The supported validation types are: http-01 , but you specified: dns-01

Hello,
can you help me with this error please? Before was all OK. This is request for wildcard cert. Before it was wihout wildcard.

[Sun Jan 26 16:10:06 CET 2020] Error, can not get domain token entry XXX.com
[Sun Jan 26 16:10:06 CET 2020] The supported validation types are: http-01 , but you specified: dns-01 [Sun Jan 26 16:10:06 CET 2020] Please add ‘–debug’ or ‘–log’ to check more details.
[Sun Jan 26 16:10:06 CET 2020] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh

Thank you
Pavel

Hi @raj

your complete command is required.

That's too.

[root@ ~]# /root/.acme.sh/acme.sh -r -d domain.cz --force --debug 2
[Wed Jan 22 22:41:51 CET 2020] Lets find script dir.
[Wed Jan 22 22:41:51 CET 2020] *SCRIPT* ='/root/.acme.sh/acme.sh'
[Wed Jan 22 22:41:51 CET 2020] _script='/root/.acme.sh/acme.sh'
[Wed Jan 22 22:41:51 CET 2020] _script_home='/root/.acme.sh'
[Wed Jan 22 22:41:51 CET 2020] Using default home:/root/.acme.sh
[Wed Jan 22 22:41:51 CET 2020] Using config home:/root/.acme.sh
[Wed Jan 22 22:41:51 CET 2020] LE_WORKING_DIR='/root/.acme.sh'
https://github.com/Neilpang/acme.sh
v2.8.1
[Wed Jan 22 22:41:51 CET 2020] Using config home:/root/.acme.sh
[Wed Jan 22 22:41:51 CET 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Wed Jan 22 22:41:51 CET 2020] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Wed Jan 22 22:41:51 CET 2020] DOMAIN_PATH='/root/.acme.sh/domain.cz'
[Wed Jan 22 22:41:51 CET 2020] Renew: 'domain.cz'
[Wed Jan 22 22:41:51 CET 2020] Le_API
[Wed Jan 22 22:41:51 CET 2020] _main_domain='domain.cz'
[Wed Jan 22 22:41:51 CET 2020] _alt_domains=' <em>.domain.cz'
[Wed Jan 22 22:41:51 CET 2020] 'dns_giga' does not contain 'dns'
[Wed Jan 22 22:41:51 CET 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Wed Jan 22 22:41:51 CET 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Wed Jan 22 22:41:51 CET 2020] GET
[Wed Jan 22 22:41:51 CET 2020] url='https://acme-v02.api.letsencrypt.org/directory'
[Wed Jan 22 22:41:51 CET 2020] timeout=
[Wed Jan 22 22:41:51 CET 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.caoXm2GacG -g '
[Wed Jan 22 22:41:52 CET 2020] ret='0'
[Wed Jan 22 22:41:52 CET 2020] response='{
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"oaSsWm45GiM": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}'
[Wed Jan 22 22:41:52 CET 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Wed Jan 22 22:41:52 CET 2020] ACME_NEW_AUTHZ
[Wed Jan 22 22:41:52 CET 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Wed Jan 22 22:41:52 CET 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Wed Jan 22 22:41:52 CET 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Wed Jan 22 22:41:52 CET 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Wed Jan 22 22:41:52 CET 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Wed Jan 22 22:41:52 CET 2020] ACME_VERSION='2'
[Wed Jan 22 22:41:52 CET 2020] Le_NextRenewTime='1584782674'
[Wed Jan 22 22:41:52 CET 2020] _on_before_issue
[Wed Jan 22 22:41:52 CET 2020] _chk_main_domain='domain.cz'
[Wed Jan 22 22:41:52 CET 2020] _chk_alt_domains='</em> .domain.cz'
[Wed Jan 22 22:41:52 CET 2020] 'dns_giga' does not contain 'no'
[Wed Jan 22 22:41:52 CET 2020] Le_LocalAddress
[Wed Jan 22 22:41:52 CET 2020] d='domain.cz'
[Wed Jan 22 22:41:52 CET 2020] Check for domain='domain.cz'
[Wed Jan 22 22:41:52 CET 2020] _currentRoot='dns_giga'
