4cUppq7CEKdl9jlvbWLCfvR4D6rkjXQu8c'
[Sun Aug 13 08:36:12 CEST 2017] POST
[Sun Aug 13 08:36:12 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569'
[Sun Aug 13 08:36:12 CEST 2017] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "u_8Li-wEmT_x20KlaVzXA-rDwVZlrR7BYuIGYXUQkwxk_oSFohjbHXFsNU3Hcy3qX8xaku6tQbIHzITCBxiAz-r-v_5syPhR_G2PcatzPSXixyd269JlYR2jbm06qBjN4pUEfhWdXB7kLyWjEskmUi8hl4porRAyQkKGRd_lmAO4a1PwWE8UsF4d8pcb0-2pu1x7SW8QmkMd0V6WhH6Hn0pVpLF_pWxbUrogz8Xe-rL3Qo9q8pHoiRDBtUwriT0xYzTJK1VF8hMaaWkGMsvLpvjJbn67PXWjWiNfhpFVAU13vrJSLhuDLSzIUX3eWbYMo-su1Puzb7rXuXovq0Kvxw"}}, "protected": "eyJub25jZSI6ICJ2emNLY1VOOEg0Y1VwcHE3Q0VLZGw5amx2YldMQ2Z2UjRENnJralhRdThjIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGxlbmdlL1VIcUltV2drQ3FRaklVX2ZwZ3ktVmpCa2xkSk5pMU1feVkybGtvcnRkWWMvNTE3OTk1NjkiLCAiYWxnIjogIlJTMjU2IiwgImp3ayI6IHsiZSI6ICJBUUFCIiwgImt0eSI6ICJSU0EiLCAibiI6ICJ1XzhMaS13RW1UX3gyMEtsYVZ6WEEtckR3VlpsclI3Qll1SUdZWFVRa1d4a19vU0ZvaGpiSFhGc05VM0hjeTNxWDh4YWt1NnRRYklIeklUQ0J4aUF6LXItdl81c3lQaFJfRzJQY2F0elBTWGl4eWQyNjlKbFlSMmpibTA2cUJqTjRwVUVmaFdkWEI3a0x5V2pFc2ttVWk4aGw0cG9yUkF5UWtLR1JkX2xtQU80YTFQd1dFOFVzRjRkOHBjYjAtMnB1MXg3U1c4UW1rTWQwVjZXaEg2SG4wcFZwTEZfcFd4YlVyb2d6OFhlLXJMM1FvOXE4cEhvaVJEQnRVd3JpVDB4WXpUSksxVkY4aE1hYVdrR01zdkxwdmpKYm42N1BYV2pXaU5maHBGVkFVMTN2ckpTTGh1RExTeklVWDNlV2JZTW8tc3UxUHV6YjdyWHVYb3ZxMEt2eHcifX0", "payload": "eyJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLCAia2V5QXV0aG9yaXphdGlvbiI6ICJEOXRVZzd2VDRNYWxXOEloTk5VLTRjMHZwZU1yV2RhMjlJV2lnSy1peW1JLnlMZnQxa20ycXBkSHB3cXl5MUFkNHNtMzMxMGZlVDk0WHhlTURMYkJMQ0UifQ", "signature": "Vl-0H7mha0nPemElBhp3KbdcPQXeqJqz9dml5i0yXMTXEuxyrRTiTnEMpl_W64dGsUM8_y6oyuEF7wuHfAlSHZvO1h4q_7aVHJYUihQk9nvmspz0eoAwHY_nv-WWKKW9hSevXAcTBsF6LlvPy-me5eD-a6Uf_26UJf9Uv86GFygxVCslOFCqe21hSJqAjre6v6ADHKv9MFSkwEiNceMLX_kPCpn0bhuBqAdfv6wpZDJJteQa0-M0n2Hy1j4QV-cOf1QqsEUZ9XQADNx9AOx_uGHbtYDGDajAAF7R7qVqTWgIYhV2Ml6m5eii4uMwlytbfvNeWJyxdQUrxQ6_vDG5Lg"}'
[Sun Aug 13 08:36:12 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header  --trace-ascii /tmp/acme.shwefADf24sf.1502606172.tmp  --capath /opt/etc/ssl/certs '
[Sun Aug 13 08:36:13 CEST 2017] _ret='0'
[Sun Aug 13 08:36:13 CEST 2017] original='{
  "type": "http-01",
  "status": "pending",
  "uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569",
  "token": "D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI",
  "keyAuthorization": "D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IwigK-iymI.yLft1km2qpdHpwqyy1Ad4sm3310feT94XxeMDLbBLCE"
}'
[Sun Aug 13 08:36:13 CEST 2017] responseHeaders='HTTP/1.1 100 Continue
Expires: Sun, 13 Aug 2017 06:36:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 202 Accepted
Server: nginx
Content-Type: application/json
Content-Length: 338
Boulder-Request-Id: dzqGGQQTOyOnHpmS3ECHxxp0onDmX6rcjmm476DPND0
Boulder-Requester: 2931736
Link: <https://acme-staging.api.letsencrypt.org/acme/authz/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc>;rel="up"
Location: https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569
Replay-Nonce: LJX0H3Qaqby0lvL_gSkt0uuEA7YKnq6E54SPDk-vnec
Expires: Sun, 13 Aug 2017 06:36:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 13 Aug 2017 06:36:13 GMT
Connection: keep-alive

'
[Sun Aug 13 08:36:13 CEST 2017] response='{"type":"http-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569","token":"D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI","keyAuthorization":"D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI.yLft1km2qpdHpwqyy1Ad4sm3310feT94XxeMDLbBLCE"}'
[Sun Aug 13 08:36:13 CEST 2017] code='202'
[Sun Aug 13 08:36:13 CEST 2017] sleep 2 secs to verify
[Sun Aug 13 08:36:15 CEST 2017] checking
[Sun Aug 13 08:36:15 CEST 2017] GET
[Sun Aug 13 08:36:15 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569'
[Sun Aug 13 08:36:15 CEST 2017] timeout
[Sun Aug 13 08:36:15 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header  --trace-ascii /tmp/acme.shwefADf24sf.1502606175.tmp  --capath /opt/etc/ssl/certs '
[Sun Aug 13 08:36:15 CEST 2017] ret='0'
[Sun Aug 13 08:36:15 CEST 2017] original='{
  "type": "http-01",
  "status": "pending",
  "uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569",
  "token": "D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI",
  "keyAuthorization": "D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI.yLft1km2qpdHpwqyy1Ad4sm3310feT94XxeMDLbBLCE"
}'
[Sun Aug 13 08:36:15 CEST 2017] response='{"type":"http-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569","token":"D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI","keyAuthorization":"D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI.yLft1km2qpdHpwqyy1Ad4sm3310feT94XxeMDLbBLCE"}'
[Sun Aug 13 08:36:15 CEST 2017] sleep 2 secs to verify
[Sun Aug 13 08:36:17 CEST 2017] checking
[Sun Aug 13 08:36:17 CEST 2017] GET
[Sun Aug 13 08:36:17 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569'
[Sun Aug 13 08:36:17 CEST 2017] timeout
[Sun Aug 13 08:36:17 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header  --trace-ascii /tmp/acme.shwefADf24sf.15026061123.tmp  --capath /opt/etc/ssl/certs '
[Sun Aug 13 08:36:17 CEST 2017] ret='0'
[Sun Aug 13 08:36:17 CEST 2017] original='{
  "type": "http-01",
  "status": "pending",
  "uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569",
  "token": "D9tUg7vT4MalW8IhnNU-4c0vpeMrWda29IWigK-iymI",
  "keyAuthorization": "D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI.yLft1km2qpdHpwqyy1Ad4sm3310feT94XxeMDLbBLCE"
}'
[Sun Aug 13 08:36:17 CEST 2017] response='{"type":"http-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569","token":"D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI","keyAuthorization":"D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI.yLft1km2qpdHpwqyy1Ad4sm3310feT94XxeMDLbBLCE"}'
[Sun Aug 13 08:36:18 CEST 2017] sleep 2 secs to verify
[Sun Aug 13 08:36:20 CEST 2017] checking
[Sun Aug 13 08:36:20 CEST 2017] GET
[Sun Aug 13 08:36:20 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569'
[Sun Aug 13 08:36:20 CEST 2017] timeout
[Sun Aug 13 08:36:20 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header  --trace-ascii /tmp/acme.shwefADf24sf.1502606180.tmp  --capath /opt/etc/ssl/certs '
[Sun Aug 13 08:36:20 CEST 2017] ret='0'
[Sun Aug 13 08:36:20 CEST 2017] original='{
  "type": "http-01",
  "status": "invalid",
  "error": {
    "type": "urn:acme:error:connection",
    "detail": "Fetching http://sub.domain.com/.well-known/acme-challenge/D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI: Timeout",
    "status": 400
  },
  "uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569",
  "token": "D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI",
  "keyAuthorization": "D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IwigK-iymI.yLft1km2qpdHpwqyy1Ad4sm3310feT94XxeMDLbBLCE",
  "validationRecord": [
    {
      "url": "http://sub.domain.com/.well-known/acme-challenge/D9tUg7vT4MalW8IhnNU-4c0vpeMrWda29IWigK-iymI",
      "hostname": "sub.domain.com",
      "port": "80",
      "addressesResolved": [
        "123.250.187.159"
      ],
      "addressUsed": "123.250.187.159",
      "addressesTried": []
    }
  ]
}'
[Sun Aug 13 08:36:20 CEST 2017] response='{"type":"http-01","status":"invalid","error":{"type":"urn:acme:error:connection","detail":"Fetching http://sub.domain.com/.well-known/acme-challenge/D9tUg7vT4MalW8IhnNU-4c0vpeMrWda29IWigK-iymI: Timeout","status": 400},"uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569","token":"D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI","keyAuthorization":"D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IwigK-iymI.yLft1km2qpdHpwqyy1Ad4sm3310feT94XxeMDLbBLCE","validationRecord":[{"url":"http://sub.domain.com/.well-known/acme-challenge/D9tUg7vT4MalW8IhnNU-4c0vpeMrWda29IWigK-iymI","hostname":"sub.domain.com","port":"80","addressesResolved":["123.250.187.159"],"addressUsed":"123.250.187.159","addressesTried":[]}]}'
sed: bad regex '.*\("error":\{[^\}]*\).*': Invalid contents of {}
[Sun Aug 13 08:36:20 CEST 2017] error
[Sun Aug 13 08:36:20 CEST 2017] errordetail
[Sun Aug 13 08:36:20 CEST 2017] �[1;31;40msub.domain.com:Verify error:�[0m
[Sun Aug 13 08:36:20 CEST 2017] Debug: get token url.
[Sun Aug 13 08:36:20 CEST 2017] GET
[Sun Aug 13 08:36:20 CEST 2017] url='http://sub.domain.com/.well-known/acme-challenge/D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IWigK-iymI'
[Sun Aug 13 08:36:20 CEST 2017] timeout='1n
[Sun Aug 13 08:36:20 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header  --trace-ascii /tmp/acme.shwefADf24sf.1502606180.tmp  --capath /opt/etc/ssl/certs  --connect-timeout 1'
[Sun Aug 13 08:36:21 CEST 2017] �[1;31;40mPlease refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 28�[0m
[Sun Aug 13 08:36:21 CEST 2017] �[1;31;40mHere is the curl dump log:�[0m
[Sun Aug 13 08:36:21 CEST 2017] �[1;31;40m== Info:   Trying 123.250.187.159...
== Info: Connection timed out after 1008 milliseconds
== Info: Closing connection 0�[0m
[Sun Aug 13 08:36:21 CEST 2017] ret='28'
[Sun Aug 13 08:36:21 CEST 2017] Skip for removelevel:
[Sun Aug 13 08:36:21 CEST 2017] pid='24495'
[Sun Aug 13 08:36:21 CEST 2017] Le_HTTPPort='80'
GET / HTTP/1.1
Host: localhost
User-Agent: acme.sh/2.7.3 (https://github.com/Neilpang/acme.sh)
Accept: */*

