Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
Problem: I am trying to issue a cert on Pfsense using ACME. This is so I can host nextcloud using cloudflare. The actual sub domain I am trying to get the cert created for is nextcloud.geeknetit.com. I found a past post with a solution however I have already tried that solution and it did not work. See solution URL below:
My domain is: nextcloud.geeknetit.com
I ran this command: cat /tmp/acme/nextcloud/acme_issuecert.log
It produced this output:
[Mon Sep 2 16:38:20 PDT 2024] readlink exists=0
[Mon Sep 2 16:38:20 PDT 2024] dirname exists=0
[Mon Sep 2 16:38:20 PDT 2024] Lets find script dir.
[Mon Sep 2 16:38:20 PDT 2024] SCRIPT='/usr/local/pkg/acme/acme.sh'
[Mon Sep 2 16:38:20 PDT 2024] _script='/usr/local/pkg/acme/acme.sh'
[Mon Sep 2 16:38:20 PDT 2024] _script_home='/usr/local/pkg/acme'
[Mon Sep 2 16:38:20 PDT 2024] Using config home:/tmp/acme/nextcloud
[Mon Sep 2 16:38:20 PDT 2024] ACCOUNT_CONF_PATH='/tmp/acme/nextcloud/accountconf.conf'
[Mon Sep 2 16:38:20 PDT 2024] APP
[Mon Sep 2 16:38:20 PDT 2024] 3:LOG_FILE='/tmp/acme/nextcloud/acme_issuecert.log'
[Mon Sep 2 16:38:20 PDT 2024] APP
[Mon Sep 2 16:38:20 PDT 2024] 4:LOG_LEVEL='3'
[Mon Sep 2 16:38:20 PDT 2024] LE_WORKING_DIR='/tmp/acme/nextcloud'
[Mon Sep 2 16:38:20 PDT 2024] Running cmd: issue
[Mon Sep 2 16:38:20 PDT 2024] _main_domain='nextcloud.geeknetit.com'
[Mon Sep 2 16:38:20 PDT 2024] _alt_domains='no'
[Mon Sep 2 16:38:20 PDT 2024] Using config home:/tmp/acme/nextcloud
[Mon Sep 2 16:38:20 PDT 2024] ACCOUNT_CONF_PATH='/tmp/acme/nextcloud/accountconf.conf'
[Mon Sep 2 16:38:20 PDT 2024] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 2 16:38:21 PDT 2024] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Mon Sep 2 16:38:21 PDT 2024] _ACME_SERVER_PATH='directory'
[Mon Sep 2 16:38:21 PDT 2024] CA_CONF='/tmp/acme/nextcloud/ca/acme-v02.api.letsencrypt.org/directory/ca.conf'
[Mon Sep 2 16:38:21 PDT 2024] DOMAIN_PATH='/tmp/acme/nextcloud/nextcloud.geeknetit.com'
[Mon Sep 2 16:38:21 PDT 2024] 'dns_cf' does not contain 'dns'
[Mon Sep 2 16:38:21 PDT 2024] Le_NextRenewTime
[Mon Sep 2 16:38:21 PDT 2024] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Mon Sep 2 16:38:21 PDT 2024] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Mon Sep 2 16:38:21 PDT 2024] GET
[Mon Sep 2 16:38:21 PDT 2024] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 2 16:38:21 PDT 2024] timeout=
[Mon Sep 2 16:38:21 PDT 2024] curl exists=0
[Mon Sep 2 16:38:21 PDT 2024] wget exists=127
[Mon Sep 2 16:38:21 PDT 2024] _CURL='curl --silent --dump-header /tmp/acme/nextcloud/http.header -L -g '
[Mon Sep 2 16:38:21 PDT 2024] ret='0'
[Mon Sep 2 16:38:21 PDT 2024] _json_decode
[Mon Sep 2 16:38:21 PDT 2024] _j_str='{
"5JGt4f7wgKw": "Adding random entries to the directory",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-03/renewalInfo",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}'
[Mon Sep 2 16:38:21 PDT 2024] response='{
"5JGt4f7wgKw": "Adding random entries to the directory",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-03/renewalInfo",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}'
[Mon Sep 2 16:38:21 PDT 2024] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Mon Sep 2 16:38:21 PDT 2024] ACME_NEW_AUTHZ
[Mon Sep 2 16:38:21 PDT 2024] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Mon Sep 2 16:38:21 PDT 2024] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Mon Sep 2 16:38:21 PDT 2024] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Mon Sep 2 16:38:21 PDT 2024] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf'
[Mon Sep 2 16:38:21 PDT 2024] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Mon Sep 2 16:38:21 PDT 2024] OK
[Mon Sep 2 16:38:21 PDT 2024] 2:Le_Domain='nextcloud.geeknetit.com'
[Mon Sep 2 16:38:21 PDT 2024] OK
[Mon Sep 2 16:38:21 PDT 2024] 3:Le_Alt='no'
[Mon Sep 2 16:38:21 PDT 2024] OK
[Mon Sep 2 16:38:21 PDT 2024] 4:Le_Webroot='dns_cf'
[Mon Sep 2 16:38:21 PDT 2024] OK
[Mon Sep 2 16:38:21 PDT 2024] 5:Le_PreHook=''
[Mon Sep 2 16:38:21 PDT 2024] OK
[Mon Sep 2 16:38:21 PDT 2024] 6:Le_PostHook=''
[Mon Sep 2 16:38:21 PDT 2024] OK
[Mon Sep 2 16:38:21 PDT 2024] 7:Le_RenewHook=''
[Mon Sep 2 16:38:21 PDT 2024] OK
[Mon Sep 2 16:38:21 PDT 2024] 8:Le_API='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 2 16:38:21 PDT 2024] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Mon Sep 2 16:38:21 PDT 2024] _on_before_issue
[Mon Sep 2 16:38:21 PDT 2024] _chk_main_domain='nextcloud.geeknetit.com'
[Mon Sep 2 16:38:21 PDT 2024] _chk_alt_domains
[Mon Sep 2 16:38:21 PDT 2024] 'dns_cf' does not contain 'no'
[Mon Sep 2 16:38:21 PDT 2024] Le_LocalAddress
[Mon Sep 2 16:38:21 PDT 2024] d='nextcloud.geeknetit.com'
[Mon Sep 2 16:38:21 PDT 2024] Check for domain='nextcloud.geeknetit.com'
[Mon Sep 2 16:38:21 PDT 2024] _currentRoot='dns_cf'
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): pfsense 2.7.2 latest build
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): command not found for either one.