Unable to generate cert on Staging... Rate limit?

Help
1

Hi All,

So i’m using pfSense and the acme cert tool to generate my wildcard certificate. i know that does work as i got it to generate one about a week ago before i had a full systems failure requiring a rebuild of the machine loosing all keys etc.

didnt think much of it but realised i should probably use staging whilst i’m in my tinkering phase with certs and applications.

However i constantly getting the Below error when issuing ANY cert. be in production or staging. Can anybody shed any light in to why its failing?

My DNS is with Hurrican Electric so i’m allowing acme to create the relevant entries.

DARGRANET.COM
Renewing certificate
account: DARGRANET.COM
server: letsencrypt-staging-2

/usr/local/pkg/acme/acme.sh --issue -d ‘*.DARGRANET.COM’ --dns ‘dns_he’ -d ‘DARGRANET.COM’ --dns ‘dns_he’ --home ‘/tmp/acme/DARGRANET.COM/’ --accountconf ‘/tmp/acme/DARGRANET.COM/accountconf.conf’ --force --reloadCmd ‘/tmp/acme/DARGRANET.COM/reloadcmd.sh’ --log-level 3 --log ‘/tmp/acme/DARGRANET.COM/acme_issuecert.log’

Array
(
[path] => /etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin/
[PATH] => /etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin/
[HE_Username] => skehardscooby
[HE_Password] => [redacted]
)
[Sat Jan 12 23:50:46 GMT 2019] Multi domain=‘DNS:.DARGRANET.COM,DNS:DARGRANET.COM’
[Sat Jan 12 23:50:46 GMT 2019] Getting domain auth token for each domain
[Sat Jan 12 23:50:49 GMT 2019] Getting webroot for domain=’.DARGRANET.COM’
[Sat Jan 12 23:50:49 GMT 2019] get to authz error.
[Sat Jan 12 23:50:49 GMT 2019] authorizations_map='dargranet.com,{“identifier”:{“type”:“dns”,“value”:“dargranet.com”},“status”:“pending”,“expires”:“2019-01-19T23:44:07Z”,“challenges”:[{“type”:“tls-alpn-01”,“status”:“pending”,“url”:"https://acme-staging-v02.api.letsencrypt.org/acme/challenge/WHix2xqNeQ7L94nbixD-obyIMwPK5yRL5pUPDS_Dos/221598685",“token”:“VusBetg-vFuY86_p7-lGymiFGEBVXf9YNBcUz4CG3mg”},{“type”:“dns-01”,“status”:“pending”,“url”:“https://acme-staging-v02.api.letsencrypt.org/acme/challenge/WHix2xqNeQ7L94nbixD_-obyIMwPK5yRL5pUPDS_Dos/221598686",“token”:“H-Q4YUwfjUdB7qOyqB9Vp6-P108o_d_nw3qnnZnNxl8”},{“type”:“http-01”,“status”:“pending”,“url”:“https://acme-staging-v02.api.letsencrypt.org/acme/challenge/WHix2xqNeQ7L94nbixD_-obyIMwPK5yRL5pUPDS_Dos/221598687”,“token”:"cUYzcBOnTb-QXH2VmX4dr0n2KwB5pvsw5X68_vLMC4o”}]}
*.dargranet.com,{“identifier”:{“type”:“dns”,“value”:“dargranet.com”},“status”:“pending”,“expires”:“2019-01-19T23:44:07Z”,“challenges”:[{“type”:“dns-01”,“status”:“pending”,“url”:“https://acme-staging-v02.api.letsencrypt.org/acme/challenge/I-m6Tlr78zBrfyi-79S4dMTl2pZE0gkzBr_ukgnG8v8/221598684",“token”:"-EO-UCBIcw16l9ntz3NZaEJWfZTVW4V0SKS0M1ebrcU"}],"wildcard”: true}

[Sat Jan 12 23:50:49 GMT 2019] Please check log file for more details: /tmp/acme/DARGRANET.COM/acme_issuecert.log

I’ve tried going to the URL’s in the output to attempt to bring them out of pending to no avail.

Thanks in advance

2

Hello. I edited your post to remove your password, but search engines have probably archived this thread already. You need to log in and change it ASAP (and with any other services where you use the same password).

(Thanks to the person who flagged this.)

3

Thanks Mnordhoff and the person that flagged it.

However that actually was just a random password but i can appreciate the assistance.

To be honest i thought i had actually removed the HE details completely.

4

Oh. :relieved:

I don’t understand the log file. I don’t know what acme.sh’s logs usually look like, but it doesn’t look like anything has gone wrong yet. It looks like it just stopped near the beginning of the process.

Are there more logs? What happens if you use a less verbose log level?

5

Right So, i’ve just tried to issue a cert and was going to post the output or attach but being a new user i’m unable to.

guess i’ll carry on googling and wait another week before i try again.

Thanks though

6

You should be able to now. :slightly_smiling_face:

7

Thank you kind sir

right so this is the log the previous output was referencing!

its guite alot more than before! sorry

HTTP/1.1 201 Created
Server: nginx
Content-Type: application/json
Content-Length: 550
Boulder-Requester: 7840378
Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/7840378/19516221
Replay-Nonce: nD–K_HHIgpKZp5MUPIunsfgbNvZnIAby9rRuep8dfE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sun, 13 Jan 2019 00:36:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 13 Jan 2019 00:36:28 GMT
Connection: keep-alive


