Restricted domain by Let's Encrypt

raha · July 20, 2022, 6:38pm

Let me cheek it ,

I used the command Certboot-certonly in my ubuntu that have cyberpanel on it and asked for ssl for my domains like what you said, this is the result

Please enter in your domain name(s) (comma and/or space separated)  (Enter 'c'
to cancel): mydomain.xyz , www.mydomain.xyz
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mydomain.xyz
http-01 challenge for www.mydomain.xyz
Cleaning up challenges
Problem binding to port 80: Could not bind to IPv4 or IPv6.

IMPORTANT NOTES:
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.

and it asked me for the webroot

 does not exist or is not a directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Input the webroot for mydomain.xyz : (Enter 'c' to cancel):

since the folder dos not exist , where is the path for to create manully that let ssl cration ?

MikeMcQ · July 20, 2022, 7:16pm

The cert from Certbot on Windows is no different than the cert from Certbot on linux.

Certbot works best when it runs on the server for that domain name. I don't know why you would run certbot on Windows when you plan to use the certs on Linux. It is possible just very much harder.

MikeMcQ · July 20, 2022, 7:18pm

Show the entire command please (redact your domain if you must)

raha · July 20, 2022, 7:18pm

No , now I'm working in my ubuntu

raha · July 20, 2022, 7:20pm

certbot certonly


   
root@srvcyberpanelnoemail:~# certbot certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Plugins selected: Authenticator standalone, Installer None
Please enter in your domain name(s) (comma and/or space separated)  (Enter 'c'
to cancel): 2

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
One or more of the entered domain names was not valid:

2: Requested name 2 is an IP address. The Let's Encrypt certificate authority
will not issue certificates for a bare IP address.

Would you like to re-enter the names?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: y
Please enter in your domain name(s) (comma and/or space separated)  (Enter 'c'
to cancel): mydomain.xyz , www.mydomain.xyz
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mydomain.xyz
http-01 challenge for www.mydomain.xyz
Cleaning up challenges
Problem binding to port 80: Could not bind to IPv4 or IPv6.
root@srvcyberpanelnoemail:~# certbot certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Plugins selected: Authenticator standalone, Installer None
Please enter in your domain name(s) (comma and/or space separated)  (Enter 'c'
to cancel): mydomain.xyz , www.mydomain.xyz
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mydomain.xyz
http-01 challenge for www.mydomain.xyz
Cleaning up challenges
Problem binding to port 80: Could not bind to IPv4 or IPv6.
root@srvcyberpanelnoemail:~# certbot certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Plugins selected: Authenticator webroot, Installer None
Please enter in your domain name(s) (comma and/or space separated)  (Enter 'c'
to cancel): mydomain.xyz , www.mydomain.xyz
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mydomain.xyz
http-01 challenge for www.mydomain.xyz
Input the webroot for mydomain.xyz: (Enter 'c' to cancel):

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 does not exist or is not a directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Input the webroot for mydomain.xyz: (Enter 'c' to cancel):

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 does not exist or is not a directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Input the webroot for mydomain.xyz: (Enter 'c' to cancel):

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 does not exist or is not a directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Input the webroot for mydomain.xyz: (Enter 'c' to cancel):

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 does not exist or is not a directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Input the webroot for mydomain.xyz: (Enter 'c' to cancel):

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 does not exist or is not a directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Input the webroot for mydomain.xyz: (Enter 'c' to cancel):

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 does not exist or is not a directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Input the webroot for mydomain.xyz: (Enter 'c' to cancel):

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 does not exist or is not a directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Input the webroot for mydomain.xyz: (Enter 'c' to cancel): /home/

Select the webroot for www.mydomain.xyz:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Enter a new webroot
2: /home
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Input the webroot for www.mydomain.xyz: (Enter 'c' to cancel): /home
Waiting for verification...
Challenge failed for domain mydomain.xyz
Challenge failed for domain www.mydomain.xyz
http-01 challenge for mydomain.xyz
http-01 challenge for www.mydomain.xyz
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: mydomain.xyz
   Type:   unauthorized
   Detail: <my-ip-addres>: Invalid response from
   http://mydomain.xyz/.well-known/acme-challenge/A6P7a6In-mnKNY-K-AHwea-KrT8877_iuCHEGBw8h4w:
   404

   Domain: www.mydomain.xyz
   Type:   unauthorized
   Detail: <my-ip-addres>: Invalid response from
   http://www.mydomain.xyz/.well-known/acme-challenge/Bdn6Y3N01MgnzcP5eiIyHiQXGSPK9iCpsgm6PZVXuOc:
   404

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

It asked me the path of cert and I don't know that...

MikeMcQ · July 20, 2022, 7:27pm

You can't use standalone method while your litespeed server is running. It might work if you stop your server and then try standalone.

Or, use webroot and enter the path used for your server DocumentRoot for those domain names. I don't know where you specify those in your Panel but its the folder you place the files your server sends out (like where you place your index.html file or similar)

raha · July 20, 2022, 7:31pm

in that location is not any cert , but in this location I can see the files:
/etc/letsencrypt/live/mydomain.xyz

So for now , can I use this location for that files?
/home/mydomain.xyz/public_html/newssl/

I stoped the webserver then run the command and now I got this

Waiting for verification...
Challenge failed for domain mydomain.xyz
Challenge failed for domain www.mydomain.xyz
http-01 challenge for mydomain.xyz
http-01 challenge for www.mydomain.xyz
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: mydomain.xyz
   Type:   unauthorized
   Detail: <my-ip-addres>: Invalid response from
   http://mydomain.xyz/.well-known/acme-challenge/quONoeBd_2a0phtNB68zXsXjBleOzi2cbUl4nO3-6MI:
   404

   Domain: www.mydomain.xyz
   Type:   unauthorized
   Detail: <my-ip-addres>: Invalid response from
   http://www.mydomain.xyz/.well-known/acme-challenge/HF-woi1Ry1jlTn0lTPd38xTIa0BM48s1cky3C1fKDRc:
   404

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

MikeMcQ · July 20, 2022, 7:35pm

Do you see files like fullchain.pem, cert.pem, privkey.pem and chain.pem? If so those are the cert files. You should not put any other files there.

If that is the DocumentRoot for your litespeed server for this domain. (I believe litespeed is configured like Apache)

MikeMcQ · July 20, 2022, 7:36pm

Using standalone?

raha · July 20, 2022, 7:40pm

Yes this is the path
but I dont have the .well-known folder on public_html
this error : http://www.mydomain.xyz/.well-known/acme-challenge/HF-woi1Ry1jlTn0lTPd38xTIa0BM48s1cky3C1fKDRc:

MikeMcQ · July 20, 2022, 7:40pm

Certbot will create the well-known path it needs

raha · July 20, 2022, 7:41pm

Yes
I stoped my webserver and using standalone

MikeMcQ · July 20, 2022, 7:41pm

I see it running right now (I remember your domain name from the other day)

raha · July 20, 2022, 7:43pm

at moment right now it is stoped

MikeMcQ · July 20, 2022, 7:47pm

It is now. Yes, try this:

certbot certonly --standalone -d www.(yourdomain) -d (yourdomain) --debug-challenges -v --dry-run

The command will pause and show you a URL. Please send me the URL in a private message or show in a post. I will test that URL

raha · July 20, 2022, 7:50pm

I did with certboot only and it crate for www but not for the domain and when I moved the fies in mydomain folder to another folder and start the command again , it gives me An unexpected error occurred: There were too many requests of a given type :: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: mydomail: see https://letsencrypt.org/docs/duplicate-certificate-limit/
should I run your command again?

in www.mydomain.com are

cert.pem  chain.pem  fullchain.pem  privkey.pem  README

MikeMcQ · July 20, 2022, 7:54pm

These look like good files. I see you got a new cert with both domain names in it from the cert-search tool I showed you earlier.

Don't lose them !