[Wed Jan 22 22:41:52 CET 2020] d=' <em>.domain.cz'
[Wed Jan 22 22:41:52 CET 2020] Check for domain='</em> .domain.cz'
[Wed Jan 22 22:41:52 CET 2020] _currentRoot='dns_giga'
[Wed Jan 22 22:41:52 CET 2020] d
[Wed Jan 22 22:41:52 CET 2020] 'dns_giga' does not contain 'apache'
[Wed Jan 22 22:41:52 CET 2020] _saved_account_key_hash=' <strong><strong><strong><em><em><em><em><em><em><em>+zOmRo0oM='
[Wed Jan 22 22:41:52 CET 2020] _saved_account_key_hash is not changed, skip register account.
[Wed Jan 22 22:41:52 CET 2020] Read key length:
[Wed Jan 22 22:41:52 CET 2020] _createcsr
[Wed Jan 22 22:41:52 CET 2020] domain='domain.cz'
[Wed Jan 22 22:41:52 CET 2020] domainlist='</em> .domain.cz'
[Wed Jan 22 22:41:52 CET 2020] csrkey='/root/.acme.sh/domain.cz/domain.cz.key'
[Wed Jan 22 22:41:52 CET 2020] csr='/root/.acme.sh/domain.cz/domain.cz.csr'
[Wed Jan 22 22:41:52 CET 2020] csrconf='/root/.acme.sh/domain.cz/domain.cz.csr.conf'
[Wed Jan 22 22:41:52 CET 2020] _is_idn_d='</em> .domain.cz'
[Wed Jan 22 22:41:52 CET 2020] _idn_temp
[Wed Jan 22 22:41:52 CET 2020] domainlist='</em> .domain.cz'
[Wed Jan 22 22:41:52 CET 2020] Multi domain='DNS:domain.cz,DNS:</em> .domain.cz'
[Wed Jan 22 22:41:52 CET 2020] _is_idn_d='domain.cz'
[Wed Jan 22 22:41:52 CET 2020] _idn_temp
[Wed Jan 22 22:41:52 CET 2020] _csr_cn='domain.cz'
[Wed Jan 22 22:41:52 CET 2020] Getting domain auth token for each domain
[Wed Jan 22 22:41:52 CET 2020] d='</em> .domain.cz'
[Wed Jan 22 22:41:52 CET 2020] d
[Wed Jan 22 22:41:52 CET 2020] _identifiers='{"type":"dns","value":"domain.cz"},{"type":"dns","value":"</em> .domain.cz"}'
[Wed Jan 22 22:41:52 CET 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Wed Jan 22 22:41:52 CET 2020] payload='{"identifiers": [{"type":"dns","value":"domain.cz"},{"type":"dns","value":"</em> .domain.cz"}]}'
[Wed Jan 22 22:41:52 CET 2020] RSA key
[Wed Jan 22 22:41:53 CET 2020] Get nonce with HEAD. ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Wed Jan 22 22:41:53 CET 2020] HEAD
[Wed Jan 22 22:41:53 CET 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Wed Jan 22 22:41:53 CET 2020] body
[Wed Jan 22 22:41:53 CET 2020] _postContentType='application/jose+json'
[Wed Jan 22 22:41:53 CET 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.O8rE9E3EkJ -g '
[Wed Jan 22 22:46:51 CET 2020] _ret='0'
[Wed Jan 22 22:46:51 CET 2020] _headers='HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Jan 2020 21:41:53 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: <em><strong><strong><strong>-k3aSr100
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
'
[Wed Jan 22 22:46:51 CET 2020] _CACHED_NONCE='</strong></strong></strong></em> -k3aSr100'
[Wed Jan 22 22:46:51 CET 2020] nonce=' <em><strong><strong><strong><strong><strong>-k3aSr100'
[Wed Jan 22 22:46:51 CET 2020] POST
[Wed Jan 22 22:46:51 CET 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Wed Jan 22 22:46:51 CET 2020] body='{"protected": "</strong></strong></strong></strong></strong></em> ***", "payload": "***</strong></strong></strong> ", "signature": " <em><strong><em>***-*** "}'
[Wed Jan 22 22:46:51 CET 2020] _postContentType='application/jose+json'
[Wed Jan 22 22:46:51 CET 2020] Http already initialized.
[Wed Jan 22 22:46:51 CET 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.O8rE9E3EkJ -g '
[Wed Jan 22 22:46:52 CET 2020] _ret='0'
[Wed Jan 22 22:46:52 CET 2020] responseHeaders='HTTP/1.1 201 Created
Server: nginx
Date: Wed, 22 Jan 2020 21:46:52 GMT
