Peculiar issue with renewals


#21

Still no dice… There are no differences I could find between the account where acme.sh is working and the one that’s partially working… Checked folder permissions, acme folder and files… I’m not sure what I should be checking next


#22

Hi,

I understand… However, the output of ACME.sh states that you(the running user) have no permission to write to that folder…

I would suggest you to ask this to your hosting provider (maybe they have some configuration difference from server to server), you might also need to open a issue on acme.sh GitHub repo…

Thank you


#23

Hello again and thanks for the response.
Although what you’re saying makes sense, it appears it’s not a permission issue… I just issued a cert for another domain on the account (one I didn’t have a cert for, worked flawlessly.
So I thought I would issue one for the domain that was giving the permission issue and check the folder location. That worked! Now this begets a question… what garbled the location info in acme.sh? Where does it normally store it? account basis or domain basis?

Also I tried to --renew-all… and here’s the output
[Tue Oct 9 13:57:41 EDT 2018] Renew: ‘.domain1.com’
[Tue Oct 9 13:57:41 EDT 2018] It seems that you are using dns manual mode. Read this link first: https://github.com/Neilpang/acme.sh/wiki/dns-manual-mode
[Tue Oct 9 13:57:41 EDT 2018] Error renew .domain1.com.
[Tue Oct 9 13:57:41 EDT 2018] Renew: '
.domain2.com’
[Tue Oct 9 13:57:41 EDT 2018] Single domain=’
.domain2.com’
[Tue Oct 9 13:57:41 EDT 2018] Getting domain auth token for each domain
[Tue Oct 9 13:57:41 EDT 2018] Verifying:*.domain2.com
[Tue Oct 9 13:57:41 EDT 2018] *.vitaliz.in:Challenge error: {“type”:“urn:ietf:params:acme:error:malformed”,“detail”:“Unable to update challenge :: The challenge is not pending.”,“status”: 400}
[Tue Oct 9 13:57:41 EDT 2018] Please add ‘–debug’ or ‘–log’ to check more details.
[Tue Oct 9 13:57:41 EDT 2018] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
[Tue Oct 9 13:57:42 EDT 2018] Error renew *.domain2.com.

WTH? manual mode? how so?
and it’s no longer a 404, it’s now a 400. I went from expired authorization to challenge not pending…
domain1 is an acme.sh issue, domain2 is an LE issue.

any ideas?


#24

Another oddity:
In my cPanel>SSL/TLS, both wildcards appear to have been renewed yesterday (or the day before) It failed everytime I tried in the last few days and I had never got the cron job to work…

Now that’s forkin puzzling!


#25

If you have a working cPanel, you should not use another client. That may be the “no permission” - problem.


#26

I’m not sure I understand what you mean by working cPanel… it’s a shared hosting account without LE support… I have SSH access which enables me to use acme.sh to issue only, installation is manual… Using web-based LE cert generators isn’t really an option.


#27

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.