群晖DSM 7.1.1无法获取证书，为域添加 txt 时出错。Error add txt for domain

[simin-in-tw]

域名使用Cloudflare解析，从log文件中看到是添加txt记录时出错，API 令牌核实是对的，给的权限是编辑DNS，用来做DDNS都正常，就是不知道怎么回事，有没有大佬可以帮看下：

begin update cert
------ begin updateCrt ------
begin backupCrt
done backupCrt
begin installAcme
begin downloading acme.sh tool...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed

0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
100 64 100 64 0 0 60 0 0:00:01 0:00:01 --:--:-- 60
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed

0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0

0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
100 95742 0 95742 0 0 62606 0 --:--:-- 0:00:01 --:--:-- 99523
100 188k 0 188k 0 0 72590 0 --:--:-- 0:00:02 --:--:-- 92299
100 188k 0 188k 0 0 72576 0 --:--:-- 0:00:02 --:--:-- 92255
acme.sh-2.8.6/
acme.sh-2.8.6/.github/
acme.sh-2.8.6/.github/FUNDING.yml
acme.sh-2.8.6/.github/ISSUE_TEMPLATE.md
acme.sh-2.8.6/.github/PULL_REQUEST_TEMPLATE.md
acme.sh-2.8.6/.github/auto-comment.yml
acme.sh-2.8.6/.github/workflows/
acme.sh-2.8.6/.github/workflows/dockerhub.yml
acme.sh-2.8.6/.travis.yml
acme.sh-2.8.6/Dockerfile
acme.sh-2.8.6/LICENSE.md
acme.sh-2.8.6/README.md
acme.sh-2.8.6/acme.sh
acme.sh-2.8.6/deploy/
acme.sh-2.8.6/deploy/README.md
acme.sh-2.8.6/deploy/apache.sh
acme.sh-2.8.6/deploy/cpanel_uapi.sh
acme.sh-2.8.6/deploy/docker.sh
acme.sh-2.8.6/deploy/dovecot.sh
acme.sh-2.8.6/deploy/exim4.sh
acme.sh-2.8.6/deploy/fritzbox.sh
acme.sh-2.8.6/deploy/gcore_cdn.sh
acme.sh-2.8.6/deploy/gitlab.sh
acme.sh-2.8.6/deploy/haproxy.sh
acme.sh-2.8.6/deploy/keychain.sh
acme.sh-2.8.6/deploy/kong.sh
acme.sh-2.8.6/deploy/mailcow.sh
acme.sh-2.8.6/deploy/myapi.sh
acme.sh-2.8.6/deploy/mydevil.sh
acme.sh-2.8.6/deploy/mysqld.sh
acme.sh-2.8.6/deploy/nginx.sh
acme.sh-2.8.6/deploy/opensshd.sh
acme.sh-2.8.6/deploy/panos.sh
acme.sh-2.8.6/deploy/pureftpd.sh
acme.sh-2.8.6/deploy/qiniu.sh
acme.sh-2.8.6/deploy/routeros.sh
acme.sh-2.8.6/deploy/ssh.sh
acme.sh-2.8.6/deploy/strongswan.sh
acme.sh-2.8.6/deploy/synology_dsm.sh
acme.sh-2.8.6/deploy/unifi.sh
acme.sh-2.8.6/deploy/vault_cli.sh
acme.sh-2.8.6/deploy/vsftpd.sh
acme.sh-2.8.6/dnsapi/
acme.sh-2.8.6/dnsapi/README.md
acme.sh-2.8.6/dnsapi/dns_1984hosting.sh
acme.sh-2.8.6/dnsapi/dns_acmedns.sh
acme.sh-2.8.6/dnsapi/dns_acmeproxy.sh
acme.sh-2.8.6/dnsapi/dns_active24.sh
acme.sh-2.8.6/dnsapi/dns_ad.sh
acme.sh-2.8.6/dnsapi/dns_ali.sh
acme.sh-2.8.6/dnsapi/dns_arvan.sh