[Sun Aug 13 08:36:21 CEST 2017] �[1;31;40m�[0m[Sun Aug 13 08:36:21 CEST 2017] 
Le_TLSPort
[Sun Aug 13 08:36:21 CEST 2017] No need to restore nginx, skip.
[Sun Aug 13 08:36:21 CEST 2017] _clearupdns
[Sun Aug 13 08:36:21 CEST 2017] skip dns.
[Sun Aug 13 08:36:21 CEST 2017] _on_issue_err
[Sun Aug 13 08:36:21 CEST 2017] �[1;31;40mPlease add '--debug' or '--log' to check more details.�[0m
[Sun Aug 13 08:36:21 CEST 2017] �[1;31;40mSee: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh�[0m
[Sun Aug 13 08:36:21 CEST 2017] _chk_vlist='sub.domain.com#D9tUg7vT4MalW8IhnNU-4c0vpeMrWda29IwigK-iymI.yLft1km2qpdHpwqyy1Ad4sm3310feT94XxeMDLbBLCE#https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-VjBkldJNi1M_yY2lkortdYc/51799569#http-01#no,'
[Sun Aug 13 08:36:21 CEST 2017] start to deactivate authz
[Sun Aug 13 08:36:21 CEST 2017] tigger domain validation.
[Sun Aug 13 08:36:21 CEST 2017] _t_url='https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569'
[Sun Aug 13 08:36:21 CEST 2017] _t_key_authz='D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IwigK-iymI.yLft1km2qpdHpwqyy1Ad4sm3310feT94XxeMDLbBLCE'
[Sun Aug 13 08:36:21 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569'
[Sun Aug 13 08:36:21 CEST 2017] payload='{"resource": "challenge", "keyAuthorization": "D9tUg7vT4MalW8IhNNU-4c0vpeMrWda29IwigK-iymI.yLft1km2qpdHpwqyy1Ad4sm3310feT94XxeMDLbBLCE"}'
[Sun Aug 13 08:36:21 CEST 2017] Use cached jwk for file: /jffs/usr/ssl/ca/acme-staging.api.letsencrypt.org/account.key
[Sun Aug 13 08:36:21 CEST 2017] Use _CACHED_NONCE='LJX0H3Qaqby0lvL_gSkt0uuEA7YKnq6E54SPDk-vnec'
[Sun Aug 13 08:36:21 CEST 2017] nonce='LJX0H3Qaqby0lvL_gSkt0uuEA7YKnq6E54SPDk-vnec'
[Sun Aug 13 08:36:21 CEST 2017] POST
[Sun Aug 13 08:36:21 CEST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/UHqImWgkCqQjIU_fpgy-vjBkldJNi1M_yY2lkortdYc/51799569'
[Sun Aug 13 08:36:21 CEST 2017] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "u_8Li-wEmT_x20KlaVzXA-rDwVZlrR7BYuIGYXUQkwxk_oSFohjbHXFsNU3Hcy3qX8xaku6tQbIHzITCBxiAz-r-v_5syPhR_G2PcatzPSXixyd269JlYR2jbm06qBjN4pUEfhWdXB7kLyWjEskmUi8hl4porRAyQkKGRd_lmAO4a1PwWE8UsF4d8pcb0-2pu1x7SW8QmkMd0V6WhH6Hn0pVpLF_pWxbUrogz8Xe-rL3Qo9q8pHoiRDBtUwriT0xYzTJK1VF8hMaaWkGMsvLpvjJbn67PXWjWiNfhpFVAU13vrJSLhuDLSzIUX3eWbYMo-su1Puzb7rXuXovq0Kvxw"}}, "protected": "eyJub25jZSI6ICJMSlgwSDNRYXFieTBsVkxfZ1NrdDB1dUVBN1lLbnE2RTU0U1BEay12bmVjIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGxlbmdlL1VIcUltV2drQ3FRaklVX2ZwZ3ktVmpCa2xkSk5pMU1feVkybGtvcnRkWWMvNTE3OTk1NjkiLCAiYWxnIjogIlJTMjU2IiwgImp3ayI6IHsiZSI6ICJBUUFCIiwgImt0eSI6ICJSU0EiLCAibiI6ICJ1XzhMaS13RW1UX3gyMEtsYVZ6WEEtckR3VlpsclI3Qll1SUdZWFVRa1d4a19vU0ZvaGpiSFhGc05VM0hjeTNxWDh4YWt1NnRRYklIeklUQ0J4aUF6LXItdl81c3lQaFJfRzJQY2F0elBTWGl4eWQyNjlKbFlSMmpibTA2cUJqTjRwVUVmaFdkWEI3a0x5V2pFc2ttVWk4aGw0cG9yUkF5UWtLR1JkX2xtQU80YTFQd1dFOFVzRjRkOHBjYjAtMnB1MXg3U1c4UW1rTWQwVjZXaEg2SG4wcFZwTEZfcFd4YlVyb2d6OFhlLXJMM1FvOXE4cEhvaVJEQnRVd3JpVDB4WXpUSksxVkY4aE1hYVdrR01zdkxwdmpKYm42N1BYV2pXaU5maHBGVkFVMTN2ckpTTGh1RExTeklVWDNlV2JZTW8tc3UxUHV6YjdyWHVYb3ZxMEt2eHcifX0", "payload": "eyJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLCAia2V5QXV0aG9yaXphdGlvbiI6ICJEOXRVZzd2VDRNYWxXOEloTk5VLTRjMHZwZU1yV2RhMjlJV2lnSy1peW1JLnlMZnQxa20ycXBkSHB3cXl5MUFkNHNtMzMxMGZlVDk0WHhlTURMYkJMQ0UifQ", "signature": "tbHrbjDIGzLuzZAhzGCJzhUjAUKTVVf4FRM_KcEG_A6SP7kkrcmNWTtnDLlMqmctGuExisVEnYgAYh0JQbtAf2jUwzFdIM0kMBQ1yzG3ar-h36WTHeCeFnyreHxCM19GyFr87JFiFMiGBROL3F47PC1GNrfKK6U8FThUN94y3kJSsqejKb7snINNW3KVgoXZsB1oim3pxIrTWF_MYuEWm-IB8fspWqGl-DpiHqjhCynDq6p4aJ9iaZ8cs30GDb10kDzPVWm5V8x5zczVFdJaOkOYPg8CcN8hItG1_EStKGSgXm2vGpeHzC58fyzzLVsVcIC2h9MXrSYkMV2ywqEhXg"}'
[Sun Aug 13 08:36:22 CEST 2017] Http already initialized.
[Sun Aug 13 08:36:22 CEST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header  --trace-ascii /tmp/acme.shwefADf24sf.1502606180.tmp  --capath /opt/etc/ssl/certs '
[Sun Aug 13 08:36:22 CEST 2017] _ret='0'
[Sun Aug 13 08:36:22 CEST 2017] original='{
  "type": "urn:acme:error:malformed",
  "detail": "Unable to update challenge :: The challenge is not pending.",
  "status": 400
}'
[Sun Aug 13 08:36:22 CEST 2017] responseHeaders='HTTP/1.1 100 Continue
Expires: Sun, 13 Aug 2017 06:36:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: application/problem+json
Content-Length: 132
Boulder-Request-Id: rXVf_SlcBtRni2pFgLOLVWY3TtbO6uzslXSXgDis1KY
Boulder-Requester: 2931736
Replay-Nonce: CzK4tuSDYd_3gB_knf0w9N7qwvR4pSa8I5CgUle1t9g
Expires: Sun, 13 Aug 2017 06:36:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 13 Aug 2017 06:36:22 GMT
Connection: close

'
[Sun Aug 13 08:36:22 CEST 2017] response='{"type":"urn:acme:error:malformed","detail":"Unable to update challenge :: The challenge is not pending.","status": 400}'
[Sun Aug 13 08:36:22 CEST 2017] code='400'
[Sun Aug 13 08:36:22 CEST 2017] Diagnosis versions: 
openssl:openssl
apache:
apache doesn't exists.
nginx:
nginx version: nginx/1.10.3
built by gcc 5.3.0 (OpenWrt GCC 5.3.0 r49031) 
built with OpenSSL 1.0.2h  3 May 2016 (running with OpenSSL 1.0.2k  26 Jan 2017)
TLS SNI support enabled
configure arguments: --crossbuild=Linux::arm --prefix=/usr --conf-path=/etc/nginx/nginx.conf --add-module=/home/bluebat/Build/KWRT/build_dir/target-arm_cortex-a9_musl-1.1.14_eabi/nginx-1.10.3/nginx-naxsi/naxsi_src --with-ipv6 --with-http_ssl_module --with-http_auth_request_module --with-http_v2_module --error-log-path=/var/log/nginx/error.log --pid-path=/var/run/nginx.pid --lock-path=/var/lock/nginx.lock --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/body --http-proxy-temp-path=/var/lib/nginx/proxy --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --with-cc=arm-openwrt-linux-muslgnueabi-gcc --with-cc-opt='-I/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/usr/include -I/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/include -I/home/bluebat/Build/KWRT/staging_dir/toolchain-arm_cortex-a9_gcc-5.3.0_musl-1.1.14_eabi/usr/include -I/home/bluebat/Build/KWRT/staging_dir/toolchain-arm_cortex-a9_gcc-5.3.0_musl-1.1.14_eabi/include/fortify -I/home/bluebat/Build/KWRT/staging_dir/toolchain-arm_cortex-a9_gcc-5.3.0_musl-1.1.14_eabi/include -Os -pipe -march=armv7-a -mtune=cortex-a9 -fno-caller-saves -fno-plt -fhonour-copts -Wno-error=unused-but-set-variable -Wno-error=unused-result -mfloat-abi=soft -iremap /home/bluebat/Build/KWRT/build_dir/target-arm_cortex-a9_musl-1.1.14_eabi/nginx-1.10.3:nginx-1.10.3 -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -fvisibility=hidden -ffunction-sections -fdata-sections -DNGX_LUA_NO_BY_LUA_BLOCK' --with-ld-opt='-L/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/opt/usr/lib -L/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/opt/lib -L/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/usr/lib -L/home/bluebat/Build/KWRT/staging_dir/target-arm_cortex-a9_musl-1.1.14_eabi/lib -Wl,--dynamic-linker=/opt/lib/ld-musl-arm.so.1 -Wl,-rpath,/opt/usr/lib:/opt/lib -L/home/bluebat/Build/KWRT/staging_dir/toolchain-arm_cortex-a9_gcc-5.3.0_musl-1.1.14_eabi/usr/lib -L/home/bluebat/Build/KWRT/staging_dir/toolchain-arm_cortex-a9_gcc-5.3.0_musl-1.1.14_eabi/lib -znow -zrelro -Wl,--gc-sections' --without-http_upstream_zone_module
nc:
nc: unrecognized option: h
BusyBox v1.26.2 (2017-06-11 12:42:31 CEST) multi-call binary.

