Able to get Staging Cert but not in Production

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://cloud.matafilms.co.nz and https://office.matafilmsc.co.nz

I ran this command: Issue/Renew certificate now in OPNsense 20.7.4-amd64

It produced this output: cloud.matafilms.co.nz:Verify error:Fetching http://cloud.matafilms.co.nz/.well-known/acme-challenge/l2lxmp8-uXEE9s9FtCqUTawmon9LnUEMZvKVqWLFITc: Timeout during connect (likely firewall problem)

My web server is (include version): HAProxy inside OPNsense 20.7.4-amd64

The operating system my web server runs on is (include version): FreeBSD 12.1-RELEASE-p10-HBSD

My hosting provider, if applicable, is: https://1stdomains.nz/

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): HAProxy and Nextcloud

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): NA

2 Likes
2

So yeah, Staging seems to work:

[Sun Oct 25 23:02:44 NZDT 2020] Le_LinkCert='https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa52047697ab8ec8cd3788a6c387a9e7d9ef'
[Sun Oct 25 23:02:44 NZDT 2020] Cert success.
[Sun Oct 25 23:02:44 NZDT 2020] Your cert is in  /var/etc/acme-client/home/cloud.matafilms.co.nz/cloud.matafilms.co.nz.cer 
[Sun Oct 25 23:02:44 NZDT 2020] Your cert key is in  /var/etc/acme-client/home/cloud.matafilms.co.nz/cloud.matafilms.co.nz.key 
[Sun Oct 25 23:02:44 NZDT 2020] v2 chain.
[Sun Oct 25 23:02:44 NZDT 2020] The intermediate CA cert is in  /var/etc/acme-client/home/cloud.matafilms.co.nz/ca.cer 
[Sun Oct 25 23:02:44 NZDT 2020] And the full chain certs is there:  /var/etc/acme-client/home/cloud.matafilms.co.nz/fullchain.cer 
[Sun Oct 25 23:02:44 NZDT 2020] Installing cert to:/var/etc/acme-client/certs/5f9526ada199d0.01802901/cert.pem
[Sun Oct 25 23:02:44 NZDT 2020] Installing CA to:/var/etc/acme-client/certs/5f9526ada199d0.01802901/chain.pem
[Sun Oct 25 23:02:44 NZDT 2020] Installing key to:/var/etc/acme-client/keys/5f9526ada199d0.01802901/private.key
[Sun Oct 25 23:02:44 NZDT 2020] Installing full chain to:/var/etc/acme-client/certs/5f9526ada199d0.01802901/fullchain.pem
[Sun Oct 25 23:02:44 NZDT 2020] _on_issue_success

But not Production:

[Sun Oct 25 22:55:01 NZDT 2020] default_acme_server
[Sun Oct 25 22:55:01 NZDT 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Sun Oct 25 22:55:01 NZDT 2020] DOMAIN_PATH='/var/etc/acme-client/home/cloud.matafilms.co.nz'
[Sun Oct 25 22:55:01 NZDT 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Sun Oct 25 22:55:01 NZDT 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Sun Oct 25 22:55:01 NZDT 2020] GET
[Sun Oct 25 22:55:01 NZDT 2020] url='https://acme-v02.api.letsencrypt.org/directory'
[Sun Oct 25 22:55:01 NZDT 2020] timeout=
[Sun Oct 25 22:55:01 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Sun Oct 25 22:55:02 NZDT 2020] ret='0'
[Sun Oct 25 22:55:02 NZDT 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Sun Oct 25 22:55:02 NZDT 2020] ACME_NEW_AUTHZ
[Sun Oct 25 22:55:02 NZDT 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Sun Oct 25 22:55:02 NZDT 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Sun Oct 25 22:55:02 NZDT 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Sun Oct 25 22:55:02 NZDT 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Sun Oct 25 22:55:02 NZDT 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Sun Oct 25 22:55:02 NZDT 2020] ACME_VERSION='2'
[Sun Oct 25 22:55:02 NZDT 2020] Le_NextRenewTime='1608716891'
[Sun Oct 25 22:55:02 NZDT 2020] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Sun Oct 25 22:55:02 NZDT 2020] _on_before_issue
[Sun Oct 25 22:55:02 NZDT 2020] _chk_main_domain='cloud.matafilms.co.nz'
[Sun Oct 25 22:55:02 NZDT 2020] _chk_alt_domains='office.matafilms.co.nz'
[Sun Oct 25 22:55:02 NZDT 2020] Le_LocalAddress
[Sun Oct 25 22:55:02 NZDT 2020] d='cloud.matafilms.co.nz'
[Sun Oct 25 22:55:02 NZDT 2020] Check for domain='cloud.matafilms.co.nz'
[Sun Oct 25 22:55:02 NZDT 2020] _currentRoot='/var/etc/acme-client/challenges'
[Sun Oct 25 22:55:02 NZDT 2020] d='office.matafilms.co.nz'
[Sun Oct 25 22:55:02 NZDT 2020] Check for domain='office.matafilms.co.nz'
[Sun Oct 25 22:55:02 NZDT 2020] _currentRoot='/var/etc/acme-client/challenges'
[Sun Oct 25 22:55:02 NZDT 2020] d
[Sun Oct 25 22:55:02 NZDT 2020] _saved_account_key_hash is not changed, skip register account.
[Sun Oct 25 22:55:02 NZDT 2020] Read key length:4096
[Sun Oct 25 22:55:02 NZDT 2020] _createcsr
[Sun Oct 25 22:55:02 NZDT 2020] Multi domain='DNS:cloud.matafilms.co.nz,DNS:office.matafilms.co.nz'
[Sun Oct 25 22:55:02 NZDT 2020] Getting domain auth token for each domain
[Sun Oct 25 22:55:02 NZDT 2020] d='office.matafilms.co.nz'
[Sun Oct 25 22:55:02 NZDT 2020] d
[Sun Oct 25 22:55:02 NZDT 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Sun Oct 25 22:55:02 NZDT 2020] payload='{"identifiers": [{"type":"dns","value":"cloud.matafilms.co.nz"},{"type":"dns","value":"office.matafilms.co.nz"}]}'
[Sun Oct 25 22:55:02 NZDT 2020] RSA key
[Sun Oct 25 22:55:03 NZDT 2020] HEAD
[Sun Oct 25 22:55:03 NZDT 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Sun Oct 25 22:55:03 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header  -I  '
[Sun Oct 25 22:55:04 NZDT 2020] _ret='0'
[Sun Oct 25 22:55:04 NZDT 2020] POST
[Sun Oct 25 22:55:04 NZDT 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Sun Oct 25 22:55:04 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Sun Oct 25 22:55:06 NZDT 2020] _ret='0'
[Sun Oct 25 22:55:06 NZDT 2020] code='429'
[Sun Oct 25 22:55:06 NZDT 2020] Le_LinkOrder
[Sun Oct 25 22:55:06 NZDT 2020] Le_OrderFinalize
[Sun Oct 25 22:55:06 NZDT 2020] Create new order error. Le_OrderFinalize not found. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}
[Sun Oct 25 22:55:06 NZDT 2020] pid
[Sun Oct 25 22:55:06 NZDT 2020] No need to restore nginx, skip.
[Sun Oct 25 22:55:06 NZDT 2020] _clearupdns
[Sun Oct 25 22:55:06 NZDT 2020] dns_entries
[Sun Oct 25 22:55:06 NZDT 2020] skip dns.
[Sun Oct 25 22:55:06 NZDT 2020] _on_issue_err

