Domain qzz.io DigitalPlatDev

Por favor, preencha todos os campos abaixo para que nós possamos ajudar você. Obs.: você deve indicar seu nome de domínio para receber ajuda. Os nomes de domínio dos certificados emitidos são divulgados nos logs da Transparência de Certificados (por exemplo, crt.sh | example.com). Assim, não indicar seu nome de domínio não o mantém em segredo, mas torna a nossa ajuda mais difícil.

Posso ler respostas em inglês: Yes

Meu nome de domínio é: qzz.io

Executei esse comando: ./acme.sh --issue -d my-domain-here.qzz.io --webroot /usr/local/ispconfig/interface/acme --debug 2

Produziu essa saída: root@srv102:~/.acme.sh# ./acme.sh --issue -d my-domain-here.qzz.io --webroot /usr/local/ispconfig/interface/acme --debug 2
[Wed Sep 3 15:28:21 UTC 2025] Let's find the script directory.
[Wed Sep 3 15:28:21 UTC 2025] SCRIPT='./acme.sh'
[Wed Sep 3 15:28:21 UTC 2025] _script='/root/.acme.sh/acme.sh'
[Wed Sep 3 15:28:21 UTC 2025] _script_home='/root/.acme.sh'
[Wed Sep 3 15:28:21 UTC 2025] Using config home: /root/.acme.sh
[Wed Sep 3 15:28:21 UTC 2025] LE_WORKING_DIR='/root/.acme.sh'
GitHub - acmesh-official/acme.sh: A pure Unix shell script implementing ACME client protocol
v3.1.2
[Wed Sep 3 15:28:21 UTC 2025] Running cmd: issue
[Wed Sep 3 15:28:21 UTC 2025] _main_domain='my-domain-here.qzz.io'
[Wed Sep 3 15:28:21 UTC 2025] _alt_domains='no'
[Wed Sep 3 15:28:21 UTC 2025] Using config home: /root/.acme.sh
[Wed Sep 3 15:28:21 UTC 2025] default_acme_server='https://acme-v02.api.letsencrypt.org/directory'
[Wed Sep 3 15:28:21 UTC 2025] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Wed Sep 3 15:28:21 UTC 2025] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Wed Sep 3 15:28:21 UTC 2025] _ACME_SERVER_PATH='directory'
[Wed Sep 3 15:28:21 UTC 2025] DOMAIN_PATH='/root/.acme.sh/my-domain-here.qzz.io_ecc'
[Wed Sep 3 15:28:21 UTC 2025] '/usr/local/ispconfig/interface/acme' does not contain 'dns'
[Wed Sep 3 15:28:21 UTC 2025] Le_NextRenewTime
[Wed Sep 3 15:28:21 UTC 2025] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Wed Sep 3 15:28:21 UTC 2025] _init API for server: https://acme-v02.api.letsencrypt.org/directory
[Wed Sep 3 15:28:21 UTC 2025] GET
[Wed Sep 3 15:28:21 UTC 2025] url='https://acme-v02.api.letsencrypt.org/directory'
[Wed Sep 3 15:28:21 UTC 2025] timeout=10
[Wed Sep 3 15:28:21 UTC 2025] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.bW7PB4lh94 -g --connect-timeout 10'
[Wed Sep 3 15:28:22 UTC 2025] ret='0'
[Wed Sep 3 15:28:22 UTC 2025] response='{
"TvxxvpxybeY": "Adding random entries to the directory",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"profiles": {
"classic": "Profiles - Let's Encrypt",
"shortlived": "Profiles - Let's Encrypt (not yet generally available)",
"tlsserver": "Profiles - Let's Encrypt"
},
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.5-February-24-2025.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"renewalInfo": "https://acme-v02.api.letsencrypt.org/acme/renewal-info",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}'
[Wed Sep 3 15:28:22 UTC 2025] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Wed Sep 3 15:28:22 UTC 2025] ACME_NEW_AUTHZ
[Wed Sep 3 15:28:22 UTC 2025] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Wed Sep 3 15:28:22 UTC 2025] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Wed Sep 3 15:28:22 UTC 2025] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Wed Sep 3 15:28:22 UTC 2025] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.5-February-24-2025.pdf'
[Wed Sep 3 15:28:22 UTC 2025] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Wed Sep 3 15:28:22 UTC 2025] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Wed Sep 3 15:28:22 UTC 2025] _on_before_issue