acme.sh-2.8.6/dnsapi/dns_autodns.sh
acme.sh-2.8.6/dnsapi/dns_aws.sh
acme.sh-2.8.6/dnsapi/dns_azure.sh
acme.sh-2.8.6/dnsapi/dns_cf.sh
acme.sh-2.8.6/dnsapi/dns_clouddns.sh
acme.sh-2.8.6/dnsapi/dns_cloudns.sh
acme.sh-2.8.6/dnsapi/dns_cn.sh
acme.sh-2.8.6/dnsapi/dns_conoha.sh
acme.sh-2.8.6/dnsapi/dns_constellix.sh
acme.sh-2.8.6/dnsapi/dns_cx.sh
acme.sh-2.8.6/dnsapi/dns_cyon.sh
acme.sh-2.8.6/dnsapi/dns_da.sh
acme.sh-2.8.6/dnsapi/dns_ddnss.sh
acme.sh-2.8.6/dnsapi/dns_desec.sh
acme.sh-2.8.6/dnsapi/dns_df.sh
acme.sh-2.8.6/dnsapi/dns_dgon.sh
acme.sh-2.8.6/dnsapi/dns_dnsimple.sh
acme.sh-2.8.6/dnsapi/dns_do.sh
acme.sh-2.8.6/dnsapi/dns_doapi.sh
acme.sh-2.8.6/dnsapi/dns_domeneshop.sh
acme.sh-2.8.6/dnsapi/dns_dp.sh
acme.sh-2.8.6/dnsapi/dns_dpi.sh
acme.sh-2.8.6/dnsapi/dns_dreamhost.sh
acme.sh-2.8.6/dnsapi/dns_duckdns.sh
acme.sh-2.8.6/dnsapi/dns_durabledns.sh
acme.sh-2.8.6/dnsapi/dns_dyn.sh
acme.sh-2.8.6/dnsapi/dns_dynu.sh
acme.sh-2.8.6/dnsapi/dns_dynv6.sh
acme.sh-2.8.6/dnsapi/dns_easydns.sh
acme.sh-2.8.6/dnsapi/dns_euserv.sh
acme.sh-2.8.6/dnsapi/dns_exoscale.sh
acme.sh-2.8.6/dnsapi/dns_freedns.sh
acme.sh-2.8.6/dnsapi/dns_gandi_livedns.sh
acme.sh-2.8.6/dnsapi/dns_gcloud.sh
acme.sh-2.8.6/dnsapi/dns_gd.sh
acme.sh-2.8.6/dnsapi/dns_gdnsdk.sh
acme.sh-2.8.6/dnsapi/dns_he.sh
acme.sh-2.8.6/dnsapi/dns_hexonet.sh
acme.sh-2.8.6/dnsapi/dns_hostingde.sh
acme.sh-2.8.6/dnsapi/dns_infoblox.sh
acme.sh-2.8.6/dnsapi/dns_internetbs.sh
acme.sh-2.8.6/dnsapi/dns_inwx.sh
acme.sh-2.8.6/dnsapi/dns_ispconfig.sh
acme.sh-2.8.6/dnsapi/dns_jd.sh
acme.sh-2.8.6/dnsapi/dns_joker.sh
acme.sh-2.8.6/dnsapi/dns_kas.sh
acme.sh-2.8.6/dnsapi/dns_kinghost.sh
acme.sh-2.8.6/dnsapi/dns_knot.sh
acme.sh-2.8.6/dnsapi/dns_leaseweb.sh
acme.sh-2.8.6/dnsapi/dns_lexicon.sh
acme.sh-2.8.6/dnsapi/dns_linode.sh
acme.sh-2.8.6/dnsapi/dns_linode_v4.sh
acme.sh-2.8.6/dnsapi/dns_loopia.sh
acme.sh-2.8.6/dnsapi/dns_lua.sh
acme.sh-2.8.6/dnsapi/dns_maradns.sh
acme.sh-2.8.6/dnsapi/dns_me.sh
acme.sh-2.8.6/dnsapi/dns_miab.sh
acme.sh-2.8.6/dnsapi/dns_misaka.sh
acme.sh-2.8.6/dnsapi/dns_myapi.sh
acme.sh-2.8.6/dnsapi/dns_mydevil.sh
acme.sh-2.8.6/dnsapi/dns_mydnsjp.sh
acme.sh-2.8.6/dnsapi/dns_namecheap.sh
acme.sh-2.8.6/dnsapi/dns_namecom.sh
acme.sh-2.8.6/dnsapi/dns_namesilo.sh
acme.sh-2.8.6/dnsapi/dns_nederhost.sh
acme.sh-2.8.6/dnsapi/dns_neodigit.sh
acme.sh-2.8.6/dnsapi/dns_netcup.sh
acme.sh-2.8.6/dnsapi/dns_nic.sh
acme.sh-2.8.6/dnsapi/dns_nm.sh