Content-Type: application/json
Content-Length: 463
Connection: keep-alive
Boulder-Requester: 55317865
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/**/**
Replay-Nonce: *****
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
'
[Wed Jan 22 22:46:52 CET 2020] code='201'
[Wed Jan 22 22:46:52 CET 2020] original='{
"status": "pending",
"expires": "2020-01-29T11:09:39Z",
"identifiers": [
{
"type": "dns",
"value": "</em> .domain.cz"
},
{
"type": "dns",
"value": "domain.cz"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/ <strong>",
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/</strong> "
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/</strong></em> <strong><strong><strong><strong><em><strong><strong><strong><strong><em>"
}'
[Wed Jan 22 22:46:52 CET 2020] response='{"status":"pending","expires":"2020-01-29T11:09:39Z","identifiers":[{"type":"dns","value":"</em> .domain.cz"},{"type":"dns","value":"domain.cz"}],"authorizations":["https://acme-v02.api.letsencrypt.org/acme/authz-v3/</strong></strong></strong></strong></em> ","https://acme-v02.api.letsencrypt.org/acme/authz-v3/</strong></strong></strong></strong> <em>"],"finalize":"[https://acme-v02.api.letsencrypt.org/acme/finalize/**/***"}](https://acme-v02.api.letsencrypt.org/acme/finalize/**/***%22%7D)'
[Wed Jan 22 22:46:52 CET 2020] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/</em> <strong><em><strong><strong>'
[Wed Jan 22 22:46:52 CET 2020] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/****/</strong></strong></em> '
[Wed Jan 22 22:46:52 CET 2020] _authorizations_seg='https://acme-v02.api.letsencrypt.org/acme/authz-v3/***,https://acme-v02.api.letsencrypt.org/acme/authz-v3/</strong> <em>'
[Wed Jan 22 22:46:52 CET 2020] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2413895279'
[Wed Jan 22 22:46:52 CET 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2413895279'
[Wed Jan 22 22:46:52 CET 2020] payload
[Wed Jan 22 22:46:52 CET 2020] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Wed Jan 22 22:46:52 CET 2020] Use _CACHED_NONCE='0001OBKG-tA5GymWPgsJ_YSBzOD8H3zziI3whIpbcUchhek'
[Wed Jan 22 22:46:52 CET 2020] nonce='0001OBKG-tA5GymWPgsJ_YSBzOD8H3zziI3whIpbcUchhek'
[Wed Jan 22 22:46:52 CET 2020] POST
[Wed Jan 22 22:46:52 CET 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/</em> <strong>'
[Wed Jan 22 22:46:52 CET 2020] body='{"protected": "</strong> <em><strong>"}'
[Wed Jan 22 22:46:52 CET 2020] _postContentType='application/jose+json'
[Wed Jan 22 22:46:52 CET 2020] Http already initialized.
[Wed Jan 22 22:46:52 CET 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.O8rE9E3EkJ -g '
[Wed Jan 22 22:46:53 CET 2020] _ret='0'
[Wed Jan 22 22:46:53 CET 2020] responseHeaders='HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Jan 2020 21:46:53 GMT
Content-Type: application/json
Content-Length: 696
Connection: keep-alive
Boulder-Requester: 55317865
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: ****
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
'
[Wed Jan 22 22:46:53 CET 2020] code='200'
[Wed Jan 22 22:46:53 CET 2020] original='{
"identifier": {
"type": "dns",
"value": "domain.cz"
},
"status": "valid",
"expires": "2020-02-21T09:24:26Z",
"challenges": [
{
"type": "http-01",
"status": "valid",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/2****",
"token": "</strong></em> ",
"validationRecord": [
{
"url": "http://domain.cz/.well-known/acme-challenge/ <strong><strong>",