[Sun Jan 13 00:36:28 GMT 2019] response=’{“status”:“pending”,“expires”:“2019-01-19T23:44:07Z”,“identifiers”:[{“type”:“dns”,“value”:".dargranet.com"},{“type”:“dns”,“value”:“dargranet.com”}],“authorizations”:[“https://acme-staging-v02.api.letsencrypt.org/acme/authz/I-m6Tlr78zBrfyi-79S4dMTl2pZE0gkzBr_ukgnG8v8",“https://acme-staging-v02.api.letsencrypt.org/acme/authz/WHix2xqNeQ7L94nbixD_-obyIMwPK5yRL5pUPDS_Dos”],“finalize”:"https://acme-staging-v02.api.letsencrypt.org/acme/finalize/7840378/19516221”}’
[Sun Jan 13 00:36:28 GMT 2019] code=‘201’
[Sun Jan 13 00:36:28 GMT 2019] Le_OrderFinalize=‘https://acme-staging-v02.api.letsencrypt.org/acme/finalize/7840378/19516221
[Sun Jan 13 00:36:28 GMT 2019] OK
[Sun Jan 13 00:36:28 GMT 2019] 9:Le_OrderFinalize=‘https://acme-staging-v02.api.letsencrypt.org/acme/finalize/7840378/19516221
[Sun Jan 13 00:36:28 GMT 2019] authorizations_seg='https://acme-staging-v02.api.letsencrypt.org/acme/authz/I-m6Tlr78zBrfyi-79S4dMTl2pZE0gkzBr_ukgnG8v8,https://acme-staging-v02.api.letsencrypt.org/acme/authz/WHix2xqNeQ7L94nbixD-obyIMwPK5yRL5pUPDS_Dos’
[Sun Jan 13 00:36:28 GMT 2019] _authz_url=‘https://acme-staging-v02.api.letsencrypt.org/acme/authz/I-m6Tlr78zBrfyi-79S4dMTl2pZE0gkzBr_ukgnG8v8
[Sun Jan 13 00:36:28 GMT 2019] GET
[Sun Jan 13 00:36:28 GMT 2019] url=‘https://acme-staging-v02.api.letsencrypt.org/acme/authz/I-m6Tlr78zBrfyi-79S4dMTl2pZE0gkzBr_ukgnG8v8
[Sun Jan 13 00:36:28 GMT 2019] timeout=
[Sun Jan 13 00:36:28 GMT 2019] Http already initialized.
[Sun Jan 13 00:36:28 GMT 2019] _CURL=‘curl -L --silent --dump-header /tmp/acme/DARGRANET.COM//http.header -g ’
[Sun Jan 13 00:36:29 GMT 2019] ret=‘0’
[Sun Jan 13 00:36:29 GMT 2019] response=’{“identifier”:{“type”:“dns”,“value”:“dargranet.com”},“status”:“pending”,“expires”:“2019-01-19T23:44:07Z”,“challenges”:[{“type”:“dns-01”,“status”:“pending”,“url”:“https://acme-staging-v02.api.letsencrypt.org/acme/challenge/I-m6Tlr78zBrfyi-79S4dMTl2pZE0gkzBr_ukgnG8v8/221598684",“token”:"-EO-UCBIcw16l9ntz3NZaEJWfZTVW4V0SKS0M1ebrcU"}],"wildcard”: true}’
[Sun Jan 13 00:36:29 GMT 2019] _d=’.dargranet.com’
[Sun Jan 13 00:36:29 GMT 2019] authz_url='https://acme-staging-v02.api.letsencrypt.org/acme/authz/WHix2xqNeQ7L94nbixD-obyIMwPK5yRL5pUPDS_Dos’
[Sun Jan 13 00:36:29 GMT 2019] GET
[Sun Jan 13 00:36:29 GMT 2019] url=‘https://acme-staging-v02.api.letsencrypt.org/acme/authz/WHix2xqNeQ7L94nbixD_-obyIMwPK5yRL5pUPDS_Dos
[Sun Jan 13 00:36:29 GMT 2019] timeout=
[Sun Jan 13 00:36:29 GMT 2019] Http already initialized.
[Sun Jan 13 00:36:29 GMT 2019] CURL=‘curl -L --silent --dump-header /tmp/acme/DARGRANET.COM//http.header -g ’
[Sun Jan 13 00:36:29 GMT 2019] ret=‘0’
[Sun Jan 13 00:36:29 GMT 2019] response=’{“identifier”:{“type”:“dns”,“value”:“dargranet.com”},“status”:“pending”,“expires”:“2019-01-19T23:44:07Z”,“challenges”:[{“type”:“tls-alpn-01”,“status”:“pending”,“url”:"https://acme-staging-v02.api.letsencrypt.org/acme/challenge/WHix2xqNeQ7L94nbixD-obyIMwPK5yRL5pUPDS_Dos/221598685",“token”:“VusBetg-vFuY86_p7-lGymiFGEBVXf9YNBcUz4CG3mg”},{“type”:“dns-01”,“status”:“pending”,“url”:“https://acme-staging-v02.api.letsencrypt.org/acme/challenge/WHix2xqNeQ7L94nbixD_-obyIMwPK5yRL5pUPDS_Dos/221598686",“token”:“H-Q4YUwfjUdB7qOyqB9Vp6-P108o_d_nw3qnnZnNxl8”},{“type”:“http-01”,“status”:“pending”,“url”:“https://acme-staging-v02.api.letsencrypt.org/acme/challenge/WHix2xqNeQ7L94nbixD_-obyIMwPK5yRL5pUPDS_Dos/221598687”,“token”:"cUYzcBOnTb-QXH2VmX4dr0n2KwB5pvsw5X68_vLMC4o”}]}’
[Sun Jan 13 00:36:29 GMT 2019] d=‘dargranet.com
[Sun Jan 13 00:36:29 GMT 2019] authorizations_map='dargranet.com,{“identifier”:{“type”:“dns”,“value”:“dargranet.com”},“status”:“pending”,“expires”:“2019-01-19T23:44:07Z”,“challenges”:[{“type”:“tls-alpn-01”,“status”:“pending”,“url”:"https://acme-staging-v02.api.letsencrypt.org/acme/challenge/WHix2xqNeQ7L94nbixD-obyIMwPK5yRL5pUPDS_Dos/221598685",“token”:“VusBetg-vFuY86_p7-lGymiFGEBVXf9YNBcUz4CG3mg”},{“type”:“dns-01”,“status”:“pending”,“url”:"https://acme-staging-v02.api.letsencrypt.org/acme/challenge/WHix2xqNeQ7L94nbixD-obyIMwPK5yRL5pUPDS_Dos/221598686",“token”:“H-Q4YUwfjUdB7qOyqB9Vp6-P108o_d_nw3qnnZnNxl8”},{“type”:“http-01”,“status”:“pending”,“url”:“https://acme-staging-v02.api.letsencrypt.org/acme/challenge/WHix2xqNeQ7L94nbixD_-obyIMwPK5yRL5pUPDS_Dos/221598687",“token”:"cUYzcBOnTb-QXH2VmX4dr0n2KwB5pvsw5X68_vLMC4o”}]}
.dargranet.com,{“identifier”:{“type”:“dns”,“value”:“dargranet.com”},“status”:“pending”,“expires”:“2019-01-19T23:44:07Z”,“challenges”:[{“type”:“dns-01”,“status”:“pending”,“url”:“https://acme-staging-v02.api.letsencrypt.org/acme/challenge/I-m6Tlr78zBrfyi-79S4dMTl2pZE0gkzBr_ukgnG8v8/221598684",“token”:"-EO-UCBIcw16l9ntz3NZaEJWfZTVW4V0SKS0M1ebrcU"}],"wildcard”: true}

[Sun Jan 13 00:36:29 GMT 2019] d=’.DARGRANET.COM’
[Sun Jan 13 00:36:29 GMT 2019] Getting webroot for domain=’*.DARGRANET.COM’
[Sun Jan 13 00:36:29 GMT 2019] w=‘dns_he’
[Sun Jan 13 00:36:29 GMT 2019] currentRoot=‘dns_he’
[Sun Jan 13 00:36:29 GMT 2019] response
[Sun Jan 13 00:36:29 GMT 2019] get to authz error.
[Sun Jan 13 00:36:29 GMT 2019] authorizations_map='dargranet.com,{“identifier”:{“type”:“dns”,“value”:“dargranet.com”},“status”:“pending”,“expires”:“2019-01-19T23:44:07Z”,“challenges”:[{“type”:“tls-alpn-01”,“status”:“pending”,“url”:"https://acme-staging-v02.api.letsencrypt.org/acme/challenge/WHix2xqNeQ7L94nbixD-obyIMwPK5yRL5pUPDS_Dos/221598685",“token”:“VusBetg-vFuY86_p7-lGymiFGEBVXf9YNBcUz4CG3mg”},{“type”:“dns-01”,“status”:“pending”,“url”:"https://acme-staging-v02.api.letsencrypt.org/acme/challenge/WHix2xqNeQ7L94nbixD-obyIMwPK5yRL5pUPDS_Dos/221598686",“token”:“H-Q4YUwfjUdB7qOyqB9Vp6-P108o_d_nw3qnnZnNxl8”},{“type”:“http-01”,“status”:“pending”,“url”:"https://acme-staging-v02.api.letsencrypt.org/acme/challenge/WHix2xqNeQ7L94nbixD-obyIMwPK5yRL5pUPDS_Dos/221598687",“token”:“cUYzcBOnTb-QXH2VmX4dr0n2KwB5pvsw5X68_vLMC4o”}]}
*.dargranet.com,{“identifier”:{“type”:“dns”,“value”:“dargranet.com”},“status”:“pending”,“expires”:“2019-01-19T23:44:07Z”,“challenges”:[{“type”:“dns-01”,“status”:“pending”,“url”:“https://acme-staging-v02.api.letsencrypt.org/acme/challenge/I-m6Tlr78zBrfyi-79S4dMTl2pZE0gkzBr_ukgnG8v8/221598684",“token”:"-EO-UCBIcw16l9ntz3NZaEJWfZTVW4V0SKS0M1ebrcU"}],"wildcard”: true}

[Sun Jan 13 00:36:29 GMT 2019] pid
[Sun Jan 13 00:36:29 GMT 2019] No need to restore nginx, skip.
[Sun Jan 13 00:36:29 GMT 2019] _clearupdns
[Sun Jan 13 00:36:29 GMT 2019] skip dns.
[Sun Jan 13 00:36:29 GMT 2019] _on_issue_err
[Sun Jan 13 00:36:29 GMT 2019] Please check log file for more details: /tmp/acme/DARGRANET.COM/acme_issuecert.log
[Sun Jan 13 00:36:29 GMT 2019] _chk_vlist

8

You need a way to separate the HE DNS creation/update portion to test that part independently.
Like while in process you should see something from:
nslookup -q=txt _acme-challenge.DARGRANET.COM ns1.he.net

9

Hi @Skehardscooby

what says

Your order isn't invalid

https://acme-staging-v02.api.letsencrypt.org/acme/order/7840378/19516221

instead the complete order is pending.

1 Like
10

Oh right okay.

Strangely the first time I set it up on pfsense it worked a treat but yeah lost all the keys. Ever since it’s failed with this.

Obviously something is broke myside so I’ll rebuild the FW from scratch and may try another DNS provider to rule out HE.net

I’ve no doubt that I’ve hit cap for pending requests this week so I’ll wait til next weekend to request another cert.

Thanks for everyone’s help

11

I don't see that you have hitted a limit. Pending means that the order waits, that the client confirms the challenges. So "pending" is a normal state of an ACME-order.

Your dns plugin doesn't work. So acme.sh waits, waits - that the dns-plugin is finished. And the order waits too.

12

Right okay,

I’ll first try another method then. To rule out the plug-in.

I had tried it last night to no avail.

