SSL, Acme, Certbot

What’s the process for downgrading to acme 0.21.1 ?

Cyber Panel - Screenshot 2022-04-01 153458

error: certbot 0.21.1 has requirement acme==0.21.1, but you’ll have acme 1.9.0 which is incompatible.”

Running CentOS 7 . Cyber Panel Latest Version 2.1, Build 2

Ran : sh <(curl https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh || wget -O - https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh)

Currently unable to Issus SSL certs… CyberPanel web GUI says “successful” but I end up with a self signed cert.

issued32423png

Screenshot 2022-04-01 213240

Then I tried "acme.sh --uninstall "

Ran : sh <(curl https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh || wget -O - https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/preUpgrade.sh)

Removed Certbot : yum remove certbot

Installed Certbot: yum install certbot

Tried: yum --disablerepo="*" --enablerepo=“litespeed/7/x86_64” install acme ← Failed

CyberPanel do not use certbot for SSLs any more.

Can you share logs of your CyberPanel main log file.

[04.01.2022_21-55-47] {‘usman@cyberpersons.com’: (554, b’5.7.1 usman@cyberpersons.com: Relay access denied’)}
[04.01.2022_21-55-48] Self signed SSL issued for abc.com.
[04.01.2022_22-44-06] Trying to obtain SSL for: abc.com and: www.abc.com
[04.01.2022_22-44-06] /root/.acme.sh/acme.sh --issue -d abc.com -d www.abc.com --cert-file /etc/letsencrypt/live/abc.com/cert.pem --key-file /etc/letsencrypt/live/abc.com/privkey.pem --fullchain-file /etc/letsencrypt/live/abc.com/fullchain.pem -w /usr/local/lsws/Example/html -k ec-256 --force --server letsencrypt
[04.01.2022_22-44-15] Failed to obtain SSL for: abc.com and: www.abc.com
[04.01.2022_22-44-15] Trying to obtain SSL for: abc.com
[04.01.2022_22-44-22] Failed to obtain SSL, issuing self-signed SSL for: abc.com
[04.01.2022_22-44-22] {‘usman@cyberpersons.com’: (554, b’5.7.1 usman@cyberpersons.com: Relay access denied’)}
[04.01.2022_22-44-22] Self signed SSL issued for abc.com.
[04.01.2022_22-58-39] Trying to obtain SSL for: abc.com and: www.abc.com
[04.01.2022_22-58-39] /root/.acme.sh/acme.sh --issue -d abc.com -d www.abc.com --cert-file /etc/letsencrypt/live/abc.com/cert.pem --key-file /etc/letsencrypt/live/abc.com/privkey.pem --fullchain-file /etc/letsencrypt/live/abc.com/fullchain.pem -w /usr/local/lsws/Example/html -k ec-256 --force --server letsencrypt
[04.01.2022_22-58-48] Failed to obtain SSL for: abc.com and: www.abc.com
[04.01.2022_22-58-48] Trying to obtain SSL for: abc.com
[04.01.2022_22-58-55] Failed to obtain SSL, issuing self-signed SSL for: abc.com
[04.01.2022_22-58-56] {‘usman@cyberpersons.com’: (554, b’5.7.1 usman@cyberpersons.com: Relay access denied’)}
[04.01.2022_22-58-56] Self signed SSL issued for abc.com.
[04.02.2022_03-27-46] Trying to obtain SSL for: abc.com and: www.abc.com
[04.02.2022_03-27-46] /root/.acme.sh/acme.sh --issue -d abc.com -d www.abc.com --cert-file /etc/letsencrypt/live/abc.com/cert.pem --key-file /etc/letsencrypt/live/abc.com/privkey.pem --fullchain-file /etc/letsencrypt/live/abc.com/fullchain.pem -w /usr/local/lsws/Example/html -k ec-256 --force --server letsencrypt
[04.02.2022_03-27-55] Failed to obtain SSL for: abc.com and: www.abc.com
[04.02.2022_03-27-55] Trying to obtain SSL for: abc.com
[04.02.2022_03-28-02] Failed to obtain SSL, issuing self-signed SSL for: abc.com
[04.02.2022_03-28-02] {‘usman@cyberpersons.com’: (554, b’5.7.1 usman@cyberpersons.com: Relay access denied’)}
[04.02.2022_03-28-02] Self signed SSL issued for abc.com.
[04.02.2022_08-00-03] Running SSL Renew Utility
[04.02.2022_08-00-03] Checking SSL for abc.com.
[04.02.2022_08-00-03] SSL exists for abc.com. Checking if SSL will expire in 15 days…
[04.02.2022_08-00-03] SSL exists for abc.com and is not ready to renew, skipping…
[04.02.2022_08-00-03] Checking SSL for 123.com.
[04.02.2022_08-00-03] SSL exists for 123.com. Checking if SSL will expire in 15 days…
[04.02.2022_08-00-03] SSL exists for 123.com and is not ready to renew, skipping…
[04.02.2022_08-00-03] Checking SSL for www.yoyo.com.
[04.02.2022_08-00-03] SSL exists for www.yoyo.com. Checking if SSL will expire in 15 days…
[04.02.2022_08-00-03] SSL exists for www.yoyo.com and is not ready to renew, skipping…
[04.02.2022_08-00-03] Checking SSL for 456.com.
[04.02.2022_08-00-03] SSL exists for 456.com. Checking if SSL will expire in 15 days…
[04.02.2022_08-00-03] SSL exists for 456.com and is not ready to renew, skipping…
[04.02.2022_08-00-03] Checking SSL for fiber.abc.com.
[04.02.2022_08-00-03] SSL exists for fiber.abc.com. Checking if SSL will expire in 15 days…
[04.02.2022_08-00-03] SSL exists for fiber.abc.com and is not ready to renew, skipping…
[04.02.2022_08-00-03] Checking SSL for mail.abc.com.
[04.02.2022_08-00-03] SSL exists for mail.abc.com. Checking if SSL will expire in 15 days…
[04.02.2022_08-00-03] SSL exists for mail.abc.com and is not ready to renew, skipping…
[04.02.2022_08-00-03] Checking SSL for mail.123.com.
[04.02.2022_08-00-03] SSL exists for mail.123.com. Checking if SSL will expire in 15 days…
[04.02.2022_08-00-03] SSL exists for mail.123.com and is not ready to renew, skipping…
[04.02.2022_08-00-03] Checking SSL for mail.www.yoyo.com.
[04.02.2022_08-00-03] SSL exists for mail.www.yoyo.com. Checking if SSL will expire in 15 days…
[04.02.2022_08-00-03] SSL exists for mail.www.yoyo.com and is not ready to renew, skipping…
[04.02.2022_09-28-56] [Errno 2] No such file or directory: ‘/root/.acme.sh/acme.sh’: ‘/root/.acme.sh/acme.sh’ [Failed to obtain SSL. [obtainSSLForADomain]]
[04.02.2022_09-28-56] Self signed SSL issued for abc.com.