"hostname": "domain.cz",
"port": "80",
"addressesResolved": [
"185.6</strong></strong> **"
],
"addressUsed": "185. <em><strong><em><strong>"
}
]
}
]
}'
[Wed Jan 22 22:46:53 CET 2020] response='{"identifier":{"type":"dns","value":"domain.cz"},"status":"valid","expires":"2020-02-21T09:24:26Z","challenges":[{"type":"http-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2413895279/y3CxHg","token":"</strong></em> ","validationRecord":[{"url":"http://domain.cz/.well-known/acme-challenge/</strong></em> ","hostname":"domain.cz","port":"80","addressesResolved":["185. *****"],"addressUsed":"185.***** "}]}]}'
[Wed Jan 22 22:46:53 CET 2020] response='{"identifier":{"type":"dns","value":"domain.cz"},"status":"valid","expires":"2020-02-21T09:24:26Z","challenges":[{"type":"http-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2413895279/y3CxHg","token":" <em>***","validationRecord":[{"url":"http://domain.cz/.well-known/acme-challenge/*** ","hostname":"domain.cz","port":"80","addressesResolved":["185. *****"],"addressUsed":"185.***** "}]}]}'
[Wed Jan 22 22:46:53 CET 2020] _d='domain.cz'
[Wed Jan 22 22:46:53 CET 2020] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2415049546'
[Wed Jan 22 22:46:53 CET 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2415049546'
[Wed Jan 22 22:46:53 CET 2020] payload
[Wed Jan 22 22:46:53 CET 2020] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Wed Jan 22 22:46:53 CET 2020] Use _CACHED_NONCE=' <strong>'
[Wed Jan 22 22:46:53 CET 2020] nonce='</strong> '
[Wed Jan 22 22:46:53 CET 2020] POST
[Wed Jan 22 22:46:53 CET 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2415049546'
[Wed Jan 22 22:46:53 CET 2020] body='{"protected": "</em> **", "payload": "", "signature": "** - <em><em>"}'
[Wed Jan 22 22:46:53 CET 2020] _postContentType='application/jose+json'
[Wed Jan 22 22:46:53 CET 2020] Http already initialized.
[Wed Jan 22 22:46:53 CET 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.O8rE9E3EkJ -g '
[Wed Jan 22 22:46:54 CET 2020] _ret='0'
[Wed Jan 22 22:46:54 CET 2020] responseHeaders='HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Jan 2020 21:46:54 GMT
Content-Type: application/json
Content-Length: 382
Connection: keep-alive
Boulder-Requester: 55317865
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: <em><strong><strong>P6v0sA2byDrU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
'
[Wed Jan 22 22:46:54 CET 2020] code='200'
[Wed Jan 22 22:46:54 CET 2020] original='{
"identifier": {
"type": "dns",
"value": "domain.cz"
},
"status": "pending",
"expires": "2020-01-29T11:09:39Z",
"challenges": [
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/2415049546/atPxgw",
"token": "</strong> -4vtgdrTctrkhOIkec"
}
],
"wildcard": true
}'
[Wed Jan 22 22:46:54 CET 2020] response='{"identifier":{"type":"dns","value":"domain.cz"},"status":"pending","expires":"2020-01-29T11:09:39Z","challenges":[{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/</strong> /atPxgw","token":"</em></em> -4vtgdrTctrkhOIkec"}],"wildcard": true}'
[Wed Jan 22 22:46:54 CET 2020] response='{"identifier":{"type":"dns","value":"domain.cz"},"status":"pending","expires":"2020-01-29T11:09:39Z","challenges":[{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/</em> */atPxgw","token":"* <em>-4vtgdrTctrkhOIkec"}],"wildcard": true}'
[Wed Jan 22 22:46:54 CET 2020] _d=' <em>.domain.cz'