My certificate expired today so I tried to renew manually, but I just can't get to make Production issue a proper certificate and I've exhausted my rate limit.

Help please.

2 Likes
3

Hi @davidaga

looks like you have a blocking firewall. May be with explicit ip addresses, so staging is allowed, productive not.

PS: Read the link shared in the error message. Now the real problem is hidden because of the rate limit.

PPS: I can't connect your domain with my browser. So you have something that blocks.

PPPS: Ah, now the check is ready - see https://check-your-website.server-daten.de/?q=cloud.matafilms.co.nz

http + / answers with a 503.
http + /.well-known/acme-challenge/random-filename has a timeout (after 10 seconds)

But checking the second with another tool there is a read timeout after 60 seconds. And my browser has a

503 Service Unavailable

No server is available to handle this request.

after a very long time.

Looks like your proxy configuration doesn't work and looks, that you have additional, not working definitions /.well-known/...

2 Likes
4

Hi @JuergenAuer. Thank you for the quick response.

I'll see why it's timing out.

3 Likes
5

Hi @JuergenAuer.

The website is now accessible.

http://cloud.matafilms.co.nz/
https://cloud.matafilms.co.nz/

image
image1992×1936 180 KB

Website check is looking good.

Do I wait 5 days before I can try to issue a production certificate?

1 Like
6

No, it's not. 503 error again.

Please correlate the rate limit error you saw with the correct rate limit on the Rate Limits page. You're incorrect about the 5 days.

2 Likes
7

Where do you see something good?

Domainname Http-Status redirect Sec. G
http://cloud.matafilms.co.nz/ 167.179.216.57 503 Html is minified: 100,00 % 0.560 S
Service Unavailable
https://cloud.matafilms.co.nz/ 167.179.216.57 302 https://cloud.matafilms.co.nz/login 5.907 N
Certificate error: RemoteCertificateChainErrors
https://cloud.matafilms.co.nz/login GZip used - 4017 / 10871 - 63,05 % Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0 200 Html is minified: 102,65 % 5.720 N
Certificate error: RemoteCertificateChainErrors
small visible content (num chars: 183)
This application requires JavaScript for correct operation. Please enable JavaScript and reload the page. MATA FILMS MATA FILMS – Hear the laughter. Feel the tears. Relive the moment.
http://cloud.matafilms.co.nz/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 167.179.216.57 -14 10.000 T
Timeout - The operation has timed out

http + /.well-known/... reports a timeout again (timeout: No answer after 10 seconds). And 503 is always bad.

Where do you see a created certificate?

2 Likes
8

Welcome to the Let's Encrypt Community, David :slightly_smiling_face:

There is a Failed Validation limit of 5 failures per account, per hostname, per hour. This limit is higher on our staging environment, so you can use that environment to debug connectivity problems. Exceeding the Failed Validations limit is reported with the error message too many failed authorizations recently.

Complete Certificate History

Screenshot_20201025-125334_Samsung Internet
Screenshot_20201025-125334_Samsung Internet1216×235 167 KB

https://crt.sh/?Identity=cloud.matafilms.co.nz&deduplicate=Y

Screenshot_20201025-130353_Samsung Internet
Screenshot_20201025-130353_Samsung Internet979×4408 1.5 MB

1 Like
9

I restarted the HAproxy and got better results.


Screen Shot 2020-10-26 at 10.47.09 AM
Screen Shot 2020-10-26 at 10.47.09 AM2072×812 90.4 KB

I can now access both servers https://cloud.matafilms.co.nz and https://office.matafilms.co.nz outside my network. I believe the reverse proxy is now working properly?

Staging is successful again, but Production failed to issue certificate :frowning:

2 Likes
10

With the same error or different one?

READERS: Get involved. Be heard. Do your part, it starts with: If you read something you like; then like it :heart: !

2 Likes
11

As per @rg305, what's the error?

