haproxy deploy don't works #5155

davidemiccone · 2024-05-22T22:23:30Z

In haproxy deploy script I had to remove -e after echo otherwise I receive "unknow command -e" and certificate is not deployed nor committed to haproxy socket

Line 359 changed from this
_socat_cert_set_cmd="echo -e '${_cmdpfx}set ssl cert ${_pem} <<\n$(cat "${_pem}")\n' | socat '${_statssock}' - | grep -q 'Transaction created'"

to this
_socat_cert_set_cmd="echo '${_cmdpfx}set ssl cert ${_pem} <<\n$(cat "${_pem}")\n' | socat '${_statssock}' - | grep -q 'Transaction created'"

The text was updated successfully, but these errors were encountered:

github-actions · 2024-05-22T22:23:40Z

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.

davidemiccone · 2024-05-22T22:38:53Z

I'm still using latest version
Below the log, but I already debugged and I need to change "echo -e" in "echo" on line 359

$ /usr/local/share/acme.sh/acme.sh --force --debug 2 --cron --home "/var/lib/acme/.acme.sh"
[Thu May 23 12:32:14 AM CEST 2024] Lets find script dir.
[Thu May 23 12:32:14 AM CEST 2024] SCRIPT='/usr/local/share/acme.sh/acme.sh'
[Thu May 23 12:32:14 AM CEST 2024] _script='/usr/local/share/acme.sh/acme.sh'
[Thu May 23 12:32:14 AM CEST 2024] _script_home='/usr/local/share/acme.sh'
[Thu May 23 12:32:14 AM CEST 2024] Using config home:/var/lib/acme/.acme.sh
[Thu May 23 12:32:14 AM CEST 2024] LE_WORKING_DIR='/var/lib/acme/.acme.sh'
https://github.com/maddes-b/acme.sh
v3.0.8
[Thu May 23 12:32:14 AM CEST 2024] Running cmd: cron
[Thu May 23 12:32:14 AM CEST 2024] Using config home:/var/lib/acme/.acme.sh
[Thu May 23 12:32:14 AM CEST 2024] default_acme_server
[Thu May 23 12:32:14 AM CEST 2024] ACME_DIRECTORY='https://acme.zerossl.com/v2/DV90'
[Thu May 23 12:32:14 AM CEST 2024] _ACME_SERVER_HOST='acme.zerossl.com'
[Thu May 23 12:32:14 AM CEST 2024] _ACME_SERVER_PATH='v2/DV90'
[Thu May 23 12:32:14 AM CEST 2024] ===Starting cron===
[Thu May 23 12:32:14 AM CEST 2024] Using config home:/var/lib/acme/.acme.sh
[Thu May 23 12:32:14 AM CEST 2024] ACME_DIRECTORY='https://acme.zerossl.com/v2/DV90'
[Thu May 23 12:32:14 AM CEST 2024] _ACME_SERVER_HOST='acme.zerossl.com'
[Thu May 23 12:32:14 AM CEST 2024] _ACME_SERVER_PATH='v2/DV90'
[Thu May 23 12:32:14 AM CEST 2024] _stopRenewOnError
[Thu May 23 12:32:14 AM CEST 2024] _server
[Thu May 23 12:32:14 AM CEST 2024] _set_level='2'
[Thu May 23 12:32:14 AM CEST 2024] di='/var/lib/acme/.acme.sh/keyring.XXXXXXXXXXX.com_ecc/'
[Thu May 23 12:32:14 AM CEST 2024] d='keyring.XXXXXXXXXXX.com_ecc'
[Thu May 23 12:32:14 AM CEST 2024] _renewServer
[Thu May 23 12:32:14 AM CEST 2024] Using config home:/var/lib/acme/.acme.sh
[Thu May 23 12:32:14 AM CEST 2024] ACME_DIRECTORY='https://acme.zerossl.com/v2/DV90'
[Thu May 23 12:32:14 AM CEST 2024] _ACME_SERVER_HOST='acme.zerossl.com'
[Thu May 23 12:32:14 AM CEST 2024] _ACME_SERVER_PATH='v2/DV90'
[Thu May 23 12:32:14 AM CEST 2024] DOMAIN_PATH='/var/lib/acme/.acme.sh/keyring.XXXXXXXXXXX.com_ecc'
[Thu May 23 12:32:14 AM CEST 2024] Renew: 'keyring.XXXXXXXXXXX.com'
[Thu May 23 12:32:14 AM CEST 2024] Le_API='https://acme-staging-v02.api.letsencrypt.org/directory'
[Thu May 23 12:32:14 AM CEST 2024] Renew to Le_API=https://acme-staging-v02.api.letsencrypt.org/directory
[Thu May 23 12:32:14 AM CEST 2024] initpath again.
[Thu May 23 12:32:14 AM CEST 2024] Using config home:/var/lib/acme/.acme.sh
[Thu May 23 12:32:14 AM CEST 2024] ACME_DIRECTORY='https://acme-staging-v02.api.letsencrypt.org/directory'
[Thu May 23 12:32:14 AM CEST 2024] _ACME_SERVER_HOST='acme-staging-v02.api.letsencrypt.org'
[Thu May 23 12:32:14 AM CEST 2024] _ACME_SERVER_PATH='directory'
[Thu May 23 12:32:14 AM CEST 2024] _main_domain='keyring.XXXXXXXXXXX.com'
[Thu May 23 12:32:14 AM CEST 2024] _alt_domains='no'
[Thu May 23 12:32:14 AM CEST 2024] 'stateless' does not contain 'dns'
[Thu May 23 12:32:14 AM CEST 2024] 'stateless' does not contain 'dns'
[Thu May 23 12:32:14 AM CEST 2024] Le_NextRenewTime='1721513881'
[Thu May 23 12:32:14 AM CEST 2024] Using ACME_DIRECTORY: https://acme-staging-v02.api.letsencrypt.org/directory
[Thu May 23 12:32:14 AM CEST 2024] _init api for server: https://acme-staging-v02.api.letsencrypt.org/directory
[Thu May 23 12:32:14 AM CEST 2024] GET
[Thu May 23 12:32:14 AM CEST 2024] url='https://acme-staging-v02.api.letsencrypt.org/directory'
[Thu May 23 12:32:14 AM CEST 2024] timeout=
[Thu May 23 12:32:14 AM CEST 2024] _CURL='curl --silent --dump-header /var/lib/acme/.acme.sh/http.header -L --trace-ascii /tmp/tmp.7qNkYf3V5l -g '
[Thu May 23 12:32:15 AM CEST 2024] ret='0'
[Thu May 23 12:32:15 AM CEST 2024] response='{
"e6R7qLeAG3c": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf",
"website": "https://letsencrypt.org/docs/staging-environment/"
},
"newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order",
"renewalInfo": "https://acme-staging-v02.api.letsencrypt.org/draft-ietf-acme-ari-03/renewalInfo",
"revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert"
}'
[Thu May 23 12:32:15 AM CEST 2024] ACME_KEY_CHANGE='https://acme-staging-v02.api.letsencrypt.org/acme/key-change'
[Thu May 23 12:32:15 AM CEST 2024] ACME_NEW_AUTHZ
[Thu May 23 12:32:15 AM CEST 2024] ACME_NEW_ORDER='https://acme-staging-v02.api.letsencrypt.org/acme/new-order'
[Thu May 23 12:32:15 AM CEST 2024] ACME_NEW_ACCOUNT='https://acme-staging-v02.api.letsencrypt.org/acme/new-acct'
[Thu May 23 12:32:15 AM CEST 2024] ACME_REVOKE_CERT='https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert'
[Thu May 23 12:32:15 AM CEST 2024] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf'
