My domain is:
sunnysmile.ru, www.sunnysmile.ru
I ran this command:
acme.sh --renew --force -d sunnysmile.ru
It produced this output:
[Mon Mar 14 22:03:27 MSK 2022] Renew: 'sunnysmile.ru'
[Mon Mar 14 22:03:30 MSK 2022] Using CA: https://acme.zerossl.com/v2/DV90
[Mon Mar 14 22:03:31 MSK 2022] Multi domain='DNS:sunnysmile.ru,DNS:www.sunnysmile.ru'
[Mon Mar 14 22:03:31 MSK 2022] Getting domain auth token for each domain
[Mon Mar 14 22:03:42 MSK 2022] Getting webroot for domain='sunnysmile.ru'
[Mon Mar 14 22:03:42 MSK 2022] Getting webroot for domain='www.sunnysmile.ru'
[Mon Mar 14 22:03:43 MSK 2022] Verifying: sunnysmile.ru
[Mon Mar 14 22:03:46 MSK 2022] Processing, The CA is processing your order, please just wait. (1/30)
[Mon Mar 14 22:03:50 MSK 2022] Success
[Mon Mar 14 22:03:50 MSK 2022] Verifying: www.sunnysmile.ru
[Mon Mar 14 22:03:52 MSK 2022] Processing, The CA is processing your order, please just wait. (1/30)
[Mon Mar 14 22:03:55 MSK 2022] Success
[Mon Mar 14 22:03:55 MSK 2022] Verify finished, start to sign.
[Mon Mar 14 22:03:55 MSK 2022] Lets finalize the order.
[Mon Mar 14 22:03:55 MSK 2022] Le_OrderFinalize='https://acme.zerossl.com/v2/DV90/order/9UaZWBZ6Te4crrmJAiyzog/finalize'
[Mon Mar 14 22:03:57 MSK 2022] Sign error, wrong status
[Mon Mar 14 22:03:57 MSK 2022] {"status":"invalid","expires":"2022-06-12T19:03:37Z","identifiers":[{"type":"dns","value":"sunnysmile.ru"},{"type":"dns","value":"www.sunnysmile.ru"}],"authorizations":["https://acme.zerossl.com/v2/DV90/authz/0FUix6ikgf5GjqXZoph89w","https://acme.zerossl.com/v2/DV90/authz/Pt-uXhlzcwTI2O4DF1aiMg"],"finalize":"https://acme.zerossl.com/v2/DV90/order/9UaZWBZ6Te4crrmJAiyzog/finalize"}
[Mon Mar 14 22:03:57 MSK 2022] Please check log file for more details: /home/acme/.acme.sh/acme.sh.log
My web server is (include version):
nginx version: nginx/1.18.0 (Ubuntu)
The operating system my web server runs on is (include version):
Ubuntu 20.04.4 LTS
My hosting provider, if applicable, is:
VDS with nic.ru
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):
acme.sh --version
v3.0.2
After reinstalling my operation system I can't restore work of my acme.sh client.
Befor Feb 28 I used DNS-01 challenge and account with email sergey@zorin.ru.
After Feb 28 I tried both DNS-01 and HTTP-01 challenge, proofs of control were successful, but finaleze failed.
I also tried to change account but it hadn't help.
I made my last attempt with HTTP-01 challenge and darkest@mail.ru account.
LE server response to finalization was:
{
"status": "invalid",
"expires": "2022-06-12T19:03:37Z",
"identifiers": [{
"type": "dns",
"value": "sunnysmile.ru"
}, {
"type": "dns",
"value": "www.sunnysmile.ru"
}
],
"authorizations": ["https://acme.zerossl.com/v2/DV90/authz/0FUix6ikgf5GjqXZoph89w", "https://acme.zerossl.com/v2/DV90/authz/Pt-uXhlzcwTI2O4DF1aiMg"],
"finalize": "https://acme.zerossl.com/v2/DV90/order/9UaZWBZ6Te4crrmJAiyzog/finalize"
}
Everything works fine at staging environment.
I cant understand what is wrong at production one.
Could you check why the finalization fails?