Might just use another tool to get the cert for the time being whilst I sort this out.

Ruddy annoying as it just worked the first time!

13

Right so I can rule out pfsense as just rebuilt from scratch.

Did try manual but couldn’t seem to find the challenge key until after it had run so obviously failed.

Time to go back to original DNS provider (GoDaddy) and see how that fairs.

Thought ACME was supposed to be simple! Hahaha

14

Here we go again.

I’ve moved my DNS to Cloudflare.

Getting pretty much the same error as i was with HE.

[Sun Jan 13 21:41:07 GMT 2019] _ret=‘0’
[Sun Jan 13 21:41:07 GMT 2019] _headers='HTTP/1.1 204 No Content
Server: nginx
Replay-Nonce: lPKg_sSvrjMlfAkqV3Qd5PJ3_xUIEYK3u0gfkloYR00
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sun, 13 Jan 2019 21:41:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 13 Jan 2019 21:41:07 GMT
Connection: keep-alive


[Sun Jan 13 21:41:07 GMT 2019] _CACHED_NONCE=‘lPKg_sSvrjMlfAkqV3Qd5PJ3_xUIEYK3u0gfkloYR00’
[Sun Jan 13 21:41:07 GMT 2019] nonce=‘lPKg_sSvrjMlfAkqV3Qd5PJ3_xUIEYK3u0gfkloYR00’
[Sun Jan 13 21:41:07 GMT 2019] protected=’{“nonce”: “lPKg_sSvrjMlfAkqV3Qd5PJ3_xUIEYK3u0gfkloYR00”, “url”: “https://acme-v02.api.letsencrypt.org/acme/new-acct”, “alg”: “RS256”, “jwk”: {“e”: “AQAB”, “kty”: “RSA”, “n”: “pqsh4VprsPX8CEjVJUr-r4MI3ufbe7jMkOezbnFiQ25EZKkoZ__C7g_WcgY__sX7kKdm_WnESHUHhyHjVEfPKUUC1ucAgJMN4_dzx0E3T929h9BK71rF52ac4dyZITHWoXs3YB_L0zwdbV_MJfdE7wpIfW-aW6KocoKN0hu7iH9XBzj8SZ_inD9Z8rd6BXKCkjcRMKN8962nxlrgZ4dgL8X3ik8ltdBhQMULBcWBxAZR5LIPmv2ZeMNRUWkmCDDAuPURg0tEAWx1uJiTGl_FS4YW9JJlTteAv4orjDKPXohDSliY5kCzDyJ7ftALTMCn0HA0mOhamjNlTHIg8pyfVyvrUmn08oi73AAyupSrpW2_umW8bnzjcNihpO1gl3IzHSd7AeI3Uctz8pM-hUq59cDw5poEYPqoTN2iTsJOmmiTZ6vgaHt98vZXxKlDkqg5mFMjQAz59OZSuI4QD-cXiutaj-lcSdez3jtlBxX_UB5jWu2z_tg42JHDXWq6tTtvXK4AD0rwaAhTsIsd4fG6VlFDPOWSuU0Naqdlf9VpemyjuS_AwE_AjvDj4mwfyqSJNXLb62hDcqJVpw_JjLnc62dZYSlJX2hJAGZ5MOYtZchjUxBhqcFVltTuQlXDxqUyZt_KqvAjEuXn3YNapcyslFOOlis2qygyUReBmaLDKEc”}}’
[Sun Jan 13 21:41:07 GMT 2019] base64 single line.
[Sun Jan 13 21:41:07 GMT 2019] protected64=‘eyJub25jZSI6ICJsUEtnX3NTdnJqTWxmQWtxVjNRZDVQSjNfeFVJRVlLM3UwZ2ZrbG9ZUjAwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctYWNjdCIsICJhbGciOiAiUlMyNTYiLCAiandrIjogeyJlIjogIkFRQUIiLCAia3R5IjogIlJTQSIsICJuIjogInBxc2g0VnByc1BYOENFalZKVXItcjRNSTN1ZmJlN2pNa09lemJuRmlRMjVFWktrb1pfX0M3Z19XY2dZX19zWDdrS2RtX1duRVNIVUhoeUhqVkVmUEtVVUMxdWNBZ0pNTjRfZHp4MEUzVDkyOWg5Qks3MXJGNTJhYzRkeVpJVEhXb1hzM1lCX0wwendkYlZfTUpmZEU3d3BJZlctYVc2S29jb0tOMGh1N2lIOVhCemo4U1pfaW5EOVo4cmQ2QlhLQ2tqY1JNS044OTYybnhscmdaNGRnTDhYM2lrOGx0ZEJoUU1VTEJjV0J4QVpSNUxJUG12MlplTU5SVVdrbUNEREF1UFVSZzB0RUFXeDF1SmlUR2xfRlM0WVc5SkpsVHRlQXY0b3JqREtQWG9oRFNsaVk1a0N6RHlKN2Z0QUxUTUNuMEhBMG1PaGFtak5sVEhJZzhweWZWeXZyVW1uMDhvaTczQUF5dXBTcnBXMl91bVc4Ym56amNOaWhwTzFnbDNJekhTZDdBZUkzVWN0ejhwTS1oVXE1OWNEdzVwb0VZUHFvVE4yaVRzSk9tbWlUWjZ2Z2FIdDk4dlpYeEtsRGtxZzVtRk1qUUF6NTlPWlN1STRRRC1jWGl1dGFqLWxjU2RlejNqdGxCeFhfVUI1ald1MnpfdGc0MkpIRFhXcTZ0VHR2WEs0QUQwcndhQWhUc0lzZDRmRzZWbEZEUE9XU3VVME5hcWRsZjlWcGVteWp1U19Bd0VfQWp2RGo0bXdmeXFTSk5YTGI2MmhEY3FKVnB3X0pqTG5jNjJkWllTbEpYMmhKQUdaNU1PWXRaY2hqVXhCaHFjRlZsdFR1UWxYRHhxVXladF9LcXZBakV1WG4zWU5hcGN5c2xGT09saXMycXlneVVSZUJtYUxES0VjIn19’
[Sun Jan 13 21:41:07 GMT 2019] base64 single line.
[Sun Jan 13 21:41:07 GMT 2019] _sig_t=‘B4bIlYxccs8ipmwzez1tSZIAmxG8JSlX+bp+SXrf8WGPwUCQHssLo0mdx+K7TdN1GJB60A1Wbkk4gqbA0D8pPIbHUZuwSMKDbH30xlwWzrRVo6G6Gvo+58ak0NvtEKwYdJbGBa9/Ubxr+FT54XvhSS0xmdUprpXXKAOpFOjzDQzOaqEbWvUm//WzKzSBH9Y9CZf45/PMNG8i8ODOv6UQ2MI66AQny8qi8IkhZ9aEnzC29Cv4+FvlGyEpu5bIltUy2X/hkkS4uDb9y1hEOE7pBY6of8aj8T6Fe3YWwMw74pAvSulmYHWcQYFOSe87z02g7YBLDUKrnoMsrB3KJl/xAoKg6FfFtuFna8ZGeRcIPv9zGwzVDswb4ZzTYraRXTO15+s+XYiW9Vm8vMKDUQFw4HdPefxAMQkwNXMSTDgupbiBLhT+cbha7W56Dp/aXiaL7B8Im+nYHDyFjHlo+NMLUdG/rSeaf1kSPTGKBUnt0Ql5YkKTbRFKtnR4QHF9U05PaI3KK6bg0T5vW70dmXNvNaDq2FUlt60nXHP+yEhwTgA5Ay/5WnDH1pJQDi4LY+M0MwF1WImtwLBfNFY2p1GHCqMD3q3EnSd+C4f4YmBf1o/zYfARtnXqhKQxxAHTo2Pnh0Llxpq8xF64pUZL1TRgMFY8CVsRJ/B2HY9GrhwfrkU=’
[Sun Jan 13 21:41:07 GMT 2019] sig=‘B4bIlYxccs8ipmwzez1tSZIAmxG8JSlX-bp-SXrf8WGPwUCQHssLo0mdx-K7TdN1GJB60A1Wbkk4gqbA0D8pPIbHUZuwSMKDbH30xlwWzrRVo6G6Gvo-58ak0NvtEKwYdJbGBa9_Ubxr-FT54XvhSS0xmdUprpXXKAOpFOjzDQzOaqEbWvUm__WzKzSBH9Y9CZf45_PMNG8i8ODOv6UQ2MI66AQny8qi8IkhZ9aEnzC29Cv4-FvlGyEpu5bIltUy2X_hkkS4uDb9y1hEOE7pBY6of8aj8T6Fe3YWwMw74pAvSulmYHWcQYFOSe87z02g7YBLDUKrnoMsrB3KJl_xAoKg6FfFtuFna8ZGeRcIPv9zGwzVDswb4ZzTYraRXTO15-s-XYiW9Vm8vMKDUQFw4HdPefxAMQkwNXMSTDgupbiBLhT-cbha7W56Dp_aXiaL7B8Im-nYHDyFjHlo-NMLUdG_rSeaf1kSPTGKBUnt0Ql5YkKTbRFKtnR4QHF9U05PaI3KK6bg0T5vW70dmXNvNaDq2FUlt60nXHP-yEhwTgA5Ay_5WnDH1pJQDi4LY-M0MwF1WImtwLBfNFY2p1GHCqMD3q3EnSd-C4f4YmBf1o_zYfARtnXqhKQxxAHTo2Pnh0Llxpq8xF64pUZL1TRgMFY8CVsRJ_B2HY9GrhwfrkU’