[Thu May 23 12:32:15 AM CEST 2024] ACME_NEW_NONCE='https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce'
[Thu May 23 12:32:15 AM CEST 2024] Using CA: https://acme-staging-v02.api.letsencrypt.org/directory
[Thu May 23 12:32:15 AM CEST 2024] _on_before_issue
[Thu May 23 12:32:15 AM CEST 2024] _chk_main_domain='keyring.XXXXXXXXXXX.com'
[Thu May 23 12:32:15 AM CEST 2024] _chk_alt_domains
[Thu May 23 12:32:15 AM CEST 2024] 'stateless' does not contain 'no'
[Thu May 23 12:32:15 AM CEST 2024] Le_LocalAddress
[Thu May 23 12:32:15 AM CEST 2024] d='keyring.XXXXXXXXXXX.com'
[Thu May 23 12:32:15 AM CEST 2024] Check for domain='keyring.XXXXXXXXXXX.com'
[Thu May 23 12:32:15 AM CEST 2024] _currentRoot='stateless'
[Thu May 23 12:32:15 AM CEST 2024] d
[Thu May 23 12:32:15 AM CEST 2024] 'stateless' does not contain 'apache'
[Thu May 23 12:32:15 AM CEST 2024] _saved_account_key_hash='+v1RUDlADPSIfJgc+m2DJRYs1y3mxjGstgPpkWd7Kzk='
[Thu May 23 12:32:15 AM CEST 2024] _saved_account_key_hash is not changed, skip register account.
[Thu May 23 12:32:15 AM CEST 2024] Read key length:ec-256
[Thu May 23 12:32:15 AM CEST 2024] _createcsr
[Thu May 23 12:32:15 AM CEST 2024] domain='keyring.XXXXXXXXXXX.com'
[Thu May 23 12:32:15 AM CEST 2024] domainlist
[Thu May 23 12:32:15 AM CEST 2024] csrkey='/var/lib/acme/.acme.sh/keyring.XXXXXXXXXXX.com_ecc/keyring.XXXXXXXXXXX.com.key'
[Thu May 23 12:32:15 AM CEST 2024] csr='/var/lib/acme/.acme.sh/keyring.XXXXXXXXXXX.com_ecc/keyring.XXXXXXXXXXX.com.csr'
[Thu May 23 12:32:15 AM CEST 2024] csrconf='/var/lib/acme/.acme.sh/keyring.XXXXXXXXXXX.com_ecc/keyring.XXXXXXXXXXX.com.csr.conf'
[Thu May 23 12:32:15 AM CEST 2024] Single domain='keyring.XXXXXXXXXXX.com'
[Thu May 23 12:32:15 AM CEST 2024] seg='keyring'
[Thu May 23 12:32:15 AM CEST 2024] _is_idn_d='keyring.XXXXXXXXXXX.com'
[Thu May 23 12:32:15 AM CEST 2024] _idn_temp
[Thu May 23 12:32:15 AM CEST 2024] _is_idn_d='keyring.XXXXXXXXXXX.com'
[Thu May 23 12:32:15 AM CEST 2024] _idn_temp
[Thu May 23 12:32:15 AM CEST 2024] _csr_cn='keyring.XXXXXXXXXXX.com'
[Thu May 23 12:32:15 AM CEST 2024] seg='keyring'
[Thu May 23 12:32:15 AM CEST 2024] Getting domain auth token for each domain
[Thu May 23 12:32:15 AM CEST 2024] seg='keyring'
[Thu May 23 12:32:15 AM CEST 2024] _is_idn_d='keyring.XXXXXXXXXXX.com'
[Thu May 23 12:32:15 AM CEST 2024] _idn_temp
[Thu May 23 12:32:15 AM CEST 2024] d
[Thu May 23 12:32:15 AM CEST 2024] _identifiers='{"type":"dns","value":"keyring.XXXXXXXXXXX.com"}'
[Thu May 23 12:32:15 AM CEST 2024] _notBefore
[Thu May 23 12:32:15 AM CEST 2024] _notAfter
[Thu May 23 12:32:15 AM CEST 2024] STEP 1, Ordering a Certificate
[Thu May 23 12:32:15 AM CEST 2024] =======Begin Send Signed Request=======
[Thu May 23 12:32:15 AM CEST 2024] url='https://acme-staging-v02.api.letsencrypt.org/acme/new-order'
[Thu May 23 12:32:15 AM CEST 2024] payload='{"identifiers": [{"type":"dns","value":"keyring.XXXXXXXXXXX.com"}]}'
[Thu May 23 12:32:15 AM CEST 2024] EC key
[Thu May 23 12:32:15 AM CEST 2024] Get nonce with HEAD. ACME_NEW_NONCE='https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce'
[Thu May 23 12:32:15 AM CEST 2024] HEAD
[Thu May 23 12:32:15 AM CEST 2024] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce'
[Thu May 23 12:32:15 AM CEST 2024] body
[Thu May 23 12:32:15 AM CEST 2024] _postContentType='application/jose+json'
[Thu May 23 12:32:15 AM CEST 2024] _CURL='curl --silent --dump-header /var/lib/acme/.acme.sh/http.header -L --trace-ascii /tmp/tmp.3QNx6rUPKv -g -I '
[Thu May 23 12:32:16 AM CEST 2024] _ret='0'
[Thu May 23 12:32:16 AM CEST 2024] _headers='HTTP/2 200
server: nginx
date: Wed, 22 May 2024 22:32:16 GMT
cache-control: public, max-age=0, no-cache
link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
replay-nonce: Nk1iOSEp0GV_I9JEMmJbynlCnhX9SXlY9bARoQf8XTAxM8IDAeg
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu May 23 12:32:16 AM CEST 2024] _CACHED_NONCE='Nk1iOSEp0GV_I9JEMmJbynlCnhX9SXlY9bARoQf8XTAxM8IDAeg'
[Thu May 23 12:32:16 AM CEST 2024] nonce='Nk1iOSEp0GV_I9JEMmJbynlCnhX9SXlY9bARoQf8XTAxM8IDAeg'
[Thu May 23 12:32:17 AM CEST 2024] POST
[Thu May 23 12:32:17 AM CEST 2024] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/new-order'
[Thu May 23 12:32:17 AM CEST 2024] body='{"protected": "eyJub25jZSI6ICJOazFpT1NFcDBHVl9JOUpFTW1KYnlubENuaFg5U1hsWTliQVJvUWY4WFRBeE04SURBZWciLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvb
[Thu May 23 12:32:17 AM CEST 2024] _postContentType='application/jose+json'
[Thu May 23 12:32:17 AM CEST 2024] Http already initialized.
[Thu May 23 12:32:17 AM CEST 2024] _CURL='curl --silent --dump-header /var/lib/acme/.acme.sh/http.header -L --trace-ascii /tmp/tmp.3QNx6rUPKv -g '
[Thu May 23 12:32:17 AM CEST 2024] _ret='0'
[Thu May 23 12:32:17 AM CEST 2024] responseHeaders='HTTP/2 201
server: nginx
date: Wed, 22 May 2024 22:32:17 GMT
content-type: application/json
content-length: 361
boulder-requester: 149163194
cache-control: public, max-age=0, no-cache
link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
location: https://acme-staging-v02.api.letsencrypt.org/acme/order/149163194/16698171534
replay-nonce: Nk1iOSEps3yye3a1H4d6qjpt-wt-5MFapnslppttJgmSiN0jpL0
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu May 23 12:32:17 AM CEST 2024] code='201'
[Thu May 23 12:32:17 AM CEST 2024] original='{
"status": "ready",
"expires": "2024-05-29T22:32:17Z",
"identifiers": [
{
"type": "dns",
"value": "keyring.XXXXXXXXXXX.com"
}
],
"authorizations": [
"https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/12466260674"