Reinstalled Acme: wget -O - https://get.acme.sh | sh

Error: “{‘usman@cyberpersons.com’: (554, b’5.7.1 usman@cyberpersons.com: Relay access denied’)”

Ran the following command: /root/.acme.sh/acme.sh --issue -d yoyo.com -d www.yoyo.com --cert-file /etc/letsencrypt/live/yoyo.com/cert.pem --key-file /etc/letsencrypt/live/yoyo.com/privkey.pem --fullchain-file /etc/letsencrypt/live/yoyo.com/fullchain.pem -w /usr/local/lsws/Example/html -k ec-256 --force --server letsencrypt

"
/root/.acme.sh/acme.sh --issue -d yoyo.com -d www.yoyo.com --cert-file /etc/letsencrypt/live/yoyo.com/cert.pem --key-file /etc/letsencrypt/live/yoyo.com/privkey.pem --fullchain-file /etc/letsencrypt/live/yoyo.com/fullchain.pem -w /usr/local/lsws/Example/html -k ec-256 --force --server letsencrypt
[Sat Apr 2 04:37:20 MDT 2022] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Sat Apr 2 04:37:20 MDT 2022] Multi domain=‘DNS:yoyo.com,DNS:www.yoyo.com’
[Sat Apr 2 04:37:20 MDT 2022] Getting domain auth token for each domain
[Sat Apr 2 04:37:21 MDT 2022] Create new order error. Le_OrderFinalize not found. {
“type”: “urn:ietf:params:acme:error:rateLimited”,
“detail”: “Error creating new order :: too many failed authorizations recently: see Rate Limits - Let's Encrypt”,
“status”: 429
}
[Sat Apr 2 04:37:21 MDT 2022] Please add ‘–debug’ or ‘–log’ to check more details.
[Sat Apr 2 04:37:21 MDT 2022] See: How to debug acme.sh · acmesh-official/acme.sh Wiki · GitHub
"

/root/.acme.sh/acme.sh --issue -d yoyo.com -d www.yoyo.com --cert-file /etc/letsencrypt/live/yoyo.com/cert.pem --key-file /etc/letsencrypt/live/yoyo.com/privkey.pem --fullchain-file /etc/letsencrypt/live/yoyo.com/fullchain.pem -w /usr/local/lsws/Example/html -k ec-256 --force --server letsencrypt
[Sat Apr 2 04:54:27 MDT 2022] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Sat Apr 2 04:54:27 MDT 2022] Multi domain=‘DNS:yoyo.com,DNS:www.yoyo.com’
[Sat Apr 2 04:54:27 MDT 2022] Getting domain auth token for each domain
[Sat Apr 2 04:54:30 MDT 2022] Getting webroot for domain=‘yoyo.com
[Sat Apr 2 04:54:30 MDT 2022] Getting webroot for domain=‘www.yoyo.com
[Sat Apr 2 04:54:31 MDT 2022] Verifying: yoyo.com
[Sat Apr 2 04:54:31 MDT 2022] Pending, The CA is processing your order, please just wait. (1/30)
[Sat Apr 2 04:54:34 MDT 2022] yoyo.com:Verify error:Invalid response from http://yoyo.com/.well-known/acme-challenge/scP5qPBUNsZeHCM7Cw6F7TwTjrciB1waXIEOAPJyUwM [123.123.123.123]: 404
[Sat Apr 2 04:54:34 MDT 2022] Please check log file for more details: /root/.acme.sh/acme.sh.log

Now it looks like the verification file is not ending up in http://yoyo.com/.well-known/acme-challenge/

Also tried looking at the log /root/.acme.sh/acme.sh.log ← no log

Looks like too many failed attempts, now it is rate limited.