[Sun Jan 13 21:41:07 GMT 2019] body=’{“protected”: “eyJub25jZSI6ICJsUEtnX3NTdnJqTWxmQWtxVjNRZDVQSjNfeFVJRVlLM3UwZ2ZrbG9ZUjAwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctYWNjdCIsICJhbGciOiAiUlMyNTYiLCAiandrIjogeyJlIjogIkFRQUIiLCAia3R5IjogIlJTQSIsICJuIjogInBxc2g0VnByc1BYOENFalZKVXItcjRNSTN1ZmJlN2pNa09lemJuRmlRMjVFWktrb1pfX0M3Z19XY2dZX19zWDdrS2RtX1duRVNIVUhoeUhqVkVmUEtVVUMxdWNBZ0pNTjRfZHp4MEUzVDkyOWg5Qks3MXJGNTJhYzRkeVpJVEhXb1hzM1lCX0wwendkYlZfTUpmZEU3d3BJZlctYVc2S29jb0tOMGh1N2lIOVhCemo4U1pfaW5EOVo4cmQ2QlhLQ2tqY1JNS044OTYybnhscmdaNGRnTDhYM2lrOGx0ZEJoUU1VTEJjV0J4QVpSNUxJUG12MlplTU5SVVdrbUNEREF1UFVSZzB0RUFXeDF1SmlUR2xfRlM0WVc5SkpsVHRlQXY0b3JqREtQWG9oRFNsaVk1a0N6RHlKN2Z0QUxUTUNuMEhBMG1PaGFtak5sVEhJZzhweWZWeXZyVW1uMDhvaTczQUF5dXBTcnBXMl91bVc4Ym56amNOaWhwTzFnbDNJekhTZDdBZUkzVWN0ejhwTS1oVXE1OWNEdzVwb0VZUHFvVE4yaVRzSk9tbWlUWjZ2Z2FIdDk4dlpYeEtsRGtxZzVtRk1qUUF6NTlPWlN1STRRRC1jWGl1dGFqLWxjU2RlejNqdGxCeFhfVUI1ald1MnpfdGc0MkpIRFhXcTZ0VHR2WEs0QUQwcndhQWhUc0lzZDRmRzZWbEZEUE9XU3VVME5hcWRsZjlWcGVteWp1U19Bd0VfQWp2RGo0bXdmeXFTSk5YTGI2MmhEY3FKVnB3X0pqTG5jNjJkWllTbEpYMmhKQUdaNU1PWXRaY2hqVXhCaHFjRlZsdFR1UWxYRHhxVXladF9LcXZBakV1WG4zWU5hcGN5c2xGT09saXMycXlneVVSZUJtYUxES0VjIn19”, “payload”: “eyJjb250YWN0IjogWyJtYWlsdG86IFJpY2hhcmRNYXR0aGV3c0BEQVJHUkFORVQuQ09NIl0sICJ0ZXJtc09mU2VydmljZUFncmVlZCI6IHRydWV9”, “signature”: “B4bIlYxccs8ipmwzez1tSZIAmxG8JSlX-bp-SXrf8WGPwUCQHssLo0mdx-K7TdN1GJB60A1Wbkk4gqbA0D8pPIbHUZuwSMKDbH30xlwWzrRVo6G6Gvo-58ak0NvtEKwYdJbGBa9_Ubxr-FT54XvhSS0xmdUprpXXKAOpFOjzDQzOaqEbWvUm__WzKzSBH9Y9CZf45_PMNG8i8ODOv6UQ2MI66AQny8qi8IkhZ9aEnzC29Cv4-FvlGyEpu5bIltUy2X_hkkS4uDb9y1hEOE7pBY6of8aj8T6Fe3YWwMw74pAvSulmYHWcQYFOSe87z02g7YBLDUKrnoMsrB3KJl_xAoKg6FfFtuFna8ZGeRcIPv9zGwzVDswb4ZzTYraRXTO15-s-XYiW9Vm8vMKDUQFw4HdPefxAMQkwNXMSTDgupbiBLhT-cbha7W56Dp_aXiaL7B8Im-nYHDyFjHlo-NMLUdG_rSeaf1kSPTGKBUnt0Ql5YkKTbRFKtnR4QHF9U05PaI3KK6bg0T5vW70dmXNvNaDq2FUlt60nXHP-yEhwTgA5Ay_5WnDH1pJQDi4LY-M0MwF1WImtwLBfNFY2p1GHCqMD3q3EnSd-C4f4YmBf1o_zYfARtnXqhKQxxAHTo2Pnh0Llxpq8xF64pUZL1TRgMFY8CVsRJ_B2HY9GrhwfrkU”}’
[Sun Jan 13 21:41:07 GMT 2019] POST
[Sun Jan 13 21:41:07 GMT 2019] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/new-acct
[Sun Jan 13 21:41:07 GMT 2019] body=’{“protected”: “eyJub25jZSI6ICJsUEtnX3NTdnJqTWxmQWtxVjNRZDVQSjNfeFVJRVlLM3UwZ2ZrbG9ZUjAwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctYWNjdCIsICJhbGciOiAiUlMyNTYiLCAiandrIjogeyJlIjogIkFRQUIiLCAia3R5IjogIlJTQSIsICJuIjogInBxc2g0VnByc1BYOENFalZKVXItcjRNSTN1ZmJlN2pNa09lemJuRmlRMjVFWktrb1pfX0M3Z19XY2dZX19zWDdrS2RtX1duRVNIVUhoeUhqVkVmUEtVVUMxdWNBZ0pNTjRfZHp4MEUzVDkyOWg5Qks3MXJGNTJhYzRkeVpJVEhXb1hzM1lCX0wwendkYlZfTUpmZEU3d3BJZlctYVc2S29jb0tOMGh1N2lIOVhCemo4U1pfaW5EOVo4cmQ2QlhLQ2tqY1JNS044OTYybnhscmdaNGRnTDhYM2lrOGx0ZEJoUU1VTEJjV0J4QVpSNUxJUG12MlplTU5SVVdrbUNEREF1UFVSZzB0RUFXeDF1SmlUR2xfRlM0WVc5SkpsVHRlQXY0b3JqREtQWG9oRFNsaVk1a0N6RHlKN2Z0QUxUTUNuMEhBMG1PaGFtak5sVEhJZzhweWZWeXZyVW1uMDhvaTczQUF5dXBTcnBXMl91bVc4Ym56amNOaWhwTzFnbDNJekhTZDdBZUkzVWN0ejhwTS1oVXE1OWNEdzVwb0VZUHFvVE4yaVRzSk9tbWlUWjZ2Z2FIdDk4dlpYeEtsRGtxZzVtRk1qUUF6NTlPWlN1STRRRC1jWGl1dGFqLWxjU2RlejNqdGxCeFhfVUI1ald1MnpfdGc0MkpIRFhXcTZ0VHR2WEs0QUQwcndhQWhUc0lzZDRmRzZWbEZEUE9XU3VVME5hcWRsZjlWcGVteWp1U19Bd0VfQWp2RGo0bXdmeXFTSk5YTGI2MmhEY3FKVnB3X0pqTG5jNjJkWllTbEpYMmhKQUdaNU1PWXRaY2hqVXhCaHFjRlZsdFR1UWxYRHhxVXladF9LcXZBakV1WG4zWU5hcGN5c2xGT09saXMycXlneVVSZUJtYUxES0VjIn19”, “payload”: “eyJjb250YWN0IjogWyJtYWlsdG86IFJpY2hhcmRNYXR0aGV3c0BEQVJHUkFORVQuQ09NIl0sICJ0ZXJtc09mU2VydmljZUFncmVlZCI6IHRydWV9”, “signature”: “B4bIlYxccs8ipmwzez1tSZIAmxG8JSlX-bp-SXrf8WGPwUCQHssLo0mdx-K7TdN1GJB60A1Wbkk4gqbA0D8pPIbHUZuwSMKDbH30xlwWzrRVo6G6Gvo-58ak0NvtEKwYdJbGBa9_Ubxr-FT54XvhSS0xmdUprpXXKAOpFOjzDQzOaqEbWvUm__WzKzSBH9Y9CZf45_PMNG8i8ODOv6UQ2MI66AQny8qi8IkhZ9aEnzC29Cv4-FvlGyEpu5bIltUy2X_hkkS4uDb9y1hEOE7pBY6of8aj8T6Fe3YWwMw74pAvSulmYHWcQYFOSe87z02g7YBLDUKrnoMsrB3KJl_xAoKg6FfFtuFna8ZGeRcIPv9zGwzVDswb4ZzTYraRXTO15-s-XYiW9Vm8vMKDUQFw4HdPefxAMQkwNXMSTDgupbiBLhT-cbha7W56Dp_aXiaL7B8Im-nYHDyFjHlo-NMLUdG_rSeaf1kSPTGKBUnt0Ql5YkKTbRFKtnR4QHF9U05PaI3KK6bg0T5vW70dmXNvNaDq2FUlt60nXHP-yEhwTgA5Ay_5WnDH1pJQDi4LY-M0MwF1WImtwLBfNFY2p1GHCqMD3q3EnSd-C4f4YmBf1o_zYfARtnXqhKQxxAHTo2Pnh0Llxpq8xF64pUZL1TRgMFY8CVsRJ_B2HY9GrhwfrkU”}’
[Sun Jan 13 21:41:07 GMT 2019] _postContentType=‘application/jose+json’
[Sun Jan 13 21:41:07 GMT 2019] Http already initialized.
[Sun Jan 13 21:41:07 GMT 2019] _CURL=‘curl -L --silent --dump-header /tmp/acme/DARGRANET.COM//http.header -g ’
[Sun Jan 13 21:41:08 GMT 2019] _ret=‘0’
[Sun Jan 13 21:41:08 GMT 2019] original=’{
“id”: 49459328,
“key”: {
“kty”: “RSA”,
“n”: “pqsh4VprsPX8CEjVJUr-r4MI3ufbe7jMkOezbnFiQ25EZKkoZ__C7g_WcgY__sX7kKdm_WnESHUHhyHjVEfPKUUC1ucAgJMN4_dzx0E3T929h9BK71rF52ac4dyZITHWoXs3YB_L0zwdbV_MJfdE7wpIfW-aW6KocoKN0hu7iH9XBzj8SZ_inD9Z8rd6BXKCkjcRMKN8962nxlrgZ4dgL8X3ik8ltdBhQMULBcWBxAZR5LIPmv2ZeMNRUWkmCDDAuPURg0tEAWx1uJiTGl_FS4YW9JJlTteAv4orjDKPXohDSliY5kCzDyJ7ftALTMCn0HA0mOhamjNlTHIg8pyfVyvrUmn08oi73AAyupSrpW2_umW8bnzjcNihpO1gl3IzHSd7AeI3Uctz8pM-hUq59cDw5poEYPqoTN2iTsJOmmiTZ6vgaHt98vZXxKlDkqg5mFMjQAz59OZSuI4QD-cXiutaj-lcSdez3jtlBxX_UB5jWu2z_tg42JHDXWq6tTtvXK4AD0rwaAhTsIsd4fG6VlFDPOWSuU0Naqdlf9VpemyjuS_AwE_AjvDj4mwfyqSJNXLb62hDcqJVpw_JjLnc62dZYSlJX2hJAGZ5MOYtZchjUxBhqcFVltTuQlXDxqUyZt_KqvAjEuXn3YNapcyslFOOlis2qygyUReBmaLDKEc”,
“e”: “AQAB”
},
“contact”: [
“mailto: Email@DARGRANET.COM
],
“initialIp”: “2001:470:1f08:1cf::2”,
“createdAt”: “2019-01-13T21:41:08.340127817Z”,
“status”: “valid”
}’
[Sun Jan 13 21:41:08 GMT 2019] responseHeaders='HTTP/1.1 100 Continue
Expires: Sun, 13 Jan 2019 21:41:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 201 Created
Server: nginx
Content-Type: application/json
Content-Length: 939
Boulder-Requester: 49459328
Link: https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf;rel=“terms-of-service”
Location: https://acme-v02.api.letsencrypt.org/acme/acct/49459328
Replay-Nonce: LOsW16i9Xmpz-y7Hey-kM2Wy1P5ULuCsuiZsIkmPscY
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sun, 13 Jan 2019 21:41:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 13 Jan 2019 21:41:08 GMT
Connection: keep-alive