[Wed Sep 3 15:28:22 UTC 2025] _chk_main_domain='my-domain-here.qzz.io'
[Wed Sep 3 15:28:22 UTC 2025] _chk_alt_domains
[Wed Sep 3 15:28:22 UTC 2025] '/usr/local/ispconfig/interface/acme' does not contain 'no'
[Wed Sep 3 15:28:22 UTC 2025] Le_LocalAddress
[Wed Sep 3 15:28:22 UTC 2025] d='my-domain-here.qzz.io'
[Wed Sep 3 15:28:22 UTC 2025] Checking for domain='my-domain-here.qzz.io'
[Wed Sep 3 15:28:22 UTC 2025] _currentRoot='/usr/local/ispconfig/interface/acme'
[Wed Sep 3 15:28:22 UTC 2025] d
[Wed Sep 3 15:28:22 UTC 2025] '/usr/local/ispconfig/interface/acme' does not contain 'apache'
[Wed Sep 3 15:28:22 UTC 2025] _saved_account_key_hash='zOIeWBqa7ioR8BTyXD4NOw/ceUb9KdMWUNygtDHpINk='
[Wed Sep 3 15:28:22 UTC 2025] _saved_account_key_hash was not changed, skipping account registration.
[Wed Sep 3 15:28:22 UTC 2025] Read key length: ec-256
[Wed Sep 3 15:28:22 UTC 2025] _createcsr
[Wed Sep 3 15:28:22 UTC 2025] domain='my-domain-here.qzz.io'
[Wed Sep 3 15:28:22 UTC 2025] domainlist
[Wed Sep 3 15:28:22 UTC 2025] csrkey='/root/.acme.sh/my-domain-here.qzz.io_ecc/my-domain-here.qzz.io.key'
[Wed Sep 3 15:28:22 UTC 2025] csr='/root/.acme.sh/my-domain-here.qzz.io_ecc/my-domain-here.qzz.io.csr'
[Wed Sep 3 15:28:22 UTC 2025] csrconf='/root/.acme.sh/my-domain-here.qzz.io_ecc/my-domain-here.qzz.io.csr.conf'
[Wed Sep 3 15:28:22 UTC 2025] Single domain='my-domain-here.qzz.io'
[Wed Sep 3 15:28:22 UTC 2025] seg='my-domain-here'
[Wed Sep 3 15:28:22 UTC 2025] _is_idn_d='my-domain-here.qzz.io'
[Wed Sep 3 15:28:22 UTC 2025] _idn_temp
[Wed Sep 3 15:28:22 UTC 2025] _is_idn_d='my-domain-here.qzz.io'
[Wed Sep 3 15:28:22 UTC 2025] _idn_temp
[Wed Sep 3 15:28:22 UTC 2025] _csr_cn='my-domain-here.qzz.io'
[Wed Sep 3 15:28:22 UTC 2025] seg='my-domain-here'
[Wed Sep 3 15:28:22 UTC 2025] Getting domain auth token for each domain
[Wed Sep 3 15:28:22 UTC 2025] seg='my-domain-here'
[Wed Sep 3 15:28:22 UTC 2025] _is_idn_d='my-domain-here.qzz.io'
[Wed Sep 3 15:28:22 UTC 2025] _idn_temp
[Wed Sep 3 15:28:22 UTC 2025] d
[Wed Sep 3 15:28:22 UTC 2025] _identifiers='{"type":"dns","value":"my-domain-here.qzz.io"}'
[Wed Sep 3 15:28:22 UTC 2025] _notBefore
[Wed Sep 3 15:28:22 UTC 2025] _notAfter
[Wed Sep 3 15:28:22 UTC 2025] STEP 1, Ordering a Certificate
[Wed Sep 3 15:28:22 UTC 2025] =======Sending Signed Request=======
[Wed Sep 3 15:28:22 UTC 2025] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Wed Sep 3 15:28:22 UTC 2025] payload='{"identifiers": [{"type":"dns","value":"my-domain-here.qzz.io"}]}'
[Wed Sep 3 15:28:22 UTC 2025] EC key
[Wed Sep 3 15:28:22 UTC 2025] _URGLY_PRINTF
[Wed Sep 3 15:28:22 UTC 2025] xargs
[Wed Sep 3 15:28:22 UTC 2025] _URGLY_PRINTF
[Wed Sep 3 15:28:22 UTC 2025] xargs
[Wed Sep 3 15:28:22 UTC 2025] Get nonce with HEAD. ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Wed Sep 3 15:28:22 UTC 2025] HEAD
[Wed Sep 3 15:28:22 UTC 2025] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Wed Sep 3 15:28:22 UTC 2025] body
[Wed Sep 3 15:28:22 UTC 2025] _postContentType='application/jose+json'
[Wed Sep 3 15:28:22 UTC 2025] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.FC4NKDhZEK -g -I '
[Wed Sep 3 15:28:23 UTC 2025] _ret='0'
[Wed Sep 3 15:28:23 UTC 2025] _headers='HTTP/2 200
server: nginx
date: Wed, 03 Sep 2025 15:28:23 GMT
cache-control: public, max-age=0, no-cache
link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
replay-nonce: 5vcyUwULpZmbHX0BGZ6gU-0J6EXZIEIXvnLV3_zMHE1tPymrmfs
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Wed Sep 3 15:28:23 UTC 2025] nonce='5vcyUwULpZmbHX0BGZ6gU-0J6EXZIEIXvnLV3_zMHE1tPymrmfs'
[Wed Sep 3 15:28:23 UTC 2025] _URGLY_PRINTF
[Wed Sep 3 15:28:23 UTC 2025] xargs
[Wed Sep 3 15:28:23 UTC 2025] POST