acme.sh-2.8.6/dnsapi/dns_nsd.sh
acme.sh-2.8.6/dnsapi/dns_nsone.sh
acme.sh-2.8.6/dnsapi/dns_nsupdate.sh
acme.sh-2.8.6/dnsapi/dns_nw.sh
acme.sh-2.8.6/dnsapi/dns_one.sh
acme.sh-2.8.6/dnsapi/dns_online.sh
acme.sh-2.8.6/dnsapi/dns_openprovider.sh
acme.sh-2.8.6/dnsapi/dns_opnsense.sh
acme.sh-2.8.6/dnsapi/dns_ovh.sh
acme.sh-2.8.6/dnsapi/dns_pdns.sh
acme.sh-2.8.6/dnsapi/dns_pleskxml.sh
acme.sh-2.8.6/dnsapi/dns_pointhq.sh
acme.sh-2.8.6/dnsapi/dns_rackspace.sh
acme.sh-2.8.6/dnsapi/dns_rcode0.sh
acme.sh-2.8.6/dnsapi/dns_regru.sh
acme.sh-2.8.6/dnsapi/dns_schlundtech.sh
acme.sh-2.8.6/dnsapi/dns_selectel.sh
acme.sh-2.8.6/dnsapi/dns_servercow.sh
acme.sh-2.8.6/dnsapi/dns_tele3.sh
acme.sh-2.8.6/dnsapi/dns_ultra.sh
acme.sh-2.8.6/dnsapi/dns_unoeuro.sh
acme.sh-2.8.6/dnsapi/dns_variomedia.sh
acme.sh-2.8.6/dnsapi/dns_vscale.sh
acme.sh-2.8.6/dnsapi/dns_vultr.sh
acme.sh-2.8.6/dnsapi/dns_yandex.sh
acme.sh-2.8.6/dnsapi/dns_zilore.sh
acme.sh-2.8.6/dnsapi/dns_zone.sh
acme.sh-2.8.6/dnsapi/dns_zonomi.sh
acme.sh-2.8.6/notify/
acme.sh-2.8.6/notify/cqhttp.sh
acme.sh-2.8.6/notify/dingtalk.sh
acme.sh-2.8.6/notify/ifttt.sh
acme.sh-2.8.6/notify/mail.sh
acme.sh-2.8.6/notify/mailgun.sh
acme.sh-2.8.6/notify/pop.sh
acme.sh-2.8.6/notify/postmark.sh
acme.sh-2.8.6/notify/pushover.sh
acme.sh-2.8.6/notify/sendgrid.sh
acme.sh-2.8.6/notify/slack.sh
acme.sh-2.8.6/notify/smtp.sh
acme.sh-2.8.6/notify/xmpp.sh
begin installing acme.sh tool...
[Wed Sep 14 22:04:36 CST 2022] It is recommended to install socat first.
[Wed Sep 14 22:04:36 CST 2022] We use socat for standalone server if you use standalone mode.
[Wed Sep 14 22:04:36 CST 2022] If you don't use standalone mode, just ignore this warning.
[Wed Sep 14 22:04:36 CST 2022] Installing to /volume1/DSM_Config/Cet_Update_Tools/syno-acme-0.3.1.1/acme.sh
[Wed Sep 14 22:04:36 CST 2022] Installed to /volume1/DSM_Config/Cet_Update_Tools/syno-acme-0.3.1.1/acme.sh/acme.sh
[Wed Sep 14 22:04:36 CST 2022] Installing alias to '/root/.profile'
[Wed Sep 14 22:04:36 CST 2022] OK, Close and reopen your terminal to start using acme.sh
[Wed Sep 14 22:04:36 CST 2022] Good, bash is found, so change the shebang to use bash as preferred.
[Wed Sep 14 22:04:38 CST 2022] OK
done installAcme
begin generateCrt
begin updating default cert by acme.sh tool
[Wed Sep 14 22:04:43 CST 2022] Create account key ok.
[Wed Sep 14 22:04:43 CST 2022] Registering account
[Wed Sep 14 22:04:45 CST 2022] Registered