Good luck with your server config

raha · July 20, 2022, 7:57pm

in www of my domain I recived the cert but my domain witout www dos not have the cert.pem and chain.pem
Is it okey ?

also I run your command and this is the log

root@srvcyberpanelnoemail:~# certbot certonly --standalone -d www.[redacted] -d [redacted] --debug-challenges -v --dry-run
Root logging level set at 10
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requested authenticator standalone and installer None
Single candidate plugin: * standalone
Description: Spin up a temporary webserver
Interfaces: IAuthenticator, IPlugin
Entry point: standalone = certbot.plugins.standalone:Authenticator
Initialized: <certbot.plugins.standalone.Authenticator object at 0x7f4474ea5250>
Prep: True
Selected authenticator <certbot.plugins.standalone.Authenticator object at 0x7f4474ea5250> and installer None
Plugins selected: Authenticator standalone, Installer None
Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory.
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org:443
https://acme-staging-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 822
Received response:
HTTP 200
Server: nginx
Date: Wed, 20 Jul 2022 19:52:52 GMT
Content-Type: application/json
Content-Length: 822
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org/docs/staging-environment/"
  },
  "newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order",
  "oMBG66Ve1hE": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "renewalInfo": "https://acme-staging-v02.api.letsencrypt.org/get/draft-aaron-ari/renewalInfo/",
  "revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert"
}
Requesting fresh nonce
Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce.
https://acme-staging-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
Received response:
HTTP 200
Server: nginx
Date: Wed, 20 Jul 2022 19:52:52 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002mxLUlrTcs5zj9g6QJkKBjdlNSsk0EJES5Pbx9kCCbak
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


Storing nonce: 0002mxLUlrTcs5zj9g6QJkKBjdlNSsk0EJES5Pbx9kCCbak
JWS payload:
b'{\n  "termsOfServiceAgreed": true,\n  "resource": "new-reg"\n}'
Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-acct:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAiandrIjogeyJuIjogIjBHdnlpRldQRTVKS3FUUmM4TU5FMldZTmREUGR3NThHNkdETDl5bEg3WXA0UDI0M1VjSjhZZDVkR0NQR29rem1yVF9vLVVPcURueTZkekZfRjA3WDVZejVjRVR5QWtpVFhELS1HMTJ6bUk2cmxwc3FXWGgyZ3k2T0FVaTRnUFJvM1BHaDhRcjRCSmtydVc4ZDU3ejNuNVVja1lEbXMxYzRKd1VUanhSdVFaQUF4QWpmcjRaMGQ0WS15RG9odFRkd2djQmZjSmpWbDF1bXVGYmtmX09YWnBOaExGdWY3aGpxTi1qYTJTb05xUzNGNzlPT1BwdzZwaFctS0NZWldraHBLVWMtWnFZazdSY0dMYVdFaEYwQVlMOWM1YzhUWjB2YWgyZk1IV0hCZllUOVVWVmctNThwaUpXWTltNndfd28tOFlCaGRGWEUtc3o5SzhvVThlZ0lEUSIsICJlIjogIkFRQUIiLCAia3R5IjogIlJTQSJ9LCAibm9uY2UiOiAiMDAwMm14TFVsclRjczV6ajlnNlFKa0tCamRsTlNzazBFSkVTNVBieDlrQ0NiYWsiLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LWFjY3QifQ",
  "signature": "mUKD1usV6XYXBkDCzsSE-t7PuEmM69MXm3VtgBZnTnPVAMSgIFDezEoL54ns2gBMYIyN-4-5mJYU4iaIIOGGPozEBXKTMRBJu9cX8FqkRbJ7DtLgJsemp8rrtkgmQskamHMfnJPrATvY9y9HWjOf4SIWIBZxgNrpDLX8SVDNqctoga1dNBLePMJLyZEDRxlINfAQE8Nj5mty5jzHnNc-eLMnhYcI4-y_aHhLzmQdmagzQw3Tpe8iOeifX9etxZykNSQL4E4W-T1769tEBHqJyaEVdHUtFLihSOR_Ra5Rh4vqqIUhdXTjPCOVY4rZ38UqW0skh0v5CLXXggoOwsU5lw",
  "payload": "ewogICJ0ZXJtc09mU2VydmljZUFncmVlZCI6IHRydWUsCiAgInJlc291cmNlIjogIm5ldy1yZWciCn0"
}
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-acct HTTP/1.1" 201 510
Received response:
HTTP 201
Server: nginx
Date: Wed, 20 Jul 2022 19:52:53 GMT
Content-Type: application/json
Content-Length: 510
Connection: keep-alive
Boulder-Requester: 61537474
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index", <https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf>;rel="terms-of-service"
Location: https://acme-staging-v02.api.letsencrypt.org/acme/acct/61537474
Replay-Nonce: 0002nYlg4c1b_Vg2GV6GK4-NS4y1MSTvDw7y8tcbd9IgY1I
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "key": {
    "kty": "RSA",
    "n": "0GvyiFWPE5JKqTRc8MNE2WYNdDPdw58G6GDL9ylH7Yp4P243UcJ8Yd5dGCPGokzmrT_o-UOqDny6dzF_F07X5Yz5cETyAkiTXD--G12zmI6rlpsqWXh2gy6OAUi4gPRo3PGh8Qr4BJkruW8d57z3n5UckYDms1c4JwUTjxRuQZAAxAjfr4Z0d4Y-yDohtTdwgcBfcJjVl1umuFbkf_OXZpNhLFuf7hjqN-ja2SoNqS3F79OOPpw6phW-KCYZWkhpKUc-ZqYk7RcGLaWEhF0AYL9c5c8TZ0vah2fMHWHBfYT9UVVg-58piJWY9m6w_wo-8YBhdFXE-sz9K8oU8egIDQ",
    "e": "AQAB"
  },
  "initialIp": "<my-ip-addres>",
  "createdAt": "2022-07-20T19:52:53.037924825Z",
  "status": "valid"
}
Storing nonce: 0002nYlg4c1b_Vg2GV6GK4-NS4y1MSTvDw7y8tcbd9IgY1I
Reporting to user: Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal.
Picked account: <Account(RegistrationResource(body=Registration(key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7f4474e8e550>)>), contact=(), agreement=None, status='valid', terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-staging-v02.api.letsencrypt.org/acme/acct/61537474', new_authzr_uri=None, terms_of_service='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'), feeb1f0c6950fda56b70443d3675bcc7, Meta(creation_dt=datetime.datetime(2022, 7, 20, 19, 52, 53, tzinfo=<UTC>), creation_host='localhost'))>
Cert not due for renewal, but simulating renewal for dry run