],
"finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/149163194/16698171534"
}'
[Thu May 23 12:32:17 AM CEST 2024] response='{"status":"ready","expires":"2024-05-29T22:32:17Z","identifiers":[{"type":"dns","value":"keyring.XXXXXXXXXXX.com"}],"authorizations":["https://acme-staging-v02.api.letsencrypt
[Thu May 23 12:32:17 AM CEST 2024] Le_LinkOrder='https://acme-staging-v02.api.letsencrypt.org/acme/order/149163194/16698171534'
[Thu May 23 12:32:17 AM CEST 2024] Le_OrderFinalize='https://acme-staging-v02.api.letsencrypt.org/acme/finalize/149163194/16698171534'
[Thu May 23 12:32:17 AM CEST 2024] _authorizations_seg='https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/12466260674'
[Thu May 23 12:32:17 AM CEST 2024] STEP 2, Get the authorizations of each domain
[Thu May 23 12:32:17 AM CEST 2024] _authz_url='https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/12466260674'
[Thu May 23 12:32:17 AM CEST 2024] =======Begin Send Signed Request=======
[Thu May 23 12:32:17 AM CEST 2024] url='https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/12466260674'
[Thu May 23 12:32:17 AM CEST 2024] payload
[Thu May 23 12:32:17 AM CEST 2024] Use cached jwk for file: /var/lib/acme/.acme.sh/ca/acme-staging-v02.api.letsencrypt.org/directory/account.key
[Thu May 23 12:32:17 AM CEST 2024] Use _CACHED_NONCE='Nk1iOSEps3yye3a1H4d6qjpt-wt-5MFapnslppttJgmSiN0jpL0'
[Thu May 23 12:32:17 AM CEST 2024] nonce='Nk1iOSEps3yye3a1H4d6qjpt-wt-5MFapnslppttJgmSiN0jpL0'
[Thu May 23 12:32:17 AM CEST 2024] POST
[Thu May 23 12:32:17 AM CEST 2024] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/12466260674'
[Thu May 23 12:32:17 AM CEST 2024] body='{"protected": "eyJub25jZSI6ICJOazFpT1NFcHMzeXllM2ExSDRkNnFqcHQtd3QtNU1GYXBuc2xwcHR0SmdtU2lOMGpwTDAiLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY
[Thu May 23 12:32:17 AM CEST 2024] _postContentType='application/jose+json'
[Thu May 23 12:32:17 AM CEST 2024] Http already initialized.
[Thu May 23 12:32:17 AM CEST 2024] _CURL='curl --silent --dump-header /var/lib/acme/.acme.sh/http.header -L --trace-ascii /tmp/tmp.3QNx6rUPKv -g '
[Thu May 23 12:32:18 AM CEST 2024] _ret='0'
[Thu May 23 12:32:18 AM CEST 2024] responseHeaders='HTTP/2 200
server: nginx
date: Wed, 22 May 2024 22:32:18 GMT
content-type: application/json
content-length: 792
boulder-requester: 149163194
cache-control: public, max-age=0, no-cache
link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
replay-nonce: Nk1iOSEpUaVQVdgC2ihe6gcx17SMcS4wyEEiT76dulduyiGcMNs
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu May 23 12:32:18 AM CEST 2024] code='200'
[Thu May 23 12:32:18 AM CEST 2024] original='{
"identifier": {
"type": "dns",
"value": "keyring.XXXXXXXXXXX.com"
},
"status": "valid",
"expires": "2024-06-21T20:42:07Z",
"challenges": [
{
"type": "http-01",
"status": "valid",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/12466260674/6qv-hw",
"token": "hRQxDVu49o0BdxKdZxoB9pQNOcdNRWE7CWbFV1RKSfs",
"validationRecord": [
{
"url": "http://keyring.XXXXXXXXXXX.com/.well-known/acme-challenge/hRQxDVu49o0BdxKdZxoB9pQNOcdNRWE7CWbFV1RKSfs",
"hostname": "keyring.XXXXXXXXXXX.com",
"port": "80",
"addressesResolved": [
"77.108.41.83"
],
"addressUsed": "77.108.41.83"
}
],
"validated": "2024-05-22T20:41:56Z"
}
]
}'
[Thu May 23 12:32:18 AM CEST 2024] response='{"identifier":{"type":"dns","value":"keyring.XXXXXXXXXXX.com"},"status":"valid","expires":"2024-06-21T20:42:07Z","challenges":[{"type":"http-01","status":"valid","url":"https:
[Thu May 23 12:32:18 AM CEST 2024] response='{"identifier":{"type":"dns","value":"keyring.XXXXXXXXXXX.com"},"status":"valid","expires":"2024-06-21T20:42:07Z","challenges":[{"type":"http-01","status":"valid","url":"https:
[Thu May 23 12:32:18 AM CEST 2024] _d='keyring.XXXXXXXXXXX.com'
[Thu May 23 12:32:18 AM CEST 2024] _authorizations_map='keyring.XXXXXXXXXXX.com,{"identifier":{"type":"dns","value":"keyring.XXXXXXXXXXX.com"},"status":"valid","expires":"2024-06-21T20:42:07Z","challenges":[{"type":"htt
'
[Thu May 23 12:32:18 AM CEST 2024] d='keyring.XXXXXXXXXXX.com'
[Thu May 23 12:32:18 AM CEST 2024] Getting webroot for domain='keyring.XXXXXXXXXXX.com'
[Thu May 23 12:32:18 AM CEST 2024] _w='stateless'
[Thu May 23 12:32:18 AM CEST 2024] _currentRoot='stateless'
[Thu May 23 12:32:18 AM CEST 2024] _is_idn_d='keyring.XXXXXXXXXXX.com'
[Thu May 23 12:32:18 AM CEST 2024] _idn_temp
[Thu May 23 12:32:18 AM CEST 2024] _candidates='keyring.XXXXXXXXXXX.com,{"identifier":{"type":"dns","value":"keyring.XXXXXXXXXXX.com"},"status":"valid","expires":"2024-06-21T20:42:07Z","challenges":[{"type":"http-01","s
[Thu May 23 12:32:18 AM CEST 2024] response='{"identifier":{"type":"dns","value":"keyring.XXXXXXXXXXX.com"},"status":"valid","expires":"2024-06-21T20:42:07Z","challenges":[{"type":"http-01","status":"valid","url":"https:
[Thu May 23 12:32:18 AM CEST 2024] _authz_url='https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/12466260674'
[Thu May 23 12:32:18 AM CEST 2024] keyring.XXXXXXXXXXX.com is already valid.
[Thu May 23 12:32:18 AM CEST 2024] keyauthorization='verified_ok'
[Thu May 23 12:32:18 AM CEST 2024] entry='"type":"http-01","status":"valid","url":"https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/12466260674/6qv-hw","token":"hRQxDVu49o0BdxKdZxoB9pQNOcdNRWE7CWbFV1RKSfs","vali
[Thu May 23 12:32:18 AM CEST 2024] dvlist='keyring.XXXXXXXXXXX.com#verified_ok##http-01#stateless#https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/12466260674'
[Thu May 23 12:32:18 AM CEST 2024] d