[Sun Jan 13 21:41:08 GMT 2019] response=’{“id”: 49459328,“key”:{“kty”:“RSA”,“n”:“pqsh4VprsPX8CEjVJUr-r4MI3ufbe7jMkOezbnFiQ25EZKkoZ__C7g_WcgY__sX7kKdm_WnESHUHhyHjVEfPKUUC1ucAgJMN4_dzx0E3T929h9BK71rF52ac4dyZITHWoXs3YB_L0zwdbV_MJfdE7wpIfW-aW6KocoKN0hu7iH9XBzj8SZ_inD9Z8rd6BXKCkjcRMKN8962nxlrgZ4dgL8X3ik8ltdBhQMULBcWBxAZR5LIPmv2ZeMNRUWkmCDDAuPURg0tEAWx1uJiTGl_FS4YW9JJlTteAv4orjDKPXohDSliY5kCzDyJ7ftALTMCn0HA0mOhamjNlTHIg8pyfVyvrUmn08oi73AAyupSrpW2_umW8bnzjcNihpO1gl3IzHSd7AeI3Uctz8pM-hUq59cDw5poEYPqoTN2iTsJOmmiTZ6vgaHt98vZXxKlDkqg5mFMjQAz59OZSuI4QD-cXiutaj-lcSdez3jtlBxX_UB5jWu2z_tg42JHDXWq6tTtvXK4AD0rwaAhTsIsd4fG6VlFDPOWSuU0Naqdlf9VpemyjuS_AwE_AjvDj4mwfyqSJNXLb62hDcqJVpw_JjLnc62dZYSlJX2hJAGZ5MOYtZchjUxBhqcFVltTuQlXDxqUyZt_KqvAjEuXn3YNapcyslFOOlis2qygyUReBmaLDKEc”,“e”:“AQAB”},“contact”:[“mailto: email@DARGRANET.COM”],“initialIp”:“2001:470:1f08:1cf::2”,“createdAt”:“2019-01-13T21:41:08.340127817Z”,“status”:“valid”}’
[Sun Jan 13 21:41:08 GMT 2019] code=‘201’
[Sun Jan 13 21:41:08 GMT 2019] Registered
[Sun Jan 13 21:41:08 GMT 2019] responseHeaders='HTTP/1.1 100 Continue
Expires: Sun, 13 Jan 2019 21:41:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 201 Created
Server: nginx
Content-Type: application/json
Content-Length: 939
Boulder-Requester: 49459328
Link: https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf;rel=“terms-of-service”
Location: https://acme-v02.api.letsencrypt.org/acme/acct/49459328
Replay-Nonce: LOsW16i9Xmpz-y7Hey-kM2Wy1P5ULuCsuiZsIkmPscY
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sun, 13 Jan 2019 21:41:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 13 Jan 2019 21:41:08 GMT
Connection: keep-alive