Renewing an existing certificate
JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "www.[redacted]"\n    },\n    {\n      "type": "dns",\n      "value": "[redacted]"\n    }\n  ]\n}'
Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82MTUzNzQ3NCIsICJub25jZSI6ICIwMDAybllsZzRjMWJfVmcyR1Y2R0s0LU5TNHkxTVNUdkR3N3k4dGNiZDlJZ1kxSSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
  "signature": "QFpBHb_p8XLoEr0TAbb6dBXAvUi83svXSVpz1yzItesHyQv5ERUR17EZzB9w2NsIAgskM9ZlKr6e4asOMPO62U-ECB8Eb6_WVtrVUPsOGJJisu-6qhotDXfz0EQnvKZn0ijuVnNsy3gzb4Q7SaxagWpXGyFLSWuerF--XHlGYw7ShM-aQRGvIvsMAoDZVKACGqb2KNGXfh7F9hJF47AXpVAcWO3ZT6RQJneWp9ii7wzDq7SacRLW72jmwk4Kb8jHm0JcpEzakIW_fRpN7hCH0zRCAm6iKTpvZqD0cMMu8zWbKm1_dsNx261MV8k-65evW6POU2gfq_GrM2FMwKYeyQ",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy4zNzEwLmlyIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIjM3MTAuaXIiCiAgICB9CiAgXQp9"
}
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 483
Received response:
HTTP 201
Server: nginx
Date: Wed, 20 Jul 2022 19:52:53 GMT
Content-Type: application/json
Content-Length: 483
Connection: keep-alive
Boulder-Requester: 61537474
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/61537474/3282049364
Replay-Nonce: 0001ZXegIKZCCMDfLh1kO5AhxvplNhi6d1BD8Mlnce0H4oM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "pending",
  "expires": "2022-07-27T19:52:53Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "[redacted]"
    },
    {
      "type": "dns",
      "value": "www.[redacted]"
    }
  ],
  "authorizations": [
    "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3074881454",
    "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3074881464"
  ],
  "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/61537474/3282049364"
}
Storing nonce: 0001ZXegIKZCCMDfLh1kO5AhxvplNhi6d1BD8Mlnce0H4oM
JWS payload:
b''
Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3074881454:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82MTUzNzQ3NCIsICJub25jZSI6ICIwMDAxWlhlZ0lLWkNDTURmTGgxa081QWh4dnBsTmhpNmQxQkQ4TWxuY2UwSDRvTSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zMDc0ODgxNDU0In0",
  "signature": "vVfoJj7nvmkK84EgQiqiNyhNQw7puSUeeD1fOH1qqGVBilNJAA4ta8e8I-6yVVP7OPgByVYt8ed9VlQv33_gSWPioJSKgOfSyubpKUfTnHpM7OPx3Ebnfk4dxygbvNzHRcOQPJrNjvsLleLuMRfkx-g8J2VaOswCBlxoEhcbAFPhInZ_o2Vy5lVxJve10FntmkjmSRni9xWIEKP2GeiNAx1gxkEfCkLaDqZMHMEtPO0T__Y5L8aKWvIAKcjR0ofT_-kPsWxKbFnYwUknlHB-NJYxC0oNtYwhcn8g_oVUXXGxCjJ5RWLlp-l7pphuFI8jxi48rDy3wwKg5jn2zUk7xw",
  "payload": ""
}
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/3074881454 HTTP/1.1" 200 809
Received response:
HTTP 200
Server: nginx
Date: Wed, 20 Jul 2022 19:52:53 GMT
Content-Type: application/json
Content-Length: 809
Connection: keep-alive
Boulder-Requester: 61537474
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002agtGimkPMEIMFvwQ7ZAqyXVYu0q7aN7EjbZv9tgribo
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "[redacted]"
  },
  "status": "pending",
  "expires": "2022-07-27T19:52:53Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881454/3lWAVw",
      "token": "x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881454/5vPHow",
      "token": "x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881454/hOnHQw",
      "token": "x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M"
    }
  ]
}
Storing nonce: 0002agtGimkPMEIMFvwQ7ZAqyXVYu0q7aN7EjbZv9tgribo
JWS payload:
b''
Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3074881464:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82MTUzNzQ3NCIsICJub25jZSI6ICIwMDAyYWd0R2lta1BNRUlNRnZ3UTdaQXF5WFZZdTBxN2FON0VqYlp2OXRncmlibyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zMDc0ODgxNDY0In0",
  "signature": "ngFt3g_f99Fwz09CT7dV5ss0Rr-bbNdevYN-5mCtTYe-JTOTxdRODCwqC6RBxPvCwedvVmEjU3zxcKF3eef0ZoXOi0VChDtK4uNXi_go_5dl_mGUZyw-zMf7Z1BC_IgBBLbnRt1Z-o0cIb_VOWIAomllnWFNHW621HU-RhGBP2oxaatggibcjJMiD4N0pAt5V22jHCfDXA9LKyqXfWO0QzdRhIFHBt6ytbgiYrHIYh3-IFnURYoCV2_oIr4OcJzQ9N5SFs2mU7Q6zubICwmmOVLOLiDHYbTYhW_Aw2GiteJq6iF1ni__XoEkP4zw3RCGKjjHBHOxf-UwoKIyPHgUXA",
  "payload": ""
}
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/3074881464 HTTP/1.1" 200 813
Received response:
HTTP 200
Server: nginx
Date: Wed, 20 Jul 2022 19:52:54 GMT
Content-Type: application/json
Content-Length: 813
Connection: keep-alive
Boulder-Requester: 61537474
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 00013qtlqSJQkxsR6hSDxoFOuhmlCv1KYovmEDu7aLok1-4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "www.[redacted]"
  },
  "status": "pending",
  "expires": "2022-07-27T19:52:53Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881464/7ZshQg",
      "token": "EG4zVN4VTgpEA2HwKbuUjW5cYqHCU9qxJL4JkaY7W0o"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881464/r9NDMg",
      "token": "EG4zVN4VTgpEA2HwKbuUjW5cYqHCU9qxJL4JkaY7W0o"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881464/meJdBw",
      "token": "EG4zVN4VTgpEA2HwKbuUjW5cYqHCU9qxJL4JkaY7W0o"
    }
  ]
}
Storing nonce: 00013qtlqSJQkxsR6hSDxoFOuhmlCv1KYovmEDu7aLok1-4
Performing the following challenges:
http-01 challenge for [redacted]
http-01 challenge for www.[redacted]
Successfully bound to :80 using IPv6
Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations.
Waiting for verification...