Usage: nc [-iN] [-wN] [-l] [-p PORT] [-f FILE|IPADDR PORT] [-e PROG]

Open a pipe to IP:PORT or FILE

	-l	Listen mode, for inbound connects
		(use -ll with -e for persistent server)
	-p PORT	Local port
	-w SEC	Connect timeout
	-i SEC	Delay interval for lines sent
	-f FILE	Use file (ala /dev/ttyS0) instead of network
	-e PROG	Run PROG after connect

A ShieldsUP! scan shows port 80 open when I am running NGINX on that port.
NOTE: I changed the IP address in the output.

jumitate · 2017-08-18T09:07:45Z

Hi Neil,

Thanks for your tutorial - I appreciate your work and time invested in this.

I have also tried to run/make this work, but I was unable to do so, please see below the output:
Please note that:
I have changed the domain to mydomain.win
I have changed the ip to XXX.XXX.XXX.XXX
I am using freedns.afraid.org as DDNS service for the domain.

Any ideas/suggestions are welcome.

root@cyrax:# mkdir /jffs/opt
root@cyrax:# mount --bind /jffs/opt /opt
root@cyrax:~# bootstrap
Bootstrap is checking prerequisites...

You did not enable USB automount.
Found a valid partition: /opt.

Proceed with download and install of opkg? (y/n) [default=n]:
y
Connecting to www.desipro.de (212.227.247.157:80)
opkg.ipk 100% || 60080 0:00:00 ETA
Connecting to www.desipro.de (212.227.247.157:80)
opkg.ipk.sig 100% || 256 0:00:00 ETA
Connecting to www.desipro.de (212.227.247.157:80)
functions.sh 100% |************************************************************************************************************************************************************************************************************| 7269 0:00:00 ETA
Bootstrap complete. You can now use opkg to install additional packages.
root@cyrax:# opkg update; opkg install ca-certificates
Downloading http://www.desipro.de/musl/base/Packages.gz.
Updated list of available packages in /opt/var/opkg-lists/base.
Downloading http://www.desipro.de/musl/base/Packages.sig.
Signature check passed.
Downloading http://www.desipro.de/musl/kernel/Packages.gz.
Updated list of available packages in /opt/var/opkg-lists/kernel.
Downloading http://www.desipro.de/musl/kernel/Packages.sig.
Signature check passed.
Downloading http://www.desipro.de/musl/luci/Packages.gz.
Updated list of available packages in /opt/var/opkg-lists/luci.
Downloading http://www.desipro.de/musl/luci/Packages.sig.
Signature check passed.
Downloading http://www.desipro.de/musl/management/Packages.gz.
Updated list of available packages in /opt/var/opkg-lists/management.
Downloading http://www.desipro.de/musl/management/Packages.sig.
Signature check passed.
Downloading http://www.desipro.de/musl/packages/Packages.gz.
Updated list of available packages in /opt/var/opkg-lists/packages.
Downloading http://www.desipro.de/musl/packages/Packages.sig.
Signature check passed.
Downloading http://www.desipro.de/musl/routing/Packages.gz.
Updated list of available packages in /opt/var/opkg-lists/routing.
Downloading http://www.desipro.de/musl/routing/Packages.sig.
Signature check passed.
Downloading http://www.desipro.de/musl/targets/Packages.gz.
Updated list of available packages in /opt/var/opkg-lists/targets.
Downloading http://www.desipro.de/musl/targets/Packages.sig.
Signature check passed.
Downloading http://www.desipro.de/musl/telephony/Packages.gz.
Updated list of available packages in /opt/var/opkg-lists/telephony.
Downloading http://www.desipro.de/musl/telephony/Packages.sig.
Signature check passed.
Installing ca-certificates (20160104) to root...
Downloading http://www.desipro.de/musl/base/ca-certificates_20160104_all.ipk.
Installing libc (1.1.14-1) to root...
Downloading http://www.desipro.de/musl/base/libc_1.1.14-1_bcm53xx.ipk.
Installing libgcc (5.3.0-1) to root...
Downloading http://www.desipro.de/musl/base/libgcc_5.3.0-1_bcm53xx.ipk.
Configuring libgcc.
Configuring libc.
Configuring ca-certificates.
root@cyrax:# mkdir /jffs/usr/ssl
mkdir: can't create directory '/jffs/usr/ssl': No such file or directory
root@cyrax:~# cd /jffs/
root@cyrax:/jffs# ls
opt
root@cyrax:/jffs# mkdir usr
root@cyrax:/jffs# cd usr/
root@cyrax:/jffs/usr# mkdir ssl
root@cyrax:/jffs/usr# ls
ssl
root@cyrax:/jffs/usr# cd ssl/
root@cyrax:/jffs/usr/ssl# pwd
/jffs/usr/ssl
root@cyrax:/jffs/usr/ssl# curl --capath /opt/etc/ssl/certs https://raw.githubusercontent.com/Neilpang/acme.sh/master/acme.sh > acme.sh
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 149k 100 149k 0 0 149k 0 0:00:01 0:00:01 --:--:-- 152k
root@cyrax:/jffs/usr/ssl# chmod a+x acme.sh
root@cyrax:/jffs/usr/ssl# ./acme.sh --issue --tls -d mydomain.win \

      --home /jffs/usr/ssl --ca-path /opt/etc/ssl/certs \
      --pre-hook "stopservice lighttpd" --post-hook "startservice lighttpd"

[Fri Aug 18 09:29:30 BST 2017] Run pre hook:'stopservice lighttpd'
[Fri Aug 18 09:29:30 BST 2017] Standalone tls mode.
[Fri Aug 18 09:29:38 BST 2017] Registering account
[Fri Aug 18 09:29:40 BST 2017] Registered
[Fri Aug 18 09:29:41 BST 2017] Update account tos info success.
[Fri Aug 18 09:29:42 BST 2017] ACCOUNT_THUMBPRINT='3VpKGY9EtB49nj1PXPeNpIxnQ8usNsiEP4F_q4JWBOA'
[Fri Aug 18 09:29:42 BST 2017] Creating domain key
[Fri Aug 18 09:29:47 BST 2017] The domain key is here: /jffs/usr/ssl/mydomain.win/mydomain.win.key
[Fri Aug 18 09:29:47 BST 2017] Single domain='mydomain.win'
[Fri Aug 18 09:29:47 BST 2017] Getting domain auth token for each domain
[Fri Aug 18 09:29:47 BST 2017] Getting webroot for domain='mydomain.win'
[Fri Aug 18 09:29:47 BST 2017] Getting new-authz for domain='mydomain.win'
[Fri Aug 18 09:29:49 BST 2017] The new-authz request is ok.
[Fri Aug 18 09:29:49 BST 2017] Verifying:mydomain.win
[Fri Aug 18 09:29:49 BST 2017] Starting tls server.
[Fri Aug 18 09:29:50 BST 2017] Multi domain='DNS:b7a36d342438bad52e3d72803459e9b3.2bb2fcc041d24c10842cc127a06f0be6.acme.invalid'
[Fri Aug 18 09:29:55 BST 2017] Pending
[Fri Aug 18 09:29:58 BST 2017] Pending
sed: bad regex '.("error":{[^\}]).*': Invalid contents of {}
[Fri Aug 18 09:30:00 BST 2017] mydomain.win:Verify error:
[Fri Aug 18 09:30:00 BST 2017] Please add '--debug' or '--log' to check more details.
[Fri Aug 18 09:30:00 BST 2017] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
[Fri Aug 18 09:30:00 BST 2017] Run post hook:'startservice lighttpd'
root@cyrax:/jffs/usr/ssl# ./acme.sh --issue --tls -d mydomain.win \