I got it working with the following command:

/root/.acme.sh/acme.sh --issue -d abc.com -d www.abc.com --cert-file /etc/letsencrypt/live/abc.com/cert.pem --key-file /etc/letsencrypt/live/abc.com/privkey.pem --fullchain-file /etc/letsencrypt/live/abc.com/fullchain.pem -w /home/abc.com/public_html/ -k ec-256 --force --server letsencrypt

[Mon Apr 4 11:45:07 UTC 2022] Running cmd: registeraccount
[Mon Apr 4 11:45:07 UTC 2022] Using config home:/root/.acme.sh
[Mon Apr 4 11:45:07 UTC 2022] default_acme_server=‘https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 4 11:45:07 UTC 2022] ACME_DIRECTORY=‘https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 4 11:45:07 UTC 2022] Using config home:/root/.acme.sh
[Mon Apr 4 11:45:07 UTC 2022] ACME_DIRECTORY=‘https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 4 11:45:07 UTC 2022] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 4 11:45:07 UTC 2022] GET
[Mon Apr 4 11:45:07 UTC 2022] url=‘https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 4 11:45:07 UTC 2022] timeout=
[Mon Apr 4 11:45:07 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g ’
[Mon Apr 4 11:45:08 UTC 2022] ret=‘0’
[Mon Apr 4 11:45:08 UTC 2022] ACME_KEY_CHANGE=‘https://acme-v02.api.letsencrypt.org/acme/key-change
[Mon Apr 4 11:45:08 UTC 2022] ACME_NEW_AUTHZ
[Mon Apr 4 11:45:08 UTC 2022] ACME_NEW_ORDER=‘https://acme-v02.api.letsencrypt.org/acme/new-order
[Mon Apr 4 11:45:08 UTC 2022] ACME_NEW_ACCOUNT=‘https://acme-v02.api.letsencrypt.org/acme/new-acct
[Mon Apr 4 11:45:08 UTC 2022] ACME_REVOKE_CERT=‘https://acme-v02.api.letsencrypt.org/acme/revoke-cert
[Mon Apr 4 11:45:08 UTC 2022] ACME_AGREEMENT=‘https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
[Mon Apr 4 11:45:08 UTC 2022] ACME_NEW_NONCE=‘https://acme-v02.api.letsencrypt.org/acme/new-nonce
[Mon Apr 4 11:45:08 UTC 2022] RSA key
[Mon Apr 4 11:45:08 UTC 2022] Registering account: https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 4 11:45:08 UTC 2022] url=‘https://acme-v02.api.letsencrypt.org/acme/new-acct
[Mon Apr 4 11:45:08 UTC 2022] payload=’{“contact”: [“mailto:test@test.com”], “termsOfServiceAgreed”: true}’
[Mon Apr 4 11:45:08 UTC 2022] HEAD
[Mon Apr 4 11:45:08 UTC 2022] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/new-nonce
[Mon Apr 4 11:45:08 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g -I ’
[Mon Apr 4 11:45:08 UTC 2022] _ret=‘0’
[Mon Apr 4 11:45:08 UTC 2022] POST
[Mon Apr 4 11:45:08 UTC 2022] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/new-acct
[Mon Apr 4 11:45:08 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g ’
[Mon Apr 4 11:45:09 UTC 2022] _ret=‘0’
[Mon Apr 4 11:45:09 UTC 2022] code=‘200’
[Mon Apr 4 11:45:09 UTC 2022] Already registered
[Mon Apr 4 11:45:09 UTC 2022] _accUri=‘https://acme-v02.api.letsencrypt.org/acme/acct/78286629
[Mon Apr 4 11:45:09 UTC 2022] Calc CA_KEY_HASH=‘xAFAyjrT4wzKCkAn7oSzknZ4wF67AM+SQtHMWgfh8j4=’
[Mon Apr 4 11:45:09 UTC 2022] ACCOUNT_THUMBPRINT=‘4SR8HnoeVSN3dXcfmprMsOfjZJmZ2ZvaG6Zo63x3WN8’
[Mon Apr 4 11:45:09 UTC 2022] Running cmd: issue
[Mon Apr 4 11:45:09 UTC 2022] _main_domain=‘abc.com
[Mon Apr 4 11:45:09 UTC 2022] _alt_domains=‘www.abc.com
[Mon Apr 4 11:45:09 UTC 2022] Using config home:/root/.acme.sh
[Mon Apr 4 11:45:09 UTC 2022] ACME_DIRECTORY=‘https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 4 11:45:09 UTC 2022] DOMAIN_PATH=’/root/.acme.sh/abc.com_ecc’
[Mon Apr 4 11:45:09 UTC 2022] Le_NextRenewTime=‘1649362406’
[Mon Apr 4 11:45:09 UTC 2022] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 4 11:45:09 UTC 2022] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 4 11:45:09 UTC 2022] GET
[Mon Apr 4 11:45:09 UTC 2022] url=‘https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 4 11:45:09 UTC 2022] timeout=
[Mon Apr 4 11:45:09 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g ’
[Mon Apr 4 11:45:10 UTC 2022] ret=‘0’
[Mon Apr 4 11:45:10 UTC 2022] ACME_KEY_CHANGE=‘https://acme-v02.api.letsencrypt.org/acme/key-change
[Mon Apr 4 11:45:10 UTC 2022] ACME_NEW_AUTHZ
[Mon Apr 4 11:45:10 UTC 2022] ACME_NEW_ORDER=‘https://acme-v02.api.letsencrypt.org/acme/new-order
[Mon Apr 4 11:45:10 UTC 2022] ACME_NEW_ACCOUNT=‘https://acme-v02.api.letsencrypt.org/acme/new-acct
[Mon Apr 4 11:45:10 UTC 2022] ACME_REVOKE_CERT=‘https://acme-v02.api.letsencrypt.org/acme/revoke-cert