[Thu May 23 12:32:18 AM CEST 2024] vlist='keyring.XXXXXXXXXXX.com#verified_ok##http-01#stateless#https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/12466260674,'
[Thu May 23 12:32:18 AM CEST 2024] d='keyring.XXXXXXXXXXX.com'
[Thu May 23 12:32:18 AM CEST 2024] keyring.XXXXXXXXXXX.com is already verified, skip http-01.
[Thu May 23 12:32:18 AM CEST 2024] ok, let's start to verify
[Thu May 23 12:32:18 AM CEST 2024] keyring.XXXXXXXXXXX.com is already verified, skip http-01.
[Thu May 23 12:32:18 AM CEST 2024] pid
[Thu May 23 12:32:18 AM CEST 2024] No need to restore nginx, skip.
[Thu May 23 12:32:18 AM CEST 2024] _clearupdns
[Thu May 23 12:32:18 AM CEST 2024] dns_entries
[Thu May 23 12:32:18 AM CEST 2024] skip dns.
[Thu May 23 12:32:18 AM CEST 2024] Verify finished, start to sign.
[Thu May 23 12:32:18 AM CEST 2024] i='2'
[Thu May 23 12:32:18 AM CEST 2024] j='8'
[Thu May 23 12:32:18 AM CEST 2024] Lets finalize the order.
[Thu May 23 12:32:18 AM CEST 2024] Le_OrderFinalize='https://acme-staging-v02.api.letsencrypt.org/acme/finalize/149163194/16698171534'
[Thu May 23 12:32:18 AM CEST 2024] =======Begin Send Signed Request=======
[Thu May 23 12:32:18 AM CEST 2024] url='https://acme-staging-v02.api.letsencrypt.org/acme/finalize/149163194/16698171534'
[Thu May 23 12:32:18 AM CEST 2024] payload='{"csr": "MIIBMzCB2gIBADAjMSEwHwYDVQQDDBhrZXlyaW5nLmVuZHVyYW5jZXNwYS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASuhEL-1iSilvxm1dT3g2SMiMr6eq6OsY5nyU1kB2CtjOpaOJenf1OXaZ7EMKu6oJYGbDLZ
[Thu May 23 12:32:18 AM CEST 2024] Use cached jwk for file: /var/lib/acme/.acme.sh/ca/acme-staging-v02.api.letsencrypt.org/directory/account.key
[Thu May 23 12:32:18 AM CEST 2024] Use _CACHED_NONCE='Nk1iOSEpUaVQVdgC2ihe6gcx17SMcS4wyEEiT76dulduyiGcMNs'
[Thu May 23 12:32:18 AM CEST 2024] nonce='Nk1iOSEpUaVQVdgC2ihe6gcx17SMcS4wyEEiT76dulduyiGcMNs'
[Thu May 23 12:32:18 AM CEST 2024] POST
[Thu May 23 12:32:18 AM CEST 2024] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/finalize/149163194/16698171534'
[Thu May 23 12:32:18 AM CEST 2024] body='{"protected": "eyJub25jZSI6ICJOazFpT1NFcFVhVlFWZGdDMmloZTZnY3gxN1NNY1M0d3lFRWlUNzZkdWxkdXlpR2NNTnMiLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvZ
[Thu May 23 12:32:18 AM CEST 2024] _postContentType='application/jose+json'
[Thu May 23 12:32:18 AM CEST 2024] Http already initialized.
[Thu May 23 12:32:18 AM CEST 2024] _CURL='curl --silent --dump-header /var/lib/acme/.acme.sh/http.header -L --trace-ascii /tmp/tmp.3QNx6rUPKv -g '
[Thu May 23 12:32:19 AM CEST 2024] _ret='0'
[Thu May 23 12:32:19 AM CEST 2024] responseHeaders='HTTP/2 200
server: nginx
date: Wed, 22 May 2024 22:32:18 GMT
content-type: application/json
content-length: 366
boulder-requester: 149163194
cache-control: public, max-age=0, no-cache
link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
location: https://acme-staging-v02.api.letsencrypt.org/acme/order/149163194/16698171534
replay-nonce: Nk1iOSEpdhrG-f2v2Rc5EAKEimsvOHZg45ZLMru7i88wdxg_oJA
retry-after: 3
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu May 23 12:32:19 AM CEST 2024] code='200'
[Thu May 23 12:32:19 AM CEST 2024] original='{
"status": "processing",
"expires": "2024-05-29T22:32:17Z",
"identifiers": [
{
"type": "dns",
"value": "keyring.XXXXXXXXXXX.com"
}
],
"authorizations": [
"https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/12466260674"
],
"finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/149163194/16698171534"
}'
[Thu May 23 12:32:19 AM CEST 2024] response='{"status":"processing","expires":"2024-05-29T22:32:17Z","identifiers":[{"type":"dns","value":"keyring.XXXXXXXXXXX.com"}],"authorizations":["https://acme-staging-v02.api.letsen
[Thu May 23 12:32:19 AM CEST 2024] Order status is processing, lets sleep and retry.
[Thu May 23 12:32:19 AM CEST 2024] _retryafter='3'
[Thu May 23 12:32:19 AM CEST 2024] Retry after: 3
[Thu May 23 12:32:23 AM CEST 2024] Polling order status: https://acme-staging-v02.api.letsencrypt.org/acme/order/149163194/16698171534
[Thu May 23 12:32:23 AM CEST 2024] =======Begin Send Signed Request=======
[Thu May 23 12:32:23 AM CEST 2024] url='https://acme-staging-v02.api.letsencrypt.org/acme/order/149163194/16698171534'
[Thu May 23 12:32:23 AM CEST 2024] payload
[Thu May 23 12:32:23 AM CEST 2024] Use cached jwk for file: /var/lib/acme/.acme.sh/ca/acme-staging-v02.api.letsencrypt.org/directory/account.key
[Thu May 23 12:32:23 AM CEST 2024] Use _CACHED_NONCE='Nk1iOSEpdhrG-f2v2Rc5EAKEimsvOHZg45ZLMru7i88wdxg_oJA'
[Thu May 23 12:32:23 AM CEST 2024] nonce='Nk1iOSEpdhrG-f2v2Rc5EAKEimsvOHZg45ZLMru7i88wdxg_oJA'
[Thu May 23 12:32:23 AM CEST 2024] POST
[Thu May 23 12:32:23 AM CEST 2024] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/order/149163194/16698171534'
[Thu May 23 12:32:23 AM CEST 2024] body='{"protected": "eyJub25jZSI6ICJOazFpT1NFcGRockctZjJ2MlJjNUVBS0VpbXN2T0haZzQ1WkxNcnU3aTg4d2R4Z19vSkEiLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvb
[Thu May 23 12:32:23 AM CEST 2024] _postContentType='application/jose+json'
[Thu May 23 12:32:23 AM CEST 2024] Http already initialized.
[Thu May 23 12:32:23 AM CEST 2024] _CURL='curl --silent --dump-header /var/lib/acme/.acme.sh/http.header -L --trace-ascii /tmp/tmp.3QNx6rUPKv -g '
[Thu May 23 12:32:23 AM CEST 2024] _ret='0'
[Thu May 23 12:32:23 AM CEST 2024] responseHeaders='HTTP/2 200
server: nginx
date: Wed, 22 May 2024 22:32:23 GMT
content-type: application/json
content-length: 473
cache-control: public, max-age=0, no-cache
link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