--home /jffs/usr/ssl --ca-path /opt/etc/ssl/certs
--pre-hook "stopservice lighttpd" --post-hook "startservice lighttpd"
[Fri Aug 18 09:38:00 BST 2017] Run pre hook:'stopservice lighttpd'
[Fri Aug 18 09:38:00 BST 2017] Standalone tls mode.
[Fri Aug 18 09:38:00 BST 2017] Single domain='mydomain.win'
[Fri Aug 18 09:38:00 BST 2017] Getting domain auth token for each domain
[Fri Aug 18 09:38:00 BST 2017] Getting webroot for domain='mydomain.win'
[Fri Aug 18 09:38:00 BST 2017] Getting new-authz for domain='mydomain.win'
[Fri Aug 18 09:38:03 BST 2017] The new-authz request is ok.
[Fri Aug 18 09:38:03 BST 2017] Verifying:mydomain.win
[Fri Aug 18 09:38:03 BST 2017] Starting tls server.
[Fri Aug 18 09:38:05 BST 2017] Multi domain='DNS:97eab9a397777dda7b5b2146d9fec53b.c3e7e63a4957f61989abe0088fdbeb3e.acme.invalid'
[Fri Aug 18 09:38:10 BST 2017] Pending
[Fri Aug 18 09:38:12 BST 2017] Pending
sed: bad regex '.("error":{[^\}]).*': Invalid contents of {}
[Fri Aug 18 09:38:15 BST 2017] mydomain.win:Verify error:
[Fri Aug 18 09:38:15 BST 2017] Please add '--debug' or '--log' to check more details.
[Fri Aug 18 09:38:15 BST 2017] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
[Fri Aug 18 09:38:15 BST 2017] Run post hook:'startservice lighttpd'
root@cyrax:/jffs/usr/ssl# ./acme.sh --issue --tls -d mydomain.win
--home /jffs/usr/ssl --ca-path /opt/etc/ssl/certs
--pre-hook "stopservice lighttpd" --post-hook "startservice lighttpd"
--test --debug 2 --log
[Fri Aug 18 09:43:31 BST 2017] Using config home:/jffs/usr/ssl
[Fri Aug 18 09:43:31 BST 2017] LE_WORKING_DIR='/jffs/usr/ssl'
https://github.com/Neilpang/acme.sh
v2.7.3
[Fri Aug 18 09:43:31 BST 2017] Using config home:/jffs/usr/ssl
[Fri Aug 18 09:43:31 BST 2017] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Fri Aug 18 09:43:31 BST 2017] _ACME_SERVER_HOST='acme-staging.api.letsencrypt.org'
[Fri Aug 18 09:43:31 BST 2017] DOMAIN_PATH='/jffs/usr/ssl/mydomain.win'
[Fri Aug 18 09:43:31 BST 2017] Using ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Fri Aug 18 09:43:31 BST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Fri Aug 18 09:43:31 BST 2017] GET
[Fri Aug 18 09:43:31 BST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Fri Aug 18 09:43:31 BST 2017] timeout
[Fri Aug 18 09:43:31 BST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1503045811.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 18 09:43:31 BST 2017] ret='0'
[Fri Aug 18 09:43:31 BST 2017] response='{
"aiDTiz0KGUc": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"key-change": "https://acme-staging.api.letsencrypt.org/acme/key-change",
"meta": {
"terms-of-service": "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"
},
"new-authz": "https://acme-staging.api.letsencrypt.org/acme/new-authz",
"new-cert": "https://acme-staging.api.letsencrypt.org/acme/new-cert",
"new-reg": "https://acme-staging.api.letsencrypt.org/acme/new-reg",
"revoke-cert": "https://acme-staging.api.letsencrypt.org/acme/revoke-cert"
}'
[Fri Aug 18 09:43:32 BST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Fri Aug 18 09:43:32 BST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Fri Aug 18 09:43:32 BST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Fri Aug 18 09:43:32 BST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Fri Aug 18 09:43:32 BST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Fri Aug 18 09:43:32 BST 2017] Le_NextRenewTime
[Fri Aug 18 09:43:32 BST 2017] _on_before_issue
[Fri Aug 18 09:43:32 BST 2017] Run pre hook:'stopservice lighttpd'
[Fri Aug 18 09:43:32 BST 2017] 'tls' does not contain 'no'
[Fri Aug 18 09:43:32 BST 2017] Le_LocalAddress
[Fri Aug 18 09:43:32 BST 2017] Check for domain='mydomain.win'
[Fri Aug 18 09:43:32 BST 2017] _currentRoot='tls'
[Fri Aug 18 09:43:32 BST 2017] Standalone tls mode.
[Fri Aug 18 09:43:32 BST 2017] _checkport='443'
[Fri Aug 18 09:43:32 BST 2017] _checkaddr
[Fri Aug 18 09:43:32 BST 2017] Using: netstat
[Fri Aug 18 09:43:32 BST 2017] 'tls' does not contain 'apache'
[Fri Aug 18 09:43:32 BST 2017] config file is empty, can not read CA_KEY_HASH
[Fri Aug 18 09:43:32 BST 2017] _saved_account_key_hash
[Fri Aug 18 09:43:32 BST 2017] Using config home:/jffs/usr/ssl
[Fri Aug 18 09:43:32 BST 2017] _ACME_SERVER_HOST='acme-staging.api.letsencrypt.org'
[Fri Aug 18 09:43:32 BST 2017] Use default length 2048
[Fri Aug 18 09:43:32 BST 2017] length='2048'
[Fri Aug 18 09:43:32 BST 2017] Using config home:/jffs/usr/ssl
[Fri Aug 18 09:43:32 BST 2017] _ACME_SERVER_HOST='acme-staging.api.letsencrypt.org'
[Fri Aug 18 09:43:32 BST 2017] _createkey for file:/jffs/usr/ssl/ca/acme-staging.api.letsencrypt.org/account.key
[Fri Aug 18 09:43:32 BST 2017] Use length 2048
[Fri Aug 18 09:43:32 BST 2017] Using RSA: 2048
[Fri Aug 18 09:43:35 BST 2017] RSA key
[Fri Aug 18 09:43:35 BST 2017] _URGLY_PRINTF
[Fri Aug 18 09:43:35 BST 2017] xargs
[Fri Aug 18 09:43:35 BST 2017] _URGLY_PRINTF
[Fri Aug 18 09:43:35 BST 2017] xargs
[Fri Aug 18 09:43:35 BST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Fri Aug 18 09:43:35 BST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Fri Aug 18 09:43:35 BST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Fri Aug 18 09:43:35 BST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Fri Aug 18 09:43:35 BST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Fri Aug 18 09:43:35 BST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Fri Aug 18 09:43:35 BST 2017] AGREEMENT
[Fri Aug 18 09:43:35 BST 2017] Registering account
[Fri Aug 18 09:43:35 BST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Fri Aug 18 09:43:35 BST 2017] payload='{"resource": "new-reg", "agreement": ""}'
[Fri Aug 18 09:43:35 BST 2017] Use cached jwk for file: /jffs/usr/ssl/ca/acme-staging.api.letsencrypt.org/account.key
[Fri Aug 18 09:43:35 BST 2017] Get nonce. ACME_DIRECTORY='https://acme-staging.api.letsencrypt.org/directory'
[Fri Aug 18 09:43:35 BST 2017] GET
[Fri Aug 18 09:43:35 BST 2017] url='https://acme-staging.api.letsencrypt.org/directory'
[Fri Aug 18 09:43:35 BST 2017] timeout
[Fri Aug 18 09:43:36 BST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1503045815.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 18 09:43:36 BST 2017] ret='0'
[Fri Aug 18 09:43:36 BST 2017] _headers='HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Content-Length: 581
Boulder-Request-Id: a8e5Nosz3WKrZ9G2rJL-wdVFuzJwC9gpL31QsZmZ6fk
Replay-Nonce: lZkUIQaKsE6qKhwj8fdGs4oq9AKI6bgyucdjQ48YAIU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 18 Aug 2017 08:43:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 18 Aug 2017 08:43:36 GMT
Connection: keep-alive
'
[Fri Aug 18 09:43:36 BST 2017] _CACHED_NONCE='lZkUIQaKsE6qKhwj8fdGs4oq9AKI6bgyucdjQ48YAIU'
[Fri Aug 18 09:43:36 BST 2017] nonce='lZkUIQaKsE6qKhwj8fdGs4oq9AKI6bgyucdjQ48YAIU'
[Fri Aug 18 09:43:36 BST 2017] POST
[Fri Aug 18 09:43:36 BST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Fri Aug 18 09:43:36 BST 2017] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "2qBjuKjRt8g-9Skj11pPqAXKYPzNln53cSjEbAmXaoT5ilDddKLC4bpTaSPx87K78_7zu0n0Rd7TlVMTS2gnNmySiAxUOK1MCcd83Dk5BkkF5ihcdevOrACVlHZuNTJogiAMBmkruPl7WdxaRTmsvAmGMgngKO0fbXKvVCcdx9kbEWFf13Es3gr0q4BkjBl_x1XsPk2YSWOql5SGuPlsIESDPOF2AWqQFGqatsOahb9D0tRN6mQE5RWXfkAe7600sLrmdixU2XDkA0Sk2bodyVxW4xk2-aHtqAqfKNkIyr73A6EwkXMT3bP1XzaYHWLIGai25C4-d47yk751ny3sGw"}}, "protected": "eyJub25jZSI6ICJsWmtVSVFhS3NFNnFLaHdqOGZkR3M0b3E5QUtJNmJneXVjZGpRNDhZQUlVIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LXJlZyIsICJhbGciOiAiUlMyNTYiLCAiandrIjogeyJlIjogIkFRQUIiLCAia3R5IjogIlJTQSIsICJuIjogIjJxQmp1S2pSdDhnLTlTa2oxMXBQcUFYS1lQek5sbjUzY1NqRWJBbVhhb1Q1aWxEZGRLTEM0YnBUYVNQeDg3Szc4Xzd6dTBuMFJkN1RsVk1UUzJnbk5teVNpQXhVT0sxTUNjZDgzRGs1QmtrRjVpaGNkZXZPckFDVmxIWnVOVEpvZ2lBTUJta3J1UGw3V2R4YVJUbXN2QW1HTWduZ0tPMGZiWEt2VkNjZHg5a2JFV0ZmMTNFczNncjBxNEJrakJsX3gxWHNQazJZU1dPcWw1U0d1UGxzSUVTRFBPRjJBV3FRRkdxYXRzT2FoYjlEMHRSTjZtUUU1UldYZmtBZTc2MDBzTHJtZGl4VTJYRGtBMFNrMmJvZHlWeFc0eGsyLWFIdHFBcWZLTmtJeXI3M0E2RXdrWE1UM2JQMVh6YVlIV0xJR2FpMjVDNC1kNDd5azc1MW55M3NHdyJ9fQ", "payload": "eyJyZXNvdXJjZSI6ICJuZXctcmVnIiwgImFncmVlbWVudCI6ICIifQ", "signature": "V14gfFkQTICpemqZ9UjxTLaQDvunZaQfHGZApINjFiUjzygaQ8oRCV3Ue2NpJ0YNvi8CWW__FFUhU1arNLFF3WihdBM27HXic2A2PKwvlCR8vTmPLYeVkuRJ5lCdIM_5DCtIT2p_D2AsijTR9tCAqx3i81jZKy4gy-39zIW0_ouIVWT95UU0QTxiQVFhg8rkQd0vpqtRVq1ImsFBpyjzQS72RGij-LX-mhAIzu2yjsnwErkwIAPYgPuYGV1t60uWEdpXYKFO6d2rqXNhj_P8_doxrhwZswUr3UMR5if1pIbtQSsAkHFn70zVVaflyVMHzwZQ5o3-sdqJ0FzAORdIAQ"}'
[Fri Aug 18 09:43:36 BST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1503045816.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 18 09:43:37 BST 2017] _ret='0'
[Fri Aug 18 09:43:37 BST 2017] original='{
"id": 3232025,
"key": {
"kty": "RSA",
"n": "2qBjuKjRt8g-9Skj11pPqAXKYPzNln53cSjEbAmXaoT5ilDddKLC4bpTaSPx87K78_7zu0n0Rd7TlVMTS2gnNmySiAxUOK1MCcd83Dk5BkkF5ihcdevOrACVlHZuNTJogiAMBmkruPl7WdxaRTmsvAmGMgngKO0fbXKvVCcdx9kbEWFf13Es3gr0q4BkjBl_x1XsPk2YSWOql5SGuPlsIESDPOF2AWqQFGqatsOahb9D0tRN6mQE5RWXfkAe7600sLrmdixU2XDkA0Sk2bodyVxW4xk2-aHtqAqfKNkIyr73A6EwkXMT3bP1XzaYHWLIGai25C4-d47yk751ny3sGw",
"e": "AQAB"
},
"contact": [],
"initialIp": "XXX.XXX.XXX.XXX",
"createdAt": "2017-08-18T08:43:37.66416723Z",
"Status": "valid"
}'
[Fri Aug 18 09:43:37 BST 2017] responseHeaders='HTTP/1.1 100 Continue
Expires: Fri, 18 Aug 2017 08:43:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 201 Created
Server: nginx
Content-Type: application/json
Content-Length: 540
Boulder-Request-Id: NGK608yKWAvYJxHFZbgVVVd1me9Tly8R-o34xygWP2Q
Boulder-Requester: 3232025
Link: https://acme-staging.api.letsencrypt.org/acme/new-authz;rel="next"
Link: https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf;rel="terms-of-service"
Location: https://acme-staging.api.letsencrypt.org/acme/reg/3232025
Replay-Nonce: 80srlW2oL5jSNlt8qO1Gyle2WsGBketTTpWyXuvm_Ig
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 18 Aug 2017 08:43:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 18 Aug 2017 08:43:37 GMT
Connection: keep-alive
'
[Fri Aug 18 09:43:37 BST 2017] response='{"id": 3232025,"key":{"kty":"RSA","n":"2qBjuKjRt8g-9Skj11pPqAXKYPzNln53cSjEbAmXaoT5ilDddKLC4bpTaSPx87K78_7zu0n0Rd7TlVMTS2gnNmySiAxUOK1MCcd83Dk5BkkF5ihcdevOrACVlHZuNTJogiAMBmkruPl7WdxaRTmsvAmGMgngKO0fbXKvVCcdx9kbEWFf13Es3gr0q4BkjBl_x1XsPk2YSWOql5SGuPlsIESDPOF2AWqQFGqatsOahb9D0tRN6mQE5RWXfkAe7600sLrmdixU2XDkA0Sk2bodyVxW4xk2-aHtqAqfKNkIyr73A6EwkXMT3bP1XzaYHWLIGai25C4-d47yk751ny3sGw","e":"AQAB"},"contact":[],"initialIp":"XXX.XXX.XXX.XXX","createdAt":"2017-08-18T08:43:37.66416723Z","Status":"valid"}'
[Fri Aug 18 09:43:37 BST 2017] code='201'
[Fri Aug 18 09:43:37 BST 2017] Registered