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Challenges loaded. Press continue to submit to CA. Pass "-v" for more info about
challenges.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue
JWS payload:
b'{\n  "resource": "challenge",\n  "type": "http-01"\n}'
Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881454/3lWAVw:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82MTUzNzQ3NCIsICJub25jZSI6ICIwMDAxM3F0bHFTSlFreHNSNmhTRHhvRk91aG1sQ3YxS1lvdm1FRHU3YUxvazEtNCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8zMDc0ODgxNDU0LzNsV0FWdyJ9",
  "signature": "PBK9GtFhNgg9UoEj57JgfkPxX51N3DQxygujShqR3AWb-PgFga7aXktxWDbGuT4cJpE7QcpGKkCx3L3Y-Im1U2ZAJoIh70lhqqMEV8wOAZl52j-7jgWQ0L0G3sRHAsHTFizHLzq4ViRMy9ytEba1Z529tVwtDGopugB74mgirJcXXp0g0_DlxXAPgcZQWZDnzwDX_Cya2fHQ2gqcM0xl2QGmRie9OYx5pXgHG102PHfylA8-RhANLnGL040HxiCBnup4HL42mNfWu3pGBIbEjlxNYgsRLvYALmHCpwS8YR5iOaCOVJWJs_nf5a_OTU_QRyGbCBb9HUeS4PyRDgb7nQ",
  "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0"
}
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/3074881454/3lWAVw HTTP/1.1" 200 193
Received response:
HTTP 200
Server: nginx
Date: Wed, 20 Jul 2022 19:52:57 GMT
Content-Type: application/json
Content-Length: 193
Connection: keep-alive
Boulder-Requester: 61537474
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3074881454>;rel="up"
Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881454/3lWAVw
Replay-Nonce: 0001WvrxoObF5RLj4dSzY-wgWZwHGwfA2Y7ZQHZgwqV8MzE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881454/3lWAVw",
  "token": "x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M"
}
Storing nonce: 0001WvrxoObF5RLj4dSzY-wgWZwHGwfA2Y7ZQHZgwqV8MzE
JWS payload:
b'{\n  "resource": "challenge",\n  "type": "http-01"\n}'
Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881464/7ZshQg:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82MTUzNzQ3NCIsICJub25jZSI6ICIwMDAxV3ZyeG9PYkY1UkxqNGRTelktd2dXWndIR3dmQTJZN1pRSFpnd3FWOE16RSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8zMDc0ODgxNDY0Lzdac2hRZyJ9",
  "signature": "dIYebo8jxLGqykWMDZKCe6JbJzmErScWhcxzSDwbYCYf2pGzod4nvs7h4qfPXpJD-dEZ2Qpu6ALmkNllAPSMcj6-ZbMsMgNiZEI3V2xEsuPdZMEYGwuPZdISgKvYQRMZT5Ck0iok8zpg3BCA-oK0hv-R7Ex7w4xX8MBWeinb__nhBq2y3nsN31H9sd2wqgfi5PzNEuIgPWp1Ff6QnwNsgI8uJy2YikJumb-0GHNbBc4YtNZTxC4WhLcZMlCFgrCfx7-zO8FCPLmJKlVammnGgreLVQyT1lyUoPz8Y8q-UMm15ZJedLDLFWT_mAE8hLpg97R4ssJHx5lwXmsUG-65eQ",
  "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0"
}
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/3074881464/7ZshQg HTTP/1.1" 200 193
Received response:
HTTP 200
Server: nginx
Date: Wed, 20 Jul 2022 19:52:58 GMT
Content-Type: application/json
Content-Length: 193
Connection: keep-alive
Boulder-Requester: 61537474
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3074881464>;rel="up"
Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881464/7ZshQg
Replay-Nonce: 0002QrUGqGXXQbfXbukZ1jNLQklLN6sdZmwk69k3h9pF03k
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881464/7ZshQg",
  "token": "EG4zVN4VTgpEA2HwKbuUjW5cYqHCU9qxJL4JkaY7W0o"
}
Storing nonce: 0002QrUGqGXXQbfXbukZ1jNLQklLN6sdZmwk69k3h9pF03k
::ffff:18.184.172.105 - - Incoming request
::ffff:18.184.172.105 - - Serving HTTP01 with token 'EG4zVN4VTgpEA2HwKbuUjW5cYqHCU9qxJL4JkaY7W0o'
::ffff:18.184.172.105 - - "GET /.well-known/acme-challenge/EG4zVN4VTgpEA2HwKbuUjW5cYqHCU9qxJL4JkaY7W0o HTTP/1.1" 200 -
::ffff:23.178.112.106 - - Incoming request
::ffff:23.178.112.106 - - Serving HTTP01 with token 'x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M'
::ffff:23.178.112.106 - - "GET /.well-known/acme-challenge/x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M HTTP/1.1" 200 -
::ffff:13.58.27.123 - - Incoming request
::ffff:13.58.27.123 - - Serving HTTP01 with token 'EG4zVN4VTgpEA2HwKbuUjW5cYqHCU9qxJL4JkaY7W0o'
::ffff:13.58.27.123 - - "GET /.well-known/acme-challenge/EG4zVN4VTgpEA2HwKbuUjW5cYqHCU9qxJL4JkaY7W0o HTTP/1.1" 200 -
::ffff:23.178.112.107 - - Incoming request
::ffff:23.178.112.107 - - Serving HTTP01 with token 'EG4zVN4VTgpEA2HwKbuUjW5cYqHCU9qxJL4JkaY7W0o'
::ffff:23.178.112.107 - - "GET /.well-known/acme-challenge/EG4zVN4VTgpEA2HwKbuUjW5cYqHCU9qxJL4JkaY7W0o HTTP/1.1" 200 -
JWS payload:
b''
Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3074881454:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82MTUzNzQ3NCIsICJub25jZSI6ICIwMDAyUXJVR3FHWFhRYmZYYnVrWjFqTkxRa2xMTjZzZFptd2s2OWszaDlwRjAzayIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zMDc0ODgxNDU0In0",
  "signature": "jkIgcaV7wpx797K3RmnahQUuJpwmxykgWolXJZrYjtbG7wci9E47jRk36Hyo38UUg8nB6oZAF6zSnvgCGru1332soZS14uu8qTNC_FKms1LcrjzLt-_7o34aq6f30hMGpXQbBb111fPKvI4rRLsqnnlIM6rnXC40xcJoCgvYDY1ihYIxEa3nk6_vYf7LTHyjcSmfeP8h1UbweqxMZj4wmPb6Pn2IeuMTrbIuJ4K8rszB_BUyY3h_mi1RfVxQJ37YcjISpOipl23j-kafWa4J9t149muOIT63x3BReqwOL4S_X3BbvdwHZstComoi3rHGmVgYXeFZc7D6an1suCDidA",
  "payload": ""
}
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/3074881454 HTTP/1.1" 200 809
Received response:
HTTP 200
Server: nginx
Date: Wed, 20 Jul 2022 19:52:59 GMT
Content-Type: application/json
Content-Length: 809
Connection: keep-alive
Boulder-Requester: 61537474
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 00014MK8i4AvzuINloj53Lhhq8R9iORsYIaS7iu8iPDL5EQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "[redacted]"
  },
  "status": "pending",
  "expires": "2022-07-27T19:52:53Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881454/3lWAVw",
      "token": "x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881454/5vPHow",
      "token": "x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881454/hOnHQw",
      "token": "x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M"