2 Likes
12

Staging (success)

[Mon Oct 26 23:54:07 NZDT 2020] Using ACME_DIRECTORY: https://acme-staging-v02.api.letsencrypt.org/directory
[Mon Oct 26 23:54:07 NZDT 2020] ACME_DIRECTORY='https://acme-staging-v02.api.letsencrypt.org/directory'
[Mon Oct 26 23:54:07 NZDT 2020] DOMAIN_PATH='/var/etc/acme-client/home/cloud.matafilms.co.nz'
[Mon Oct 26 23:54:07 NZDT 2020] Using ACME_DIRECTORY: https://acme-staging-v02.api.letsencrypt.org/directory
[Mon Oct 26 23:54:07 NZDT 2020] _init api for server: https://acme-staging-v02.api.letsencrypt.org/directory
[Mon Oct 26 23:54:07 NZDT 2020] GET
[Mon Oct 26 23:54:07 NZDT 2020] url='https://acme-staging-v02.api.letsencrypt.org/directory'
[Mon Oct 26 23:54:07 NZDT 2020] timeout=
[Mon Oct 26 23:54:07 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Mon Oct 26 23:54:08 NZDT 2020] ret='0'
[Mon Oct 26 23:54:08 NZDT 2020] ACME_KEY_CHANGE='https://acme-staging-v02.api.letsencrypt.org/acme/key-change'
[Mon Oct 26 23:54:08 NZDT 2020] ACME_NEW_AUTHZ
[Mon Oct 26 23:54:08 NZDT 2020] ACME_NEW_ORDER='https://acme-staging-v02.api.letsencrypt.org/acme/new-order'
[Mon Oct 26 23:54:08 NZDT 2020] ACME_NEW_ACCOUNT='https://acme-staging-v02.api.letsencrypt.org/acme/new-acct'
[Mon Oct 26 23:54:08 NZDT 2020] ACME_REVOKE_CERT='https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert'
[Mon Oct 26 23:54:08 NZDT 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Mon Oct 26 23:54:08 NZDT 2020] ACME_NEW_NONCE='https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce'
[Mon Oct 26 23:54:08 NZDT 2020] ACME_VERSION='2'
[Mon Oct 26 23:54:08 NZDT 2020] Le_NextRenewTime='1608803384'
[Mon Oct 26 23:54:08 NZDT 2020] Using CA: https://acme-staging-v02.api.letsencrypt.org/directory
[Mon Oct 26 23:54:08 NZDT 2020] _on_before_issue
[Mon Oct 26 23:54:08 NZDT 2020] _chk_main_domain='cloud.matafilms.co.nz'
[Mon Oct 26 23:54:08 NZDT 2020] _chk_alt_domains='office.matafilms.co.nz'
[Mon Oct 26 23:54:08 NZDT 2020] Le_LocalAddress
[Mon Oct 26 23:54:08 NZDT 2020] d='cloud.matafilms.co.nz'
[Mon Oct 26 23:54:08 NZDT 2020] Check for domain='cloud.matafilms.co.nz'
[Mon Oct 26 23:54:08 NZDT 2020] _currentRoot='/var/etc/acme-client/challenges'
[Mon Oct 26 23:54:08 NZDT 2020] d='office.matafilms.co.nz'
[Mon Oct 26 23:54:08 NZDT 2020] Check for domain='office.matafilms.co.nz'
[Mon Oct 26 23:54:08 NZDT 2020] _currentRoot='/var/etc/acme-client/challenges'
[Mon Oct 26 23:54:08 NZDT 2020] d
[Mon Oct 26 23:54:08 NZDT 2020] _saved_account_key_hash is not changed, skip register account.
[Mon Oct 26 23:54:08 NZDT 2020] Read key length:4096
[Mon Oct 26 23:54:08 NZDT 2020] _createcsr
[Mon Oct 26 23:54:08 NZDT 2020] Multi domain='DNS:cloud.matafilms.co.nz,DNS:office.matafilms.co.nz'
[Mon Oct 26 23:54:09 NZDT 2020] Getting domain auth token for each domain
[Mon Oct 26 23:54:09 NZDT 2020] d='office.matafilms.co.nz'
[Mon Oct 26 23:54:09 NZDT 2020] d
[Mon Oct 26 23:54:09 NZDT 2020] url='https://acme-staging-v02.api.letsencrypt.org/acme/new-order'
[Mon Oct 26 23:54:09 NZDT 2020] payload='{"identifiers": [{"type":"dns","value":"cloud.matafilms.co.nz"},{"type":"dns","value":"office.matafilms.co.nz"}]}'
[Mon Oct 26 23:54:09 NZDT 2020] RSA key
[Mon Oct 26 23:54:10 NZDT 2020] HEAD
[Mon Oct 26 23:54:10 NZDT 2020] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce'
[Mon Oct 26 23:54:10 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header  -I  '
[Mon Oct 26 23:54:10 NZDT 2020] _ret='0'
[Mon Oct 26 23:54:11 NZDT 2020] POST
[Mon Oct 26 23:54:11 NZDT 2020] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/new-order'
[Mon Oct 26 23:54:11 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Mon Oct 26 23:54:11 NZDT 2020] _ret='0'
[Mon Oct 26 23:54:11 NZDT 2020] code='201'
[Mon Oct 26 23:54:11 NZDT 2020] Le_LinkOrder='https://acme-staging-v02.api.letsencrypt.org/acme/order/14286217/172869388'
[Mon Oct 26 23:54:11 NZDT 2020] Le_OrderFinalize='https://acme-staging-v02.api.letsencrypt.org/acme/finalize/14286217/172869388'
[Mon Oct 26 23:54:11 NZDT 2020] url='https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/139714972'
[Mon Oct 26 23:54:11 NZDT 2020] payload
[Mon Oct 26 23:54:11 NZDT 2020] POST
[Mon Oct 26 23:54:11 NZDT 2020] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/139714972'
[Mon Oct 26 23:54:11 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Mon Oct 26 23:54:12 NZDT 2020] _ret='0'
[Mon Oct 26 23:54:12 NZDT 2020] code='200'
[Mon Oct 26 23:54:12 NZDT 2020] url='https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/139714973'