[Fri Aug 18 09:43:37 BST 2017] _accUri='https://acme-staging.api.letsencrypt.org/acme/reg/3232025'
[Fri Aug 18 09:43:37 BST 2017] _tos='https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf'
[Fri Aug 18 09:43:37 BST 2017] AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf'
[Fri Aug 18 09:43:37 BST 2017] Update tos: https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf
[Fri Aug 18 09:43:38 BST 2017] url='https://acme-staging.api.letsencrypt.org/acme/reg/3232025'
[Fri Aug 18 09:43:38 BST 2017] payload='{"resource": "reg", "agreement": "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"}'
[Fri Aug 18 09:43:38 BST 2017] Use cached jwk for file: /jffs/usr/ssl/ca/acme-staging.api.letsencrypt.org/account.key
[Fri Aug 18 09:43:38 BST 2017] Use _CACHED_NONCE='80srlW2oL5jSNlt8qO1Gyle2WsGBketTTpWyXuvm_Ig'
[Fri Aug 18 09:43:38 BST 2017] nonce='80srlW2oL5jSNlt8qO1Gyle2WsGBketTTpWyXuvm_Ig'
[Fri Aug 18 09:43:38 BST 2017] POST
[Fri Aug 18 09:43:38 BST 2017] url='https://acme-staging.api.letsencrypt.org/acme/reg/3232025'
[Fri Aug 18 09:43:38 BST 2017] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "2qBjuKjRt8g-9Skj11pPqAXKYPzNln53cSjEbAmXaoT5ilDddKLC4bpTaSPx87K78_7zu0n0Rd7TlVMTS2gnNmySiAxUOK1MCcd83Dk5BkkF5ihcdevOrACVlHZuNTJogiAMBmkruPl7WdxaRTmsvAmGMgngKO0fbXKvVCcdx9kbEWFf13Es3gr0q4BkjBl_x1XsPk2YSWOql5SGuPlsIESDPOF2AWqQFGqatsOahb9D0tRN6mQE5RWXfkAe7600sLrmdixU2XDkA0Sk2bodyVxW4xk2-aHtqAqfKNkIyr73A6EwkXMT3bP1XzaYHWLIGai25C4-d47yk751ny3sGw"}}, "protected": "eyJub25jZSI6ICI4MHNybFcyb0w1alNObHQ4cU8xR3lsZTJXc0dCa2V0VFRwV3lYdXZtX0lnIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvcmVnLzMyMzIwMjUiLCAiYWxnIjogIlJTMjU2IiwgImp3ayI6IHsiZSI6ICJBUUFCIiwgImt0eSI6ICJSU0EiLCAibiI6ICIycUJqdUtqUnQ4Zy05U2tqMTFwUHFBWEtZUHpObG41M2NTakViQW1YYW9UNWlsRGRkS0xDNGJwVGFTUHg4N0s3OF83enUwbjBSZDdUbFZNVFMyZ25ObXlTaUF4VU9LMU1DY2Q4M0RrNUJra0Y1aWhjZGV2T3JBQ1ZsSFp1TlRKb2dpQU1CbWtydVBsN1dkeGFSVG1zdkFtR01nbmdLTzBmYlhLdlZDY2R4OWtiRVdGZjEzRXMzZ3IwcTRCa2pCbF94MVhzUGsyWVNXT3FsNVNHdVBsc0lFU0RQT0YyQVdxUUZHcWF0c09haGI5RDB0Uk42bVFFNVJXWGZrQWU3NjAwc0xybWRpeFUyWERrQTBTazJib2R5VnhXNHhrMi1hSHRxQXFmS05rSXlyNzNBNkV3a1hNVDNiUDFYemFZSFdMSUdhaTI1QzQtZDQ3eWs3NTFueTNzR3cifX0", "payload": "eyJyZXNvdXJjZSI6ICJyZWciLCAiYWdyZWVtZW50IjogImh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL2RvY3VtZW50cy9MRS1TQS12MS4xLjEtQXVndXN0LTEtMjAxNi5wZGYifQ", "signature": "VNPYRiVCTkhp8DvbeKsPsvfBlFQcJ88-lIt8kye28P3M2imPqcTS7rP4pw-moowHNl40Rxi65oPeHYauhHbUEU-5cp10q356sb7h2pkyXPYkhN7TIVoTA5Z1FaQQXn6vcFlAPVzIBLO0l2bBreEanZyJkrr3z8ssHNnI0Lbur013h2qZQK9lYjrZ2WOwwxa6xAyWNil8VLtS3BORXzgB8Vd8OoXW-11Fb24hCSKgyZ60_VLxtT4DNwc5ULFdGR8P4nHd4L3bikOZ4cCrbnH9rz0XuM3T1rhjnweCzoQtzMk7Cxu8aR4UtNAwaicAZvcC8GOHMmIBaDq1bmWWhRlTFw"}'
[Fri Aug 18 09:43:38 BST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1503045818.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 18 09:43:39 BST 2017] _ret='0'
[Fri Aug 18 09:43:39 BST 2017] original='{
"id": 3232025,
"key": {
"kty": "RSA",
"n": "2qBjuKjRt8g-9Skj11pPqAXKYPzNln53cSjEbAmXaoT5ilDddKLC4bpTaSPx87K78_7zu0n0Rd7TlVMTS2gnNmySiAxUOK1MCcd83Dk5BkkF5ihcdevOrACVlHZuNTJogiAMBmkruPl7WdxaRTmsvAmGMgngKO0fbXKvVCcdx9kbEWFf13Es3gr0q4BkjBl_x1XsPk2YSWOql5SGuPlsIESDPOF2AWqQFGqatsOahb9D0tRN6mQE5RWXfkAe7600sLrmdixU2XDkA0Sk2bodyVxW4xk2-aHtqAqfKNkIyr73A6EwkXMT3bP1XzaYHWLIGai25C4-d47yk751ny3sGw",
"e": "AQAB"
},
"contact": [],
"agreement": "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf",
"initialIp": "XXX.XXX.XXX.XXX",
"createdAt": "2017-08-18T08:43:37Z",
"Status": "valid"
}'
[Fri Aug 18 09:43:39 BST 2017] responseHeaders='HTTP/1.1 100 Continue
Expires: Fri, 18 Aug 2017 08:43:39 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 202 Accepted
Server: nginx
Content-Type: application/json
Content-Length: 614
Boulder-Request-Id: HNwPwJWNAGOTaM9ddAgwxVbL-YRYmsazacsYqBdCWsQ
Boulder-Requester: 3232025
Link: https://acme-staging.api.letsencrypt.org/acme/new-authz;rel="next"
Link: https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf;rel="terms-of-service"
Replay-Nonce: -KsjKa4Y7hvnnsJadllLTCLxgLl5pfXOBiGw8Luu4mk
Expires: Fri, 18 Aug 2017 08:43:39 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 18 Aug 2017 08:43:39 GMT
Connection: keep-alive
'
[Fri Aug 18 09:43:39 BST 2017] response='{"id": 3232025,"key":{"kty":"RSA","n":"2qBjuKjRt8g-9Skj11pPqAXKYPzNln53cSjEbAmXaoT5ilDddKLC4bpTaSPx87K78_7zu0n0Rd7TlVMTS2gnNmySiAxUOK1MCcd83Dk5BkkF5ihcdevOrACVlHZuNTJogiAMBmkruPl7WdxaRTmsvAmGMgngKO0fbXKvVCcdx9kbEWFf13Es3gr0q4BkjBl_x1XsPk2YSWOql5SGuPlsIESDPOF2AWqQFGqatsOahb9D0tRN6mQE5RWXfkAe7600sLrmdixU2XDkA0Sk2bodyVxW4xk2-aHtqAqfKNkIyr73A6EwkXMT3bP1XzaYHWLIGai25C4-d47yk751ny3sGw","e":"AQAB"},"contact":[],"agreement":"https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf","initialIp":"XXX.XXX.XXX.XXX","createdAt":"2017-08-18T08:43:37Z","Status":"valid"}'
[Fri Aug 18 09:43:39 BST 2017] code='202'
[Fri Aug 18 09:43:39 BST 2017] Update account tos info success.
[Fri Aug 18 09:43:39 BST 2017] Calc CA_KEY_HASH='cLqx9HhYcwJrttYmK0mQ51ijhZLSD//LN2HH3tK4abY='
[Fri Aug 18 09:43:39 BST 2017] ACCOUNT_THUMBPRINT='fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q'
[Fri Aug 18 09:43:39 BST 2017] Read key length:
[Fri Aug 18 09:43:39 BST 2017] _createcsr
[Fri Aug 18 09:43:39 BST 2017] domain='mydomain.win'
[Fri Aug 18 09:43:39 BST 2017] domainlist
[Fri Aug 18 09:43:39 BST 2017] csrkey='/jffs/usr/ssl/mydomain.win/mydomain.win.key'
[Fri Aug 18 09:43:39 BST 2017] csr='/jffs/usr/ssl/mydomain.win/mydomain.win.csr'
[Fri Aug 18 09:43:39 BST 2017] csrconf='/jffs/usr/ssl/mydomain.win/mydomain.win.csr.conf'
[Fri Aug 18 09:43:39 BST 2017] Single domain='mydomain.win'
[Fri Aug 18 09:43:39 BST 2017] _is_idn_d='mydomain.win'
[Fri Aug 18 09:43:39 BST 2017] _idn_temp
[Fri Aug 18 09:43:39 BST 2017] _csr_cn='mydomain.win'
[Fri Aug 18 09:43:39 BST 2017] Getting domain auth token for each domain
[Fri Aug 18 09:43:39 BST 2017] Getting webroot for domain='mydomain.win'
[Fri Aug 18 09:43:39 BST 2017] _w='tls'
[Fri Aug 18 09:43:39 BST 2017] _currentRoot='tls'
[Fri Aug 18 09:43:39 BST 2017] Getting new-authz for domain='mydomain.win'
[Fri Aug 18 09:43:40 BST 2017] _init api for server: https://acme-staging.api.letsencrypt.org/directory
[Fri Aug 18 09:43:40 BST 2017] ACME_KEY_CHANGE='https://acme-staging.api.letsencrypt.org/acme/key-change'
[Fri Aug 18 09:43:40 BST 2017] ACME_NEW_AUTHZ='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Fri Aug 18 09:43:40 BST 2017] ACME_NEW_ORDER='https://acme-staging.api.letsencrypt.org/acme/new-cert'
[Fri Aug 18 09:43:40 BST 2017] ACME_NEW_ACCOUNT='https://acme-staging.api.letsencrypt.org/acme/new-reg'
[Fri Aug 18 09:43:40 BST 2017] ACME_REVOKE_CERT='https://acme-staging.api.letsencrypt.org/acme/revoke-cert'
[Fri Aug 18 09:43:40 BST 2017] Try new-authz for the 0 time.
[Fri Aug 18 09:43:40 BST 2017] _is_idn_d='mydomain.win'
[Fri Aug 18 09:43:40 BST 2017] _idn_temp
[Fri Aug 18 09:43:40 BST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Fri Aug 18 09:43:40 BST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "mydomain.win"}}'
[Fri Aug 18 09:43:40 BST 2017] Use cached jwk for file: /jffs/usr/ssl/ca/acme-staging.api.letsencrypt.org/account.key
[Fri Aug 18 09:43:40 BST 2017] Use _CACHED_NONCE='-KsjKa4Y7hvnnsJadllLTCLxgLl5pfXOBiGw8Luu4mk'
[Fri Aug 18 09:43:40 BST 2017] nonce='-KsjKa4Y7hvnnsJadllLTCLxgLl5pfXOBiGw8Luu4mk'
[Fri Aug 18 09:43:40 BST 2017] POST
[Fri Aug 18 09:43:40 BST 2017] url='https://acme-staging.api.letsencrypt.org/acme/new-authz'
[Fri Aug 18 09:43:40 BST 2017] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "2qBjuKjRt8g-9Skj11pPqAXKYPzNln53cSjEbAmXaoT5ilDddKLC4bpTaSPx87K78_7zu0n0Rd7TlVMTS2gnNmySiAxUOK1MCcd83Dk5BkkF5ihcdevOrACVlHZuNTJogiAMBmkruPl7WdxaRTmsvAmGMgngKO0fbXKvVCcdx9kbEWFf13Es3gr0q4BkjBl_x1XsPk2YSWOql5SGuPlsIESDPOF2AWqQFGqatsOahb9D0tRN6mQE5RWXfkAe7600sLrmdixU2XDkA0Sk2bodyVxW4xk2-aHtqAqfKNkIyr73A6EwkXMT3bP1XzaYHWLIGai25C4-d47yk751ny3sGw"}}, "protected": "eyJub25jZSI6ICItS3NqS2E0WTdodm5uc0phZGxsTFRDTHhnTGw1cGZYT0JpR3c4THV1NG1rIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LWF1dGh6IiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAiMnFCanVLalJ0OGctOVNrajExcFBxQVhLWVB6TmxuNTNjU2pFYkFtWGFvVDVpbERkZEtMQzRicFRhU1B4ODdLNzhfN3p1MG4wUmQ3VGxWTVRTMmduTm15U2lBeFVPSzFNQ2NkODNEazVCa2tGNWloY2Rldk9yQUNWbEhadU5USm9naUFNQm1rcnVQbDdXZHhhUlRtc3ZBbUdNZ25nS08wZmJYS3ZWQ2NkeDlrYkVXRmYxM0VzM2dyMHE0QmtqQmxfeDFYc1BrMllTV09xbDVTR3VQbHNJRVNEUE9GMkFXcVFGR3FhdHNPYWhiOUQwdFJONm1RRTVSV1hma0FlNzYwMHNMcm1kaXhVMlhEa0EwU2syYm9keVZ4VzR4azItYUh0cUFxZktOa0l5cjczQTZFd2tYTVQzYlAxWHphWUhXTElHYWkyNUM0LWQ0N3lrNzUxbnkzc0d3In19", "payload": "eyJyZXNvdXJjZSI6ICJuZXctYXV0aHoiLCAiaWRlbnRpZmllciI6IHsidHlwZSI6ICJkbnMiLCAidmFsdWUiOiAiY3lyYXgud2luIn19", "signature": "YLBa75OQvbtCXB2QJZhdLMpSq9zXz9rZWYMeR9x30h1G9fnxysngKTVJHlklQ1E6Lhef9P_l3_zYxrSyavWUi4GKZjBJWh7vOdPLIlIOC3p9ZpTBuqEVAxaeodBvOQtkj96WstOjPFraXCSqanWOeJUPY3V3Tx5kudTQZxwch3X9yfUU1oy4QG_wu07BdprKYBR13PSMO7TZxIUpT-RUKANdCeadqsO8Q1d7uscaCgRMSGjDxy5yQIs4KiXhrSwJoqavNeopzY-xHhWv0sI9idnwQUP3x15eQEKUprGEQIzf4TTh4zxRIFDNxOhQSLvFTG9Ru388F6O_EBfkg6doyg"}'
[Fri Aug 18 09:43:40 BST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1503045820.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 18 09:43:41 BST 2017] _ret='0'
[Fri Aug 18 09:43:41 BST 2017] original='{
"identifier": {
"type": "dns",
"value": "mydomain.win"
},
"status": "pending",
"expires": "2017-08-25T08:43:41.371056768Z",
"challenges": [
{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499",
"token": "hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg"
},
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677500",
"token": "MVvDWfNkcCVGNUVyDcWG-BmkOEZ7bny-jQX0sXv9ssA"
},
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677501",
"token": "cibuACMkxkigGJu4WRyPtYH3g-6_s4ZUoOUIujhEyYg"
}
],
"combinations": [
[
0
],
[
2
],
[
1
]
]
}'
[Fri Aug 18 09:43:41 BST 2017] responseHeaders='HTTP/1.1 100 Continue
Expires: Fri, 18 Aug 2017 08:43:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 201 Created
Server: nginx
Content-Type: application/json
Content-Length: 1003
Boulder-Request-Id: bj53VMyVVZgMhwDweUpS-Vor8OO8rReL6eeKdDB-yKU
Boulder-Requester: 3232025
Link: https://acme-staging.api.letsencrypt.org/acme/new-cert;rel="next"
Location: https://acme-staging.api.letsencrypt.org/acme/authz/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4
Replay-Nonce: 5A1mw7lqG6aKpx1AyI6Svw3nPk44nKWBg-fY1A_ep-s
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 18 Aug 2017 08:43:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 18 Aug 2017 08:43:41 GMT
Connection: keep-alive
'
