Acme.sh standalone Ading a secondary subdomain same public ip

Id like to add another subdomain running on the same IP address but different physical host however in trying ./acme.sh/acme.sh --issue --staging --log -d mysub.domain.com -d myothersub.domain.com --standalone --httpport 8081

I get no idea if its tested correctly, changing back to the existing script not including the other subdomain again i get red writting crying of version changes, my cert is due for renewal in 7 days and im not sure how i can get difinitive answer on whether it will pass, im using the --staging command to test adding another subdomain. Im reading acme.sh supports v1 and v2 so why the red writting.

My domain is:
mysub.domain.com
I ran this command:
./acme.sh/acme.sh --issue --staging --log -d mysub.domain.com -d --standalone --httpport 8081
It produced this output:
[Fri 1 May 2020 15:50:16 AEST] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Fri 1 May 2020 15:50:18 AEST] Standalone mode.
[Fri 1 May 2020 15:50:18 AEST] Registering account
[Fri 1 May 2020 15:50:20 AEST] Register account Error: {“type”:“urn:acme:error:unauthorized”,“detail”:“Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555. See End of Life Plan for ACMEv1 for details.”,“status”: 403}
[Fri 1 May 2020 15:50:20 AEST] Please check log file for more details: /Users/macmedic/.acme.sh/acme.sh.log
My web server is (include version):
apache
The operating system my web server runs on is (include version):
osx 10.11.6
My hosting provider, if applicable, is:
vps
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
yes
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 2.8.0

Try upgrading to 2.8.6
./acme.sh/acme.sh --upgrade

Hi Rg305 thanks for that i did it its now v 2.8.6
but still get the below response :
[Sun 3 May 2020 14:26:22 AEST] _postContentType=‘application/jose+json’

[Sun 3 May 2020 14:26:22 AEST] _CURL='curl -L --silent --dump-header /Users/user/.acme.sh/http.header --trace-ascii /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/tmp.XT3PhevC -g ’

[Sun 3 May 2020 14:26:24 AEST] _ret=‘0’

[Sun 3 May 2020 14:26:24 AEST] original=’{

“type”: “urn:acme:error:unauthorized”,

“detail”: “Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555. See End of Life Plan for ACMEv1 for details.”,

“status”: 403

}’

[Sun 3 May 2020 14:26:24 AEST] responseHeaders='HTTP/1.1 100 Continue

HTTP/1.1 403 Forbidden

Server: nginx

Date: Sun, 03 May 2020 04:26:23 GMT

Content-Type: application/problem+json

Content-Length: 280

Connection: keep-alive

Cache-Control: public, max-age=0, no-cache

Replay-Nonce: 0002Z740LyAMErFTM56eidhTceVhgijuNNZs3Sg9G3g8VkM

’

[Sun 3 May 2020 14:26:24 AEST] response=’{“type”:“urn:acme:error:unauthorized”,“detail”:“Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555. See End of Life Plan for ACMEv1 for details.”,“status”: 403}’

[Sun 3 May 2020 14:26:24 AEST] code=‘403’

[Sun 3 May 2020 14:26:24 AEST] Register account Error: {“type”:“urn:acme:error:unauthorized”,“detail”:“Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555. See End of Life Plan for ACMEv1 for details.”,“status”: 403}

[Sun 3 May 2020 14:26:24 AEST] _on_issue_err

[Sun 3 May 2020 14:26:24 AEST] Please check log file for more details: /Users/user/.acme.sh/acme.sh.log

[Sun 3 May 2020 14:26:24 AEST] _chk_vlist

[Sun 3 May 2020 14:26:24 AEST] Diagnosis versions:

Please show outputs of:
curl --version
cat /root/.acme.sh/http.header
/root/.acme.sh/acme.sh --update-account

bash-3.2# curl --version
curl 7.43.0 (x86_64-apple-darwin15.0) libcurl/7.43.0 SecureTransport zlib/1.2.5
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz UnixSockets

bash-3.2# cat http.header
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 May 2020 06:45:46 GMT
Content-Type: application/pkix-cert
Content-Length: 1174
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Replay-Nonce: 0101k1ZIL0uWFm1ie53OG6K_WE-l-a3b9KpqLZhMfDHOL0E
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

bash-3.2# /Users/user/.acme.sh/acme.sh --update-account
[Mon 4 May 2020 08:52:44 AEST] Account key is not found at: /Users/user/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key

yet:
bash-3.2# pwd
/Users/user/.acme.sh/ca/acme-v01.api.letsencrypt.org

Contains
bash-3.2# ls -la
total 24
drwxr-xr-x 5 root staff 170 7 Dec 2018 .
drwxr-xr-x 4 root staff 136 1 May 15:25 …
-rw-r–r-- 1 root staff 577 7 Dec 2018 account.json
-rw------- 1 root staff 1675 7 Dec 2018 account.key
-rw-r–r-- 1 root staff 128 7 Dec 2018 ca.conf

The permissions may be incorrect…
I would back up that file (or move it elsewhere).
Then rerun the renewal request - it should recreate the account key (as new).

The first path has “v02”, the second one has “v01”.

I have no idea what to do about this issue, though.

Your first post was about the staging environment, but this one is about the production environment…

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.