[Wed Sep 3 15:28:23 UTC 2025] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Wed Sep 3 15:28:23 UTC 2025] body='{"protected": "eyJub25jZSI6ICI1dmN5VXdVTHBabWJIWDBCR1o2Z1UtMEo2RVhaSUVJWHZuTFYzX3pNSEUxdFB5bXJtZnMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciIsICJhbGciOiAiRVMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjYyMDk5MjE4NyJ9", "payload": "eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6InppcHVybC5xenouaW8ifV19", "signature": "NCcEjayAL2YdC9XV_euJUjvzjXiTEb4IdaWsnYdG7EfKGuKrgwsDSPksQAkYFHhe4C5ufXAwYpd50qJ1iA4gdA"}'
[Wed Sep 3 15:28:23 UTC 2025] _postContentType='application/jose+json'
[Wed Sep 3 15:28:23 UTC 2025] Http already initialized.
[Wed Sep 3 15:28:23 UTC 2025] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.FC4NKDhZEK -g '
[Wed Sep 3 15:28:23 UTC 2025] _ret='0'
[Wed Sep 3 15:28:23 UTC 2025] responseHeaders='HTTP/2 429
server: nginx
date: Wed, 03 Sep 2025 15:28:23 GMT
content-type: application/problem+json
content-length: 287
boulder-requester: 2620992187
cache-control: public, max-age=0, no-cache
link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
link: https://letsencrypt.org/docs/rate-limits;rel="help"
replay-nonce: K7BcPJEgTsECg86lwjX6-eCdXKS5-wydYv_au9V-dkY7-qzdYoY
retry-after: 11195
'
[Wed Sep 3 15:28:23 UTC 2025] code='429'
[Wed Sep 3 15:28:23 UTC 2025] original='{
"type": "urn:ietf:params:acme:error:rateLimited",
"detail": "too many certificates (50) already issued for "qzz.io" in the last 168h0m0s, retry after 2025-09-03 18:34:58 UTC: see Rate Limits - Let's Encrypt",
"status": 429
}'
[Wed Sep 3 15:28:23 UTC 2025] response='{
"type": "urn:ietf:params:acme:error:rateLimited",
"detail": "too many certificates (50) already issued for "qzz.io" in the last 168h0m0s, retry after 2025-09-03 18:34:58 UTC: see Rate Limits - Let's Encrypt",
"status": 429
}'
[Wed Sep 3 15:28:23 UTC 2025] Le_LinkOrder
[Wed Sep 3 15:28:23 UTC 2025] Le_OrderFinalize
[Wed Sep 3 15:28:23 UTC 2025] Error creating new order. Le_OrderFinalize not found. {
"type": "urn:ietf:params:acme:error:rateLimited",
"detail": "too many certificates (50) already issued for "qzz.io" in the last 168h0m0s, retry after 2025-09-03 18:34:58 UTC: see Rate Limits - Let's Encrypt",
"status": 429
}
[Wed Sep 3 15:28:23 UTC 2025] pid
[Wed Sep 3 15:28:23 UTC 2025] No need to restore nginx config, skipping.
[Wed Sep 3 15:28:23 UTC 2025] _clearupdns
[Wed Sep 3 15:28:23 UTC 2025] dns_entries
[Wed Sep 3 15:28:23 UTC 2025] Skipping dns.
[Wed Sep 3 15:28:23 UTC 2025] _on_issue_err
[Wed Sep 3 15:28:23 UTC 2025] Please check log file for more details: /var/log/ispconfig/acme.log
[Wed Sep 3 15:28:23 UTC 2025] _chk_vlist
[Wed Sep 3 15:28:23 UTC 2025] Diagnosis versions:
openssl:openssl
OpenSSL 3.0.17 1 Jul 2025 (Library: OpenSSL 3.0.17 1 Jul 2025)
Apache:
Apache doesn't exist.
nginx:
nginx doesn't exist.
socat:
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
socat version 1.7.4.4 on 06 Nov 2022 08:15:51
running on Linux version #1 SMP PREEMPT_DYNAMIC Debian 6.1.147-1 (2025-08-02), release 6.1.0-38-cloud-amd64, machine x86_64
features:
#define WITH_STDIO 1
#define WITH_FDNUM 1
#define WITH_FILE 1
#define WITH_CREAT 1
#define WITH_GOPEN 1
#define WITH_TERMIOS 1
#define WITH_PIPE 1
#define WITH_UNIX 1
#define WITH_ABSTRACT_UNIXSOCKET 1
#define WITH_IP4 1
#define WITH_IP6 1
#define WITH_RAWIP 1
#define WITH_GENERICSOCKET 1
#define WITH_INTERFACE 1
#define WITH_TCP 1
#define WITH_UDP 1
#define WITH_SCTP 1
#define WITH_LISTEN 1
#define WITH_SOCKS4 1
#define WITH_SOCKS4A 1
#define WITH_VSOCK 1
#define WITH_PROXY 1
#define WITH_SYSTEM 1
#define WITH_EXEC 1
#undef WITH_READLINE
#define WITH_TUN 1
#define WITH_PTY 1
#define WITH_OPENSSL 1
#undef WITH_FIPS
#define WITH_LIBWRAP 1
#define WITH_SYCLS 1
#define WITH_FILAN 1
#define WITH_RETRY 1
#define WITH_MSGLEVEL 0 /debug/