[Wed Jan 22 22:46:54 CET 2020] _authorizations_map='</em> .domain.cz,{"identifier":{"type":"dns","value":"domain.cz"},"status":"pending","expires":"2020-01-29T11:09:39Z","challenges":[{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/</em> */atPxgw","token":"* <em>-4vtgdrTctrkhOIkec"}],"wildcard": true}
domain.cz,{"identifier":{"type":"dns","value":"domain.cz"},"status":"valid","expires":"2020-02-21T09:24:26Z","challenges":[{"type":"http-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/</em> */y3CxHg","token":"* *","validationRecord":[{"url":"http://domain.cz/.well-known/acme-challenge/* *","hostname":"domain.cz","port":"80","addressesResolved":["185.* ****"],"addressUsed":"185.**** <em>"}]}]}
'
[Wed Jan 22 22:46:54 CET 2020] d='domain.cz'
[Wed Jan 22 22:46:54 CET 2020] Getting webroot for domain='domain.cz'
[Wed Jan 22 22:46:54 CET 2020] _w='dns_giga'
[Wed Jan 22 22:46:54 CET 2020] _currentRoot='dns_giga'
[Wed Jan 22 22:46:54 CET 2020] response='{"identifier":{"type":"dns","value":"domain.cz"},"status":"valid","expires":"2020-02-21T09:24:26Z","challenges":[{"type":"http-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/</em> */y3CxHg","token":"* *","validationRecord":[{"url":"http://domain.cz/.well-known/acme-challenge/* *","hostname":"domain.cz","port":"80","addressesResolved":["185.* ****"],"addressUsed":"185.**** *"}]}]}'
[Wed Jan 22 22:46:54 CET 2020] entry
[Wed Jan 22 22:46:54 CET 2020] Error, can not get domain token entry domain.cz
[Wed Jan 22 22:46:54 CET 2020] The supported validation types are: http-01 , but you specified: dns-01
[Wed Jan 22 22:46:54 CET 2020] pid
[Wed Jan 22 22:46:54 CET 2020] No need to restore nginx, skip.
[Wed Jan 22 22:46:54 CET 2020] _clearupdns
[Wed Jan 22 22:46:54 CET 2020] dns_entries
[Wed Jan 22 22:46:54 CET 2020] skip dns.
[Wed Jan 22 22:46:54 CET 2020] _on_issue_err
[Wed Jan 22 22:46:54 CET 2020] Please add '--debug' or '--log' to check more details.
[Wed Jan 22 22:46:54 CET 2020] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
[Wed Jan 22 22:46:54 CET 2020] _chk_vlist
[Wed Jan 22 22:46:54 CET 2020] 'dns_giga' does not contain 'dns'
[Wed Jan 22 22:46:54 CET 2020] socat doesn't exists.
[Wed Jan 22 22:46:54 CET 2020] Diagnosis versions:
openssl:openssl
OpenSSL 1.0.2k-fips 26 Jan 2017
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
socat:

Then you can't use your old command.

Please start with some basics:

Then read something about Challenge types:

Then check the acme.sh documentation to see, if you can use an API of your DNS provider.


That's required:


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Something actually changed here during last few months. I have also seen this issue for domains that previously have been validated using http-01 for fqdn domain.tld and www.domain.tld.

If I now try to get a new certificate with acme.sh using dns-01 for fqdn *.domain.tld and domain.tld, the latter one will fail with same issue as mentioned before. wildcard fqdn will of course get certificate as it is a new hostname.

Not sure if this is a bug or problem with acme.sh, but I guess it needs to force using new dns-01 instead of previous http-01.

This issue only affects hostnames that have previously validated with http-01, not any new domains/hosts. Tried to delete acme configurations for such hosts, it did not change anything - letsencrypt still returns http-01.

edit: Looks like a fix is coming

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.