Author Topic: SSL hostname Issue  (Read 5862 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
SSL hostname Issue
« on: September 16, 2019, 02:35:50 PM »
Hey fellows

every time I try to issue an SSL certificate for my hostname or any other domain I encounter the following error

Logs from /var/log/cwp/autossl.log
Code: [Select]
2019-09-16 02:09:10 s1.mydomain.com Success http validation for Hostname: s1.mydomain.com
2019-09-16 02:09:56 s1.mydomain.com AutoSSL Failed install for Hostname: s1.mydomain.com
2019-09-16 02:09:56 s1.mydomain.com Please check AutoSSL logs for more details: /root/.acme.sh/acme.sh.log
2019-09-16 02:09:56 s1.mydomain.com Self-signed SSL installed for Hostname: s1.mydomain.com
2019-09-16 02:09:56 s1.mydomain.com Installing Hostname SSL for service cwpsrv: s1.mydomain.com
2019-09-16 02:09:56 s1.mydomain.com Installing Hostname SSL for service postfix: s1.mydomain.com
2019-09-16 02:09:59 s1.mydomain.com Installing Hostname SSL for service dovecot: s1.mydomain.com
2019-09-16 02:09:59 s1.mydomain.com Installing Hostname SSL for service pure-ftpd: s1.mydomain.com
2019-09-16 02:09:59 s1.mydomain.com Installing Hostname SSL for service nginx: s1.mydomain.com
2019-09-16 02:09:59 s1.mydomain.com Installing Hostname SSL for service httpd: s1.mydomain.com