[Fri Aug 18 09:43:41 BST 2017] response='{"identifier":{"type":"dns","value":"mydomain.win"},"status":"pending","expires":"2017-08-25T08:43:41.371056768Z","challenges":[{"type":"tls-sni-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499","token":"hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg"},{"type":"dns-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677500","token":"MVvDWfNkcCVGNUVyDcWG-BmkOEZ7bny-jQX0sXv9ssA"},{"type":"http-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677501","token":"cibuACMkxkigGJu4WRyPtYH3g-6_s4ZUoOUIujhEyYg"}],"combinations":[[0],[2],[1]]}'
[Fri Aug 18 09:43:41 BST 2017] code='201'
[Fri Aug 18 09:43:41 BST 2017] The new-authz request is ok.
[Fri Aug 18 09:43:41 BST 2017] entry='"type":"tls-sni-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499","token":"hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg"'
[Fri Aug 18 09:43:41 BST 2017] token='hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg'
[Fri Aug 18 09:43:41 BST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499'
[Fri Aug 18 09:43:41 BST 2017] keyauthorization='hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q'
[Fri Aug 18 09:43:41 BST 2017] dvlist='mydomain.win#hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q#https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499#tls-sni-01#tls'
[Fri Aug 18 09:43:41 BST 2017] vlist='mydomain.win#hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q#https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499#tls-sni-01#tls,'
[Fri Aug 18 09:43:41 BST 2017] ok, let's start to verify
[Fri Aug 18 09:43:41 BST 2017] Verifying:mydomain.win
[Fri Aug 18 09:43:41 BST 2017] d='mydomain.win'
[Fri Aug 18 09:43:41 BST 2017] keyauthorization='hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q'
[Fri Aug 18 09:43:41 BST 2017] uri='https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499'
[Fri Aug 18 09:43:41 BST 2017] _currentRoot='tls'
[Fri Aug 18 09:43:41 BST 2017] _hash_B='77f2053d068e948609db6c8e8c3084c6e40c2eb39a1e7b067f27278153c472df'
[Fri Aug 18 09:43:41 BST 2017] _x='77f2053d068e948609db6c8e8c3084c6'
[Fri Aug 18 09:43:41 BST 2017] _y='e40c2eb39a1e7b067f27278153c472df'
[Fri Aug 18 09:43:41 BST 2017] _SAN_B='77f2053d068e948609db6c8e8c3084c6.e40c2eb39a1e7b067f27278153c472df.acme.invalid'
[Fri Aug 18 09:43:41 BST 2017] Starting tls server.
[Fri Aug 18 09:43:41 BST 2017] san_a='77f2053d068e948609db6c8e8c3084c6.e40c2eb39a1e7b067f27278153c472df.acme.invalid'
[Fri Aug 18 09:43:41 BST 2017] san_b
[Fri Aug 18 09:43:42 BST 2017] port='443'
[Fri Aug 18 09:43:42 BST 2017] _createkey for file:/jffs/usr/ssl/mydomain.win/tls.validation.key
[Fri Aug 18 09:43:42 BST 2017] Use length 2048
[Fri Aug 18 09:43:42 BST 2017] Using RSA: 2048
[Fri Aug 18 09:43:50 BST 2017] _createcsr
[Fri Aug 18 09:43:50 BST 2017] domain='tls.acme.sh'
[Fri Aug 18 09:43:50 BST 2017] domainlist='77f2053d068e948609db6c8e8c3084c6.e40c2eb39a1e7b067f27278153c472df.acme.invalid'
[Fri Aug 18 09:43:50 BST 2017] csrkey='/jffs/usr/ssl/mydomain.win/tls.validation.key'
[Fri Aug 18 09:43:50 BST 2017] csr='/jffs/usr/ssl/mydomain.win/tls.validation.csr'
[Fri Aug 18 09:43:50 BST 2017] csrconf='/jffs/usr/ssl/mydomain.win/tls.validation.conf'
[Fri Aug 18 09:43:50 BST 2017] _is_idn_d='77f2053d068e948609db6c8e8c3084c6.e40c2eb39a1e7b067f27278153c472df.acme.invalid'
[Fri Aug 18 09:43:50 BST 2017] _idn_temp
[Fri Aug 18 09:43:50 BST 2017] domainlist='77f2053d068e948609db6c8e8c3084c6.e40c2eb39a1e7b067f27278153c472df.acme.invalid'
[Fri Aug 18 09:43:50 BST 2017] Multi domain='DNS:77f2053d068e948609db6c8e8c3084c6.e40c2eb39a1e7b067f27278153c472df.acme.invalid'
[Fri Aug 18 09:43:50 BST 2017] _is_idn_d='tls.acme.sh'
[Fri Aug 18 09:43:51 BST 2017] _idn_temp
[Fri Aug 18 09:43:51 BST 2017] _csr_cn='tls.acme.sh'
[Fri Aug 18 09:43:51 BST 2017] _signcsr
[Fri Aug 18 09:43:51 BST 2017] Signature ok
subject=/CN=tls.acme.sh
Getting Private key
[Fri Aug 18 09:43:51 BST 2017] Le_Listen_V4
[Fri Aug 18 09:43:51 BST 2017] Le_Listen_V6
[Fri Aug 18 09:43:51 BST 2017] openssl s_server -cert /jffs/usr/ssl/mydomain.win/tls.validation.cert -key /jffs/usr/ssl/mydomain.win/tls.validation.key -accept 443
Using default temp DH parameters
ACCEPT
[Fri Aug 18 09:43:52 BST 2017] serverproc='4537'
[Fri Aug 18 09:43:52 BST 2017] tigger domain validation.
[Fri Aug 18 09:43:52 BST 2017] _t_url='https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499'
[Fri Aug 18 09:43:52 BST 2017] _t_key_authz='hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q'
[Fri Aug 18 09:43:52 BST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499'
[Fri Aug 18 09:43:52 BST 2017] payload='{"resource": "challenge", "keyAuthorization": "hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q"}'
[Fri Aug 18 09:43:52 BST 2017] Use cached jwk for file: /jffs/usr/ssl/ca/acme-staging.api.letsencrypt.org/account.key
[Fri Aug 18 09:43:52 BST 2017] Use CACHED_NONCE='5A1mw7lqG6aKpx1AyI6Svw3nPk44nKWBg-fY1A_ep-s'
[Fri Aug 18 09:43:52 BST 2017] nonce='5A1mw7lqG6aKpx1AyI6Svw3nPk44nKWBg-fY1A_ep-s'
[Fri Aug 18 09:43:52 BST 2017] POST
[Fri Aug 18 09:43:52 BST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499'
[Fri Aug 18 09:43:52 BST 2017] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "2qBjuKjRt8g-9Skj11pPqAXKYPzNln53cSjEbAmXaoT5ilDddKLC4bpTaSPx87K78_7zu0n0Rd7TlVMTS2gnNmySiAxUOK1MCcd83Dk5BkkF5ihcdevOrACVlHZuNTJogiAMBmkruPl7WdxaRTmsvAmGMgngKO0fbXKvVCcdx9kbEWFf13Es3gr0q4BkjBl_x1XsPk2YSWOql5SGuPlsIESDPOF2AWqQFGqatsOahb9D0tRN6mQE5RWXfkAe7600sLrmdixU2XDkA0Sk2bodyVxW4xk2-aHtqAqfKNkIyr73A6EwkXMT3bP1XzaYHWLIGai25C4-d47yk751ny3sGw"}}, "protected": "eyJub25jZSI6ICI1QTFtdzdscUc2YUtweDFBeUk2U3Z3M25QazQ0bktXQmctZlkxQV9lcC1zIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGxlbmdlL0dYYV9ZU25odDRLV21yakVTYld0bDcyWnl0TGg4VkJTNHRtbXpkOHFaRzQvNTM2Nzc0OTkiLCAiYWxnIjogIlJTMjU2IiwgImp3ayI6IHsiZSI6ICJBUUFCIiwgImt0eSI6ICJSU0EiLCAibiI6ICIycUJqdUtqUnQ4Zy05U2tqMTFwUHFBWEtZUHpObG41M2NTakViQW1YYW9UNWlsRGRkS0xDNGJwVGFTUHg4N0s3OF83enUwbjBSZDdUbFZNVFMyZ25ObXlTaUF4VU9LMU1DY2Q4M0RrNUJra0Y1aWhjZGV2T3JBQ1ZsSFp1TlRKb2dpQU1CbWtydVBsN1dkeGFSVG1zdkFtR01nbmdLTzBmYlhLdlZDY2R4OWtiRVdGZjEzRXMzZ3IwcTRCa2pCbF94MVhzUGsyWVNXT3FsNVNHdVBsc0lFU0RQT0YyQVdxUUZHcWF0c09haGI5RDB0Uk42bVFFNVJXWGZrQWU3NjAwc0xybWRpeFUyWERrQTBTazJib2R5VnhXNHhrMi1hSHRxQXFmS05rSXlyNzNBNkV3a1hNVDNiUDFYemFZSFdMSUdhaTI1QzQtZDQ3eWs3NTFueTNzR3cifX0", "payload": "eyJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLCAia2V5QXV0aG9yaXphdGlvbiI6ICJoWC1vUjJmT3V0X3B2dkdFZkRkSDFIRmRBdXdhN29zMXl2alBveW5rS0ZnLmZBeEQzajR2d0JzNjc1cmJ1aHlWaUdqUGVMbGFJOHVKRDltNEwxTjZrLVEifQ", "signature": "ViL_lgBK0B76dQiGIv3xneKIZjerN4fkwJ3RGg3Aq_MoabSH2L0rkcjcGxg8YRyAbkpJpPGqdypy7h5dTh_EUWk7_qnjODYBEoOkBKfwiHUkSwfotdXykj6qyS1WTc0FX_QhURbN5s_v4FKPfWTnlnFUdU3oG5ZCQtGGAliUeysOJYXVSxa4jHPS-DanFYAoezqZp-163eDFY15YP1J8mWzo53BFkd3IN_2dal5gwBGxLgC-SYDIxQJsLoIZO4ultVBKv7JufBmbVKajOQGxU9mjyBKv35q6q-7CpcQ2iKPsbMlJs8YLmCys1ouj6eOXKXl8WOBT0PSambmnVD3lA"}'
[Fri Aug 18 09:43:52 BST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1503045832.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 18 09:43:53 BST 2017] _ret='0'
[Fri Aug 18 09:43:53 BST 2017] original='{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499",
"token": "hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg",
"keyAuthorization": "hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q"
}'
[Fri Aug 18 09:43:54 BST 2017] responseHeaders='HTTP/1.1 100 Continue
Expires: Fri, 18 Aug 2017 08:43:53 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 202 Accepted
Server: nginx
Content-Type: application/json
Content-Length: 341
Boulder-Request-Id: qtKY96Jeo5Byk37USaUQ0I8uKaBWG19lAHDN6fzt8YY
Boulder-Requester: 3232025
Link: https://acme-staging.api.letsencrypt.org/acme/authz/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4;rel="up"
Location: https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499
Replay-Nonce: xHKkX8gMUoDLp2QVoNGHbGipAs72lP4SCZoBTMf9B-M
Expires: Fri, 18 Aug 2017 08:43:54 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 18 Aug 2017 08:43:54 GMT
Connection: keep-alive
'
[Fri Aug 18 09:43:54 BST 2017] response='{"type":"tls-sni-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499","token":"hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg","keyAuthorization":"hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q"}'
[Fri Aug 18 09:43:54 BST 2017] code='202'
[Fri Aug 18 09:43:54 BST 2017] sleep 2 secs to verify
[Fri Aug 18 09:43:56 BST 2017] checking
[Fri Aug 18 09:43:56 BST 2017] GET
[Fri Aug 18 09:43:56 BST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499'
[Fri Aug 18 09:43:56 BST 2017] timeout
[Fri Aug 18 09:43:56 BST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1503045836.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 18 09:43:56 BST 2017] ret='0'
[Fri Aug 18 09:43:56 BST 2017] original='{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499",
"token": "hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg",
"keyAuthorization": "hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q"
}'
[Fri Aug 18 09:43:56 BST 2017] response='{"type":"tls-sni-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499","token":"hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg","keyAuthorization":"hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q"}'
[Fri Aug 18 09:43:56 BST 2017] Pending
[Fri Aug 18 09:43:56 BST 2017] sleep 2 secs to verify
[Fri Aug 18 09:43:58 BST 2017] checking
[Fri Aug 18 09:43:58 BST 2017] GET
[Fri Aug 18 09:43:58 BST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499'
[Fri Aug 18 09:43:58 BST 2017] timeout
[Fri Aug 18 09:43:58 BST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1503045838.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 18 09:43:59 BST 2017] ret='0'
[Fri Aug 18 09:43:59 BST 2017] original='{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499",
"token": "hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg",
"keyAuthorization": "hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q"
}'
[Fri Aug 18 09:43:59 BST 2017] response='{"type":"tls-sni-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499","token":"hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg","keyAuthorization":"hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q"}'
[Fri Aug 18 09:43:59 BST 2017] Pending
[Fri Aug 18 09:43:59 BST 2017] sleep 2 secs to verify
[Fri Aug 18 09:44:01 BST 2017] checking
[Fri Aug 18 09:44:01 BST 2017] GET
[Fri Aug 18 09:44:01 BST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499'
[Fri Aug 18 09:44:01 BST 2017] timeout
[Fri Aug 18 09:44:01 BST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1503045841.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 18 09:44:01 BST 2017] ret='0'