[Mon Oct 26 23:54:12 NZDT 2020] payload
[Mon Oct 26 23:54:12 NZDT 2020] POST
[Mon Oct 26 23:54:12 NZDT 2020] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/139714973'
[Mon Oct 26 23:54:12 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Mon Oct 26 23:54:13 NZDT 2020] _ret='0'
[Mon Oct 26 23:54:13 NZDT 2020] code='200'
[Mon Oct 26 23:54:13 NZDT 2020] d='cloud.matafilms.co.nz'
[Mon Oct 26 23:54:13 NZDT 2020] Getting webroot for domain='cloud.matafilms.co.nz'
[Mon Oct 26 23:54:13 NZDT 2020] _w='/var/etc/acme-client/challenges'
[Mon Oct 26 23:54:13 NZDT 2020] _currentRoot='/var/etc/acme-client/challenges'
[Mon Oct 26 23:54:13 NZDT 2020] entry='"type":"http-01","status":"valid","url":"https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/139714972/hmetuw","token":"rltbW05_FuA6SIIfLLFUzsSS_P9sIitWbn9o9iYk5-4","validationRecord":[{"url":"http://cloud.matafilms.co.nz/.well-known/acme-challenge/rltbW05_FuA6SIIfLLFUzsSS_P9sIitWbn9o9iYk5-4","hostname":"cloud.matafilms.co.nz","port":"80","addressesResolved":["167.179.216.57"],"addressUsed":"167.179.216.57"'
[Mon Oct 26 23:54:13 NZDT 2020] token='rltbW05_FuA6SIIfLLFUzsSS_P9sIitWbn9o9iYk5-4'
[Mon Oct 26 23:54:13 NZDT 2020] uri='https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/139714972/hmetuw'
[Mon Oct 26 23:54:13 NZDT 2020] keyauthorization='rltbW05_FuA6SIIfLLFUzsSS_P9sIitWbn9o9iYk5-4.33l5YqdqZDEzZekjVQFLa2w_mkVL8ziuFjhSLJPBoeQ'
[Mon Oct 26 23:54:13 NZDT 2020] cloud.matafilms.co.nz is already verified.
[Mon Oct 26 23:54:13 NZDT 2020] keyauthorization='verified_ok'
[Mon Oct 26 23:54:13 NZDT 2020] dvlist='cloud.matafilms.co.nz#verified_ok#https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/139714972/hmetuw#http-01#/var/etc/acme-client/challenges'
[Mon Oct 26 23:54:13 NZDT 2020] d='office.matafilms.co.nz'
[Mon Oct 26 23:54:13 NZDT 2020] Getting webroot for domain='office.matafilms.co.nz'
[Mon Oct 26 23:54:13 NZDT 2020] _w='/var/etc/acme-client/challenges'
[Mon Oct 26 23:54:13 NZDT 2020] _currentRoot='/var/etc/acme-client/challenges'
[Mon Oct 26 23:54:13 NZDT 2020] entry='"type":"http-01","status":"valid","url":"https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/139714973/im7dVg","token":"Dc3w0Rm8sq-fIsduFuozNfLMyD7FrMq--gAqIqutb5g","validationRecord":[{"url":"http://office.matafilms.co.nz/.well-known/acme-challenge/Dc3w0Rm8sq-fIsduFuozNfLMyD7FrMq--gAqIqutb5g","hostname":"office.matafilms.co.nz","port":"80","addressesResolved":["167.179.216.57"],"addressUsed":"167.179.216.57"'
[Mon Oct 26 23:54:13 NZDT 2020] token='Dc3w0Rm8sq-fIsduFuozNfLMyD7FrMq--gAqIqutb5g'
[Mon Oct 26 23:54:13 NZDT 2020] uri='https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/139714973/im7dVg'
[Mon Oct 26 23:54:13 NZDT 2020] keyauthorization='Dc3w0Rm8sq-fIsduFuozNfLMyD7FrMq--gAqIqutb5g.33l5YqdqZDEzZekjVQFLa2w_mkVL8ziuFjhSLJPBoeQ'
[Mon Oct 26 23:54:13 NZDT 2020] office.matafilms.co.nz is already verified.
[Mon Oct 26 23:54:13 NZDT 2020] keyauthorization='verified_ok'
[Mon Oct 26 23:54:13 NZDT 2020] dvlist='office.matafilms.co.nz#verified_ok#https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/139714973/im7dVg#http-01#/var/etc/acme-client/challenges'
[Mon Oct 26 23:54:13 NZDT 2020] d
[Mon Oct 26 23:54:13 NZDT 2020] vlist='cloud.matafilms.co.nz#verified_ok#https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/139714972/hmetuw#http-01#/var/etc/acme-client/challenges,office.matafilms.co.nz#verified_ok#https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/139714973/im7dVg#http-01#/var/etc/acme-client/challenges,'
[Mon Oct 26 23:54:13 NZDT 2020] d='cloud.matafilms.co.nz'
[Mon Oct 26 23:54:13 NZDT 2020] cloud.matafilms.co.nz is already verified, skip http-01.
[Mon Oct 26 23:54:13 NZDT 2020] d='office.matafilms.co.nz'
[Mon Oct 26 23:54:13 NZDT 2020] office.matafilms.co.nz is already verified, skip http-01.
[Mon Oct 26 23:54:13 NZDT 2020] ok, let's start to verify
[Mon Oct 26 23:54:13 NZDT 2020] cloud.matafilms.co.nz is already verified, skip http-01.
[Mon Oct 26 23:54:13 NZDT 2020] office.matafilms.co.nz is already verified, skip http-01.
[Mon Oct 26 23:54:13 NZDT 2020] pid
[Mon Oct 26 23:54:13 NZDT 2020] No need to restore nginx, skip.
[Mon Oct 26 23:54:13 NZDT 2020] _clearupdns
[Mon Oct 26 23:54:13 NZDT 2020] dns_entries
[Mon Oct 26 23:54:13 NZDT 2020] skip dns.
[Mon Oct 26 23:54:13 NZDT 2020] Verify finished, start to sign.
[Mon Oct 26 23:54:13 NZDT 2020] i='2'
[Mon Oct 26 23:54:13 NZDT 2020] j='27'