[Mon Apr 4 11:45:10 UTC 2022] ACME_AGREEMENT=‘https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
[Mon Apr 4 11:45:10 UTC 2022] ACME_NEW_NONCE=‘https://acme-v02.api.letsencrypt.org/acme/new-nonce
[Mon Apr 4 11:45:10 UTC 2022] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 4 11:45:10 UTC 2022] _on_before_issue
[Mon Apr 4 11:45:10 UTC 2022] _chk_main_domain=‘abc.com
[Mon Apr 4 11:45:10 UTC 2022] _chk_alt_domains=‘www.abc.com
[Mon Apr 4 11:45:10 UTC 2022] Le_LocalAddress
[Mon Apr 4 11:45:10 UTC 2022] d=‘abc.com
[Mon Apr 4 11:45:10 UTC 2022] Check for domain=‘abc.com
[Mon Apr 4 11:45:10 UTC 2022] _currentRoot=’/usr/local/lsws/Example/html’
[Mon Apr 4 11:45:10 UTC 2022] d=‘www.abc.com
[Mon Apr 4 11:45:10 UTC 2022] Check for domain=‘www.abc.com
[Mon Apr 4 11:45:10 UTC 2022] _currentRoot=’/usr/local/lsws/Example/html’
[Mon Apr 4 11:45:10 UTC 2022] d
[Mon Apr 4 11:45:10 UTC 2022] _saved_account_key_hash is not changed, skip register account.
[Mon Apr 4 11:45:10 UTC 2022] Read key length:ec-256
[Mon Apr 4 11:45:10 UTC 2022] _createcsr
[Mon Apr 4 11:45:10 UTC 2022] Multi domain=‘DNS:abc.com,DNS:www.abc.com’
[Mon Apr 4 11:45:10 UTC 2022] Getting domain auth token for each domain
[Mon Apr 4 11:45:10 UTC 2022] d=‘www.abc.com
[Mon Apr 4 11:45:10 UTC 2022] d
[Mon Apr 4 11:45:10 UTC 2022] url=‘https://acme-v02.api.letsencrypt.org/acme/new-order
[Mon Apr 4 11:45:10 UTC 2022] payload=’{“identifiers”: [{“type”:“dns”,“value”:“abc.com”},{“type”:“dns”,“value”:“www.abc.com”}]}’
[Mon Apr 4 11:45:10 UTC 2022] RSA key
[Mon Apr 4 11:45:11 UTC 2022] HEAD
[Mon Apr 4 11:45:11 UTC 2022] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/new-nonce
[Mon Apr 4 11:45:11 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g -I ’
[Mon Apr 4 11:45:11 UTC 2022] _ret=‘0’
[Mon Apr 4 11:45:11 UTC 2022] POST
[Mon Apr 4 11:45:11 UTC 2022] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/new-order
[Mon Apr 4 11:45:11 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g ’
[Mon Apr 4 11:45:12 UTC 2022] _ret=‘0’
[Mon Apr 4 11:45:12 UTC 2022] code=‘201’
[Mon Apr 4 11:45:12 UTC 2022] Le_LinkOrder=‘https://acme-v02.api.letsencrypt.org/acme/order/78286629/77249826150
[Mon Apr 4 11:45:12 UTC 2022] Le_OrderFinalize=‘https://acme-v02.api.letsencrypt.org/acme/finalize/78286629/77249826150
[Mon Apr 4 11:45:12 UTC 2022] url=‘https://acme-v02.api.letsencrypt.org/acme/authz-v3/94729597210
[Mon Apr 4 11:45:12 UTC 2022] payload
[Mon Apr 4 11:45:12 UTC 2022] POST
[Mon Apr 4 11:45:12 UTC 2022] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/authz-v3/94729597210
[Mon Apr 4 11:45:12 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g ’
[Mon Apr 4 11:45:13 UTC 2022] _ret=‘0’
[Mon Apr 4 11:45:13 UTC 2022] code=‘200’
[Mon Apr 4 11:45:13 UTC 2022] url=‘https://acme-v02.api.letsencrypt.org/acme/authz-v3/94729597220
[Mon Apr 4 11:45:13 UTC 2022] payload
[Mon Apr 4 11:45:13 UTC 2022] POST
[Mon Apr 4 11:45:13 UTC 2022] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/authz-v3/94729597220
[Mon Apr 4 11:45:13 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g ’
[Mon Apr 4 11:45:13 UTC 2022] _ret=‘0’
[Mon Apr 4 11:45:13 UTC 2022] code=‘200’
[Mon Apr 4 11:45:13 UTC 2022] d=‘abc.com
[Mon Apr 4 11:45:13 UTC 2022] Getting webroot for domain=‘abc.com
[Mon Apr 4 11:45:13 UTC 2022] _w=’/usr/local/lsws/Example/html’
[Mon Apr 4 11:45:13 UTC 2022] _currentRoot=’/usr/local/lsws/Example/html’
[Mon Apr 4 11:45:13 UTC 2022] entry=’“type”:“http-01”,“status”:“pending”,“url”:“https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729597210/tdtnlw",“token”:"BX10QqAhuOOi_GtgRaku7LkjKN2SV5koozWWjXWrUyE”’
[Mon Apr 4 11:45:13 UTC 2022] token=‘BX10QqAhuOOi_GtgRaku7LkjKN2SV5koozWWjXWrUyE’
[Mon Apr 4 11:45:13 UTC 2022] uri=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729597210/tdtnlw
[Mon Apr 4 11:45:13 UTC 2022] keyauthorization=‘BX10QqAhuOOi_GtgRaku7LkjKN2SV5koozWWjXWrUyE.4SR8HnoeVSN3dXcfmprMsOfjZJmZ2ZvaG6Zo63x3WN8’
[Mon Apr 4 11:45:13 UTC 2022] dvlist=‘abc.com#BX10QqAhuOOi_GtgRaku7LkjKN2SV5koozWWjXWrUyE.4SR8HnoeVSN3dXcfmprMsOfjZJmZ2ZvaG6Zo63x3WN8#https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729597210/tdtnlw#http-01#/usr/local/lsws/Example/html
[Mon Apr 4 11:45:13 UTC 2022] d=‘www.abc.com
[Mon Apr 4 11:45:13 UTC 2022] Getting webroot for domain=‘www.abc.com