[Sun Jan 13 21:41:08 GMT 2019] _accUri=‘https://acme-v02.api.letsencrypt.org/acme/acct/49459328
[Sun Jan 13 21:41:08 GMT 2019] APP
[Sun Jan 13 21:41:08 GMT 2019] 1:ACCOUNT_URL=‘https://acme-v02.api.letsencrypt.org/acme/acct/49459328
[Sun Jan 13 21:41:08 GMT 2019] base64 single line.
[Sun Jan 13 21:41:08 GMT 2019] Calc CA_KEY_HASH=‘b3qvx6sASCL4D+VYzt7uZ+GAjWp2qYEMKtgHtc7G63Y=’
[Sun Jan 13 21:41:08 GMT 2019] APP
[Sun Jan 13 21:41:08 GMT 2019] 2:CA_KEY_HASH=‘b3qvx6sASCL4D+VYzt7uZ+GAjWp2qYEMKtgHtc7G63Y=’
[Sun Jan 13 21:41:08 GMT 2019] base64 single line.
[Sun Jan 13 21:41:08 GMT 2019] ACCOUNT_THUMBPRINT=‘rPdi14LyIZL3SOvrjrr5nx8aHFLFo4SGOR4TFaageLU’
[Sun Jan 13 21:41:08 GMT 2019] Read key length:
[Sun Jan 13 21:41:08 GMT 2019] _createcsr
[Sun Jan 13 21:41:08 GMT 2019] domain=’.DARGRANET.COM’
[Sun Jan 13 21:41:08 GMT 2019] domainlist=‘DARGRANET.COM
[Sun Jan 13 21:41:08 GMT 2019] csrkey=’/tmp/acme/DARGRANET.COM//.DARGRANET.COM/.DARGRANET.COM.key’
[Sun Jan 13 21:41:08 GMT 2019] csr=’/tmp/acme/DARGRANET.COM//.DARGRANET.COM/.DARGRANET.COM.csr’
[Sun Jan 13 21:41:08 GMT 2019] csrconf=’/tmp/acme/DARGRANET.COM//.DARGRANET.COM/.DARGRANET.COM.csr.conf’
[Sun Jan 13 21:41:08 GMT 2019] _is_idn_d=‘DARGRANET.COM
[Sun Jan 13 21:41:08 GMT 2019] _idn_temp
[Sun Jan 13 21:41:08 GMT 2019] domainlist=‘DARGRANET.COM
[Sun Jan 13 21:41:08 GMT 2019] Multi domain='DNS:.DARGRANET.COM,DNS:DARGRANET.COM’
[Sun Jan 13 21:41:08 GMT 2019] _is_idn_d=’.DARGRANET.COM’
[Sun Jan 13 21:41:08 GMT 2019] _idn_temp
[Sun Jan 13 21:41:08 GMT 2019] _csr_cn=’.DARGRANET.COM’
[Sun Jan 13 21:41:08 GMT 2019] APP
[Sun Jan 13 21:41:08 GMT 2019] 8:Le_Keylength=’’
[Sun Jan 13 21:41:08 GMT 2019] Getting domain auth token for each domain
[Sun Jan 13 21:41:08 GMT 2019] d=‘DARGRANET.COM
[Sun Jan 13 21:41:08 GMT 2019] d
[Sun Jan 13 21:41:08 GMT 2019] _identifiers=’{“type”:“dns”,“value”:".DARGRANET.COM"},{“type”:“dns”,“value”:“DARGRANET.COM”}’
[Sun Jan 13 21:41:08 GMT 2019] url=‘https://acme-v02.api.letsencrypt.org/acme/new-order
[Sun Jan 13 21:41:08 GMT 2019] payload=’{“identifiers”: [{“type”:“dns”,“value”:".DARGRANET.COM"},{“type”:“dns”,“value”:“DARGRANET.COM”}]}’
[Sun Jan 13 21:41:08 GMT 2019] Use cached jwk for file: /tmp/acme/DARGRANET.COM//ca/acme-v02.api.letsencrypt.org/account.key
[Sun Jan 13 21:41:08 GMT 2019] base64 single line.
[Sun Jan 13 21:41:08 GMT 2019] payload64=‘eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6IiouREFSR1JBTkVULkNPTSJ9LHsidHlwZSI6ImRucyIsInZhbHVlIjoiREFSR1JBTkVULkNPTSJ9XX0’
[Sun Jan 13 21:41:08 GMT 2019] _request_retry_times=‘1’
[Sun Jan 13 21:41:08 GMT 2019] Use _CACHED_NONCE=‘LOsW16i9Xmpz-y7Hey-kM2Wy1P5ULuCsuiZsIkmPscY’
[Sun Jan 13 21:41:08 GMT 2019] nonce=‘LOsW16i9Xmpz-y7Hey-kM2Wy1P5ULuCsuiZsIkmPscY’
[Sun Jan 13 21:41:08 GMT 2019] protected=’{“nonce”: “LOsW16i9Xmpz-y7Hey-kM2Wy1P5ULuCsuiZsIkmPscY”, “url”: “https://acme-v02.api.letsencrypt.org/acme/new-order”, “alg”: “RS256”, “kid”: “https://acme-v02.api.letsencrypt.org/acme/acct/49459328”}’
[Sun Jan 13 21:41:08 GMT 2019] base64 single line.
[Sun Jan 13 21:41:08 GMT 2019] protected64=‘eyJub25jZSI6ICJMT3NXMTZpOVhtcHoteTdIZXkta00yV3kxUDVVTHVDc3VpWnNJa21Qc2NZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIiLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzQ5NDU5MzI4In0’
[Sun Jan 13 21:41:08 GMT 2019] base64 single line.
[Sun Jan 13 21:41:08 GMT 2019] _sig_t=‘TV3uJ9WYBery4td/aaYcEwyVbzkAOpsOXQSOh0MCZqoTQP1JAiQqGypmufWz+24ldAxJ0U6h7bZxDbBlHyQyYIRs5EpUcsPU8mVVQVck8ovvFOMxvsdMFgmBihNnAwBKiz0kaQgg56JmVhxiU2UsitUBZhGaeQknJ1KqqNC/YPyZGeNYb6k7cZUK823Swdb17Ez5Q/iRcbfiHxWtMQjLHRXDiWCl53lp5Ts/6pMdxbNcABtQU8dM3KVIPOk5VrEml9Kwb4hmkyULMA9z0v4MvZvMu5sROJGx0uIjFgfQZSc9MKCKakl+/uiAuYNfZ+Ik6gSHIT92cUBW1M4QCmcyTyN/51m9mMe0bMzJNphl2G9bmFXBtGIn20mrUDOgnEZC6xO5GtzkRDa5LCZ3eSmDZ9EEMxJYEFT82davz3OYR1hsh3/JQ1DMPwOPuiX+GS0Rb8P0tF8t+Y/GO45zulsE4fP2gl737J4wpu2jQX721UpVFv0AO5A7IdGjO6gwRAxSi/gfrmA565ITVPj92cry2TZU2xzfOMLjzfB2l48mmWXQ887V7Pc6R7gGKAyhxJdqGTqNfUC5XOvWlliFwSGemVbFapKHyerMZegx3g/CtKsGIiXoNb9E6lVHLdbWF0+N/z4Z8CHgznlJipDyjYSycX6+NWgsF6wZ3pE0qNSXHI4=’
[Sun Jan 13 21:41:08 GMT 2019] sig=‘TV3uJ9WYBery4td_aaYcEwyVbzkAOpsOXQSOh0MCZqoTQP1JAiQqGypmufWz-24ldAxJ0U6h7bZxDbBlHyQyYIRs5EpUcsPU8mVVQVck8ovvFOMxvsdMFgmBihNnAwBKiz0kaQgg56JmVhxiU2UsitUBZhGaeQknJ1KqqNC_YPyZGeNYb6k7cZUK823Swdb17Ez5Q_iRcbfiHxWtMQjLHRXDiWCl53lp5Ts_6pMdxbNcABtQU8dM3KVIPOk5VrEml9Kwb4hmkyULMA9z0v4MvZvMu5sROJGx0uIjFgfQZSc9MKCKakl-_uiAuYNfZ-Ik6gSHIT92cUBW1M4QCmcyTyN_51m9mMe0bMzJNphl2G9bmFXBtGIn20mrUDOgnEZC6xO5GtzkRDa5LCZ3eSmDZ9EEMxJYEFT82davz3OYR1hsh3_JQ1DMPwOPuiX-GS0Rb8P0tF8t-Y_GO45zulsE4fP2gl737J4wpu2jQX721UpVFv0AO5A7IdGjO6gwRAxSi_gfrmA565ITVPj92cry2TZU2xzfOMLjzfB2l48mmWXQ887V7Pc6R7gGKAyhxJdqGTqNfUC5XOvWlliFwSGemVbFapKHyerMZegx3g_CtKsGIiXoNb9E6lVHLdbWF0-N_z4Z8CHgznlJipDyjYSycX6-NWgsF6wZ3pE0qNSXHI4’
[Sun Jan 13 21:41:08 GMT 2019] body=’{“protected”: “eyJub25jZSI6ICJMT3NXMTZpOVhtcHoteTdIZXkta00yV3kxUDVVTHVDc3VpWnNJa21Qc2NZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIiLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzQ5NDU5MzI4In0”, “payload”: “eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6IiouREFSR1JBTkVULkNPTSJ9LHsidHlwZSI6ImRucyIsInZhbHVlIjoiREFSR1JBTkVULkNPTSJ9XX0”, “signature”: “TV3uJ9WYBery4td_aaYcEwyVbzkAOpsOXQSOh0MCZqoTQP1JAiQqGypmufWz-24ldAxJ0U6h7bZxDbBlHyQyYIRs5EpUcsPU8mVVQVck8ovvFOMxvsdMFgmBihNnAwBKiz0kaQgg56JmVhxiU2UsitUBZhGaeQknJ1KqqNC_YPyZGeNYb6k7cZUK823Swdb17Ez5Q_iRcbfiHxWtMQjLHRXDiWCl53lp5Ts_6pMdxbNcABtQU8dM3KVIPOk5VrEml9Kwb4hmkyULMA9z0v4MvZvMu5sROJGx0uIjFgfQZSc9MKCKakl-_uiAuYNfZ-Ik6gSHIT92cUBW1M4QCmcyTyN_51m9mMe0bMzJNphl2G9bmFXBtGIn20mrUDOgnEZC6xO5GtzkRDa5LCZ3eSmDZ9EEMxJYEFT82davz3OYR1hsh3_JQ1DMPwOPuiX-GS0Rb8P0tF8t-Y_GO45zulsE4fP2gl737J4wpu2jQX721UpVFv0AO5A7IdGjO6gwRAxSi_gfrmA565ITVPj92cry2TZU2xzfOMLjzfB2l48mmWXQ887V7Pc6R7gGKAyhxJdqGTqNfUC5XOvWlliFwSGemVbFapKHyerMZegx3g_CtKsGIiXoNb9E6lVHLdbWF0-N_z4Z8CHgznlJipDyjYSycX6-NWgsF6wZ3pE0qNSXHI4”}’
[Sun Jan 13 21:41:08 GMT 2019] POST
[Sun Jan 13 21:41:08 GMT 2019] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/new-order
[Sun Jan 13 21:41:08 GMT 2019] body=’{“protected”: “eyJub25jZSI6ICJMT3NXMTZpOVhtcHoteTdIZXkta00yV3kxUDVVTHVDc3VpWnNJa21Qc2NZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIiLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzQ5NDU5MzI4In0”, “payload”: “eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6IiouREFSR1JBTkVULkNPTSJ9LHsidHlwZSI6ImRucyIsInZhbHVlIjoiREFSR1JBTkVULkNPTSJ9XX0”, “signature”: “TV3uJ9WYBery4td_aaYcEwyVbzkAOpsOXQSOh0MCZqoTQP1JAiQqGypmufWz-24ldAxJ0U6h7bZxDbBlHyQyYIRs5EpUcsPU8mVVQVck8ovvFOMxvsdMFgmBihNnAwBKiz0kaQgg56JmVhxiU2UsitUBZhGaeQknJ1KqqNC_YPyZGeNYb6k7cZUK823Swdb17Ez5Q_iRcbfiHxWtMQjLHRXDiWCl53lp5Ts_6pMdxbNcABtQU8dM3KVIPOk5VrEml9Kwb4hmkyULMA9z0v4MvZvMu5sROJGx0uIjFgfQZSc9MKCKakl-_uiAuYNfZ-Ik6gSHIT92cUBW1M4QCmcyTyN_51m9mMe0bMzJNphl2G9bmFXBtGIn20mrUDOgnEZC6xO5GtzkRDa5LCZ3eSmDZ9EEMxJYEFT82davz3OYR1hsh3_JQ1DMPwOPuiX-GS0Rb8P0tF8t-Y_GO45zulsE4fP2gl737J4wpu2jQX721UpVFv0AO5A7IdGjO6gwRAxSi_gfrmA565ITVPj92cry2TZU2xzfOMLjzfB2l48mmWXQ887V7Pc6R7gGKAyhxJdqGTqNfUC5XOvWlliFwSGemVbFapKHyerMZegx3g_CtKsGIiXoNb9E6lVHLdbWF0-N_z4Z8CHgznlJipDyjYSycX6-NWgsF6wZ3pE0qNSXHI4”}’
[Sun Jan 13 21:41:08 GMT 2019] _postContentType=‘application/jose+json’
[Sun Jan 13 21:41:08 GMT 2019] Http already initialized.
[Sun Jan 13 21:41:08 GMT 2019] _CURL=‘curl -L --silent --dump-header /tmp/acme/DARGRANET.COM//http.header -g ’
[Sun Jan 13 21:41:09 GMT 2019] _ret=‘0’
[Sun Jan 13 21:41:09 GMT 2019] original=’{
“status”: “pending”,
“expires”: “2019-01-20T21:41:09.681618753Z”,
“identifiers”: [
{
“type”: “dns”,
“value”: “*.dargranet.com”
},
{
“type”: “dns”,
“value”: “dargranet.com
}
],
“authorizations”: [
https://acme-v02.api.letsencrypt.org/acme/authz/aXtMPtnxtGUiI4acGooq4zSqaoAwsw9kh6fFVzdFX3g”,
https://acme-v02.api.letsencrypt.org/acme/authz/xp1C03q58eGa6hnfbZklwEgFjJfzitNzng7JzksZT2w
],
“finalize”: “https://acme-v02.api.letsencrypt.org/acme/finalize/49459328/269946260
}’
[Sun Jan 13 21:41:09 GMT 2019] responseHeaders='HTTP/1.1 100 Continue
Expires: Sun, 13 Jan 2019 21:41:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 201 Created
Server: nginx
Content-Type: application/json
Content-Length: 538
Boulder-Requester: 49459328
Location: https://acme-v02.api.letsencrypt.org/acme/order/49459328/269946260
Replay-Nonce: Ldd3gqrxvYW1VA_0uaScivKPVonYl_ufBCD1jVhVPFU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sun, 13 Jan 2019 21:41:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 13 Jan 2019 21:41:09 GMT
Connection: keep-alive