[Fri Aug 18 09:44:01 BST 2017] original='{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499",
"token": "hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg",
"keyAuthorization": "hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q"
}'
[Fri Aug 18 09:44:01 BST 2017] response='{"type":"tls-sni-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499","token":"hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg","keyAuthorization":"hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q"}'
[Fri Aug 18 09:44:01 BST 2017] Pending
[Fri Aug 18 09:44:01 BST 2017] sleep 2 secs to verify
[Fri Aug 18 09:44:04 BST 2017] checking
[Fri Aug 18 09:44:04 BST 2017] GET
[Fri Aug 18 09:44:04 BST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499'
[Fri Aug 18 09:44:04 BST 2017] timeout
[Fri Aug 18 09:44:04 BST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1503045844.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 18 09:44:04 BST 2017] ret='0'
[Fri Aug 18 09:44:04 BST 2017] original='{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499",
"token": "hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg",
"keyAuthorization": "hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q"
}'
[Fri Aug 18 09:44:04 BST 2017] response='{"type":"tls-sni-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499","token":"hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg","keyAuthorization":"hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q"}'
[Fri Aug 18 09:44:04 BST 2017] Pending
[Fri Aug 18 09:44:04 BST 2017] sleep 2 secs to verify
[Fri Aug 18 09:44:06 BST 2017] checking
[Fri Aug 18 09:44:06 BST 2017] GET
[Fri Aug 18 09:44:06 BST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499'
[Fri Aug 18 09:44:06 BST 2017] timeout
[Fri Aug 18 09:44:06 BST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1503045846.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 18 09:44:07 BST 2017] ret='0'
[Fri Aug 18 09:44:07 BST 2017] original='{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499",
"token": "hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg",
"keyAuthorization": "hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q"
}'
[Fri Aug 18 09:44:07 BST 2017] response='{"type":"tls-sni-01","status":"pending","uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499","token":"hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg","keyAuthorization":"hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q"}'
[Fri Aug 18 09:44:07 BST 2017] Pending
[Fri Aug 18 09:44:07 BST 2017] sleep 2 secs to verify
[Fri Aug 18 09:44:09 BST 2017] checking
[Fri Aug 18 09:44:09 BST 2017] GET
[Fri Aug 18 09:44:09 BST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499'
[Fri Aug 18 09:44:09 BST 2017] timeout
[Fri Aug 18 09:44:09 BST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1503045849.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 18 09:44:09 BST 2017] ret='0'
[Fri Aug 18 09:44:09 BST 2017] original='{
"type": "tls-sni-01",
"status": "invalid",
"error": {
"type": "urn:acme:error:connection",
"detail": "DNS problem: query timed out looking up A for mydomain.win",
"status": 400
},
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499",
"token": "hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg",
"keyAuthorization": "hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q",
"validationRecord": [
{
"hostname": "mydomain.win",
"port": "443",
"addressesResolved": [],
"addressUsed": "",
"addressesTried": []
}
]
}'
[Fri Aug 18 09:44:09 BST 2017] response='{"type":"tls-sni-01","status":"invalid","error":{"type":"urn:acme:error:connection","detail":"DNS problem: query timed out looking up A for mydomain.win","status": 400},"uri":"https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499","token":"hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg","keyAuthorization":"hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q","validationRecord":[{"hostname":"mydomain.win","port":"443","addressesResolved":[],"addressUsed":"","addressesTried":[]}]}'
sed: bad regex '.("error":{[^\}]).*': Invalid contents of {}
[Fri Aug 18 09:44:09 BST 2017] error
[Fri Aug 18 09:44:09 BST 2017] errordetail
[Fri Aug 18 09:44:10 BST 2017] mydomain.win:Verify error:
[Fri Aug 18 09:44:10 BST 2017] Skip for removelevel:
[Fri Aug 18 09:44:10 BST 2017] pid='4537'
[Fri Aug 18 09:44:10 BST 2017] Le_HTTPPort
[Fri Aug 18 09:44:10 BST 2017] Le_TLSPort='443'
TLS client extension "server name" (id=0), len=14
0000 - 00 0c 00 00 09 6c 6f 63-61 6c 68 6f 73 74 .....localhost
TLS client extension "EC point formats" (id=11), len=4
0000 - 03 00 01 02 ....
TLS client extension "elliptic curves" (id=10), len=16
0000 - 00 0e 00 17 00 19 00 1c-00 1b 00 18 00 1a 00 16 ................
TLS client extension "signature algorithms" (id=13), len=32
0000 - 00 1e 06 01 06 02 06 03-05 01 05 02 05 03 04 01 ................
0010 - 04 02 04 03 03 01 03 02-03 03 02 01 02 02 02 03 ................
TLS client extension "heartbeat" (id=15), len=1
0000 - 01 .
TLS client extension "next protocol" (id=13172), len=0
TLS client extension "application layer protocol negotiation" (id=16), len=11
0000 - 00 09 08 68 74 74 70 2f-31 2e 31 ...http/1.1
TLS client extension "TLS padding" (id=21), len=207
00cf - <SPACES/NULS>
ERROR
1995568320:error:14094418:lib(20):func(148):reason(1048):NA:0:SSL alert number 48
1995568320:error:140790E5:lib(20):func(121):reason(229):NA:0:
shutting down SSL
CONNECTION CLOSED
ACCEPT
DONE
shutdown accept socket
shutting down SSL
CONNECTION CLOSED
0 items in the session cache
0 client connects (SSL_connect())
0 client renegotiates (SSL_connect())
0 client connects that finished
1 server accepts (SSL_accept())
0 server renegotiates (SSL_accept())
0 server accepts that finished
0 session cache hits
0 session cache misses
0 session cache timeouts
0 callback cache hits
0 cache full overflows (128 allowed)
[Fri Aug 18 09:44:10 BST 2017] No need to restore nginx, skip.
[Fri Aug 18 09:44:10 BST 2017] _clearupdns
[Fri Aug 18 09:44:10 BST 2017] skip dns.
[Fri Aug 18 09:44:10 BST 2017] _on_issue_err
[Fri Aug 18 09:44:10 BST 2017] Please check log file for more details: /jffs/usr/ssl/acme.sh.log
[Fri Aug 18 09:44:10 BST 2017] Run post hook:'startservice lighttpd'
[Fri Aug 18 09:44:10 BST 2017] _chk_vlist='mydomain.win#hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q#https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499#tls-sni-01#tls,'
[Fri Aug 18 09:44:10 BST 2017] start to deactivate authz
[Fri Aug 18 09:44:10 BST 2017] tigger domain validation.
[Fri Aug 18 09:44:10 BST 2017] _t_url='https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499'
[Fri Aug 18 09:44:10 BST 2017] _t_key_authz='hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q'
[Fri Aug 18 09:44:10 BST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499'
[Fri Aug 18 09:44:10 BST 2017] payload='{"resource": "challenge", "keyAuthorization": "hX-oR2fOut_pvvGEfDdH1HFdAuwa7os1yvjPoynkKFg.fAxD3j4vwBs675rbuhyViGjPeLlaI8uJD9m4L1N6k-Q"}'
[Fri Aug 18 09:44:10 BST 2017] Use cached jwk for file: /jffs/usr/ssl/ca/acme-staging.api.letsencrypt.org/account.key
[Fri Aug 18 09:44:10 BST 2017] Use _CACHED_NONCE='xHKkX8gMUoDLp2QVoNGHbGipAs72lP4SCZoBTMf9B-M'
[Fri Aug 18 09:44:10 BST 2017] nonce='xHKkX8gMUoDLp2QVoNGHbGipAs72lP4SCZoBTMf9B-M'
[Fri Aug 18 09:44:10 BST 2017] POST
[Fri Aug 18 09:44:10 BST 2017] url='https://acme-staging.api.letsencrypt.org/acme/challenge/GXa_YSnht4KWmrjESbWtl72ZytLh8VBS4tmmzd8qZG4/53677499'
[Fri Aug 18 09:44:10 BST 2017] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "2qBjuKjRt8g-9Skj11pPqAXKYPzNln53cSjEbAmXaoT5ilDddKLC4bpTaSPx87K78_7zu0n0Rd7TlVMTS2gnNmySiAxUOK1MCcd83Dk5BkkF5ihcdevOrACVlHZuNTJogiAMBmkruPl7WdxaRTmsvAmGMgngKO0fbXKvVCcdx9kbEWFf13Es3gr0q4BkjBl_x1XsPk2YSWOql5SGuPlsIESDPOF2AWqQFGqatsOahb9D0tRN6mQE5RWXfkAe7600sLrmdixU2XDkA0Sk2bodyVxW4xk2-aHtqAqfKNkIyr73A6EwkXMT3bP1XzaYHWLIGai25C4-d47yk751ny3sGw"}}, "protected": "eyJub25jZSI6ICJ4SEtrWDhnTVVvRExwMlFWb05HSGJHaXBBczcybFA0U0Nab0JUTWY5Qi1NIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGxlbmdlL0dYYV9ZU25odDRLV21yakVTYld0bDcyWnl0TGg4VkJTNHRtbXpkOHFaRzQvNTM2Nzc0OTkiLCAiYWxnIjogIlJTMjU2IiwgImp3ayI6IHsiZSI6ICJBUUFCIiwgImt0eSI6ICJSU0EiLCAibiI6ICIycUJqdUtqUnQ4Zy05U2tqMTFwUHFBWEtZUHpObG41M2NTakViQW1YYW9UNWlsRGRkS0xDNGJwVGFTUHg4N0s3OF83enUwbjBSZDdUbFZNVFMyZ25ObXlTaUF4VU9LMU1DY2Q4M0RrNUJra0Y1aWhjZGV2T3JBQ1ZsSFp1TlRKb2dpQU1CbWtydVBsN1dkeGFSVG1zdkFtR01nbmdLTzBmYlhLdlZDY2R4OWtiRVdGZjEzRXMzZ3IwcTRCa2pCbF94MVhzUGsyWVNXT3FsNVNHdVBsc0lFU0RQT0YyQVdxUUZHcWF0c09haGI5RDB0Uk42bVFFNVJXWGZrQWU3NjAwc0xybWRpeFUyWERrQTBTazJib2R5VnhXNHhrMi1hSHRxQXFmS05rSXlyNzNBNkV3a1hNVDNiUDFYemFZSFdMSUdhaTI1QzQtZDQ3eWs3NTFueTNzR3cifX0", "payload": "eyJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLCAia2V5QXV0aG9yaXphdGlvbiI6ICJoWC1vUjJmT3V0X3B2dkdFZkRkSDFIRmRBdXdhN29zMXl2alBveW5rS0ZnLmZBeEQzajR2d0JzNjc1cmJ1aHlWaUdqUGVMbGFJOHVKRDltNEwxTjZrLVEifQ", "signature": "jpyHbqp45TescE6fxqSX4GuzOTroVBqKzT4mfliJyU7U9-GMlf1W7QltFiri9Tt3bg9MQSAWnsftCwReRggJ1B0SXzQo3tpGxuS-Q4eiiDR37lDd388ROk2j7eZu-7er-kwqyBjxi3-FEo8gUwHXm1svRfhhBAUcDgGd21x5PYWBKBZyBddqedyLkMtTShZEdjF_s4tJC_QxLTAx4Sjjc-z0ckin2Cf_eeO3Abtbhvz7BJH7R1f3To8MGijpfmnAj_3TUqW7faHDifu53v3yg6qKg6chjT42DL9D-e-Gx8AvjizBReo7ENC1iMP7mkOEPmnhnb4KkBH7Bvx5xnVQPg"}'
[Fri Aug 18 09:44:10 BST 2017] Http already initialized.
[Fri Aug 18 09:44:10 BST 2017] _CURL='curl -L --silent --dump-header /jffs/usr/ssl/http.header --trace-ascii /tmp/acme.shwefADf24sf.1503045850.tmp --capath /opt/etc/ssl/certs '
[Fri Aug 18 09:44:11 BST 2017] _ret='0'
[Fri Aug 18 09:44:11 BST 2017] original='{
"type": "urn:acme:error:malformed",
"detail": "Unable to update challenge :: The challenge is not pending.",
"status": 400
}'
[Fri Aug 18 09:44:11 BST 2017] responseHeaders='HTTP/1.1 100 Continue
Expires: Fri, 18 Aug 2017 08:44:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: application/problem+json
Content-Length: 132
Boulder-Request-Id: zlx07ivKV8uq1x7CdeguSulHZQSYXJF8y5dCGMkRYVo
Boulder-Requester: 3232025
Replay-Nonce: GVXufHI312wyBw9oLj_7fk-5-JlsaGGOPtMJ5v7Af_w
Expires: Fri, 18 Aug 2017 08:44:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 18 Aug 2017 08:44:11 GMT
Connection: close
'
[Fri Aug 18 09:44:11 BST 2017] response='{"type":"urn:acme:error:malformed","detail":"Unable to update challenge :: The challenge is not pending.","status": 400}'
[Fri Aug 18 09:44:11 BST 2017] code='400'
[Fri Aug 18 09:44:12 BST 2017] Diagnosis versions:
openssl:openssl
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
nc:
nc: unrecognized option: h
BusyBox v1.26.2 (2017-06-11 12:37:55 CEST) multi-call binary.