[Mon Apr 4 11:45:13 UTC 2022] _w=’/usr/local/lsws/Example/html’
[Mon Apr 4 11:45:13 UTC 2022] _currentRoot=’/usr/local/lsws/Example/html’
[Mon Apr 4 11:45:13 UTC 2022] entry=’“type”:“http-01”,“status”:“pending”,“url”:“https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729597220/IJ-QkQ",“token”:"y8pnkWOUXUkh1uN3I24yrk02nJch0X9273vyHFaf12U”’
[Mon Apr 4 11:45:13 UTC 2022] token=‘y8pnkWOUXUkh1uN3I24yrk02nJch0X9273vyHFaf12U’
[Mon Apr 4 11:45:13 UTC 2022] uri=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729597220/IJ-QkQ
[Mon Apr 4 11:45:13 UTC 2022] keyauthorization=‘y8pnkWOUXUkh1uN3I24yrk02nJch0X9273vyHFaf12U.4SR8HnoeVSN3dXcfmprMsOfjZJmZ2ZvaG6Zo63x3WN8’
[Mon Apr 4 11:45:13 UTC 2022] dvlist=‘www.abc.com#y8pnkWOUXUkh1uN3I24yrk02nJch0X9273vyHFaf12U.4SR8HnoeVSN3dXcfmprMsOfjZJmZ2ZvaG6Zo63x3WN8#https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729597220/IJ-QkQ#http-01#/usr/local/lsws/Example/html
[Mon Apr 4 11:45:13 UTC 2022] d
[Mon Apr 4 11:45:13 UTC 2022] vlist=‘abc.com#BX10QqAhuOOi_GtgRaku7LkjKN2SV5koozWWjXWrUyE.4SR8HnoeVSN3dXcfmprMsOfjZJmZ2ZvaG6Zo63x3WN8#https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729597210/tdtnlw#http-01#/usr/local/lsws/Example/html,www.abc.com#y8pnkWOUXUkh1uN3I24yrk02nJch0X9273vyHFaf12U.4SR8HnoeVSN3dXcfmprMsOfjZJmZ2ZvaG6Zo63x3WN8#https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729597220/IJ-QkQ#http-01#/usr/local/lsws/Example/html,’
[Mon Apr 4 11:45:13 UTC 2022] d=‘abc.com
[Mon Apr 4 11:45:13 UTC 2022] d=‘www.abc.com
[Mon Apr 4 11:45:13 UTC 2022] ok, let’s start to verify
[Mon Apr 4 11:45:14 UTC 2022] Verifying: abc.com
[Mon Apr 4 11:45:14 UTC 2022] d=‘abc.com
[Mon Apr 4 11:45:14 UTC 2022] keyauthorization=‘BX10QqAhuOOi_GtgRaku7LkjKN2SV5koozWWjXWrUyE.4SR8HnoeVSN3dXcfmprMsOfjZJmZ2ZvaG6Zo63x3WN8’
[Mon Apr 4 11:45:14 UTC 2022] uri=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729597210/tdtnlw
[Mon Apr 4 11:45:14 UTC 2022] _currentRoot=’/usr/local/lsws/Example/html’
[Mon Apr 4 11:45:14 UTC 2022] wellknown_path=’/usr/local/lsws/Example/html/.well-known/acme-challenge’
[Mon Apr 4 11:45:14 UTC 2022] writing token:BX10QqAhuOOi_GtgRaku7LkjKN2SV5koozWWjXWrUyE to /usr/local/lsws/Example/html/.well-known/acme-challenge/BX10QqAhuOOi_GtgRaku7LkjKN2SV5koozWWjXWrUyE
[Mon Apr 4 11:45:14 UTC 2022] Changing owner/group of .well-known to root:root
[Mon Apr 4 11:45:14 UTC 2022] url=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729597210/tdtnlw
[Mon Apr 4 11:45:14 UTC 2022] payload=’{}’
[Mon Apr 4 11:45:14 UTC 2022] POST
[Mon Apr 4 11:45:14 UTC 2022] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729597210/tdtnlw
[Mon Apr 4 11:45:14 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g ’
[Mon Apr 4 11:45:14 UTC 2022] _ret=‘0’
[Mon Apr 4 11:45:14 UTC 2022] code=‘200’
[Mon Apr 4 11:45:14 UTC 2022] trigger validation code: 200
[Mon Apr 4 11:45:14 UTC 2022] Pending, The CA is processing your order, please just wait. (1/30)
[Mon Apr 4 11:45:14 UTC 2022] sleep 2 secs to verify again
[Mon Apr 4 11:45:16 UTC 2022] checking
[Mon Apr 4 11:45:16 UTC 2022] url=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729597210/tdtnlw
[Mon Apr 4 11:45:16 UTC 2022] payload
[Mon Apr 4 11:45:16 UTC 2022] POST
[Mon Apr 4 11:45:16 UTC 2022] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729597210/tdtnlw
[Mon Apr 4 11:45:16 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g ’
[Mon Apr 4 11:45:17 UTC 2022] _ret=‘0’
[Mon Apr 4 11:45:17 UTC 2022] code=‘200’
[Mon Apr 4 11:45:17 UTC 2022] abc.com:Verify error:Invalid response from http://abc.com/.well-known/acme-challenge/BX10QqAhuOOi_GtgRaku7LkjKN2SV5koozWWjXWrUyE [123.123.123.123]: 404
[Mon Apr 4 11:45:17 UTC 2022] pid
[Mon Apr 4 11:45:17 UTC 2022] No need to restore nginx, skip.
[Mon Apr 4 11:45:17 UTC 2022] _clearupdns
[Mon Apr 4 11:45:17 UTC 2022] dns_entries
[Mon Apr 4 11:45:17 UTC 2022] skip dns.
[Mon Apr 4 11:45:17 UTC 2022] _on_issue_err
[Mon Apr 4 11:45:17 UTC 2022] Please check log file for more details: /root/.acme.sh/acme.sh.log
[Mon Apr 4 11:45:17 UTC 2022] url=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729597210/tdtnlw
[Mon Apr 4 11:45:17 UTC 2022] payload=’{}’
[Mon Apr 4 11:45:17 UTC 2022] POST
[Mon Apr 4 11:45:17 UTC 2022] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729597210/tdtnlw