replay-nonce: Nk1iOSEpjtdS-wxxxarvEbUWUdyBkMKWezVvwB0ubTbWwTlQb0k
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu May 23 12:32:23 AM CEST 2024] code='200'
[Thu May 23 12:32:23 AM CEST 2024] original='{
"status": "valid",
"expires": "2024-05-29T22:32:17Z",
"identifiers": [
{
"type": "dns",
"value": "keyring.XXXXXXXXXXX.com"
}
],
"authorizations": [
"https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/12466260674"
],
"finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/149163194/16698171534",
"certificate": "https://acme-staging-v02.api.letsencrypt.org/acme/cert/2bb0b6edbebcf0e0e200298e8ecfebb57b25"
}'
[Thu May 23 12:32:23 AM CEST 2024] response='{"status":"valid","expires":"2024-05-29T22:32:17Z","identifiers":[{"type":"dns","value":"keyring.XXXXXXXXXXX.com"}],"authorizations":["https://acme-staging-v02.api.letsencrypt
[Thu May 23 12:32:23 AM CEST 2024] Order status is valid.
[Thu May 23 12:32:23 AM CEST 2024] Le_LinkCert='https://acme-staging-v02.api.letsencrypt.org/acme/cert/2bb0b6edbebcf0e0e200298e8ecfebb57b25'
[Thu May 23 12:32:23 AM CEST 2024] Downloading cert.
[Thu May 23 12:32:23 AM CEST 2024] Le_LinkCert='https://acme-staging-v02.api.letsencrypt.org/acme/cert/2bb0b6edbebcf0e0e200298e8ecfebb57b25'
[Thu May 23 12:32:23 AM CEST 2024] =======Begin Send Signed Request=======
[Thu May 23 12:32:23 AM CEST 2024] url='https://acme-staging-v02.api.letsencrypt.org/acme/cert/2bb0b6edbebcf0e0e200298e8ecfebb57b25'
[Thu May 23 12:32:23 AM CEST 2024] payload
[Thu May 23 12:32:23 AM CEST 2024] Use cached jwk for file: /var/lib/acme/.acme.sh/ca/acme-staging-v02.api.letsencrypt.org/directory/account.key
[Thu May 23 12:32:23 AM CEST 2024] Use _CACHED_NONCE='Nk1iOSEpjtdS-wxxxarvEbUWUdyBkMKWezVvwB0ubTbWwTlQb0k'
[Thu May 23 12:32:23 AM CEST 2024] nonce='Nk1iOSEpjtdS-wxxxarvEbUWUdyBkMKWezVvwB0ubTbWwTlQb0k'
[Thu May 23 12:32:24 AM CEST 2024] POST
[Thu May 23 12:32:24 AM CEST 2024] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/cert/2bb0b6edbebcf0e0e200298e8ecfebb57b25'
[Thu May 23 12:32:24 AM CEST 2024] body='{"protected": "eyJub25jZSI6ICJOazFpT1NFcGp0ZFMtd3h4eGFydkViVVdVZHlCa01LV2V6VnZ3QjB1YlRiV3dUbFFiMGsiLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY
[Thu May 23 12:32:24 AM CEST 2024] _postContentType='application/jose+json'
[Thu May 23 12:32:24 AM CEST 2024] Http already initialized.
[Thu May 23 12:32:24 AM CEST 2024] _CURL='curl --silent --dump-header /var/lib/acme/.acme.sh/http.header -L --trace-ascii /tmp/tmp.3QNx6rUPKv -g '
[Thu May 23 12:32:24 AM CEST 2024] _ret='0'
[Thu May 23 12:32:24 AM CEST 2024] responseHeaders='HTTP/2 200
server: nginx
date: Wed, 22 May 2024 22:32:24 GMT
content-type: application/pem-certificate-chain
content-length: 3015
cache-control: public, max-age=0, no-cache
link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
link: https://acme-staging-v02.api.letsencrypt.org/acme/cert/2bb0b6edbebcf0e0e200298e8ecfebb57b25/1;rel="alternate"
replay-nonce: z7d3lOu6pM3vGoG7ULpdVb0Qn7cBi7aPMVpyuilK3eLgw8pWjYI
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu May 23 12:32:24 AM CEST 2024] code='200'
[Thu May 23 12:32:24 AM CEST 2024] original='-----BEGIN CERTIFICATE-----
MIIDwTCCA0igAwIBAgISK7C27b688ODiACmOjs/rtXslMAoGCCqGSM49BAMDMFIx
CzAJBgNVBAYTAlVTMSAwHgYDVQQKExcoU1RBR0lORykgTGV0J3MgRW5jcnlwdDEh
MB8GA1UEAxMYKFNUQUdJTkcpIFBzZXVkbyBQbHVtIEU1MB4XDTI0MDUyMjIxMzIx
OFoXDTI0MDgyMDIxMzIxN1owIzEhMB8GA1UEAxMYa2V5cmluZy5lbmR1cmFuY2Vz
cGEuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEroRC/tYkopb8ZtXU94Nk
jIjK+nqujrGOZ8lNZAdgrYzqWjiXp39Tl2mexDCruqCWBmwy2RvLtKXKLffdLHKD
z6OCAiswggInMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUQ9OBySlzDIXArvvP34ur
WOQ79NIwHwYDVR0jBBgwFoAU/EbRAUNfu3umPTBorhG64LxtydMwXQYIKwYBBQUH
AQEEUTBPMCUGCCsGAQUFBzABhhlodHRwOi8vc3RnLWU1Lm8ubGVuY3Iub3JnMCYG
CCsGAQUFBzAChhpodHRwOi8vc3RnLWU1LmkubGVuY3Iub3JnLzAjBgNVHREEHDAa
ghhrZXlyaW5nLmVuZHVyYW5jZXNwYS5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEw
ggENBgorBgEEAdZ5AgQCBIH+BIH7APkAdwAW6GnB0ZXq18P4lxrj8HYB94zhtp0x
qFIYtoN/MagVCAAAAY+ibxFcAAAEAwBIMEYCIQDJacb1cDoneex7pBT+kIMqub+Y
DV44cjUjvHjK66MmGQIhAL1jilMBv8q4LIvPMzvBNBHYtAzo+iCGVYuRRq2J0HOQ
AH4AExUpb/oOZq27GgKCHkCImjlRz/rojPdapvMN4ETOqM0AAAGPom8VKgAIAAAF
ACQNAVUEAwBHMEUCIQD37h+esbr+Yiqb9doZ5ntWMzQs0EUJGKGkXr43kilv7AIg
NGaH9ZtgHWuhv3cnD7fTlY0O/Kq6e7107g9eauz2sN0wCgYIKoZIzj0EAwMDZwAw
ZAIwR6+vVuu72+ZgPbPdGKTaZEVdfEqDjt703wZ6Cwt4RyDa6uIXUqxC60/aSwQg
f+qJAjAkNi70eRLJ4M2RuYQjUiljxrS1ZYthc0BwI+Ix4wyUrLSYr5IkwAS/kD8J
hvIL7pk=
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
MIIEljCCAn6gAwIBAgIQRzEp1D1mDiVVv4b1zlB56jANBgkqhkiG9w0BAQsFADBm
MQswCQYDVQQGEwJVUzEzMDEGA1UEChMqKFNUQUdJTkcpIEludGVybmV0IFNlY3Vy
aXR5IFJlc2VhcmNoIEdyb3VwMSIwIAYDVQQDExkoU1RBR0lORykgUHJldGVuZCBQ
ZWFyIFgxMB4XDTI0MDMxMzAwMDAwMFoXDTI3MDMxMjIzNTk1OVowUjELMAkGA1UE
BhMCVVMxIDAeBgNVBAoTFyhTVEFHSU5HKSBMZXQncyBFbmNyeXB0MSEwHwYDVQQD
ExgoU1RBR0lORykgUHNldWRvIFBsdW0gRTUwdjAQBgcqhkjOPQIBBgUrgQQAIgNi
AATljbbcV+mqWZa3g+z0bDOuBpZOtbi48iK9rjLtPdRU0WsgVp53MW3nXFU6qVYV
zEYaYd6PSmec0Tj3R5zEp5/F+cuOjTdh3AkTMzYm1tkflocPBN5APHYZ+76WxZad
q+WjggEAMIH9MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
KwYBBQUHAwEwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU/EbRAUNfu3um
PTBorhG64LxtydMwHwYDVR0jBBgwFoAUtfNl8v6wCpIf+zx980SgrGMlwxQwNgYI
KwYBBQUHAQEEKjAoMCYGCCsGAQUFBzAChhpodHRwOi8vc3RnLXgxLmkubGVuY3Iu
b3JnLzATBgNVHSAEDDAKMAgGBmeBDAECATArBgNVHR8EJDAiMCCgHqAchhpodHRw
Oi8vc3RnLXgxLmMubGVuY3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAAtCGn4iG
cupruhkCTcoDqSIVTFgVR8JJ3GvGL7SYwIc4Fn0As66nQgnkATIzF5+gFb+CXEQD