Usage: nc [-iN] [-wN] [-l] [-p PORT] [-f FILE|IPADDR PORT] [-e PROG]

Open a pipe to IP:PORT or FILE

    -l      Listen mode, for inbound connects
            (use -ll with -e for persistent server)
    -p PORT Local port
    -w SEC  Connect timeout
    -i SEC  Delay interval for lines sent
    -f FILE Use file (ala /dev/ttyS0) instead of network
    -e PROG Run PROG after connect

root@cyrax:/jffs/usr/ssl#

fvyskocil · 2017-09-01T12:44:14Z

Hello, I have same issue with Alpine Linux edge branch.
Installing bash and running under doesn't help.
Installing netcat-openbsd package doesn't help.
Thanks in advance.

cvonk · 2017-10-22T04:18:46Z

Seems like the {} characters shouldn't be escaped because they are in strong quotes. For me, it helps when I replace
error="$(echo "$response" | tr -d "\r\n" | _egrep_o '"error":{[^\}]')"
with
error="$(echo "$response" | tr -d "\r\n" | _egrep_o '"error":{[^}]')"

ciao,
/c

jmigual · 2024-01-09T17:22:19Z

Hello, I'm currently having the same issue in openwrt. I've tried using GNU sed and busybox sed and both fail. Has anyone managed to solve it?

smythe811 mentioned this issue Oct 30, 2017

Verify Error:Connection Refused on latest Kong DD-WRT builds. #1088

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

DD-WRT NGINX proxy gives error sed: bad regex '.\("error":\{[^\}]\).*': Invalid contents of {} #968

DD-WRT NGINX proxy gives error sed: bad regex '.\("error":\{[^\}]\).*': Invalid contents of {} #968

justClouds commented Aug 10, 2017 •

edited

Neilpang commented Aug 10, 2017

justClouds commented Aug 10, 2017 •

edited

Neilpang commented Aug 10, 2017

justClouds commented Aug 10, 2017

Neilpang commented Aug 11, 2017

justClouds commented Aug 11, 2017

Neilpang commented Aug 12, 2017

justClouds commented Aug 13, 2017 •

edited by Neilpang

jumitate commented Aug 18, 2017

fvyskocil commented Sep 1, 2017

cvonk commented Oct 22, 2017

jmigual commented Jan 9, 2024

DD-WRT NGINX proxy gives error sed: bad regex '.*\("error":\{[^\}]*\).*': Invalid contents of {} #968

DD-WRT NGINX proxy gives error sed: bad regex '.*\("error":\{[^\}]*\).*': Invalid contents of {} #968

Comments

justClouds commented Aug 10, 2017 • edited

Steps to reproduce

Debug log

Neilpang commented Aug 10, 2017

justClouds commented Aug 10, 2017 • edited

Neilpang commented Aug 10, 2017

justClouds commented Aug 10, 2017

Neilpang commented Aug 11, 2017

justClouds commented Aug 11, 2017

Neilpang commented Aug 12, 2017

justClouds commented Aug 13, 2017 • edited by Neilpang

jumitate commented Aug 18, 2017

fvyskocil commented Sep 1, 2017

cvonk commented Oct 22, 2017

jmigual commented Jan 9, 2024

DD-WRT NGINX proxy gives error sed: bad regex '.\("error":\{[^\}]\).*': Invalid contents of {} #968

DD-WRT NGINX proxy gives error sed: bad regex '.\("error":\{[^\}]\).*': Invalid contents of {} #968

justClouds commented Aug 10, 2017 •

edited

justClouds commented Aug 10, 2017 •

edited

justClouds commented Aug 13, 2017 •

edited by Neilpang