[Mon Apr 4 11:45:17 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g ’
[Mon Apr 4 11:45:18 UTC 2022] _ret=‘0’
[Mon Apr 4 11:45:18 UTC 2022] code=‘400’
[Mon Apr 4 11:45:18 UTC 2022] url=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729597220/IJ-QkQ
[Mon Apr 4 11:45:18 UTC 2022] payload=’{}’
[Mon Apr 4 11:45:18 UTC 2022] POST
[Mon Apr 4 11:45:18 UTC 2022] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729597220/IJ-QkQ
[Mon Apr 4 11:45:18 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g ’
[Mon Apr 4 11:45:18 UTC 2022] _ret=‘0’
[Mon Apr 4 11:45:18 UTC 2022] code=‘200’
[Mon Apr 4 11:45:18 UTC 2022] Running cmd: issue
[Mon Apr 4 11:45:18 UTC 2022] _main_domain=‘abc.com
[Mon Apr 4 11:45:18 UTC 2022] _alt_domains=‘no’
[Mon Apr 4 11:45:18 UTC 2022] Using config home:/root/.acme.sh
[Mon Apr 4 11:45:18 UTC 2022] ACME_DIRECTORY=‘https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 4 11:45:18 UTC 2022] DOMAIN_PATH=’/root/.acme.sh/abc.com_ecc’
[Mon Apr 4 11:45:18 UTC 2022] Le_NextRenewTime=‘1649362406’
[Mon Apr 4 11:45:18 UTC 2022] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 4 11:45:18 UTC 2022] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 4 11:45:18 UTC 2022] GET
[Mon Apr 4 11:45:18 UTC 2022] url=‘https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 4 11:45:18 UTC 2022] timeout=
[Mon Apr 4 11:45:18 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g ’
[Mon Apr 4 11:45:19 UTC 2022] ret=‘0’
[Mon Apr 4 11:45:19 UTC 2022] ACME_KEY_CHANGE=‘https://acme-v02.api.letsencrypt.org/acme/key-change
[Mon Apr 4 11:45:19 UTC 2022] ACME_NEW_AUTHZ
[Mon Apr 4 11:45:19 UTC 2022] ACME_NEW_ORDER=‘https://acme-v02.api.letsencrypt.org/acme/new-order
[Mon Apr 4 11:45:19 UTC 2022] ACME_NEW_ACCOUNT=‘https://acme-v02.api.letsencrypt.org/acme/new-acct
[Mon Apr 4 11:45:19 UTC 2022] ACME_REVOKE_CERT=‘https://acme-v02.api.letsencrypt.org/acme/revoke-cert
[Mon Apr 4 11:45:19 UTC 2022] ACME_AGREEMENT=‘https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
[Mon Apr 4 11:45:19 UTC 2022] ACME_NEW_NONCE=‘https://acme-v02.api.letsencrypt.org/acme/new-nonce
[Mon Apr 4 11:45:19 UTC 2022] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 4 11:45:19 UTC 2022] _on_before_issue
[Mon Apr 4 11:45:19 UTC 2022] _chk_main_domain=‘abc.com
[Mon Apr 4 11:45:19 UTC 2022] _chk_alt_domains
[Mon Apr 4 11:45:19 UTC 2022] Le_LocalAddress
[Mon Apr 4 11:45:19 UTC 2022] d=‘abc.com
[Mon Apr 4 11:45:19 UTC 2022] Check for domain=‘abc.com
[Mon Apr 4 11:45:19 UTC 2022] _currentRoot=’/usr/local/lsws/Example/html’
[Mon Apr 4 11:45:19 UTC 2022] d
[Mon Apr 4 11:45:19 UTC 2022] _saved_account_key_hash is not changed, skip register account.
[Mon Apr 4 11:45:19 UTC 2022] Read key length:ec-256
[Mon Apr 4 11:45:19 UTC 2022] _createcsr
[Mon Apr 4 11:45:19 UTC 2022] Single domain=‘abc.com
[Mon Apr 4 11:45:19 UTC 2022] Getting domain auth token for each domain
[Mon Apr 4 11:45:19 UTC 2022] d
[Mon Apr 4 11:45:19 UTC 2022] url=‘https://acme-v02.api.letsencrypt.org/acme/new-order
[Mon Apr 4 11:45:19 UTC 2022] payload=’{“identifiers”: [{“type”:“dns”,“value”:“abc.com”}]}’
[Mon Apr 4 11:45:19 UTC 2022] RSA key
[Mon Apr 4 11:45:19 UTC 2022] HEAD
[Mon Apr 4 11:45:19 UTC 2022] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/new-nonce
[Mon Apr 4 11:45:19 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g -I ’
[Mon Apr 4 11:45:20 UTC 2022] _ret=‘0’
[Mon Apr 4 11:45:20 UTC 2022] POST
[Mon Apr 4 11:45:20 UTC 2022] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/new-order
[Mon Apr 4 11:45:20 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g ’
[Mon Apr 4 11:45:21 UTC 2022] _ret=‘0’
[Mon Apr 4 11:45:21 UTC 2022] code=‘201’
[Mon Apr 4 11:45:21 UTC 2022] Le_LinkOrder=‘https://acme-v02.api.letsencrypt.org/acme/order/78286629/77249859000
[Mon Apr 4 11:45:21 UTC 2022] Le_OrderFinalize=‘https://acme-v02.api.letsencrypt.org/acme/finalize/78286629/77249859000
[Mon Apr 4 11:45:21 UTC 2022] url=‘https://acme-v02.api.letsencrypt.org/acme/authz-v3/94729638210
[Mon Apr 4 11:45:21 UTC 2022] payload
[Mon Apr 4 11:45:21 UTC 2022] POST
[Mon Apr 4 11:45:21 UTC 2022] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/authz-v3/94729638210
[Mon Apr 4 11:45:21 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g ’
[Mon Apr 4 11:45:21 UTC 2022] _ret=‘0’
[Mon Apr 4 11:45:21 UTC 2022] code=‘200’