qR2Jo+R38OeT7lQ1rNDcaJcbY6hL8cNRku3QlcfdYODZ5pgTVH04gTZUJISZKLjD
kMMcQIDZlF7iYqTvmHbn2ISSKorsJ3QKAvWhHwMoJtocSz3VeDJIep5QtbHnoXh1
/dyDx7sp8RuhC0eO9ElTgDtiA2V6JxigLPzqcnibBBR4bFLGtMNE4EvOOD/Fkd0L
hdGDbAMNd+O06n+b0rgmDvg75IgOV6fpDrdZFoiNfCckOEJh9v10uYt4pTc3B6lf
zI/X3EWP1H4VJmsYuy+OA29jPeP831sAObZtd3RWv0LQPrMfx6FCmy4AaeYEMvul
FrF6OX+JbssE+bn83F+sGEMZu/eVBwwKh3db7+2UduMdTOb8DePE3Aqlg9zofS8X
9fJXrrp+PPrdQyvM3e8DxuioWa9GLG30yD9WD6WTlSiiOrdWGOzisWpW4shFoL8u
0EfmeLVU4JVbauhOYZASQXABNeXewe9lqJWwfqaARYpRjyf+jRibn22H5NVK4Vog
l55Iq1rUgjc8r493NaNrlNwG7va7Ztkch5lJ3oL/FEVlVSK4snTbgb0b5qjQz3SA
i7rA/8QRZvOLnKNtdEUlDZNrzkZwHNluLGw=
-----END CERTIFICATE-----'
[Thu May 23 12:32:24 AM CEST 2024] Found cert chain
[Thu May 23 12:32:24 AM CEST 2024] _end_n='23'
[Thu May 23 12:32:24 AM CEST 2024] Le_LinkCert='https://acme-staging-v02.api.letsencrypt.org/acme/cert/2bb0b6edbebcf0e0e200298e8ecfebb57b25'
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:b0:b6:ed:be:bc:f0:e0:e2:00:29:8e:8e:cf:eb:b5:7b:25
Signature Algorithm: ecdsa-with-SHA384
Issuer: C = US, O = (STAGING) Let's Encrypt, CN = (STAGING) Pseudo Plum E5
Validity
Not Before: May 22 21:32:18 2024 GMT
Not After : Aug 20 21:32:17 2024 GMT
Subject: CN = keyring.XXXXXXXXXXX.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:ae:84:42:fe:d6:24:a2:96:fc:66:d5:d4:f7:83:
64:8c:88:ca:fa:7a:ae:8e:b1:8e:67:c9:4d:64:07:
60:ad:8c:ea:5a:38:97:a7:7f:53:97:69:9e:c4:30:
ab:ba:a0:96:06:6c:32:d9:1b:cb:b4:a5:ca:2d:f7:
dd:2c:72:83:cf
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
43:D3:81:C9:29:73:0C:85:C0:AE:FB:CF:DF:8B:AB:58:E4:3B:F4:D2
X509v3 Authority Key Identifier:
FC:46:D1:01:43:5F:BB:7B:A6:3D:30:68:AE:11:BA:E0:BC:6D:C9:D3
Authority Information Access:
OCSP - URI:http://stg-e5.o.lencr.org
CA Issuers - URI:http://stg-e5.i.lencr.org/
X509v3 Subject Alternative Name:
DNS:keyring.XXXXXXXXXXX.com
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 16:E8:69:C1:D1:95:EA:D7:C3:F8:97:1A:E3:F0:76:01:
F7:8C:E1:B6:9D:31:A8:52:18:B6:83:7F:31:A8:15:08
Timestamp : May 22 22:32:19.036 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:C9:69:C6:F5:70:3A:27:79:EC:7B:A4:
14:FE:90:83:2A:B9:BF:98:0D:5E:38:72:35:23:BC:78:
CA:EB:A3:26:19:02:21:00:BD:63:8A:53:01:BF:CA:B8:
2C:8B:CF:33:3B:C1:34:11:D8:B4:0C:E8:FA:20:86:55:
8B:91:46:AD:89:D0:73:90
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 13:15:29:6F:FA:0E:66:AD:BB:1A:02:82:1E:40:88:9A:
39:51:CF:FA:E8:8C:F7:5A:A6:F3:0D:E0:44:CE:A8:CD
Timestamp : May 22 22:32:20.010 2024 GMT
Extensions: 00:00:05:00:24:0D:01:55
Signature : ecdsa-with-SHA256
30:45:02:21:00:F7:EE:1F:9E:B1:BA:FE:62:2A:9B:F5:
DA:19:E6:7B:56:33:34:2C:D0:45:09:18:A1:A4:5E:BE:
37:92:29:6F:EC:02:20:34:66:87:F5:9B:60:1D:6B:A1:
BF:77:27:0F:B7:D3:95:8D:0E:FC:AA:BA:7B:BD:74:EE:
0F:5E:6A:EC:F6:B0:DD
Signature Algorithm: ecdsa-with-SHA384
Signature Value:
30:64:02:30:47:af:af:56:eb:bb:db:e6:60:3d:b3:dd:18:a4:
da:64:45:5d:7c:4a:83:8e:de:f4:df:06:7a:0b:0b:78:47:20:
da:ea:e2:17:52:ac:42:eb:4f:da:4b:04:20:7f:ea:89:02:30:
24:36:2e:f4:79:12:c9:e0:cd:91:b9:84:23:52:29:63:c6:b4:
b5:65:8b:61:73:40:70:23:e2:31:e3:0c:94:ac:b4:98:af:92:
24:c0:04:bf:90:3f:09:86:f2:0b:ee:99
[Thu May 23 12:32:24 AM CEST 2024] Cert success.
-----BEGIN CERTIFICATE-----
MIIDwTCCA0igAwIBAgISK7C27b688ODiACmOjs/rtXslMAoGCCqGSM49BAMDMFIx
CzAJBgNVBAYTAlVTMSAwHgYDVQQKExcoU1RBR0lORykgTGV0J3MgRW5jcnlwdDEh
MB8GA1UEAxMYKFNUQUdJTkcpIFBzZXVkbyBQbHVtIEU1MB4XDTI0MDUyMjIxMzIx
OFoXDTI0MDgyMDIxMzIxN1owIzEhMB8GA1UEAxMYa2V5cmluZy5lbmR1cmFuY2Vz
cGEuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEroRC/tYkopb8ZtXU94Nk
jIjK+nqujrGOZ8lNZAdgrYzqWjiXp39Tl2mexDCruqCWBmwy2RvLtKXKLffdLHKD
z6OCAiswggInMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUQ9OBySlzDIXArvvP34ur
WOQ79NIwHwYDVR0jBBgwFoAU/EbRAUNfu3umPTBorhG64LxtydMwXQYIKwYBBQUH
AQEEUTBPMCUGCCsGAQUFBzABhhlodHRwOi8vc3RnLWU1Lm8ubGVuY3Iub3JnMCYG
CCsGAQUFBzAChhpodHRwOi8vc3RnLWU1LmkubGVuY3Iub3JnLzAjBgNVHREEHDAa
ghhrZXlyaW5nLmVuZHVyYW5jZXNwYS5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEw
ggENBgorBgEEAdZ5AgQCBIH+BIH7APkAdwAW6GnB0ZXq18P4lxrj8HYB94zhtp0x
qFIYtoN/MagVCAAAAY+ibxFcAAAEAwBIMEYCIQDJacb1cDoneex7pBT+kIMqub+Y
DV44cjUjvHjK66MmGQIhAL1jilMBv8q4LIvPMzvBNBHYtAzo+iCGVYuRRq2J0HOQ
AH4AExUpb/oOZq27GgKCHkCImjlRz/rojPdapvMN4ETOqM0AAAGPom8VKgAIAAAF
ACQNAVUEAwBHMEUCIQD37h+esbr+Yiqb9doZ5ntWMzQs0EUJGKGkXr43kilv7AIg
NGaH9ZtgHWuhv3cnD7fTlY0O/Kq6e7107g9eauz2sN0wCgYIKoZIzj0EAwMDZwAw
ZAIwR6+vVuu72+ZgPbPdGKTaZEVdfEqDjt703wZ6Cwt4RyDa6uIXUqxC60/aSwQg
f+qJAjAkNi70eRLJ4M2RuYQjUiljxrS1ZYthc0BwI+Ix4wyUrLSYr5IkwAS/kD8J
hvIL7pk=
-----END CERTIFICATE-----
[Thu May 23 12:32:24 AM CEST 2024] Your cert is in: /var/lib/acme/.acme.sh/keyring.XXXXXXXXXXX.com_ecc/keyring.XXXXXXXXXXX.com.cer
[Thu May 23 12:32:24 AM CEST 2024] Your cert key is in: /var/lib/acme/.acme.sh/keyring.XXXXXXXXXXX.com_ecc/keyring.XXXXXXXXXXX.com.key
[Thu May 23 12:32:24 AM CEST 2024] The intermediate CA cert is in: /var/lib/acme/.acme.sh/keyring.XXXXXXXXXXX.com_ecc/ca.cer
[Thu May 23 12:32:24 AM CEST 2024] And the full chain certs is there: /var/lib/acme/.acme.sh/keyring.XXXXXXXXXXX.com_ecc/fullchain.cer
[Thu May 23 12:32:24 AM CEST 2024] _on_issue_success
[Thu May 23 12:32:24 AM CEST 2024] 'stateless' does not contain 'dns'
[Thu May 23 12:32:24 AM CEST 2024] _deployApi='/usr/local/share/acme.sh/deploy/haproxy.sh'
[Thu May 23 12:32:24 AM CEST 2024] _cdomain='keyring.XXXXXXXXXXX.com'
[Thu May 23 12:32:24 AM CEST 2024] _ckey='/var/lib/acme/.acme.sh/keyring.XXXXXXXXXXX.com_ecc/keyring.XXXXXXXXXXX.com.key'