[Sun Jan 13 21:41:09 GMT 2019] response=’{“status”:“pending”,“expires”:“2019-01-20T21:41:09.681618753Z”,“identifiers”:[{“type”:“dns”,“value”:".dargranet.com"},{“type”:“dns”,“value”:“dargranet.com”}],“authorizations”:[“https://acme-v02.api.letsencrypt.org/acme/authz/aXtMPtnxtGUiI4acGooq4zSqaoAwsw9kh6fFVzdFX3g",“https://acme-v02.api.letsencrypt.org/acme/authz/xp1C03q58eGa6hnfbZklwEgFjJfzitNzng7JzksZT2w”],“finalize”:"https://acme-v02.api.letsencrypt.org/acme/finalize/49459328/269946260”}’
[Sun Jan 13 21:41:09 GMT 2019] code=‘201’
[Sun Jan 13 21:41:09 GMT 2019] Le_OrderFinalize=‘https://acme-v02.api.letsencrypt.org/acme/finalize/49459328/269946260
[Sun Jan 13 21:41:09 GMT 2019] APP
[Sun Jan 13 21:41:09 GMT 2019] 9:Le_OrderFinalize=‘https://acme-v02.api.letsencrypt.org/acme/finalize/49459328/269946260
[Sun Jan 13 21:41:09 GMT 2019] _authorizations_seg=‘https://acme-v02.api.letsencrypt.org/acme/authz/aXtMPtnxtGUiI4acGooq4zSqaoAwsw9kh6fFVzdFX3g,https://acme-v02.api.letsencrypt.org/acme/authz/xp1C03q58eGa6hnfbZklwEgFjJfzitNzng7JzksZT2w
[Sun Jan 13 21:41:09 GMT 2019] _authz_url=‘https://acme-v02.api.letsencrypt.org/acme/authz/aXtMPtnxtGUiI4acGooq4zSqaoAwsw9kh6fFVzdFX3g
[Sun Jan 13 21:41:09 GMT 2019] GET
[Sun Jan 13 21:41:09 GMT 2019] url=‘https://acme-v02.api.letsencrypt.org/acme/authz/aXtMPtnxtGUiI4acGooq4zSqaoAwsw9kh6fFVzdFX3g
[Sun Jan 13 21:41:09 GMT 2019] timeout=
[Sun Jan 13 21:41:09 GMT 2019] Http already initialized.
[Sun Jan 13 21:41:09 GMT 2019] _CURL=‘curl -L --silent --dump-header /tmp/acme/DARGRANET.COM//http.header -g ’
[Sun Jan 13 21:41:10 GMT 2019] ret=‘0’
[Sun Jan 13 21:41:10 GMT 2019] response=’{“identifier”:{“type”:“dns”,“value”:“dargranet.com”},“status”:“pending”,“expires”:“2019-01-20T21:41:09Z”,“challenges”:[{“type”:“dns-01”,“status”:“pending”,“url”:“https://acme-v02.api.letsencrypt.org/acme/challenge/aXtMPtnxtGUiI4acGooq4zSqaoAwsw9kh6fFVzdFX3g/11430302543",“token”:“yeRmUBhq2fKyC5nisuXUcuoJAl2CZG_vQcn50Vp6rig”}],"wildcard”: true}’
[Sun Jan 13 21:41:10 GMT 2019] _d=’.dargranet.com’
[Sun Jan 13 21:41:10 GMT 2019] _authz_url=‘https://acme-v02.api.letsencrypt.org/acme/authz/xp1C03q58eGa6hnfbZklwEgFjJfzitNzng7JzksZT2w
[Sun Jan 13 21:41:10 GMT 2019] GET
[Sun Jan 13 21:41:10 GMT 2019] url=‘https://acme-v02.api.letsencrypt.org/acme/authz/xp1C03q58eGa6hnfbZklwEgFjJfzitNzng7JzksZT2w
[Sun Jan 13 21:41:10 GMT 2019] timeout=
[Sun Jan 13 21:41:10 GMT 2019] Http already initialized.
[Sun Jan 13 21:41:10 GMT 2019] _CURL=‘curl -L --silent --dump-header /tmp/acme/DARGRANET.COM//http.header -g ’
[Sun Jan 13 21:41:10 GMT 2019] ret=‘0’
[Sun Jan 13 21:41:10 GMT 2019] response=’{“identifier”:{“type”:“dns”,“value”:“dargranet.com”},“status”:“pending”,“expires”:“2019-01-20T21:41:09Z”,“challenges”:[{“type”:“http-01”,“status”:“pending”,“url”:“https://acme-v02.api.letsencrypt.org/acme/challenge/xp1C03q58eGa6hnfbZklwEgFjJfzitNzng7JzksZT2w/11430302544",“token”:“rno4kRLTHaRk3h_gwa5ETeNKGHauVWOs38SOTB5XZEg”},{“type”:“tls-alpn-01”,“status”:“pending”,“url”:“https://acme-v02.api.letsencrypt.org/acme/challenge/xp1C03q58eGa6hnfbZklwEgFjJfzitNzng7JzksZT2w/11430302546”,“token”:“NuYjyxEhGZWFpUVdgc_fQytt3k4EAwdR8LtDUQiFigc”},{“type”:“dns-01”,“status”:“pending”,“url”:“https://acme-v02.api.letsencrypt.org/acme/challenge/xp1C03q58eGa6hnfbZklwEgFjJfzitNzng7JzksZT2w/11430302547”,“token”:"tkZXLiNEIjgDZvmLZNLdWAVZZIv6JhuSThHpEZlNoHg”}]}’
[Sun Jan 13 21:41:10 GMT 2019] _d=‘dargranet.com
[Sun Jan 13 21:41:10 GMT 2019] _authorizations_map=‘dargranet.com,{“identifier”:{“type”:“dns”,“value”:“dargranet.com”},“status”:“pending”,“expires”:“2019-01-20T21:41:09Z”,“challenges”:[{“type”:“http-01”,“status”:“pending”,“url”:“https://acme-v02.api.letsencrypt.org/acme/challenge/xp1C03q58eGa6hnfbZklwEgFjJfzitNzng7JzksZT2w/11430302544",“token”:“rno4kRLTHaRk3h_gwa5ETeNKGHauVWOs38SOTB5XZEg”},{“type”:“tls-alpn-01”,“status”:“pending”,“url”:“https://acme-v02.api.letsencrypt.org/acme/challenge/xp1C03q58eGa6hnfbZklwEgFjJfzitNzng7JzksZT2w/11430302546”,“token”:“NuYjyxEhGZWFpUVdgc_fQytt3k4EAwdR8LtDUQiFigc”},{“type”:“dns-01”,“status”:“pending”,“url”:“https://acme-v02.api.letsencrypt.org/acme/challenge/xp1C03q58eGa6hnfbZklwEgFjJfzitNzng7JzksZT2w/11430302547”,“token”:"tkZXLiNEIjgDZvmLZNLdWAVZZIv6JhuSThHpEZlNoHg”}]}
.dargranet.com,{“identifier”:{“type”:“dns”,“value”:“dargranet.com”},“status”:“pending”,“expires”:“2019-01-20T21:41:09Z”,“challenges”:[{“type”:“dns-01”,“status”:“pending”,“url”:“https://acme-v02.api.letsencrypt.org/acme/challenge/aXtMPtnxtGUiI4acGooq4zSqaoAwsw9kh6fFVzdFX3g/11430302543",“token”:“yeRmUBhq2fKyC5nisuXUcuoJAl2CZG_vQcn50Vp6rig”}],"wildcard”: true}