[Mon Apr 4 11:45:21 UTC 2022] d=‘abc.com
[Mon Apr 4 11:45:21 UTC 2022] Getting webroot for domain=‘abc.com
[Mon Apr 4 11:45:21 UTC 2022] _w=’/usr/local/lsws/Example/html’
[Mon Apr 4 11:45:21 UTC 2022] _currentRoot=’/usr/local/lsws/Example/html’
[Mon Apr 4 11:45:21 UTC 2022] entry=’“type”:“http-01”,“status”:“pending”,“url”:“https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729638210/a0PFrA",“token”:"l9ITRC5AT-XrB3Mf1RSwumlZ7kP60M2-E5N1aVyS8BE”’
[Mon Apr 4 11:45:21 UTC 2022] token=‘l9ITRC5AT-XrB3Mf1RSwumlZ7kP60M2-E5N1aVyS8BE’
[Mon Apr 4 11:45:21 UTC 2022] uri=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729638210/a0PFrA
[Mon Apr 4 11:45:21 UTC 2022] keyauthorization=‘l9ITRC5AT-XrB3Mf1RSwumlZ7kP60M2-E5N1aVyS8BE.4SR8HnoeVSN3dXcfmprMsOfjZJmZ2ZvaG6Zo63x3WN8’
[Mon Apr 4 11:45:21 UTC 2022] dvlist=‘abc.com#l9ITRC5AT-XrB3Mf1RSwumlZ7kP60M2-E5N1aVyS8BE.4SR8HnoeVSN3dXcfmprMsOfjZJmZ2ZvaG6Zo63x3WN8#https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729638210/a0PFrA#http-01#/usr/local/lsws/Example/html
[Mon Apr 4 11:45:21 UTC 2022] d
[Mon Apr 4 11:45:21 UTC 2022] vlist=‘abc.com#l9ITRC5AT-XrB3Mf1RSwumlZ7kP60M2-E5N1aVyS8BE.4SR8HnoeVSN3dXcfmprMsOfjZJmZ2ZvaG6Zo63x3WN8#https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729638210/a0PFrA#http-01#/usr/local/lsws/Example/html,’
[Mon Apr 4 11:45:21 UTC 2022] d=‘abc.com
[Mon Apr 4 11:45:21 UTC 2022] ok, let’s start to verify
[Mon Apr 4 11:45:21 UTC 2022] Verifying: abc.com
[Mon Apr 4 11:45:22 UTC 2022] d=‘abc.com
[Mon Apr 4 11:45:22 UTC 2022] keyauthorization=‘l9ITRC5AT-XrB3Mf1RSwumlZ7kP60M2-E5N1aVyS8BE.4SR8HnoeVSN3dXcfmprMsOfjZJmZ2ZvaG6Zo63x3WN8’
[Mon Apr 4 11:45:22 UTC 2022] uri=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729638210/a0PFrA
[Mon Apr 4 11:45:22 UTC 2022] _currentRoot=’/usr/local/lsws/Example/html’
[Mon Apr 4 11:45:22 UTC 2022] wellknown_path=’/usr/local/lsws/Example/html/.well-known/acme-challenge’
[Mon Apr 4 11:45:22 UTC 2022] writing token:l9ITRC5AT-XrB3Mf1RSwumlZ7kP60M2-E5N1aVyS8BE to /usr/local/lsws/Example/html/.well-known/acme-challenge/l9ITRC5AT-XrB3Mf1RSwumlZ7kP60M2-E5N1aVyS8BE
[Mon Apr 4 11:45:22 UTC 2022] Changing owner/group of .well-known to root:root
[Mon Apr 4 11:45:22 UTC 2022] url=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729638210/a0PFrA
[Mon Apr 4 11:45:22 UTC 2022] payload=’{}’
[Mon Apr 4 11:45:22 UTC 2022] POST
[Mon Apr 4 11:45:22 UTC 2022] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729638210/a0PFrA
[Mon Apr 4 11:45:22 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g ’
[Mon Apr 4 11:45:22 UTC 2022] _ret=‘0’
[Mon Apr 4 11:45:22 UTC 2022] code=‘200’
[Mon Apr 4 11:45:22 UTC 2022] trigger validation code: 200
[Mon Apr 4 11:45:22 UTC 2022] Pending, The CA is processing your order, please just wait. (1/30)
[Mon Apr 4 11:45:22 UTC 2022] sleep 2 secs to verify again
[Mon Apr 4 11:45:24 UTC 2022] checking
[Mon Apr 4 11:45:24 UTC 2022] url=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729638210/a0PFrA
[Mon Apr 4 11:45:24 UTC 2022] payload
[Mon Apr 4 11:45:24 UTC 2022] POST
[Mon Apr 4 11:45:24 UTC 2022] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729638210/a0PFrA
[Mon Apr 4 11:45:24 UTC 2022] _CURL=‘curl --silent --dump-header /root/.acme.sh/http.header -L -g ’
[Mon Apr 4 11:45:25 UTC 2022] _ret=‘0’
[Mon Apr 4 11:45:25 UTC 2022] code=‘200’
[Mon Apr 4 11:45:25 UTC 2022] abc.com:Verify error:Invalid response from http://abc.com/.well-known/acme-challenge/l9ITRC5AT-XrB3Mf1RSwumlZ7kP60M2-E5N1aVyS8BE [168.103.247.126]: 404
[Mon Apr 4 11:45:25 UTC 2022] pid
[Mon Apr 4 11:45:25 UTC 2022] No need to restore nginx, skip.
[Mon Apr 4 11:45:25 UTC 2022] _clearupdns
[Mon Apr 4 11:45:25 UTC 2022] dns_entries
[Mon Apr 4 11:45:25 UTC 2022] skip dns.
[Mon Apr 4 11:45:25 UTC 2022] _on_issue_err
[Mon Apr 4 11:45:25 UTC 2022] Please check log file for more details: /root/.acme.sh/acme.sh.log
[Mon Apr 4 11:45:25 UTC 2022] url=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729638210/a0PFrA
[Mon Apr 4 11:45:25 UTC 2022] payload=’{}’
[Mon Apr 4 11:45:25 UTC 2022] POST
[Mon Apr 4 11:45:25 UTC 2022] _post_url=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729638210/a0PFrA
[Mon Apr 4 11:45:25 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g ’
[Mon Apr 4 11:45:25 UTC 2022] _ret=‘0’
[Mon Apr 4 11:45:25 UTC 2022] code=‘400’