[Mon Oct 26 23:54:13 NZDT 2020] Lets finalize the order.
[Mon Oct 26 23:54:13 NZDT 2020] Le_OrderFinalize='https://acme-staging-v02.api.letsencrypt.org/acme/finalize/14286217/172869388'
[Mon Oct 26 23:54:13 NZDT 2020] url='https://acme-staging-v02.api.letsencrypt.org/acme/finalize/14286217/172869388'
[Mon Oct 26 23:54:13 NZDT 2020] payload='{"csr": "MIIEvTCCAqUCAQAwIDEeMBwGA1UEAwwVY2xvdWQubWF0YWZpbG1zLmNvLm56MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAu0iFDaZc7NgoBSZA8Rr8moMTEznoGCQ0XQK6Uns9A0hxJyVHvbyhsYKKC51CzKRN4jETzaxx4u1kJpGmaDjbgiUbmUSMe4blpEnx3snUcoStjDtCETXQprIg3bEGYqTsIExD3szB70q3_ynYExX2dZiyZeDkifJlUsm8K1GYKzhvEo9yLtCEf3lqXgQ0p_2_dBw5OMHy8pMk_Kd3qe48Fj8r8s-RT5RAkBv8xFoe0ALv1TPeT5gnMTBh8ARhdGJ_TvE2pJI4wCOZIgbsN3sIzDIYBEHqjOuWqRbNImJAIw5DoYeNP5GFWFscvw6xMyYO0wurRGfh9KjXjCMKfAC7P3JDZTh4GWC48SUWQtSUiVcVZ_MNN1eSZ5ixTqxeT6iHQav_3e_eP7Yq2xjvI0OI95UcZh0do9RWQ76WETPfKFfTh9ihvNDfGHMOEvVGcvjcHYtpvEkiWiFa1mhhfww7UM_iKpxdWCrbxCXflapAYaVgGiJph1hwUIqCLGlBmqy3vFebiOL8RiLiJI4-WDlnzupVdvLr62liyxKcdgvuIMUKXRV1pUR0CGkNCPPSN5ZMOSFrkNLImpFrOuCS7infwijZNNOPqeX5-woOs7V8LiqoHWVkbp3_H9jdSmW0hdn6wu2RWMksTSF743c6VoLILt8MH0096QyQtzzubMaehAUCAwEAAaBYMFYGCSqGSIb3DQEJDjFJMEcwCwYDVR0PBAQDAgXgMDgGA1UdEQQxMC-CFWNsb3VkLm1hdGFmaWxtcy5jby5ueoIWb2ZmaWNlLm1hdGFmaWxtcy5jby5uejANBgkqhkiG9w0BAQsFAAOCAgEAdmwwKy17Dg4Oy41fT7vnDLkzOBGkD-mOCCfMDZ2qRgVxZavEWXXqBNbzauqNAyVxFlKeyI1rMgXQ4-QXSGLssIbR-GCwfkYG-n_XKRqA_63xmlvhi628utW4qYAsRyDbS_tq9EzOPoMmfWUW8LthfzNYf0fkzy_orNR653i-V-OGxKJh4cI5DNqZk2BYGZ7VPAwQA37G1oP6ALLWSMY4db6a4mF7dElHS6kIwxYFU0n8x2U9ezQIMb-kTXh6CtEoX0uyi_xNmghyKtNFNENYw-TPpy6gBGD3-StyjPF2zs2dHdOUtXMknSZMqAFT7z6bYIb4sOqTE7QEqgyIgSqOLd-Y8rN-BCJ5QXl0xSe9KvSkmgRLdI8Yj5rRXlvCTU8BM1Lb82J-NoNLi0vK9Gp5RwatqUhyVpLjR4DNMY5hHLBv8jLnV7QM3ui0OksyENkowuNUUwDCBSfQ6opRa8pI4V6kBOJOF5adm7wZEFNA9MkWQNmGKWWSyGW4JePsn5oZ8OO0OCjuiCoPy0d1FCrh0_g7xLW7N73_pGn2oBxPo8azf-oBtm-mDR-HzpDf7Bkq-OH4V9hGGyxnL_9hbEwat7Zj7G1Ez4FN8UYenml_jQEn5xXAK6gjKklEcnnNU6Ptj0BwKnyofrT3b4oTm2x45P2aZUaK4EgX4N1Oy512VC4"}'
[Mon Oct 26 23:54:13 NZDT 2020] POST
[Mon Oct 26 23:54:13 NZDT 2020] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/finalize/14286217/172869388'
[Mon Oct 26 23:54:13 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Mon Oct 26 23:54:16 NZDT 2020] _ret='0'
[Mon Oct 26 23:54:16 NZDT 2020] code='200'
[Mon Oct 26 23:54:16 NZDT 2020] Order status is valid.
[Mon Oct 26 23:54:16 NZDT 2020] Le_LinkCert='https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa96cb3848ea1080396bce1901b6e0d0c0fc'
[Mon Oct 26 23:54:16 NZDT 2020] Downloading cert.
[Mon Oct 26 23:54:16 NZDT 2020] Le_LinkCert='https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa96cb3848ea1080396bce1901b6e0d0c0fc'
[Mon Oct 26 23:54:16 NZDT 2020] url='https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa96cb3848ea1080396bce1901b6e0d0c0fc'
[Mon Oct 26 23:54:16 NZDT 2020] payload
[Mon Oct 26 23:54:16 NZDT 2020] POST
[Mon Oct 26 23:54:16 NZDT 2020] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa96cb3848ea1080396bce1901b6e0d0c0fc'
[Mon Oct 26 23:54:16 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Mon Oct 26 23:54:17 NZDT 2020] _ret='0'
[Mon Oct 26 23:54:17 NZDT 2020] code='200'
[Mon Oct 26 23:54:17 NZDT 2020] Found cert chain
[Mon Oct 26 23:54:17 NZDT 2020] _end_n='36'
[Mon Oct 26 23:54:17 NZDT 2020] Le_LinkCert='https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa96cb3848ea1080396bce1901b6e0d0c0fc'
[Mon Oct 26 23:54:17 NZDT 2020] Cert success.
[Mon Oct 26 23:54:17 NZDT 2020] Your cert is in  /var/etc/acme-client/home/cloud.matafilms.co.nz/cloud.matafilms.co.nz.cer 
[Mon Oct 26 23:54:17 NZDT 2020] Your cert key is in  /var/etc/acme-client/home/cloud.matafilms.co.nz/cloud.matafilms.co.nz.key 
[Mon Oct 26 23:54:17 NZDT 2020] v2 chain.
[Mon Oct 26 23:54:17 NZDT 2020] The intermediate CA cert is in  /var/etc/acme-client/home/cloud.matafilms.co.nz/ca.cer 
[Mon Oct 26 23:54:17 NZDT 2020] And the full chain certs is there:  /var/etc/acme-client/home/cloud.matafilms.co.nz/fullchain.cer 
[Mon Oct 26 23:54:17 NZDT 2020] Installing cert to:/var/etc/acme-client/certs/5f9526ada199d0.01802901/cert.pem
[Mon Oct 26 23:54:17 NZDT 2020] Installing CA to:/var/etc/acme-client/certs/5f9526ada199d0.01802901/chain.pem
[Mon Oct 26 23:54:17 NZDT 2020] Installing key to:/var/etc/acme-client/keys/5f9526ada199d0.01802901/private.key
[Mon Oct 26 23:54:17 NZDT 2020] Installing full chain to:/var/etc/acme-client/certs/5f9526ada199d0.01802901/fullchain.pem
[Mon Oct 26 23:54:17 NZDT 2020] _on_issue_success