[Thu May 23 12:32:24 AM CEST 2024] _ccert='/var/lib/acme/.acme.sh/keyring.XXXXXXXXXXX.com_ecc/keyring.XXXXXXXXXXX.com.cer'
[Thu May 23 12:32:24 AM CEST 2024] _cca='/var/lib/acme/.acme.sh/keyring.XXXXXXXXXXX.com_ecc/ca.cer'
[Thu May 23 12:32:24 AM CEST 2024] _cfullchain='/var/lib/acme/.acme.sh/keyring.XXXXXXXXXXX.com_ecc/fullchain.cer'
[Thu May 23 12:32:24 AM CEST 2024] DEPLOY_HAPROXY_PEM_PATH
[Thu May 23 12:32:24 AM CEST 2024] PEM_PATH /etc/haproxy/certs exists
[Thu May 23 12:32:24 AM CEST 2024] DEPLOY_HAPROXY_PEM_NAME
[Thu May 23 12:32:24 AM CEST 2024] DEPLOY_HAPROXY_BUNDLE
[Thu May 23 12:32:24 AM CEST 2024] DEPLOY_HAPROXY_ISSUER
[Thu May 23 12:32:24 AM CEST 2024] DEPLOY_HAPROXY_RELOAD
[Thu May 23 12:32:24 AM CEST 2024] DEPLOY_HAPROXY_HOT_UPDATE
[Thu May 23 12:32:24 AM CEST 2024] DEPLOY_HAPROXY_STATS_SOCKET
[Thu May 23 12:32:24 AM CEST 2024] DEPLOY_HAPROXY_MASTER_CLI
[Thu May 23 12:32:24 AM CEST 2024] _suffix
[Thu May 23 12:32:24 AM CEST 2024] Deploying PEM file
[Thu May 23 12:32:24 AM CEST 2024] _temppem='/tmp/tmp.ZJSHxKOXGo'
[Thu May 23 12:32:24 AM CEST 2024] Moving new certificate into place
[Thu May 23 12:32:24 AM CEST 2024] _pem='/etc/haproxy/certs/keyring.XXXXXXXXXXX.com.pem'
[Thu May 23 12:32:24 AM CEST 2024] _socat_cert_cmd='echo 'show ssl cert' | socat '/var/run/haproxy/admin.sock' - | grep -q '^/etc/haproxy/certs/keyring.XXXXXXXXXXX.com.pem$''
[Thu May 23 12:32:24 AM CEST 2024] Update existing certificate '/etc/haproxy/certs/keyring.XXXXXXXXXXX.com.pem' over HAProxy stats socket.
[Thu May 23 12:32:24 AM CEST 2024] _socat_cert_set_cmd='echo -e 'set ssl cert /etc/haproxy/certs/keyring.XXXXXXXXXXX.com.pem <<\n-----BEGIN CERTIFICATE-----
MIIDwTCCA0igAwIBAgISK7C27b688ODiACmOjs/rtXslMAoGCCqGSM49BAMDMFIx
CzAJBgNVBAYTAlVTMSAwHgYDVQQKExcoU1RBR0lORykgTGV0J3MgRW5jcnlwdDEh
MB8GA1UEAxMYKFNUQUdJTkcpIFBzZXVkbyBQbHVtIEU1MB4XDTI0MDUyMjIxMzIx
OFoXDTI0MDgyMDIxMzIxN1owIzEhMB8GA1UEAxMYa2V5cmluZy5lbmR1cmFuY2Vz
cGEuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEroRC/tYkopb8ZtXU94Nk
jIjK+nqujrGOZ8lNZAdgrYzqWjiXp39Tl2mexDCruqCWBmwy2RvLtKXKLffdLHKD
z6OCAiswggInMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUQ9OBySlzDIXArvvP34ur
WOQ79NIwHwYDVR0jBBgwFoAU/EbRAUNfu3umPTBorhG64LxtydMwXQYIKwYBBQUH
AQEEUTBPMCUGCCsGAQUFBzABhhlodHRwOi8vc3RnLWU1Lm8ubGVuY3Iub3JnMCYG
CCsGAQUFBzAChhpodHRwOi8vc3RnLWU1LmkubGVuY3Iub3JnLzAjBgNVHREEHDAa
ghhrZXlyaW5nLmVuZHVyYW5jZXNwYS5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEw
ggENBgorBgEEAdZ5AgQCBIH+BIH7APkAdwAW6GnB0ZXq18P4lxrj8HYB94zhtp0x
qFIYtoN/MagVCAAAAY+ibxFcAAAEAwBIMEYCIQDJacb1cDoneex7pBT+kIMqub+Y
DV44cjUjvHjK66MmGQIhAL1jilMBv8q4LIvPMzvBNBHYtAzo+iCGVYuRRq2J0HOQ
AH4AExUpb/oOZq27GgKCHkCImjlRz/rojPdapvMN4ETOqM0AAAGPom8VKgAIAAAF
ACQNAVUEAwBHMEUCIQD37h+esbr+Yiqb9doZ5ntWMzQs0EUJGKGkXr43kilv7AIg
NGaH9ZtgHWuhv3cnD7fTlY0O/Kq6e7107g9eauz2sN0wCgYIKoZIzj0EAwMDZwAw
ZAIwR6+vVuu72+ZgPbPdGKTaZEVdfEqDjt703wZ6Cwt4RyDa6uIXUqxC60/aSwQg
f+qJAjAkNi70eRLJ4M2RuYQjUiljxrS1ZYthc0BwI+Ix4wyUrLSYr5IkwAS/kD8J
hvIL7pk=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEljCCAn6gAwIBAgIQRzEp1D1mDiVVv4b1zlB56jANBgkqhkiG9w0BAQsFADBm
MQswCQYDVQQGEwJVUzEzMDEGA1UEChMqKFNUQUdJTkcpIEludGVybmV0IFNlY3Vy
aXR5IFJlc2VhcmNoIEdyb3VwMSIwIAYDVQQDExkoU1RBR0lORykgUHJldGVuZCBQ
ZWFyIFgxMB4XDTI0MDMxMzAwMDAwMFoXDTI3MDMxMjIzNTk1OVowUjELMAkGA1UE
BhMCVVMxIDAeBgNVBAoTFyhTVEFHSU5HKSBMZXQncyBFbmNyeXB0MSEwHwYDVQQD
ExgoU1RBR0lORykgUHNldWRvIFBsdW0gRTUwdjAQBgcqhkjOPQIBBgUrgQQAIgNi
AATljbbcV+mqWZa3g+z0bDOuBpZOtbi48iK9rjLtPdRU0WsgVp53MW3nXFU6qVYV
zEYaYd6PSmec0Tj3R5zEp5/F+cuOjTdh3AkTMzYm1tkflocPBN5APHYZ+76WxZad
q+WjggEAMIH9MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
KwYBBQUHAwEwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU/EbRAUNfu3um
PTBorhG64LxtydMwHwYDVR0jBBgwFoAUtfNl8v6wCpIf+zx980SgrGMlwxQwNgYI
KwYBBQUHAQEEKjAoMCYGCCsGAQUFBzAChhpodHRwOi8vc3RnLXgxLmkubGVuY3Iu
b3JnLzATBgNVHSAEDDAKMAgGBmeBDAECATArBgNVHR8EJDAiMCCgHqAchhpodHRw
Oi8vc3RnLXgxLmMubGVuY3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAAtCGn4iG
cupruhkCTcoDqSIVTFgVR8JJ3GvGL7SYwIc4Fn0As66nQgnkATIzF5+gFb+CXEQD
qR2Jo+R38OeT7lQ1rNDcaJcbY6hL8cNRku3QlcfdYODZ5pgTVH04gTZUJISZKLjD
kMMcQIDZlF7iYqTvmHbn2ISSKorsJ3QKAvWhHwMoJtocSz3VeDJIep5QtbHnoXh1
/dyDx7sp8RuhC0eO9ElTgDtiA2V6JxigLPzqcnibBBR4bFLGtMNE4EvOOD/Fkd0L
hdGDbAMNd+O06n+b0rgmDvg75IgOV6fpDrdZFoiNfCckOEJh9v10uYt4pTc3B6lf
zI/X3EWP1H4VJmsYuy+OA29jPeP831sAObZtd3RWv0LQPrMfx6FCmy4AaeYEMvul
FrF6OX+JbssE+bn83F+sGEMZu/eVBwwKh3db7+2UduMdTOb8DePE3Aqlg9zofS8X
9fJXrrp+PPrdQyvM3e8DxuioWa9GLG30yD9WD6WTlSiiOrdWGOzisWpW4shFoL8u
0EfmeLVU4JVbauhOYZASQXABNeXewe9lqJWwfqaARYpRjyf+jRibn22H5NVK4Vog
l55Iq1rUgjc8r493NaNrlNwG7va7Ztkch5lJ3oL/FEVlVSK4snTbgb0b5qjQz3SA
i7rA/8QRZvOLnKNtdEUlDZNrzkZwHNluLGw=
-----END CERTIFICATE-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEINaO0qcBUR9lPr881ngjNShJQb4G5/JkWZKF+zpRbPauoAoGCCqGSM49
AwEHoUQDQgAEroRC/tYkopb8ZtXU94NkjIjK+nqujrGOZ8lNZAdgrYzqWjiXp39T
l2mexDCruqCWBmwy2RvLtKXKLffdLHKDzw==
-----END EC PRIVATE KEY-----\n' | socat '/var/run/haproxy/admin.sock' - | grep -q 'Transaction created''
[Thu May 23 12:32:24 AM CEST 2024] Can't update '/etc/haproxy/certs/keyring.XXXXXXXXXXX.com.pem' in haproxy
[Thu May 23 12:32:24 AM CEST 2024] Error deploy for domain:keyring.XXXXXXXXXXX.com
[Thu May 23 12:32:24 AM CEST 2024] Deploy error.
[Thu May 23 12:32:24 AM CEST 2024] Return code: 1
[Thu May 23 12:32:24 AM CEST 2024] Error renew keyring.XXXXXXXXXXX.com_ecc.
[Thu May 23 12:32:24 AM CEST 2024] _error_level='1'
[Thu May 23 12:32:24 AM CEST 2024] _set_level='2'
[Thu May 23 12:32:24 AM CEST 2024] The NOTIFY_HOOK is empty, just return.
[Thu May 23 12:32:24 AM CEST 2024] ===End cron===

