Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command:
acme.sh --issue --standalone -d eldernode2.ddns.net --force --debug 2
It produced this output:
.....
GET /.well-known/acme-challenge/PwyV7akv3TROEwM1Ut7-b2V4pxQCy6ea0N0Vhs1y5fQ HTTP/1.1
Host: eldernode2.ddns.net
User-Agent: acme.zerossl.com/v2/DV90
Cache-Control: no-cache
Accept-Encoding: gzip
Connection: close
1< 2023/03/14 15:18:56.278741 length=126 from=0 to=125
HTTP/1.0 200 OK\r
Content-Length: 87\r
\r
PwyV7akv3TROEwM1Ut7-b2V4pxQCy6ea0N0Vhs1y5fQ.QJW1zxMm33dsaIggao6UWppSzRdG2rGiBV73j2_qgjg2023/03/14 15:18:56 socat[1606627] N childdied(): handling signal 17
2023/03/14 15:18:56 socat[1606627] W read(5, 0x55d14231e230, 8192): Connection reset by peer
2023/03/14 15:18:56 socat[1606627] N socket 2 to socket 1 is in error
2023/03/14 15:18:56 socat[1606627] N socket 2 (fd 5) is at EOF
2023/03/14 15:18:56 socat[1606627] N socket 1 (fd 6) is at EOF
2023/03/14 15:18:56 socat[1606627] N socket 2 (fd 5) is at EOF
2023/03/14 15:18:56 socat[1606627] N exiting with status 0
.....
My web server is (include version):
n/a
The operating system my web server runs on is (include version):
ubuntu 20.04
My hosting provider, if applicable, is:
vultr
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
$ curl -Ii http://eldernode2.ddns.net/.well-known/acme-challenge/sometestfile
curl: (7) Failed to connect to eldernode2.ddns.net port 80 after 174 ms: Connection refused
$ nmap -Pn eldernode2.ddns.net
Starting Nmap 7.80 ( https://nmap.org ) at 2023-03-14 15:22 UTC
Nmap scan report for eldernode2.ddns.net (45.76.43.163)
Host is up (0.16s latency).
rDNS record for 45.76.43.163: 45.76.43.163.vultrusercontent.com
Not shown: 990 filtered ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp closed http
443/tcp closed https
1080/tcp closed socks
1443/tcp closed ies-lm
3920/tcp closed exasoftport1
8080/tcp open http-proxy
8081/tcp open blackice-icecap
8082/tcp closed blackice-alerts
8083/tcp closed us-srv
Nmap done: 1 IP address (1 host up) scanned in 10.04 seconds
Looks like you're trying to get a certificate from the CA called "ZeroSSL". This is the Let's Encrypt Community. As acme.sh is also an ACME client owned by ZeroSSL, you might have more luck with the ZeroSSL support channels at https://help.zerossl.com/hc/en-us.
$ nmap -Pn eldernode2.ddns.net
Starting Nmap 7.80 ( https://nmap.org ) at 2023-03-14 17:20 UTC
Nmap scan report for eldernode2.ddns.net (45.76.43.163)
Host is up (0.16s latency).
rDNS record for 45.76.43.163: 45.76.43.163.vultrusercontent.com
Not shown: 990 filtered ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp closed http
443/tcp closed https
1080/tcp closed socks
1443/tcp closed ies-lm
3920/tcp closed exasoftport1
8080/tcp open http-proxy
8081/tcp open blackice-icecap
8082/tcp closed blackice-alerts
8083/tcp closed us-srv
Nmap done: 1 IP address (1 host up) scanned in 9.99 seconds
ANotWorking
ERROR
eldernode2.ddns.net has an A (IPv4) record (45.76.43.163) but a request to this address over port 80 did not succeed. Your web server must have at least one working IPv4 or IPv6 address.
Get "http://eldernode2.ddns.net/.well-known/acme-challenge/letsdebug-test": dial tcp 45.76.43.163:80: connect: connection refused
Trace:
@0ms: Making a request to http://eldernode2.ddns.net/.well-known/acme-challenge/letsdebug-test (using initial IP 45.76.43.163)
@0ms: Dialing 45.76.43.163
@83ms: Experienced error: dial tcp 45.76.43.163:80: connect: connection refused
IssueFromLetsEncrypt
ERROR
A test authorization for eldernode2.ddns.net to the Let's Encrypt staging service has revealed issues that may prevent any certificate for this domain being issued.
45.76.43.163: Fetching http://eldernode2.ddns.net/.well-known/acme-challenge/6zrpz0W1L5VUuZm24qgLFNpHvihIcBm47_pX36SxcIQ: Connection refused