Production (failed)

[Mon Oct 26 23:56:43 NZDT 2020] default_acme_server
[Mon Oct 26 23:56:43 NZDT 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Mon Oct 26 23:56:43 NZDT 2020] DOMAIN_PATH='/var/etc/acme-client/home/cloud.matafilms.co.nz'
[Mon Oct 26 23:56:43 NZDT 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Mon Oct 26 23:56:43 NZDT 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Mon Oct 26 23:56:43 NZDT 2020] GET
[Mon Oct 26 23:56:43 NZDT 2020] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Oct 26 23:56:43 NZDT 2020] timeout=
[Mon Oct 26 23:56:43 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Mon Oct 26 23:56:44 NZDT 2020] ret='0'
[Mon Oct 26 23:56:44 NZDT 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Mon Oct 26 23:56:44 NZDT 2020] ACME_NEW_AUTHZ
[Mon Oct 26 23:56:44 NZDT 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Mon Oct 26 23:56:44 NZDT 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Mon Oct 26 23:56:44 NZDT 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Mon Oct 26 23:56:44 NZDT 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Mon Oct 26 23:56:44 NZDT 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Mon Oct 26 23:56:44 NZDT 2020] ACME_VERSION='2'
[Mon Oct 26 23:56:44 NZDT 2020] Le_NextRenewTime='1608807257'
[Mon Oct 26 23:56:44 NZDT 2020] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Mon Oct 26 23:56:44 NZDT 2020] _on_before_issue
[Mon Oct 26 23:56:44 NZDT 2020] _chk_main_domain='cloud.matafilms.co.nz'
[Mon Oct 26 23:56:44 NZDT 2020] _chk_alt_domains='office.matafilms.co.nz'
[Mon Oct 26 23:56:44 NZDT 2020] Le_LocalAddress
[Mon Oct 26 23:56:45 NZDT 2020] d='cloud.matafilms.co.nz'
[Mon Oct 26 23:56:45 NZDT 2020] Check for domain='cloud.matafilms.co.nz'
[Mon Oct 26 23:56:45 NZDT 2020] _currentRoot='/var/etc/acme-client/challenges'
[Mon Oct 26 23:56:45 NZDT 2020] d='office.matafilms.co.nz'
[Mon Oct 26 23:56:45 NZDT 2020] Check for domain='office.matafilms.co.nz'
[Mon Oct 26 23:56:45 NZDT 2020] _currentRoot='/var/etc/acme-client/challenges'
[Mon Oct 26 23:56:45 NZDT 2020] d
[Mon Oct 26 23:56:45 NZDT 2020] _saved_account_key_hash is not changed, skip register account.
[Mon Oct 26 23:56:45 NZDT 2020] Read key length:4096
[Mon Oct 26 23:56:45 NZDT 2020] _createcsr
[Mon Oct 26 23:56:45 NZDT 2020] Multi domain='DNS:cloud.matafilms.co.nz,DNS:office.matafilms.co.nz'
[Mon Oct 26 23:56:45 NZDT 2020] Getting domain auth token for each domain
[Mon Oct 26 23:56:45 NZDT 2020] d='office.matafilms.co.nz'
[Mon Oct 26 23:56:45 NZDT 2020] d
[Mon Oct 26 23:56:45 NZDT 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Mon Oct 26 23:56:45 NZDT 2020] payload='{"identifiers": [{"type":"dns","value":"cloud.matafilms.co.nz"},{"type":"dns","value":"office.matafilms.co.nz"}]}'
[Mon Oct 26 23:56:45 NZDT 2020] RSA key
[Mon Oct 26 23:56:46 NZDT 2020] HEAD
[Mon Oct 26 23:56:46 NZDT 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Mon Oct 26 23:56:46 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header  -I  '
[Mon Oct 26 23:56:47 NZDT 2020] _ret='0'
[Mon Oct 26 23:56:47 NZDT 2020] POST
[Mon Oct 26 23:56:47 NZDT 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Mon Oct 26 23:56:47 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Mon Oct 26 23:56:47 NZDT 2020] _ret='0'
[Mon Oct 26 23:56:47 NZDT 2020] code='201'
[Mon Oct 26 23:56:47 NZDT 2020] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/90004969/5880832252'
[Mon Oct 26 23:56:47 NZDT 2020] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/90004969/5880832252'
[Mon Oct 26 23:56:47 NZDT 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/8152268919'
[Mon Oct 26 23:56:47 NZDT 2020] payload
[Mon Oct 26 23:56:48 NZDT 2020] POST