davidemiccone · 2024-05-22T22:41:54Z

The debug don't allow you to see the error, you can see the error if you remove
| grep -q 'Transaction created'

from line 359

Below extract of the output after removing | grep -q 'Transaction created'

-----END EC PRIVATE KEY-----\n' | socat '/var/run/haproxy/admin.sock' -'
Unknown command: '-e', but maybe one of the following ones is a better match:
  abort ssl cert <certfile>               : abort a transaction for a certificate file
  commit ssl cert <certfile>              : commit a certificate file
  set profiling <what> {auto|on|off}      : enable/disable resource profiling (tasks,memory)
  set ssl cert <certfile> <payload>       : replace a certificate file
  set ssl tls-key [id|file] <key>         : set the next TLS key for the <id> or <file> listener to <key>
  help [<command>]                        : list matching or all commands
  prompt [timed]                          : toggle interactive mode with prompt
  quit                                    : disconnect

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

haproxy deploy don't works #5155

haproxy deploy don't works #5155

davidemiccone commented May 22, 2024

github-actions bot commented May 22, 2024

davidemiccone commented May 22, 2024

davidemiccone commented May 22, 2024 •

edited

Loading

haproxy deploy don't works #5155

haproxy deploy don't works #5155

Comments

davidemiccone commented May 22, 2024

github-actions bot commented May 22, 2024

davidemiccone commented May 22, 2024

davidemiccone commented May 22, 2024 • edited Loading

davidemiccone commented May 22, 2024 •

edited

Loading