I’m renewed certificate on many domains and all is ok besides unanalytics.com . All other domains located on same machine and I can issue certs for them, and I can get all responses that needed for verification for example http://unanalytics.com/.well-known/acme-challenge/w7sCXmaGEF5OQygQImuTV6vO3Ry8tRSfwlXiajzo97c , but let’s encrypt can’t get them for some reason.
Can you please help me? I think that maybe is DNS problem and your servers can’t this particular domain?
My domain is: unanalytics.com
I ran this command: /root/.acme.sh/acme.sh --debug --issue -d unanalytics.com -w /etc/nginx/ssl/acme
It produced this output:
Lets find script dir. _SCRIPT_='/root/.acme.sh/acme.sh' _script='/root/.acme.sh/acme.sh' _script_home='/root/.acme.sh' Using default home:/root/.acme.sh Using config home:/root/.acme.sh Using api: Using config home:/root/.acme.sh DOMAIN_PATH='/root/.acme.sh/unanalytics.com' Le_NextRenewTime _on_before_issue Le_LocalAddress Check for domain='unanalytics.com' _currentRoot='/etc/nginx/ssl/acme' _saved_account_key_hash is not changed, skip register account. Read key length: _createcsr Single domain='unanalytics.com' Getting domain auth token for each domain Getting webroot for domain='unanalytics.com' _w='/etc/nginx/ssl/acme' _currentRoot='/etc/nginx/ssl/acme' Getting new-authz for domain='unanalytics.com' Try new-authz for the 0 time. url='https://acme-v01.api.letsencrypt.org/acme/new-authz' payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "unanalytics.com"}}' RSA key GET url='https://acme-v01.api.letsencrypt.org/directory' timeout _WGET='wget -q --content-on-error ' ret='0' POST url='https://acme-v01.api.letsencrypt.org/acme/new-authz' _WGET='wget -q --content-on-error ' No -i support in sed _ret='0' code='201' The new-authz request is ok. entry='"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/LyIBqfXviB_qRJlMFvD6AIv77G7Sce2BtrBiRWHI03Q/1209793177","token":"ZACZeLOKjIEC0Mr8hHHQwGrxlLdud5wHkCIu7N19YZ0"' token='ZACZeLOKjIEC0Mr8hHHQwGrxlLdud5wHkCIu7N19YZ0' uri='https://acme-v01.api.letsencrypt.org/acme/challenge/LyIBqfXviB_qRJlMFvD6AIv77G7Sce2BtrBiRWHI03Q/1209793177' keyauthorization='ZACZeLOKjIEC0Mr8hHHQwGrxlLdud5wHkCIu7N19YZ0.HhzheAQ6RwYUzbBNLNfso6rYoaV5GokXPgxTEzE75PA' dvlist='unanalytics.com#ZACZeLOKjIEC0Mr8hHHQwGrxlLdud5wHkCIu7N19YZ0.HhzheAQ6RwYUzbBNLNfso6rYoaV5GokXPgxTEzE75PA#https://acme-v01.api.letsencrypt.org/acme/challenge/LyIBqfXviB_qRJlMFvD6AIv77G7Sce2BtrBiRWHI03Q/1209793177#http-01#/etc/nginx/ssl/acme' [Mon May 22 08:01:22 UTC 2017] vlist='unanalytics.com#ZACZeLOKjIEC0Mr8hHHQwGrxlLdud5wHkCIu7N19YZ0.HhzheAQ6RwYUzbBNLNfso6rYoaV5GokXPgxTEzE75PA#https://acme-v01.api.letsencrypt.org/acme/challenge/LyIBqfXviB_qRJlMFvD6AIv77G7Sce2BtrBiRWHI03Q/1209793177#http-01#/etc/nginx/ssl/acme,' ok, let's start to verify Verifying:unanalytics.com