debian@vps-bf6e1476:~$ sudo certbot certonly --standalone -d b2i-dev.tech --debug-challenges -v
Root logging level set at 10
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requested authenticator standalone and installer None
Single candidate plugin: * standalone
Description: Spin up a temporary webserver
Interfaces: IAuthenticator, IPlugin
Entry point: standalone = certbot.plugins.standalone:Authenticator
Initialized: <certbot.plugins.standalone.Authenticator object at 0x7f90d1f792b0>
Prep: True
Selected authenticator <certbot.plugins.standalone.Authenticator object at 0x7f90d1f792b0> and installer None
Plugins selected: Authenticator standalone, Installer None
Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/641230146', new_authzr_uri=None, terms_of_service=None), 84c960d659736812ae3b1a9756577893, Meta(creation_dt=datetime.datetime(2022, 7, 21, 15, 56, 51, tzinfo=), creation_host='debian.example.com'))>
Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
Received response:
HTTP 200
Server: nginx
Date: Fri, 22 Jul 2022 15:48:53 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"lP4cKDeL2ww": "Adding random entries to the directory",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
Obtaining a new certificate
Generating key (2048 bits): /etc/letsencrypt/keys/0006_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0006_csr-certbot.pem
Requesting fresh nonce
Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
Received response:
HTTP 200
Server: nginx
Date: Fri, 22 Jul 2022 15:48:53 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: 0101i8imp_9eCHC2DdVwboLB0DMZKTHg_8r3GHGnCKHPzKo
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Storing nonce: 0101i8imp_9eCHC2DdVwboLB0DMZKTHg_8r3GHGnCKHPzKo
JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "b2i-dev.tech"\n }\n ]\n}'
Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNjQxMjMwMTQ2IiwgIm5vbmNlIjogIjAxMDFpOGltcF85ZUNIQzJEZFZ3Ym9MQjBETVpLVEhnXzhyM0dIR25DS0hQektvIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
"signature": "a-ctXIPUDWhgq3SgTQ1H5Q8ZckGKhDOLhoVykzKKpVbEifOtosQpnsWeuCwydmLDs1KmZYJFJFtpQ2cgiPeVJrLXu4IJtso_u_B6G3WFn7OHHJW4qhbwb2yQaaAp8pp4aAwa9imeSfPiC7qSkIhqH7ouCLx-ASqKJeB12yqVTfPqb7D38oLXi0l3VnLVpqXoiZ1EEWd_Quayng4Lss3a29SlC5bMNSOS2-1Rs3FY3VZxZYF-9-zMtciRo_-oKrobBC41R07uJbvji7gJVZQ5J4RIBOy_HjujTVQpJuW0raE6xFrPGnSyHaNn8h4FxqHrLptgas9bO416E4P5RKTNEw",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImIyaS1kZXYudGVjaCIKICAgIH0KICBdCn0"
}
https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 337
Received response:
HTTP 201
Server: nginx
Date: Fri, 22 Jul 2022 15:48:54 GMT
Content-Type: application/json
Content-Length: 337
Connection: keep-alive
Boulder-Requester: 641230146
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/641230146/109127996536
Replay-Nonce: 0101mqFyjvo-PDApv1kGXgwIVWmCMmjT-Ki7JlakfsRLifk
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2022-07-29T15:48:54Z",
"identifiers": [
{
"type": "dns",
"value": "b2i-dev.tech"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/133465247976"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/641230146/109127996536"
}
Storing nonce: 0101mqFyjvo-PDApv1kGXgwIVWmCMmjT-Ki7JlakfsRLifk
JWS payload:
b''
Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/133465247976:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNjQxMjMwMTQ2IiwgIm5vbmNlIjogIjAxMDFtcUZ5anZvLVBEQXB2MWtHWGd3SVZXbUNNbWpULUtpN0psYWtmc1JMaWZrIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xMzM0NjUyNDc5NzYifQ",
"signature": "Q4jkqqBSfxTHeL-AjNUJk_0SmKEr7xKtxdqDu0qyIhbR--XslCEaTUoi99J84GAbuipne9pp52aZGtansgFdsmQbw-t2CpJfWv68TerKycdTFhqA51bitLAvntQOt1qVudoq6EDZRGk3d3CbCYL51oZCg3TL2pib1khgxJPilzCt0lL7yY9D__H_8gDdF75d-A9mQuQ5-QXESMkWkg-RbM0U716-CL66tamiVKNXdPy7SGWqhYiYjxZHXYTuIb7Q1pfX-TsUed1bd3f2D9Xs0r2D0ZyPgIuVrXRtyDSw6IgT2HUjiVzHdhSSjAfRyPYSq3J9F8n7UsKVBTCYIlU0pg",
"payload": ""
}
https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/133465247976 HTTP/1.1" 200 796
Received response:
HTTP 200
Server: nginx
Date: Fri, 22 Jul 2022 15:48:54 GMT
Content-Type: application/json
Content-Length: 796
Connection: keep-alive
Boulder-Requester: 641230146
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: 01015q9hwirbihUuEcioXJadrA2EZKMuhvPmwm8KqGUt6Y0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "b2i-dev.tech"
},
"status": "pending",
"expires": "2022-07-29T15:48:54Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/133465247976/W8mhLA",
"token": "6xQv3WdaqiiRlS3LSYSE4Sdw_hNwBBEtYcAHojTofDg"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/133465247976/TmAa0w",
"token": "6xQv3WdaqiiRlS3LSYSE4Sdw_hNwBBEtYcAHojTofDg"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/133465247976/nQNgmQ",
"token": "6xQv3WdaqiiRlS3LSYSE4Sdw_hNwBBEtYcAHojTofDg"
}
]
}
Storing nonce: 01015q9hwirbihUuEcioXJadrA2EZKMuhvPmwm8KqGUt6Y0
Performing the following challenges:
http-01 challenge for b2i-dev.tech
Successfully bound to :80 using IPv6
Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations.
Waiting for verification...
Challenges loaded. Press continue to submit to CA. Pass "-v" for more info about
challenges.
Press Enter to Continue