I need help with acme.sh

Help
21

Let's try this then:

./acme.sh --issue -d kytkin.pekant.fi --alpn --server https://acme-staging-v02.api.letsencrypt.org/directory

1 Like
22

Same error

root@kytkin ~/.acme.sh # ./acme.sh --issue -d kytkin.pekant.fi --alpn --server https://acme-staging-v02.api.letsencrypt.org/directory
[Fri Aug 13 12:06:44 EEST 2021] Using CA: https://acme-staging-v02.api.letsencrypt.org/directory
[Fri Aug 13 12:06:44 EEST 2021] Standalone alpn mode.
[Fri Aug 13 12:06:44 EEST 2021] Registering account: https://acme-staging-v02.api.letsencrypt.org/directory
[Fri Aug 13 12:06:46 EEST 2021] Registered
[Fri Aug 13 12:06:46 EEST 2021] ACCOUNT_THUMBPRINT='6vCynACaz9V5PVJL67j1-WjYVB9q7EaA2IZu_OufCfY'
[Fri Aug 13 12:06:46 EEST 2021] Single domain='kytkin.pekant.fi'
[Fri Aug 13 12:06:46 EEST 2021] Getting domain auth token for each domain
[Fri Aug 13 12:06:47 EEST 2021] Getting webroot for domain='kytkin.pekant.fi'
[Fri Aug 13 12:06:48 EEST 2021] Verifying: kytkin.pekant.fi
[Fri Aug 13 12:06:48 EEST 2021] Starting tls server.
[Fri Aug 13 12:06:50 EEST 2021] Pending, The CA is processing your order, please just wait. (1/30)
[Fri Aug 13 12:06:53 EEST 2021] kytkin.pekant.fi:Verify error:Connection refused

1 Like
23

Odd. This almost looks like there's a firewall blocking port 443 inbound traffic. I noticed apache returned a 500 error earlier on port 443 when it was enabled.

1 Like
24

Well there is now webisite anymore... It worked fine when there was a website. So I think this is not firewall problem.

Do I need to add some txt value to DNS?

1 Like
25

Not for ALPN-01. The TXT records are for DNS-01.

1 Like
26

Old certbot was using webroot on this same server.

1 Like
27

If you were using webroot http-01, why not use that with acme.sh rather than alpn-01?

1 Like
28

Wee I have tried but I do not know how

1 Like
29

./acme.sh --issue -d kytkin.pekant.fi --server https://acme-staging-v02.api.letsencrypt.org/directory -w /var/www/html

1 Like
30

What's the result? I'm assuming the webroot directory you specified is correct.

1 Like
31

[Fri Aug 13 12:38:37 EEST 2021] Using CA: https://acme-staging-v02.api.letsencrypt.org/directory
[Fri Aug 13 12:38:38 EEST 2021] Single domain='kytkin.pekant.fi'
[Fri Aug 13 12:38:38 EEST 2021] Getting domain auth token for each domain
[Fri Aug 13 12:38:41 EEST 2021] Getting webroot for domain='kytkin.pekant.fi'
[Fri Aug 13 12:38:41 EEST 2021] Verifying: kytkin.pekant.fi
[Fri Aug 13 12:38:41 EEST 2021] Pending, The CA is processing your order, please just wait. (1/30)
[Fri Aug 13 12:38:44 EEST 2021] kytkin.pekant.fi:Verify error:Fetching http://kytkin.pekant.fi/.well-known/acme-challenge/9MbNnZf7DdQRvEqSPBwVWLW9wlDnWj-o_hSv3m9rWt0: Connection refused

1 Like
32

Does it try to use port 80`?

1 Like
33

It does, but it's not standalone. Apache is serving the files.

1 Like
34

I started apatche and now it worked!

1 Like
35

:partying_face:

Now try this:

./acme.sh --issue -d kytkin.pekant.fi --server https://acme-v02.api.letsencrypt.org/directory -w /var/www/html

1 Like
36

I'm seeing good things... :smiley:

https://crt.sh/?q=kytkin.pekant.fi

1 Like
37

Yes It is worked Now I believe! Thank you very much!

2 Likes
38

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.