d='unanalytics.com' keyauthorization='ZACZeLOKjIEC0Mr8hHHQwGrxlLdud5wHkCIu7N19YZ0.HhzheAQ6RwYUzbBNLNfso6rYoaV5GokXPgxTEzE75PA' uri='https://acme-v01.api.letsencrypt.org/acme/challenge/LyIBqfXviB_qRJlMFvD6AIv77G7Sce2BtrBiRWHI03Q/1209793177' _currentRoot='/etc/nginx/ssl/acme' wellknown_path='/etc/nginx/ssl/acme/.well-known/acme-challenge' writing token:ZACZeLOKjIEC0Mr8hHHQwGrxlLdud5wHkCIu7N19YZ0 to /etc/nginx/ssl/acme/.well-known/acme-challenge/ZACZeLOKjIEC0Mr8hHHQwGrxlLdud5wHkCIu7N19YZ0 Changing owner/group of .well-known to root:root url='https://acme-v01.api.letsencrypt.org/acme/challenge/LyIBqfXviB_qRJlMFvD6AIv77G7Sce2BtrBiRWHI03Q/1209793177' payload='{"resource": "challenge", "keyAuthorization": "ZACZeLOKjIEC0Mr8hHHQwGrxlLdud5wHkCIu7N19YZ0.HhzheAQ6RwYUzbBNLNfso6rYoaV5GokXPgxTEzE75PA"}' POST url='https://acme-v01.api.letsencrypt.org/acme/challenge/LyIBqfXviB_qRJlMFvD6AIv77G7Sce2BtrBiRWHI03Q/1209793177' _WGET='wget -q --content-on-error ' No -i support in sed _ret='0' code='202' sleep 2 secs to verify checking GET url='https://acme-v01.api.letsencrypt.org/acme/challenge/LyIBqfXviB_qRJlMFvD6AIv77G7Sce2BtrBiRWHI03Q/1209793177' timeout _WGET='wget -q --content-on-error ' ret='0' unanalytics.com:Verify error:Invalid response from http://unanalytics.com/.well-known/acme-challenge/ZACZeLOKjIEC0Mr8hHHQwGrxlLdud5wHkCIu7N19YZ0: Debug: get token url. GET url='http://unanalytics.com/.well-known/acme-challenge/ZACZeLOKjIEC0Mr8hHHQwGrxlLdud5wHkCIu7N19YZ0' timeout='1' _WGET='wget -q --content-on-error --timeout=1' 172.18.0.1 - - [22/May/2017:08:01:24 +0000] "GET /.well-known/acme-challenge/ZACZeLOKjIEC0Mr8hHHQwGrxlLdud5wHkCIu7N19YZ0 HTTP/1.1" 200 87 "-" "acme.sh/2.6.9 (https://github.com/Neilpang/acme.sh)" ZACZeLOKjIEC0Mr8hHHQwGrxlLdud5wHkCIu7N19YZ0.HhzheAQ6RwYUzbBNLNfso6rYoaV5GokXPgxTEzE75PA[Mon May 22 08:01:24 UTC 2017] ret='0' Debugging, skip removing: /etc/nginx/ssl/acme/.well-known/acme-challenge/ZACZeLOKjIEC0Mr8hHHQwGrxlLdud5wHkCIu7N19YZ0 pid No need to restore nginx, skip. _clearupdns Dns not added, skip. _on_issue_err Please add '--debug' or '--log' to check more details. See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh url='https://acme-v01.api.letsencrypt.org/acme/challenge/LyIBqfXviB_qRJlMFvD6AIv77G7Sce2BtrBiRWHI03Q/1209793177' payload='{"resource": "challenge", "keyAuthorization": "ZACZeLOKjIEC0Mr8hHHQwGrxlLdud5wHkCIu7N19YZ0.HhzheAQ6RwYUzbBNLNfso6rYoaV5GokXPgxTEzE75PA"}' POST url='https://acme-v01.api.letsencrypt.org/acme/challenge/LyIBqfXviB_qRJlMFvD6AIv77G7Sce2BtrBiRWHI03Q/1209793177' _WGET='wget -q --content-on-error ' wget returns 8, the server returns a 'Bad request' response, lets process the response later. No -i support in sed _ret='0' code='400'
My operating system is (include version): Alpine linux
My web server is (include version): nginx
My hosting provider, if applicable, is: digitalocean
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no