As of right now its working via command line but failing in the WEB GUI. Thinking the problem is this… Not sure how to set the wellknown_path or _currentRoot to get the WEB GUI working again.

/usr/local/lsws/Example/html/ needs to be /home/abc.com/public_html/ ← Any idea on the update command for this?

[Mon Apr 4 11:45:22 UTC 2022] uri=‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/94729638210/a0PFrA
[Mon Apr 4 11:45:22 UTC 2022] _currentRoot=’/usr/local/lsws/Example/html’
[Mon Apr 4 11:45:22 UTC 2022] wellknown_path=’/usr/local/lsws/Example/html/.well-known/acme-challenge’

1 Like

MAIN LOG:

[04.04.2022_11-45-18] Failed to obtain SSL for: abc.com and: www.abc.com
[04.04.2022_11-45-18] Trying to obtain SSL for: abc.com
[04.04.2022_11-45-26] Failed to obtain SSL, issuing self-signed SSL for: abc.com
[04.04.2022_11-45-26] Self signed SSL issued for abc.com.

Not able to resolve this yet.

I will leave my experience here, as I faced this problem myself. Having received Relay access denied, I went to the DNS tab and filled in all the fields, for example Domain delegated to Sprinthost NS servers (*ns2.sprinthost.ru, ns1.sprinthost.ru, ns3.sprinthost.net, ns4.sprinthost.net *). I also filled in the “Create Nameserver” tab, and checked the IP on my VDS, after that the certificate was received without any problems.



Same here.

Have you found a solution to change the path?