Error, can not get domain token entry oichman.duckdns.org for tls-alpn-01

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
oichman.duckdns.org
I ran this command:
"/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh"
It produced this output:
[Mon Aug 1 09:58:26 IDT 2022] ===Starting cron===
[Mon Aug 1 09:58:26 IDT 2022] Renew: 'grafana.oichman.duckdns.org'
[Mon Aug 1 09:58:26 IDT 2022] Renew to Le_API=https://acme.zerossl.com/v2/DV90
[Mon Aug 1 09:58:26 IDT 2022] Skip invalid cert for: grafana.oichman.duckdns.org
[Mon Aug 1 09:58:26 IDT 2022] Skipped grafana.oichman.duckdns.org
[Mon Aug 1 09:58:27 IDT 2022] Renew: '*.oichman.duckdns.org'
[Mon Aug 1 09:58:27 IDT 2022] Renew to Le_API=https://acme.zerossl.com/v2/DV90
[Mon Aug 1 09:58:27 IDT 2022] Skip invalid cert for: *.oichman.duckdns.org
[Mon Aug 1 09:58:27 IDT 2022] Skipped *.oichman.duckdns.org
[Mon Aug 1 09:58:27 IDT 2022] Renew: 'oichman.duckdns.org'
[Mon Aug 1 09:58:27 IDT 2022] Renew to Le_API=https://acme.zerossl.com/v2/DV90
[Mon Aug 1 09:58:43 IDT 2022] Using CA: https://acme.zerossl.com/v2/DV90
[Mon Aug 1 09:58:43 IDT 2022] Standalone alpn mode.
[Mon Aug 1 09:58:44 IDT 2022] Single domain='oichman.duckdns.org'
[Mon Aug 1 09:58:44 IDT 2022] Getting domain auth token for each domain
[Mon Aug 1 09:59:23 IDT 2022] Getting webroot for domain='oichman.duckdns.org'
[Mon Aug 1 09:59:24 IDT 2022] Error, can not get domain token entry oichman.duckdns.org for tls-alpn-01
[Mon Aug 1 09:59:24 IDT 2022] The supported validation types are: http-01 dns-01 , but you specified: tls-alpn-01
[Mon Aug 1 09:59:24 IDT 2022] Please add '--debug' or '--log' to check more details.
[Mon Aug 1 09:59:24 IDT 2022] See: How to debug acme.sh · acmesh-official/acme.sh Wiki · GitHub
[Mon Aug 1 09:59:24 IDT 2022] Error renew oichman.duckdns.org.
[Mon Aug 1 09:59:24 IDT 2022] ===End cron===

My web server is (include version):
grafana.oichman.duckdns.org
The operating system my web server runs on is (include version):
Linux (Debian)
My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):
Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

It's possible that ZeroSSL doesn't support TLS-ALPN, I'm not sure.

You can try switch acme.sh over to Let's Encrypt and try again:

acme.sh --set-default-ca --server letsencrypt

or just pass the --server flag to your renew command.

3 Likes

Hi ,
still the same error :
[Mon Aug 1 14:03:36 IDT 2022] Error, can not get domain token entry oichman.duckdns.org for tls-alpn-01
[Mon Aug 1 14:03:36 IDT 2022] The supported validation types are: http-01 dns-01 , but you specified: tls-alpn-01
[Mon Aug 1 14:03:36 IDT 2022] Please add '--debug' or '--log' to check more details.
[Mon Aug 1 14:03:36 IDT 2022] See: How to debug acme.sh · acmesh-official/acme.sh Wiki · GitHub
[Mon Aug 1 14:03:36 IDT 2022] Error renew oichman.duckdns.org.
[Mon Aug 1 14:03:36 IDT 2022] ===End cron===

"/root/.acme.sh"/acme.sh --set-default-ca --server letsencrypt --cron --home "/root/.acme.sh"

Hi.
thank you very much , I solved it by reissuing the certificate , now everything is in order

thanks you very much for all your help

1 Like