Meu servidor web é (com versão): ISPConfig (The Perfect Server - Debian 12 (Bookworm) with Apache, BIND, Dovecot, PureFTPD and ISPConfig 3.2)

O sistema operacional no meu servidor web é (com versão): Debian 12

O serviço de hospedagem do meu site (se aplicável) é: OVH

Posso acessar um shell root na minha máquina (sim ou não, ou não sei): sim

Uso um painel de controle para administrar meu site (não, ou indique o nome e a versão do painel de controle): ISPConfig latest version

Eu registrei esse domínio gratuito desse projeto: GitHub - DigitalPlatDev/FreeDomain: DigitalPlat FreeDomain: Free Domain For Everyone

eu tenho apenas 4 domínio com a extensão qzz.io, mas o Lets Encrypt entende que se trata apenas de um domínio e acaba recusando o meu certificado, não conseguir instalar nenhum certificado nesses domínios devido a extensão do domínio.

Poderia liberar esse domínio em questão para usar certificado? É um projeto opensouce do github, veja o meu log acima substitua my-domain-here por meu domínio pra entender a saída.

Eu tentei pelo ISPConfig, mas ao ver o log entendi o problema com esse domínio.

my request in Github: Request the Lets Encrypt team to allow the creation of digital certificates · DigitalPlatDev/FreeDomain · Discussion #79944 · GitHub

You are hitting the "New Certificates per Registered Domain" limit, which is an indicator the domain owner has not added it to Public Suffix List. It's primarily used to determine domains that are being handed out to independent users (like in an instance of free subdomain service). You need to contact the domain owner to submit a request to be added to that list.

But they did add it back on May12: Add XX.KG and QZZ.IO by EdwardLab · Pull Request #2462 · publicsuffix/list · GitHub

Looks like LE will pickup latest PSL in next week or two. Not sure why so long of delay since May12

Here is recent thread for a different one but it should pickup this one too

Oh right, thanks for pointing this out, @MikeMcQ. In that case the problem will "resolve itself" eventually. Just not entirely transparent from the users' point of view.

Is there any way to speed up the process with the Lets Encrypt team?

You could try posting on that other thread I provided where LE staff provided their timeline

There is no way to speed up the process. The updated library has merged and will be deployed this week.

we are looking forward to it, thanks for your hard work

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.