    }
  ]
}
Storing nonce: 00014MK8i4AvzuINloj53Lhhq8R9iORsYIaS7iu8iPDL5EQ
JWS payload:
b''
Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3074881464:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82MTUzNzQ3NCIsICJub25jZSI6ICIwMDAxNE1LOGk0QXZ6dUlObG9qNTNMaGhxOFI5aU9Sc1lJYVM3aXU4aVBETDVFUSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zMDc0ODgxNDY0In0",
  "signature": "Ue_j8oye_f-7HOs5_xvgaKSPKS6TeeoFgqhvV9t0v0agTscyoAcpEhfmjCqhn7L-m_PGBqZZKGPiUXzSUzVfi4aRQkan0XVOQ8JPgUJrj997P0rrEDVRR83mrlEtHAqkYuY5qIDqEfHDtzhokCZ85ITS9vrY1Wz-p30PTtbT2gOxq6fnTQEY5dZC9eDliPPebvgRLn8wlFfXJfqS2BcqNqj8vk6vo8p3tlZv4rZgEXnT1ZlgrNIvnYYmr48yuGGN8p3vwqP6O8DIxOENwKaYpDjDnMh7fZZq3Ol45VBI8HDWhnBUFKipNd7JsNiq6WgDgs13OopqQY63SavrwnAS7w",
  "payload": ""
}
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/3074881464 HTTP/1.1" 200 756
Received response:
HTTP 200
Server: nginx
Date: Wed, 20 Jul 2022 19:52:59 GMT
Content-Type: application/json
Content-Length: 756
Connection: keep-alive
Boulder-Requester: 61537474
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002xEvZtxAGj6rwqc8oKvMmXdjM3CnqqRHntuSU_gqnhjA
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "www.[redacted]"
  },
  "status": "valid",
  "expires": "2022-08-19T19:52:58Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "valid",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881464/7ZshQg",
      "token": "EG4zVN4VTgpEA2HwKbuUjW5cYqHCU9qxJL4JkaY7W0o",
      "validationRecord": [
        {
          "url": "http://www.[redacted]/.well-known/acme-challenge/EG4zVN4VTgpEA2HwKbuUjW5cYqHCU9qxJL4JkaY7W0o",
          "hostname": "www.[redacted]",
          "port": "80",
          "addressesResolved": [
            "<my-ip-addres>"
          ],
          "addressUsed": "<my-ip-addres>"
        }
      ],
      "validated": "2022-07-20T19:52:58Z"
    }
  ]
}
Storing nonce: 0002xEvZtxAGj6rwqc8oKvMmXdjM3CnqqRHntuSU_gqnhjA
::ffff:216.244.66.231 - - Incoming request
::ffff:216.244.66.231 - - "GET /brands/%D9%85%D8%AA%DB%8C%D9%86-matin/ HTTP/1.1" 404 -
JWS payload:
b''
Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3074881454:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82MTUzNzQ3NCIsICJub25jZSI6ICIwMDAyeEV2WnR4QUdqNnJ3cWM4b0t2TW1YZGpNM0NucXFSSG50dVNVX2dxbmhqQSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zMDc0ODgxNDU0In0",
  "signature": "S06-rGMfe__y8jBCf3_DU645jkFmJNywfzRsTEDcPy6fCknFUo4GR1Wb2egY8YrEQZgto6nfEribdRB0dXmkIZoHs5dGCIaIP153K3K4uMdPSSuqT1ch4kgAL0H-FFd2WFkTdz9TlV1301jVOSh386O5xz3Gvcnc5CQkDcootxpnwmgudGuw7b3YRr4V-JN0HXlguZrdw6DgKGCzUFBgsnPHRhE85hphTZf75MtLZ9gBkKI3qr9XWIX3c1bvEFEzp5X2ylsmKI4c-3iecKSba2Zkgk2nVaGyGXEnuVs8R9LxnMSBJtWErYVjy2ticY5mu7p-GIacTzn6MEF_7u8Yvg",
  "payload": ""
}
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/3074881454 HTTP/1.1" 200 809
Received response:
HTTP 200
Server: nginx
Date: Wed, 20 Jul 2022 19:53:02 GMT
Content-Type: application/json
Content-Length: 809
Connection: keep-alive
Boulder-Requester: 61537474
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 00020zW3D6haH3dzfp-O4F3agy_J6JvlA2Svp6HDWnYzNtU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "[redacted]"
  },
  "status": "pending",
  "expires": "2022-07-27T19:52:53Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881454/3lWAVw",
      "token": "x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881454/5vPHow",
      "token": "x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881454/hOnHQw",
      "token": "x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M"
    }
  ]
}
Storing nonce: 00020zW3D6haH3dzfp-O4F3agy_J6JvlA2Svp6HDWnYzNtU
JWS payload:
b''
Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3074881454:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82MTUzNzQ3NCIsICJub25jZSI6ICIwMDAyMHpXM0Q2aGFIM2R6ZnAtTzRGM2FneV9KNkp2bEEyU3ZwNkhEV25Zek50VSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zMDc0ODgxNDU0In0",
  "signature": "x5moDf5JGnZyYpjLgrIvfy-Wo6oS1jzHlc7CuTh1XU5RWnJaPnQST_mDd5SHTcP9_iFA2VPFsKh1t9tS8_Og7iiwxIbbpsBsRR9m2Pq5kjQNODN5bOX3X8OOUDVS_Ba-uvkgztrb5Fv6c-_qmudD7obYouS4Rl-HB0gGmSsWVSevAgM4lPo8nI20nnIAXY63Evdu-tQZfiPeo0YJHVzN9Sf6HcFDlhPRjXnTQQ-BsbGnqNbsz24er5pyADWJ6jm-mSSfinvLsgNDVzwQcNnSxd-TYb7cRnuBRr8f8qRueRPm2Ep_dICk2qw8-O8QrZGXAkjVYFW4duy7Jpcr82WU4w",
  "payload": ""
}
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/3074881454 HTTP/1.1" 200 809
Received response:
HTTP 200
Server: nginx
Date: Wed, 20 Jul 2022 19:53:06 GMT
Content-Type: application/json
Content-Length: 809
Connection: keep-alive
Boulder-Requester: 61537474
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002uDsFEOXAggrHtIrqCnAE9mtzuhndIOWuZ7aFT8swdVY
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "[redacted]"
  },
  "status": "pending",
  "expires": "2022-07-27T19:52:53Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881454/3lWAVw",
      "token": "x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881454/5vPHow",
      "token": "x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881454/hOnHQw",
      "token": "x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M"
    }
  ]
}
Storing nonce: 0002uDsFEOXAggrHtIrqCnAE9mtzuhndIOWuZ7aFT8swdVY
::ffff:18.184.172.105 - - Incoming request
::ffff:18.184.172.105 - - Serving HTTP01 with token 'x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M'
::ffff:18.184.172.105 - - "GET /.well-known/acme-challenge/x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M HTTP/1.1" 200 -
::ffff:13.58.27.123 - - Incoming request
::ffff:13.58.27.123 - - Serving HTTP01 with token 'x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M'
