Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: "example1.com" "example2.com" "example3.com"
I ran this command:
#!/bin/bash
DEPLOYMENT_BUCKET=~/certbot_bucket ## here's my workspace
DOMAINS=("example1.com" "example2.com" "example3.com") ## domain my ssl cert creates for
PROJECTS=("example-demo") ## my projects
## 90 days letsencrypt cert will expiry
# now i get the expiry date and delete folde with name of expiry date and create new folder with expiry date, where my ssl cert can be placed at.
EXPIRATION_DATE=$(date -v +90d "+%Y-%m-%d")
rm -rf $DEPLOYMENT_BUCKET/certbot/$EXPIRATION_DATE
mkdir -p $DEPLOYMENT_BUCKET/certbot/$EXPIRATION_DATE
CERT_DIR="$DEPLOYMENT_BUCKET/certbot/$EXPIRATION_DATE"
echo $EXPIRATION_DATE
## now i'm looping through domains, to create ssl cert one by one
for domain in "${DOMAINS[@]}"
do
# now i use certbot creating my ssl cert. I want to automate the creation process and i just need to get the ssl cert. I will upload ssl certs to google cloud later
echo certbot certonly --manual --work-dir=$CERT_DIR --logs-dir=$CERT_DIR --config-dir=$CERT_DIR --agree-tos --email "xxx@example.com" --manual-auth-hook $DEPLOYMENT_BUCKET/certbot/authenticator.sh --manual-cleanup-hook $DEPLOYMENT_BUCKET/certbot/cleanup.sh -d *.$domain --noninteractive
certbot certonly --manual --work-dir=$CERT_DIR --logs-dir=$CERT_DIR --config-dir=$CERT_DIR --agree-tos --email "xxx@example.com" --manual-auth-hook $DEPLOYMENT_BUCKET/certbot/authenticator.sh --manual-cleanup-hook $DEPLOYMENT_BUCKET/certbot/cleanup.sh -d *.$domain --noninteractive
for project in "${PROJECTS[@]}"
# DO project stuff here. Here i upload ssl certs to google cloud projects.
do
done
done
It produced this output:
Saving debug log to ~/certbot/2021-03-08/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Account registered.
Requesting a certificate for *.example1.com
Performing the following challenges:
dns-01 challenge for example.com
Running manual-auth-hook command: ~/certbot/authenticator.sh
Output from manual-auth-hook command authenticator.sh:
_acme-challenge.example1.com
vPOJ1XoDb2NSZujsEvr7vy_076D1Bmb8Q9aGFfs49-g
Error output from manual-auth-hook command authenticator.sh:
expr: syntax error
Traceback (most recent call last):
File "<string>", line 1, in <module>
IndexError: list index out of range
Traceback (most recent call last):
File "<string>", line 1, in <module>
TypeError: 'NoneType' object has no attribute '__getitem__'
Waiting for verification...
Challenge failed for domain example1.com
dns-01 challenge for example1.com
Cleaning up challenges
Running manual-cleanup-hook command: ~/certbot/cleanup.sh
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: example1.com
Type: dns
Detail: DNS problem: NXDOMAIN looking up TXT for
_acme-challenge.example1.com - check that a DNS record exists
for this domain
My web server is (include version):
i just use certbot to generate ca recognized ssl certificate. It's not attached to web server yet. I only plan to create the ssl certificate locally. My local computer is MacOS. I think currently it has nothing to do with my web server.
The operating system my web server runs on is (include version): it doesn't matter
My hosting provider, if applicable, is: No
I can login to a root shell on my machine (yes or no, or I don't know): I just ran it locally to get ssl certs
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): i tried with certbot 1.10.1 and certbot 1.8.0. Both gave me same error.