[Sun Jan 13 21:41:10 GMT 2019] d=’.DARGRANET.COM’
[Sun Jan 13 21:41:10 GMT 2019] Getting webroot for domain=’*.DARGRANET.COM’
[Sun Jan 13 21:41:10 GMT 2019] _w=‘dns_cf’
[Sun Jan 13 21:41:10 GMT 2019] _currentRoot=‘dns_cf’
[Sun Jan 13 21:41:10 GMT 2019] response
[Sun Jan 13 21:41:10 GMT 2019] get to authz error.
[Sun Jan 13 21:41:10 GMT 2019] _authorizations_map='dargranet.com,{“identifier”:{“type”:“dns”,“value”:“dargranet.com”},“status”:“pending”,“expires”:“2019-01-20T21:41:09Z”,“challenges”:[{“type”:“http-01”,“status”:“pending”,“url”:“https://acme-v02.api.letsencrypt.org/acme/challenge/xp1C03q58eGa6hnfbZklwEgFjJfzitNzng7JzksZT2w/11430302544",“token”:“rno4kRLTHaRk3h_gwa5ETeNKGHauVWOs38SOTB5XZEg”},{“type”:“tls-alpn-01”,“status”:“pending”,“url”:“https://acme-v02.api.letsencrypt.org/acme/challenge/xp1C03q58eGa6hnfbZklwEgFjJfzitNzng7JzksZT2w/11430302546”,“token”:“NuYjyxEhGZWFpUVdgc_fQytt3k4EAwdR8LtDUQiFigc”},{“type”:“dns-01”,“status”:“pending”,“url”:“https://acme-v02.api.letsencrypt.org/acme/challenge/xp1C03q58eGa6hnfbZklwEgFjJfzitNzng7JzksZT2w/11430302547”,“token”:"tkZXLiNEIjgDZvmLZNLdWAVZZIv6JhuSThHpEZlNoHg”}]}
*.dargranet.com,{“identifier”:{“type”:“dns”,“value”:“dargranet.com”},“status”:“pending”,“expires”:“2019-01-20T21:41:09Z”,“challenges”:[{“type”:“dns-01”,“status”:“pending”,“url”:“https://acme-v02.api.letsencrypt.org/acme/challenge/aXtMPtnxtGUiI4acGooq4zSqaoAwsw9kh6fFVzdFX3g/11430302543",“token”:“yeRmUBhq2fKyC5nisuXUcuoJAl2CZG_vQcn50Vp6rig”}],"wildcard”: true}

[Sun Jan 13 21:41:10 GMT 2019] pid
[Sun Jan 13 21:41:10 GMT 2019] No need to restore nginx, skip.
[Sun Jan 13 21:41:10 GMT 2019] _clearupdns
[Sun Jan 13 21:41:10 GMT 2019] skip dns.
[Sun Jan 13 21:41:10 GMT 2019] _on_issue_err
[Sun Jan 13 21:41:10 GMT 2019] Please check log file for more details: /tmp/acme/DARGRANET.COM/acme_issuecert.log
[Sun Jan 13 21:41:10 GMT 2019] _chk_vlist

Anyone have ANY ideas?

15

It's the same picture. The code stops, your order is pending.

https://acme-v02.api.letsencrypt.org/acme/authz/aXtMPtnxtGUiI4acGooq4zSqaoAwsw9kh6fFVzdFX3g
https://acme-v02.api.letsencrypt.org/acme/authz/xp1C03q58eGa6hnfbZklwEgFjJfzitNzng7JzksZT2w

So again: What says this log?

16

That is the log :slight_smile: I’m wondering if the whole pfsense API is screwed up! Dispite reinstalling pf a dozen times.

17

Perhaps you should ask in a pfsense forum.

https://www.netgate.com/docs/pfsense/certificates/acme-validation.html

There was a small Letsencrypt API change

but I don't know if this is relevant.

18

Thanks JuergenAuer, I was thinking exactly the same.

For now I’ll just use certify the web and copy the cert to firewall

19

It definitely isn't, the change is not live yet. It will be enabled in staging on the 16th

20

Well I’ve asked the question in the pfsense forums and waiting on a response. Seems others aren’t having issues though so my head is wrecked.

Will wait until 16th and try staging again.