root@archieinfo-main-ubuntu:/archieinfo# sudo certbot certonly --standalone -d archie.info --debug-challenge -v
Root logging level set at 10
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requested authenticator standalone and installer None
Single candidate plugin: * standalone
Description: Spin up a temporary webserver
Interfaces: IAuthenticator, IPlugin
Entry point: standalone = certbot.plugins.standalone:Authenticator
Initialized: <certbot.plugins.standalone.Authenticator object at 0x7f8e0cf116a0>
Prep: True
Selected authenticator <certbot.plugins.standalone.Authenticator object at 0x7f8e0cf116a0> and installer None
Plugins selected: Authenticator standalone, Installer None
Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/550238166', new_authzr_uri=None, terms_of_service=None), 0c82c17d39cd55fc228a80fddc47d21d, Meta(creation_dt=datetime.datetime(2022, 5, 19, 6, 33, 48, tzinfo=), creation_host='archieinfo-main-ubuntu'))>
Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
Received response:
HTTP 200
Server: nginx
Date: Thu, 19 May 2022 19:11:23 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert",
"tLh42eOu2G8": "Adding random entries to the directory"
}
Obtaining a new certificate
Generating key (2048 bits): /etc/letsencrypt/keys/0007_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0007_csr-certbot.pem
Requesting fresh nonce
Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
Received response:
HTTP 200
Server: nginx
Date: Thu, 19 May 2022 19:11:24 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: 0102mUmTk-fe4oReD6MH4bnaZ-kqC0EDRsgUHrYdGhjoPQU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Storing nonce: 0102mUmTk-fe4oReD6MH4bnaZ-kqC0EDRsgUHrYdGhjoPQU
JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "archie.info"\n }\n ]\n}'
Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNTUwMjM4MTY2IiwgIm5vbmNlIjogIjAxMDJtVW1Uay1mZTRvUmVENk1INGJuYVota3FDMEVEUnNnVUhyWWRHaGpvUFFVIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
"signature": "vuVWbSjX2KtfAZYo69OHNF9YGOvtnKRaz8-__85qMPfHNRN050C6PggcyzLbteCiVMw3i5uKFZoG5Hf4rwqPy4t-om_hwO6GXjTiVRXgDg1vKcE1NXjOb7vMZ9AgUwyFfbb6fM52fX47ayQb-7JFQbRN9aKhd9kJLsAjpm6LvKuAAg74TdXcTs6h19ctH0X4vLvHyNmUmlIvtX1rR-D3mIhG3GTehmiuscD9aNOlDJgLuTfyImgDVfhJON2YBu6KkaR3NNxXDfAczB5p0QQ2N5A7iHeChFx7DGIOg7vO_VfvnmM7M9lQdecbi2pjkp4P87bYJGs8Gn4N_MnExzmrEw",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImFyY2hpZS5pbmZvIgogICAgfQogIF0KfQ"
}
https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335
Received response:
HTTP 201
Server: nginx
Date: Thu, 19 May 2022 19:11:24 GMT
Content-Type: application/json
Content-Length: 335
Connection: keep-alive
Boulder-Requester: 550238166
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/550238166/90121769246
Replay-Nonce: 0102OPofwyWdx0kzL5uY9CYMdFrns5HCqmGO4YYMYVPG7-w
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2022-05-26T19:11:24Z",
"identifiers": [
{
"type": "dns",
"value": "archie.info"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/110402200676"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/550238166/90121769246"
}
Storing nonce: 0102OPofwyWdx0kzL5uY9CYMdFrns5HCqmGO4YYMYVPG7-w
JWS payload:
b''
Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/110402200676:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNTUwMjM4MTY2IiwgIm5vbmNlIjogIjAxMDJPUG9md3lXZHgwa3pMNXVZOUNZTWRGcm5zNUhDcW1HTzRZWU1ZVlBHNy13IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xMTA0MDIyMDA2NzYifQ",
"signature": "QJ_t9R7YWafBZr056Wkz1Ylawr3QOptz__LdZ1qpPwfzOsVqlEm5eoBwigXkGvUtKAwtAKL94zynhxbDloyfP7fOgDoLpBBRMzfi_shxK-MF2_FqrAdQWpyxJtB7RHXpf4NNEH4cYuVdO8jXXTsKgpBjef4FHRM7LwYZSo0q5yX3BpKhVXJEkbaXck6m7bb5GHjXJbSXVlDVX2NyCThsMic-crFa8bM2KysEJ8AVZtHqw_-j4zQ7OF8ZjDBS39gi_nyfARfDpBTr6cqHfXlDQMRr_Wptdavybn_YO07xBi3r9p71e1CS9gULA5FAw4dEsloncwYDrqNx-zTVMhWr9g",
"payload": ""
}
https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/110402200676 HTTP/1.1" 200 795
Received response:
HTTP 200
Server: nginx
Date: Thu, 19 May 2022 19:11:24 GMT
Content-Type: application/json
Content-Length: 795
Connection: keep-alive
Boulder-Requester: 550238166
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: 0101zLjxeuwTM-0CSRDk1bL4Mlmkm0WhHIyI9MqbuCULrf0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "archie.info"
},
"status": "pending",
"expires": "2022-05-26T19:11:24Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/110402200676/srf6zw",
"token": "UxvLVIjj3oK3VnjvI-Udavk_X6OP2y-IvXSMo58Q1eY"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/110402200676/fbJjPg",
"token": "UxvLVIjj3oK3VnjvI-Udavk_X6OP2y-IvXSMo58Q1eY"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/110402200676/gNYdNw",
"token": "UxvLVIjj3oK3VnjvI-Udavk_X6OP2y-IvXSMo58Q1eY"
}
]
}
Storing nonce: 0101zLjxeuwTM-0CSRDk1bL4Mlmkm0WhHIyI9MqbuCULrf0
Performing the following challenges:
http-01 challenge for archie.info
Successfully bound to :80 using IPv6
Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations.
Waiting for verification...
Challenges loaded. Press continue to submit to CA. Pass "-v" for more info about
challenges.
Press Enter to Continue