[Mon Oct 26 23:56:48 NZDT 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/8152268919'
[Mon Oct 26 23:56:48 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Mon Oct 26 23:56:48 NZDT 2020] _ret='0'
[Mon Oct 26 23:56:48 NZDT 2020] code='200'
[Mon Oct 26 23:56:48 NZDT 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/8152268920'
[Mon Oct 26 23:56:48 NZDT 2020] payload
[Mon Oct 26 23:56:48 NZDT 2020] POST
[Mon Oct 26 23:56:48 NZDT 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/8152268920'
[Mon Oct 26 23:56:48 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Mon Oct 26 23:56:49 NZDT 2020] _ret='0'
[Mon Oct 26 23:56:49 NZDT 2020] code='200'
[Mon Oct 26 23:56:49 NZDT 2020] d='cloud.matafilms.co.nz'
[Mon Oct 26 23:56:49 NZDT 2020] Getting webroot for domain='cloud.matafilms.co.nz'
[Mon Oct 26 23:56:49 NZDT 2020] _w='/var/etc/acme-client/challenges'
[Mon Oct 26 23:56:49 NZDT 2020] _currentRoot='/var/etc/acme-client/challenges'
[Mon Oct 26 23:56:49 NZDT 2020] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/8152268919/90GaNg","token":"7u52SEpxhlu_z9SCC2rUUJTIfoU-YhkCaOOmQvwD2zI"'
[Mon Oct 26 23:56:49 NZDT 2020] token='7u52SEpxhlu_z9SCC2rUUJTIfoU-YhkCaOOmQvwD2zI'
[Mon Oct 26 23:56:49 NZDT 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/8152268919/90GaNg'
[Mon Oct 26 23:56:49 NZDT 2020] keyauthorization='7u52SEpxhlu_z9SCC2rUUJTIfoU-YhkCaOOmQvwD2zI.33l5YqdqZDEzZekjVQFLa2w_mkVL8ziuFjhSLJPBoeQ'
[Mon Oct 26 23:56:49 NZDT 2020] dvlist='cloud.matafilms.co.nz#7u52SEpxhlu_z9SCC2rUUJTIfoU-YhkCaOOmQvwD2zI.33l5YqdqZDEzZekjVQFLa2w_mkVL8ziuFjhSLJPBoeQ#https://acme-v02.api.letsencrypt.org/acme/chall-v3/8152268919/90GaNg#http-01#/var/etc/acme-client/challenges'
[Mon Oct 26 23:56:49 NZDT 2020] d='office.matafilms.co.nz'
[Mon Oct 26 23:56:49 NZDT 2020] Getting webroot for domain='office.matafilms.co.nz'
[Mon Oct 26 23:56:49 NZDT 2020] _w='/var/etc/acme-client/challenges'
[Mon Oct 26 23:56:49 NZDT 2020] _currentRoot='/var/etc/acme-client/challenges'
[Mon Oct 26 23:56:49 NZDT 2020] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/8152268920/9bwO6w","token":"f2ULWEVE42bZJ_ScN7hB5uZ_krlO34vG43xzRm0fezg"'
[Mon Oct 26 23:56:49 NZDT 2020] token='f2ULWEVE42bZJ_ScN7hB5uZ_krlO34vG43xzRm0fezg'
[Mon Oct 26 23:56:49 NZDT 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/8152268920/9bwO6w'
[Mon Oct 26 23:56:49 NZDT 2020] keyauthorization='f2ULWEVE42bZJ_ScN7hB5uZ_krlO34vG43xzRm0fezg.33l5YqdqZDEzZekjVQFLa2w_mkVL8ziuFjhSLJPBoeQ'
[Mon Oct 26 23:56:49 NZDT 2020] dvlist='office.matafilms.co.nz#f2ULWEVE42bZJ_ScN7hB5uZ_krlO34vG43xzRm0fezg.33l5YqdqZDEzZekjVQFLa2w_mkVL8ziuFjhSLJPBoeQ#https://acme-v02.api.letsencrypt.org/acme/chall-v3/8152268920/9bwO6w#http-01#/var/etc/acme-client/challenges'
[Mon Oct 26 23:56:49 NZDT 2020] d
[Mon Oct 26 23:56:49 NZDT 2020] vlist='cloud.matafilms.co.nz#7u52SEpxhlu_z9SCC2rUUJTIfoU-YhkCaOOmQvwD2zI.33l5YqdqZDEzZekjVQFLa2w_mkVL8ziuFjhSLJPBoeQ#https://acme-v02.api.letsencrypt.org/acme/chall-v3/8152268919/90GaNg#http-01#/var/etc/acme-client/challenges,office.matafilms.co.nz#f2ULWEVE42bZJ_ScN7hB5uZ_krlO34vG43xzRm0fezg.33l5YqdqZDEzZekjVQFLa2w_mkVL8ziuFjhSLJPBoeQ#https://acme-v02.api.letsencrypt.org/acme/chall-v3/8152268920/9bwO6w#http-01#/var/etc/acme-client/challenges,'
[Mon Oct 26 23:56:49 NZDT 2020] d='cloud.matafilms.co.nz'
[Mon Oct 26 23:56:49 NZDT 2020] d='office.matafilms.co.nz'
[Mon Oct 26 23:56:49 NZDT 2020] ok, let's start to verify
[Mon Oct 26 23:56:50 NZDT 2020] Verifying: cloud.matafilms.co.nz
[Mon Oct 26 23:56:50 NZDT 2020] d='cloud.matafilms.co.nz'
[Mon Oct 26 23:56:50 NZDT 2020] keyauthorization='7u52SEpxhlu_z9SCC2rUUJTIfoU-YhkCaOOmQvwD2zI.33l5YqdqZDEzZekjVQFLa2w_mkVL8ziuFjhSLJPBoeQ'