::ffff:13.58.27.123 - - "GET /.well-known/acme-challenge/x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M HTTP/1.1" 200 -
::ffff:34.217.210.191 - - Incoming request
::ffff:34.217.210.191 - - Serving HTTP01 with token 'x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M'
::ffff:34.217.210.191 - - "GET /.well-known/acme-challenge/x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M HTTP/1.1" 200 -
JWS payload:
b''
Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3074881454:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82MTUzNzQ3NCIsICJub25jZSI6ICIwMDAydURzRkVPWEFnZ3JIdElycUNuQUU5bXR6dWhuZElPV3VaN2FGVDhzd2RWWSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zMDc0ODgxNDU0In0",
  "signature": "Mqosg5wf59oqYmA_mh8PINncdM91_nQc5TRHoSVyG8x9Nc53wW_rUf9eezJQVWap4hJDBThGkcDjelZZuFkqvl4J8bEGdk1DbYg4-dVB0MFo7JRIXknMU_x77KtzdyFfhl-K4rk4J45wOYEtoYwxVwVkbJFZE97hdcTYw1m0jASLq_A_nslCsMq-PH8KQIwJcvk1GcWLZ7NmLiwLjRWIR9F6-OwWVpgoeuujY1_kqf5zFPbIuKR1lE-dOrGOc3tE4LuYx5qyX1Fm6keKArY0FUGgmyZjG4mm-ZlCRG3bFqnQq4CVKibgfoEqakEdIZLvHmhD-kzFxjIAsZKO_ppDWg",
  "payload": ""
}
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/3074881454 HTTP/1.1" 200 744
Received response:
HTTP 200
Server: nginx
Date: Wed, 20 Jul 2022 19:53:09 GMT
Content-Type: application/json
Content-Length: 744
Connection: keep-alive
Boulder-Requester: 61537474
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002Ck8Z3dnrpPhPZdv3C_Mti8hWgObtgRPw3HwGIm70u10
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "[redacted]"
  },
  "status": "valid",
  "expires": "2022-08-19T19:53:08Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "valid",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3074881454/3lWAVw",
      "token": "x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M",
      "validationRecord": [
        {
          "url": "http://[redacted]/.well-known/acme-challenge/x0oFGTXSCzuIFBYfqcoJ_bzpdEMwQ39vp2DzLP3kT7M",
          "hostname": "[redacted]",
          "port": "80",
          "addressesResolved": [
            "<my-ip-addres>"
          ],
          "addressUsed": "<my-ip-addres>"
        }
      ],
      "validated": "2022-07-20T19:52:57Z"
    }
  ]
}
Storing nonce: 0002Ck8Z3dnrpPhPZdv3C_Mti8hWgObtgRPw3HwGIm70u10
Calling registered functions
Cleaning up challenges
Stopping server at :::80...
CSR: CSR(file=None, data=b'-----BEGIN CERTIFICATE REQUEST-----\nMIICdzCCAV8CAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJmv\nUR53g7RXYAYq01VRLRQbSJI1EWqW59f+9iKRZE9QgCgM2dxAu1bn+RdzTl1UOJRV\n0fchWAoKdyMTKdFtF8w8xwWctbD64rnPmLi5ZecBwdX+gs6r0967El9b5v/bTJwh\nKSTg2gzpt0AEowzz+x0LxZlDciXktv9OLo7r7OBODvW11t9W0pKMHpnwFs9hEbxQ\nossa637daxuJpGGr+5l2BHUN7kCrLjrupOSp1jy0SVEw7LQZTRtazv/h3jUufEKQ\nhbyWekBOItvZdGAeD0/TH7I9LshPj4huJr7WGg7vLBh7KLetB7+IuA+j0pE39Q63\nHqk8WKMbmkXGoBroUX0CAwEAAaAyMDAGCSqGSIb3DQEJDjEjMCEwHwYDVR0RBBgw\nFoILd3d3LjM3MTAuaXKCBzM3MTAuaXIwDQYJKoZIhvcNAQELBQADggEBAGNAZ3gl\nvLwpwNUJkSH69Qu0HSb8zs6okh3HhYhAbGMS0sN/ka2S6ui6SM4w/6s7ioQnNi+8\n7J4tuB4fVdmfUR1rq4GNJiLWbzED4JkPChzWMcFuglm7FH7oUSXVHgkk7GaSJ+k+\nZxv64xbMGqfkOauBuamso4gmPEJO6fahPVTSmazQ58C1F98swAlXh6AsJf+YKZU5\nPBCJXEulONnOgorEd5BH1ImYG2xYRcqEpeBgnxtH9tfnnwN2Gfaz7oLf49GD4A2+\ntADO/Vw79fcd+QmT3vcp3bnY4hWnNn1D/9LsmR0ZDMpHbBbFK6oqI3Z3PLu2clQZ\noHJfOHquaBquQ58=\n-----END CERTIFICATE REQUEST-----\n', form='pem')
JWS payload:
b'{\n  "resource": "new-cert",\n  "csr": "MIICdzCCAV8CAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJmvUR53g7RXYAYq01VRLRQbSJI1EWqW59f-9iKRZE9QgCgM2dxAu1bn-RdzTl1UOJRV0fchWAoKdyMTKdFtF8w8xwWctbD64rnPmLi5ZecBwdX-gs6r0967El9b5v_bTJwhKSTg2gzpt0AEowzz-x0LxZlDciXktv9OLo7r7OBODvW11t9W0pKMHpnwFs9hEbxQossa637daxuJpGGr-5l2BHUN7kCrLjrupOSp1jy0SVEw7LQZTRtazv_h3jUufEKQhbyWekBOItvZdGAeD0_TH7I9LshPj4huJr7WGg7vLBh7KLetB7-IuA-j0pE39Q63Hqk8WKMbmkXGoBroUX0CAwEAAaAyMDAGCSqGSIb3DQEJDjEjMCEwHwYDVR0RBBgwFoILd3d3LjM3MTAuaXKCBzM3MTAuaXIwDQYJKoZIhvcNAQELBQADggEBAGNAZ3glvLwpwNUJkSH69Qu0HSb8zs6okh3HhYhAbGMS0sN_ka2S6ui6SM4w_6s7ioQnNi-87J4tuB4fVdmfUR1rq4GNJiLWbzED4JkPChzWMcFuglm7FH7oUSXVHgkk7GaSJ-k-Zxv64xbMGqfkOauBuamso4gmPEJO6fahPVTSmazQ58C1F98swAlXh6AsJf-YKZU5PBCJXEulONnOgorEd5BH1ImYG2xYRcqEpeBgnxtH9tfnnwN2Gfaz7oLf49GD4A2-tADO_Vw79fcd-QmT3vcp3bnY4hWnNn1D_9LsmR0ZDMpHbBbFK6oqI3Z3PLu2clQZoHJfOHquaBquQ58"\n}'
Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/finalize/61537474/3282049364:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82MTUzNzQ3NCIsICJub25jZSI6ICIwMDAyQ2s4WjNkbnJwUGhQWmR2M0NfTXRpOGhXZ09idGdSUHczSHdHSW03MHUxMCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9maW5hbGl6ZS82MTUzNzQ3NC8zMjgyMDQ5MzY0In0",
  "signature": "TVtZDCwEuLZfhT7vLqGqa7SKOSUCCjSp7CgSOzll6ngIEDWB6g1rcwuZkZznhmj1JZBMIKhSBSGX_eeEDckjOCSH6CpEEZ6QNB9dfFcd5MJMFgLbryQS8aJr1aEUzNCJB-WKMypa9cGhkI2p1uyfjro0Kk6i8qTtjYrQiF0prXTbEIiPEUo_2dGSkyJS8l_bJ46enkhWm4NevpbDgSdEYz0WbhYX1IXqNedvsCJISrZ6ACQjE6FDpU6dnRtU_agL6oOIyDJT1bsIkOwl67T2L_ZxEeHHZJIGBITXBWbSWEPcYlUG-ZjvJgwX7eUx_xT-jKfdv6GElWtKNo0iCwH3ww",
  "payload": "ewogICJyZXNvdXJjZSI6ICJuZXctY2VydCIsCiAgImNzciI6ICJNSUlDZHpDQ0FWOENBUUl3QURDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBSm12VVI1M2c3UlhZQVlxMDFWUkxSUWJTSkkxRVdxVzU5Zi05aUtSWkU5UWdDZ00yZHhBdTFibi1SZHpUbDFVT0pSVjBmY2hXQW9LZHlNVEtkRnRGOHc4eHdXY3RiRDY0cm5QbUxpNVplY0J3ZFgtZ3M2cjA5NjdFbDliNXZfYlRKd2hLU1RnMmd6cHQwQUVvd3p6LXgwTHhabERjaVhrdHY5T0xvN3I3T0JPRHZXMTF0OVcwcEtNSHBud0ZzOWhFYnhRb3NzYTYzN2RheHVKcEdHci01bDJCSFVON2tDckxqcnVwT1NwMWp5MFNWRXc3TFFaVFJ0YXp2X2gzalV1ZkVLUWhieVdla0JPSXR2WmRHQWVEMF9USDdJOUxzaFBqNGh1SnI3V0dnN3ZMQmg3S0xldEI3LUl1QS1qMHBFMzlRNjNIcWs4V0tNYm1rWEdvQnJvVVgwQ0F3RUFBYUF5TURBR0NTcUdTSWIzRFFFSkRqRWpNQ0V3SHdZRFZSMFJCQmd3Rm9JTGQzZDNMak0zTVRBdWFYS0NCek0zTVRBdWFYSXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBR05BWjNnbHZMd3B3TlVKa1NINjlRdTBIU2I4enM2b2toM0hoWWhBYkdNUzBzTl9rYTJTNnVpNlNNNHdfNnM3aW9Rbk5pLTg3SjR0dUI0ZlZkbWZVUjFycTRHTkppTFdiekVENEprUENoeldNY0Z1Z2xtN0ZIN29VU1hWSGdrazdHYVNKLWstWnh2NjR4Yk1HcWZrT2F1QnVhbXNvNGdtUEVKTzZmYWhQVlRTbWF6UTU4QzFGOThzd0FsWGg2QXNKZi1ZS1pVNVBCQ0pYRXVsT05uT2dvckVkNUJIMUltWUcyeFlSY3FFcGVCZ254dEg5dGZubndOMkdmYXo3b0xmNDlHRDRBMi10QURPX1Z3NzlmY2QtUW1UM3ZjcDNiblk0aFduTm4xRF85THNtUjBaRE1wSGJCYkZLNm9xSTNaM1BMdTJjbFFab0hKZk9IcXVhQnF1UTU4Igp9"