[Wed Sep 14 22:04:45 CST 2022] ACCOUNT_THUMBPRINT='Nfwwz54_TqX0iBy7kc66883egUKL57bEGMYMjwTehCQ'
[Wed Sep 14 22:04:45 CST 2022] Creating domain key
[Wed Sep 14 22:04:46 CST 2022] The domain key is here: /volume1/DSM_Config/Cet_Update_Tools/syno-acme-0.3.1.1/acme.sh/我的主域名.com/我的主域名.com.key
[Wed Sep 14 22:04:46 CST 2022] Multi domain='DNS:我的主域名.com,DNS:.我的主域名.com'
[Wed Sep 14 22:04:46 CST 2022] Getting domain auth token for each domain
[Wed Sep 14 22:04:52 CST 2022] Getting webroot for domain='我的主域名.com'
[Wed Sep 14 22:04:52 CST 2022] Getting webroot for domain='.我的主域名.com'
[Wed Sep 14 22:04:52 CST 2022] Adding txt value: KUSOrTOuZLKCCvYEXu0ihHWcDfZaCXmC-ea4A-iH-gg for domain: _acme-challenge.我的主域名.com
[Wed Sep 14 22:04:59 CST 2022] invalid domain
[Wed Sep 14 22:04:59 CST 2022] Error add txt for domain:_acme-challenge.我的主域名.com
[Wed Sep 14 22:04:59 CST 2022] Please check log file for more details: /volume1/DSM_Config/Cet_Update_Tools/syno-acme-0.3.1.1/acme.sh/acme.sh.log
[Wed Sep 14 22:05:02 CST 2022] Installing cert to:/usr/syno/etc/certificate/_archive/5gtoX3/cert.pem
cat: /volume1/DSM_Config/Cet_Update_Tools/syno-acme-0.3.1.1/acme.sh/我的主域名.com/我的主域名.com.cer: No such file or directory
[ERR] fail to generateCrt
begin revert
begin revertCrt
/volume1/DSM_Config/Cet_Update_Tools/syno-acme-0.3.1.1/backup/20220914220432/certificate /usr/syno/etc/certificate
/volume1/DSM_Config/Cet_Update_Tools/syno-acme-0.3.1.1/backup/20220914220432/package_cert /usr/local/etc/certificate
begin reloadWebService
reloading new cert...
MajorVersion = 7
Sync W3 certificate info successfully
Generate nginx tmp config successfully
MajorVersion = 7, no need to reload apache
done reloadWebService
done revertCrt

[dingdadao]

1.检查一下dns解析有没有重复的_acme-challenge

[simin-in-tw]

了解，感谢指导。

…

________________________________ From: Like-Cosmos ***@***.***> Sent: Friday, September 23, 2022 5:42:16 PM To: andyzhshg/syno-acme ***@***.***> Cc: Simon ***@***.***>; Author ***@***.***> Subject: Re: [andyzhshg/syno-acme] 群晖DSM 7.1.1无法获取证书，为域添加 txt 时出错。Error add txt for domain (Issue #93) 1.检查一下dns解析有没有重复的_acme-challenge ― Reply to this email directly, view it on GitHub<#93 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/APNSOMMVVSFES6VTCRRWT5TV7V3PRANCNFSM6AAAAAAQMQDYRA>. You are receiving this because you authored the thread.Message ID: ***@***.***>

[eriflleh]

问题解决了么？

[simin-in-tw]

问题解决了么？

解决了，但是问题隔了太久，也忘了怎么回事