[Mon Oct 26 23:56:50 NZDT 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/8152268919/90GaNg'
[Mon Oct 26 23:56:50 NZDT 2020] _currentRoot='/var/etc/acme-client/challenges'
[Mon Oct 26 23:56:50 NZDT 2020] wellknown_path='/var/etc/acme-client/challenges/.well-known/acme-challenge'
[Mon Oct 26 23:56:50 NZDT 2020] writing token:7u52SEpxhlu_z9SCC2rUUJTIfoU-YhkCaOOmQvwD2zI to /var/etc/acme-client/challenges/.well-known/acme-challenge/7u52SEpxhlu_z9SCC2rUUJTIfoU-YhkCaOOmQvwD2zI
[Mon Oct 26 23:56:50 NZDT 2020] Changing owner/group of .well-known to root:wheel
[Mon Oct 26 23:56:50 NZDT 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/8152268919/90GaNg'
[Mon Oct 26 23:56:50 NZDT 2020] payload='{}'
[Mon Oct 26 23:56:50 NZDT 2020] POST
[Mon Oct 26 23:56:50 NZDT 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/8152268919/90GaNg'
[Mon Oct 26 23:56:50 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Mon Oct 26 23:56:50 NZDT 2020] _ret='0'
[Mon Oct 26 23:56:50 NZDT 2020] code='200'
[Mon Oct 26 23:56:50 NZDT 2020] trigger validation code: 200
[Mon Oct 26 23:56:50 NZDT 2020] sleep 2 secs to verify
[Mon Oct 26 23:56:52 NZDT 2020] checking
[Mon Oct 26 23:56:52 NZDT 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/8152268919/90GaNg'
[Mon Oct 26 23:56:52 NZDT 2020] payload
[Mon Oct 26 23:56:53 NZDT 2020] POST
[Mon Oct 26 23:56:53 NZDT 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/8152268919/90GaNg'
[Mon Oct 26 23:56:53 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Mon Oct 26 23:56:53 NZDT 2020] _ret='0'
[Mon Oct 26 23:56:53 NZDT 2020] code='200'
[Mon Oct 26 23:56:53 NZDT 2020] cloud.matafilms.co.nz:Verify error:Invalid response from https://cloud.matafilms.co.nz/login [167.179.216.57]: 
[Mon Oct 26 23:56:53 NZDT 2020] pid
[Mon Oct 26 23:56:53 NZDT 2020] No need to restore nginx, skip.
[Mon Oct 26 23:56:53 NZDT 2020] _clearupdns
[Mon Oct 26 23:56:53 NZDT 2020] dns_entries
[Mon Oct 26 23:56:53 NZDT 2020] skip dns.
[Mon Oct 26 23:56:53 NZDT 2020] _on_issue_err
[Mon Oct 26 23:56:53 NZDT 2020] Please check log file for more details: /var/log/acme.sh.log
[Mon Oct 26 23:56:53 NZDT 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/8152268919/90GaNg'
[Mon Oct 26 23:56:53 NZDT 2020] payload='{}'
[Mon Oct 26 23:56:53 NZDT 2020] POST
[Mon Oct 26 23:56:53 NZDT 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/8152268919/90GaNg'
[Mon Oct 26 23:56:53 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Mon Oct 26 23:56:54 NZDT 2020] _ret='0'
[Mon Oct 26 23:56:54 NZDT 2020] code='400'
[Mon Oct 26 23:56:54 NZDT 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/8152268920/9bwO6w'
[Mon Oct 26 23:56:54 NZDT 2020] payload='{}'
[Mon Oct 26 23:56:54 NZDT 2020] POST
[Mon Oct 26 23:56:54 NZDT 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/8152268920/9bwO6w'
[Mon Oct 26 23:56:54 NZDT 2020] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Mon Oct 26 23:56:55 NZDT 2020] _ret='0'
[Mon Oct 26 23:56:55 NZDT 2020] code='200'

Let's Debug for cloud.matafilms.co.nz

Let's Debug for office.matafilms.co.nz

I have a HTTP-HTTPS redirect setup for my HAproxy and I can access both servers outside my network even with TOR.

I do not understand why would production fail, I am clueless right now.

1 Like
13 
[Mon Oct 26 23:56:53 NZDT 2020] cloud.matafilms.co.nz:Verify error:Invalid response from https://cloud.matafilms.co.nz/login [167.179.216.57]:

You seem to have a redirection to /login in prod that is breaking the validation requests.
Please compare your staging HTTP config with your prod HTTP config.

READERS: Get involved. Be heard. Do your part, it starts with: If you read something you like; then like it :heart: !

1 Like
14

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.