}
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/finalize/61537474/3282049364 HTTP/1.1" 200 593
Received response:
HTTP 200
Server: nginx
Date: Wed, 20 Jul 2022 19:53:10 GMT
Content-Type: application/json
Content-Length: 593
Connection: keep-alive
Boulder-Requester: 61537474
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/61537474/3282049364
Replay-Nonce: 0001OJLriogqEPpdnzHwjtvtDCJC-bBf0_J37OLEtcWjozg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "valid",
  "expires": "2022-07-27T19:52:53Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "[redacted]"
    },
    {
      "type": "dns",
      "value": "www.[redacted]"
    }
  ],
  "authorizations": [
    "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3074881454",
    "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3074881464"
  ],
  "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/61537474/3282049364",
  "certificate": "https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa4b8bdb04e180b5166c8c6e721490f39621"
}
Storing nonce: 0001OJLriogqEPpdnzHwjtvtDCJC-bBf0_J37OLEtcWjozg
JWS payload:
b''
Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/order/61537474/3282049364:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82MTUzNzQ3NCIsICJub25jZSI6ICIwMDAxT0pMcmlvZ3FFUHBkbnpId2p0dnREQ0pDLWJCZjBfSjM3T0xFdGNXam96ZyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9vcmRlci82MTUzNzQ3NC8zMjgyMDQ5MzY0In0",
  "signature": "bsnSMyBJ2ma9Wsrf6spUHdLU4VAVpdyf194kbiSzY_fcl8-kGiJupUSzwnFZ0jzabqMRgpnqkt_uAg840NBacVHIEcM2XqkwDkrGyeZLwKNzP2Zfoa1IjeBkJEJFZATJcJi2DC92AJZF0eiw0y4pBN6x_Pp4Akvq8ia3n7Rog77GcJsWoPAogdDufRL2zZ5VeHqI4b2y1crMoG6iWngG_0ofiGnmL9MSyWPzlEDXx_t5jgOQhmQxNe-VnH5BK6u4uEWJE_BUnEy3o1M14WMXiRhNEZCz6KT6ZBGgRjR6WYvkqs9dDf_bJ2Ks56WZwjR3Z3yZl92GmXtwQ5YIRvnk2g",
  "payload": ""
}
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/order/61537474/3282049364 HTTP/1.1" 200 593
Received response:
HTTP 200
Server: nginx
Date: Wed, 20 Jul 2022 19:53:11 GMT
Content-Type: application/json
Content-Length: 593
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002BZYeXD5dFRwxL49DLpwNsb1SWxtixiIukzZbZcS1-gI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "valid",
  "expires": "2022-07-27T19:52:53Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "[redacted]"
    },
    {
      "type": "dns",
      "value": "www.[redacted]"
    }
  ],
  "authorizations": [
    "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3074881454",
    "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3074881464"
  ],
  "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/61537474/3282049364",
  "certificate": "https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa4b8bdb04e180b5166c8c6e721490f39621"
}
Storing nonce: 0002BZYeXD5dFRwxL49DLpwNsb1SWxtixiIukzZbZcS1-gI
JWS payload:
b''
Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa4b8bdb04e180b5166c8c6e721490f39621:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82MTUzNzQ3NCIsICJub25jZSI6ICIwMDAyQlpZZVhENWRGUnd4TDQ5RExwd05zYjFTV3h0aXhpSXVrelpiWmNTMS1nSSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jZXJ0L2ZhNGI4YmRiMDRlMTgwYjUxNjZjOGM2ZTcyMTQ5MGYzOTYyMSJ9",
  "signature": "yawyF0Nkrw8wIzTzzFnGIEFCl-OzCVjP1JGC4NR4un8nIspGqcmlQXEekQYtYFQ5ZiNQG2Md2UqeqA_CXB-WoaOnHrvyoGvkDjdClS6mgcFPnkdi8ouYimQu1oNeYfsgVViVtZx8z5-hnEoRIDMYrEWGKmCYeybYlvCuHEQaFaX7uIvNRhdzc12SRg6ouGRcI0yPlZ_wQ1iaA4yVYx3L4fyOUOOgwKtNt1Z9R2zG1snmQFtPd-xTuZJf3JIs5PdKIFtblHzZK13lJu_VuI_RJEqItuB_Jqk2IQvQH8D9tfHqKYePpfvg79A_MixzGl1xOny4jR5diAxsb6zsz20XJw",
  "payload": ""
}
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/cert/fa4b8bdb04e180b5166c8c6e721490f39621 HTTP/1.1" 200 5739
Received response:
HTTP 200
Server: nginx
Date: Wed, 20 Jul 2022 19:53:11 GMT
Content-Type: application/pem-certificate-chain
Content-Length: 5739
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa4b8bdb04e180b5166c8c6e721490f39621/1>;rel="alternate"
Replay-Nonce: 00018eJ_XJxKAYLWc-QriOZmgAJvFBXO7pedORE08Lz1ikE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgITAPpLi9sE4YC1FmyMbnIUkPOWITANBgkqhkiG9w0BAQsF
ADBZMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXKFNUQUdJTkcpIExldCdzIEVuY3J5
cHQxKDAmBgNVBAMTHyhTVEFHSU5HKSBBcnRpZmljaWFsIEFwcmljb3QgUjMwHhcN
MjIwNzIwMTg1MzA5WhcNMjIxMDE4MTg1MzA4WjAWMRQwEgYDVQQDEwt3d3cuMzcx
MC5pcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJmvUR53g7RXYAYq
01VRLRQbSJI1EWqW59f+9iKRZE9QgCgM2dxAu1bn+RdzTl1UOJRV0fchWAoKdyMT
KdFtF8w8xwWctbD64rnPmLi5ZecBwdX+gs6r0967El9b5v/bTJwhKSTg2gzpt0AE
owzz+x0LxZlDciXktv9OLo7r7OBODvW11t9W0pKMHpnwFs9hEbxQossa637daxuJ
pGGr+5l2BHUN7kCrLjrupOSp1jy0SVEw7LQZTRtazv/h3jUufEKQhbyWekBOItvZ
dGAeD0/TH7I9LshPj4huJr7WGg7vLBh7KLetB7+IuA+j0pE39Q63Hqk8WKMbmkXG
oBroUX0CAwEAAaOCAlgwggJUMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUITeeFQCc
19vxkfBEhEYg2tmziuowHwYDVR0jBBgwFoAU3nJ6SN8xw6ZQ35+FI99XN0tdLmUw
XQYIKwYBBQUHAQEEUTBPMCUGCCsGAQUFBzABhhlodHRwOi8vc3RnLXIzLm8ubGVu
Y3Iub3JnMCYGCCsGAQUFBzAChhpodHRwOi8vc3RnLXIzLmkubGVuY3Iub3JnLzAf
BgNVHREEGDAWggczNzEwLmlyggt3d3cuMzcxMC5pcjBMBgNVHSAERTBDMAgGBmeB
DAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxl
dHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2ALDMg+Wl+X1r
r3wJzChJBIcqx+iLEyxjULfG/SbhbGx3AAABgh0r3DgAAAQDAEcwRQIgQKs+7DOv
9cXkEIwId6tVJ+cDt4kPqFPP0pExC2x5f90CIQDe3LRfkrQIVCF9J4oqqmwCRsFL
KAOdUtkc8/TlAfpKgQB3AN2ZNPyl5ySAyVZofYE0mQhJskn3tWnYx7yrP1zB825k
AAABgh0r3jIAAAQDAEgwRgIhAMoX1zY70Gplsto4NCHGoChZow8duxqUsyahLKQT
3Pi4AiEA3K7CBbzubkwjmDu232tMl3YmgPLJbcI7u8DGWe8uRDowDQYJKoZIhvcN
AQELBQADggEBAK4ghCRV2r5Kk8Ki8y27Sii598dhjpP99HQ0kCGF3r/TiGSHmc9O
6Pl3NTYu8oPn9lhHHVkuYvHZON+RR8B78qU2E9EwwMI2AXCCIofcCyVveu35450g
aI2RGzSdkUWCDauqwXY66iU/ulyDInWb/sa97+Tn/zPoOZNuxcOtsDOZS8Az8IEH
ADXHpNtvk50rZsJAqmlh0gMAQAtxFSBLmyuLMsPeWTc4a09A52+cw9ULFzMs2AFC
j5kNzqGQAOJJojbJnOnQ08c3OrK4G0dpRO0osdve3F2WTDnCbWmpDTxvDkxMH1J2
DpTA/3jaum9E77Pab8OFHmntQNxxGDmtqdc=
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
MIIFWzCCA0OgAwIBAgIQTfQrldHumzpMLrM7jRBd1jANBgkqhkiG9w0BAQsFADBm
MQswCQYDVQQGEwJVUzEzMDEGA1UEChMqKFNUQUdJTkcpIEludGVybmV0IFNlY3Vy
aXR5IFJlc2VhcmNoIEdyb3VwMSIwIAYDVQQDExkoU1RBR0lORykgUHJldGVuZCBQ
ZWFyIFgxMB4XDTIwMDkwNDAwMDAwMFoXDTI1MDkxNTE2MDAwMFowWTELMAkGA1UE
BhMCVVMxIDAeBgNVBAoTFyhTVEFHSU5HKSBMZXQncyBFbmNyeXB0MSgwJgYDVQQD
Ex8oU1RBR0lORykgQXJ0aWZpY2lhbCBBcHJpY290IFIzMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAu6TR8+74b46mOE1FUwBrvxzEYLck3iasmKrcQkb+
gy/z9Jy7QNIAl0B9pVKp4YU76JwxF5DOZZhi7vK7SbCkK6FbHlyU5BiDYIxbbfvO
L/jVGqdsSjNaJQTg3C3XrJja/HA4WCFEMVoT2wDZm8ABC1N+IQe7Q6FEqc8NwmTS
nmmRQm4TQvr06DP+zgFK/MNubxWWDSbSKKTH5im5j2fZfg+j/tM1bGaczFWw8/lS
nukyn5J2L+NJYnclzkXoh9nMFnyPmVbfyDPOc4Y25aTzVoeBKXa/cZ5MM+WddjdL
biWvm19f1sYn1aRaAIrkppv7kkn83vcth8XCG39qC2ZvaQIDAQABo4IBEDCCAQww
DgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAS
BgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBTecnpI3zHDplDfn4Uj31c3S10u
ZTAfBgNVHSMEGDAWgBS182Xy/rAKkh/7PH3zRKCsYyXDFDA2BggrBgEFBQcBAQQq
MCgwJgYIKwYBBQUHMAKGGmh0dHA6Ly9zdGcteDEuaS5sZW5jci5vcmcvMCsGA1Ud
HwQkMCIwIKAeoByGGmh0dHA6Ly9zdGcteDEuYy5sZW5jci5vcmcvMCIGA1UdIAQb
MBkwCAYGZ4EMAQIBMA0GCysGAQQBgt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCN
DLam9yN0EFxxn/3p+ruWO6n/9goCAM5PT6cC6fkjMs4uas6UGXJjr5j7PoTQf3C1
vuxiIGRJC6qxV7yc6U0X+w0Mj85sHI5DnQVWN5+D1er7mp13JJA0xbAbHa3Rlczn
y2Q82XKui8WHuWra0gb2KLpfboYj1Ghgkhr3gau83pC/WQ8HfkwcvSwhIYqTqxoZ
Uq8HIf3M82qS9aKOZE0CEmSyR1zZqQxJUT7emOUapkUN9poJ9zGc+FgRZvdro0XB
yphWXDaqMYph0DxW/10ig5j4xmmNDjCRmqIKsKoWA52wBTKKXK1na2ty/lW5dhtA
xkz5rVZFd4sgS4J0O+zm6d5GRkWsNJ4knotGXl8vtS3X40KXeb3A5+/3p0qaD215
Xq8oSNORfB2oI1kQuyEAJ5xvPTdfwRlyRG3lFYodrRg6poUBD/8fNTXMtzydpRgy
zUQZh/18F6B/iW6cbiRN9r2Hkh05Om+q0/6w0DdZe+8YrNpfhSObr/1eVZbKGMIY
qKmyZbBNu5ysENIK5MPc14mUeKmFjpN840VR5zunoU52lqpLDua/qIM8idk86xGW
xx2ml43DO/Ya/tVZVok0mO0TUjzJIfPqyvr455IsIut4RlCR9Iq0EDTve2/ZwCuG
hSjpTUFGSiQrR2JK2Evp+o6AETUkBCO1aw0PpQBPDQ==
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIRAO1dW8lt+99NPs1qSY3Rs8cwDQYJKoZIhvcNAQELBQAw
cTELMAkGA1UEBhMCVVMxMzAxBgNVBAoTKihTVEFHSU5HKSBJbnRlcm5ldCBTZWN1
cml0eSBSZXNlYXJjaCBHcm91cDEtMCsGA1UEAxMkKFNUQUdJTkcpIERvY3RvcmVk
IER1cmlhbiBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQw
M1owZjELMAkGA1UEBhMCVVMxMzAxBgNVBAoTKihTVEFHSU5HKSBJbnRlcm5ldCBT
ZWN1cml0eSBSZXNlYXJjaCBHcm91cDEiMCAGA1UEAxMZKFNUQUdJTkcpIFByZXRl
bmQgUGVhciBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALbagEdD
Ta1QgGBWSYkyMhscZXENOBaVRTMX1hceJENgsL0Ma49D3MilI4KS38mtkmdF6cPW
nL++fgehT0FbRHZgjOEr8UAN4jH6omjrbTD++VZneTsMVaGamQmDdFl5g1gYaigk
kmx8OiCO68a4QXg4wSyn6iDipKP8utsE+x1E28SA75HOYqpdrk4HGxuULvlr03wZ
GTIf/oRt2/c+dYmDoaJhge+GOrLAEQByO7+8+vzOwpNAPEx6LW+crEEZ7eBXih6V
P19sTGy3yfqK5tPtTdXXCOQMKAp+gCj/VByhmIr+0iNDC540gtvV303WpcbwnkkL
YC0Ft2cYUyHtkstOfRcRO+K2cZozoSwVPyB8/J9RpcRK3jgnX9lujfwA/pAbP0J2
UPQFxmWFRQnFjaq6rkqbNEBgLy+kFL1NEsRbvFbKrRi5bYy2lNms2NJPZvdNQbT/
2dBZKmJqxHkxCuOQFjhJQNeO+Njm1Z1iATS/3rts2yZlqXKsxQUzN6vNbD8KnXRM
EeOXUYvbV4lqfCf8mS14WEbSiMy87GB5S9ucSV1XUrlTG5UGcMSZOBcEUpisRPEm
QWUOTWIoDQ5FOia/GI+Ki523r2ruEmbmG37EBSBXdxIdndqrjy+QVAmCebyDx9eV
EGOIpn26bW5LKerumJxa/CFBaKi4bRvmdJRLAgMBAAGjgfEwge4wDgYDVR0PAQH/
BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLXzZfL+sAqSH/s8ffNE
oKxjJcMUMB8GA1UdIwQYMBaAFAhX2onHolN5DE/d4JCPdLriJ3NEMDgGCCsGAQUF
BwEBBCwwKjAoBggrBgEFBQcwAoYcaHR0cDovL3N0Zy1kc3QzLmkubGVuY3Iub3Jn
LzAtBgNVHR8EJjAkMCKgIKAehhxodHRwOi8vc3RnLWRzdDMuYy5sZW5jci5vcmcv
MCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQBgt8TAQEBMA0GCSqGSIb3DQEB
CwUAA4IBAQB7tR8B0eIQSS6MhP5kuvGth+dN02DsIhr0yJtk2ehIcPIqSxRRmHGl
4u2c3QlvEpeRDp2w7eQdRTlI/WnNhY4JOofpMf2zwABgBWtAu0VooQcZZTpQruig
F/z6xYkBk3UHkjeqxzMN3d1EqGusxJoqgdTouZ5X5QTTIee9nQ3LEhWnRSXDx7Y0
ttR1BGfcdqHopO4IBqAhbkKRjF5zj7OD8cG35omywUbZtOJnftiI0nFcRaxbXo0v
oDfLD0S6+AC2R3tKpqjkNX6/91hrRFglUakyMcZU/xleqbv6+Lr3YD8PsBTub6lI
oZ2lS38fL18Aon458fbc0BPHtenfhKj5
-----END CERTIFICATE-----

Storing nonce: 00018eJ_XJxKAYLWc-QriOZmgAJvFBXO7pedORE08Lz1ikE
Dry run: skipping updating lineage at /etc/letsencrypt/live/www.[redacted]
Reporting to user: The dry run was successful.

IMPORTANT NOTES:
 - The dry run was successful.
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.

MikeMcQ · July 20, 2022, 8:02pm

Yes, I think it is okay. One cert file can have many domain names in it. I see you just got a cert with both names in it so that is probably the one you see.

If you go here you will see you only got 1 new cert today and it has both names in it.

The standalone test with dry-run also worked. But, that just proves it can work. Dry-run just does a full test. We don't need to run it again because you got your cert.

raha · July 20, 2022, 8:06pm

Thank you very much
I don't know how to tank you for helping and solving this issue
I know that it wasent me , was you , 2days and finaly we did it ,
Thanks a loot

Now there is new challange , I don't know how to use theme in my server becuse the cyberpanel automaicly use and add the ssl not manually ...