Logs from /root/.acme.sh/acme.sh.log
Code: [Select]
[Mon Sep 16 14:16:10 UTC 2019] Running cmd: issue
[Mon Sep 16 14:16:10 UTC 2019] _main_domain='s1.mydomain.com'
[Mon Sep 16 14:16:10 UTC 2019] _alt_domains='no'
[Mon Sep 16 14:16:10 UTC 2019] Using config home:/root/.acme.sh
[Mon Sep 16 14:16:10 UTC 2019] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:10 UTC 2019] DOMAIN_PATH='/root/.acme.sh/cwp_certs/s1.vandyglobal.com'
[Mon Sep 16 14:16:10 UTC 2019] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Mon Sep 16 14:16:10 UTC 2019] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Mon Sep 16 14:16:10 UTC 2019] GET
[Mon Sep 16 14:16:10 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:10 UTC 2019] timeout=
[Mon Sep 16 14:16:10 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:11 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:11 UTC 2019] ret='77'
[Mon Sep 16 14:16:11 UTC 2019] Can not init api.
[Mon Sep 16 14:16:11 UTC 2019] Le_NextRenewTime
[Mon Sep 16 14:16:11 UTC 2019] _on_before_issue
[Mon Sep 16 14:16:11 UTC 2019] _chk_main_domain='s1.mydomain.com'
[Mon Sep 16 14:16:11 UTC 2019] _chk_alt_domains
[Mon Sep 16 14:16:11 UTC 2019] Le_LocalAddress
[Mon Sep 16 14:16:11 UTC 2019] d='s1.mydomain.com'
[Mon Sep 16 14:16:11 UTC 2019] Check for domain='s1.mydomain.com'
[Mon Sep 16 14:16:11 UTC 2019] _currentRoot='/usr/local/apache/autossl_tmp/'
[Mon Sep 16 14:16:11 UTC 2019] d
[Mon Sep 16 14:16:11 UTC 2019] _saved_account_key_hash is not changed, skip register account.
[Mon Sep 16 14:16:11 UTC 2019] Read key length:
[Mon Sep 16 14:16:11 UTC 2019] Creating domain key
[Mon Sep 16 14:16:11 UTC 2019] Using config home:/root/.acme.sh
[Mon Sep 16 14:16:11 UTC 2019] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:11 UTC 2019] Use length 2048
[Mon Sep 16 14:16:11 UTC 2019] Using RSA: 2048
[Mon Sep 16 14:16:11 UTC 2019] The domain key is here: /root/.acme.sh/cwp_certs/s1.mydomain.com/s1.mydomain.com.key
[Mon Sep 16 14:16:11 UTC 2019] _createcsr
[Mon Sep 16 14:16:11 UTC 2019] Single domain='s1.mydomain.com'
[Mon Sep 16 14:16:11 UTC 2019] Getting domain auth token for each domain
[Mon Sep 16 14:16:11 UTC 2019] d='s1.mydomain.com'
[Mon Sep 16 14:16:11 UTC 2019] Getting webroot for domain='s1.mydomain.com'
[Mon Sep 16 14:16:11 UTC 2019] _w='/usr/local/apache/autossl_tmp/'
[Mon Sep 16 14:16:11 UTC 2019] _currentRoot='/usr/local/apache/autossl_tmp/'
[Mon Sep 16 14:16:11 UTC 2019] Getting new-authz for domain='s1.mydomain.com'
[Mon Sep 16 14:16:11 UTC 2019] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Mon Sep 16 14:16:11 UTC 2019] GET
[Mon Sep 16 14:16:11 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:11 UTC 2019] timeout=
[Mon Sep 16 14:16:11 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:11 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:11 UTC 2019] ret='77'
[Mon Sep 16 14:16:11 UTC 2019] Can not init api.
[Mon Sep 16 14:16:11 UTC 2019] Try new-authz for the 0 time.
[Mon Sep 16 14:16:11 UTC 2019] url
[Mon Sep 16 14:16:11 UTC 2019] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "s1.vandyglobal.com"}}'
[Mon Sep 16 14:16:11 UTC 2019] RSA key
[Mon Sep 16 14:16:11 UTC 2019] GET
[Mon Sep 16 14:16:11 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:11 UTC 2019] timeout=
[Mon Sep 16 14:16:11 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:12 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:12 UTC 2019] ret='77'
[Mon Sep 16 14:16:12 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:14 UTC 2019] GET
[Mon Sep 16 14:16:14 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:14 UTC 2019] timeout=
[Mon Sep 16 14:16:14 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:14 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:14 UTC 2019] ret='77'
[Mon Sep 16 14:16:14 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:16 UTC 2019] GET
[Mon Sep 16 14:16:16 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:16 UTC 2019] timeout=
[Mon Sep 16 14:16:16 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:16 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:16 UTC 2019] ret='77'
[Mon Sep 16 14:16:16 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:18 UTC 2019] GET
[Mon Sep 16 14:16:18 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:18 UTC 2019] timeout=
[Mon Sep 16 14:16:18 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:18 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:18 UTC 2019] ret='77'
[Mon Sep 16 14:16:18 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:20 UTC 2019] GET
[Mon Sep 16 14:16:20 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:20 UTC 2019] timeout=
[Mon Sep 16 14:16:20 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:20 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:20 UTC 2019] ret='77'
[Mon Sep 16 14:16:21 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:23 UTC 2019] GET
[Mon Sep 16 14:16:23 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:23 UTC 2019] timeout=
[Mon Sep 16 14:16:23 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:23 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:23 UTC 2019] ret='77'
[Mon Sep 16 14:16:23 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:25 UTC 2019] GET
[Mon Sep 16 14:16:25 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:25 UTC 2019] timeout=
[Mon Sep 16 14:16:25 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:25 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:25 UTC 2019] ret='77'
[Mon Sep 16 14:16:25 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:27 UTC 2019] GET
[Mon Sep 16 14:16:27 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:27 UTC 2019] timeout=
[Mon Sep 16 14:16:27 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:27 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:27 UTC 2019] ret='77'
[Mon Sep 16 14:16:27 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:29 UTC 2019] GET
[Mon Sep 16 14:16:29 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:29 UTC 2019] timeout=
[Mon Sep 16 14:16:29 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:29 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:29 UTC 2019] ret='77'
[Mon Sep 16 14:16:29 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:31 UTC 2019] GET
[Mon Sep 16 14:16:31 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:31 UTC 2019] timeout=
[Mon Sep 16 14:16:31 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:32 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:32 UTC 2019] ret='77'
[Mon Sep 16 14:16:32 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:34 UTC 2019] GET
[Mon Sep 16 14:16:34 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:34 UTC 2019] timeout=
[Mon Sep 16 14:16:34 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:34 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:34 UTC 2019] ret='77'
[Mon Sep 16 14:16:34 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:36 UTC 2019] GET
[Mon Sep 16 14:16:36 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:36 UTC 2019] timeout=
[Mon Sep 16 14:16:36 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:36 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:36 UTC 2019] ret='77'
[Mon Sep 16 14:16:36 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:38 UTC 2019] GET
[Mon Sep 16 14:16:38 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:38 UTC 2019] timeout=
[Mon Sep 16 14:16:38 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:38 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:38 UTC 2019] ret='77'
[Mon Sep 16 14:16:38 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:40 UTC 2019] GET
[Mon Sep 16 14:16:40 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:40 UTC 2019] timeout=
[Mon Sep 16 14:16:40 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:41 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:41 UTC 2019] ret='77'
[Mon Sep 16 14:16:41 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:43 UTC 2019] GET
[Mon Sep 16 14:16:43 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:43 UTC 2019] timeout=
[Mon Sep 16 14:16:43 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:43 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:43 UTC 2019] ret='77'
[Mon Sep 16 14:16:43 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:45 UTC 2019] GET
[Mon Sep 16 14:16:45 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:45 UTC 2019] timeout=
[Mon Sep 16 14:16:45 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:45 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:45 UTC 2019] ret='77'
[Mon Sep 16 14:16:45 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:47 UTC 2019] GET
[Mon Sep 16 14:16:47 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:47 UTC 2019] timeout=
[Mon Sep 16 14:16:47 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:47 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:47 UTC 2019] ret='77'
[Mon Sep 16 14:16:47 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:49 UTC 2019] GET
[Mon Sep 16 14:16:49 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:49 UTC 2019] timeout=
[Mon Sep 16 14:16:49 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:50 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:50 UTC 2019] ret='77'
[Mon Sep 16 14:16:50 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:52 UTC 2019] GET
[Mon Sep 16 14:16:52 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:52 UTC 2019] timeout=
[Mon Sep 16 14:16:52 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:52 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:52 UTC 2019] ret='77'
[Mon Sep 16 14:16:52 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:54 UTC 2019] GET
[Mon Sep 16 14:16:54 UTC 2019] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Sep 16 14:16:54 UTC 2019] timeout=
[Mon Sep 16 14:16:54 UTC 2019] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon Sep 16 14:16:54 UTC 2019] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 77
[Mon Sep 16 14:16:54 UTC 2019] ret='77'
[Mon Sep 16 14:16:54 UTC 2019] Could not get nonce, let's try again.
[Mon Sep 16 14:16:56 UTC 2019] The new-authz request is ok.
[Mon Sep 16 14:16:56 UTC 2019] entry
[Mon Sep 16 14:16:56 UTC 2019] Error, can not get domain token entry s1.mydomain.com
[Mon Sep 16 14:16:56 UTC 2019] pid
[Mon Sep 16 14:16:56 UTC 2019] No need to restore nginx, skip.
[Mon Sep 16 14:16:56 UTC 2019] _clearupdns
[Mon Sep 16 14:16:56 UTC 2019] dns_entries
[Mon Sep 16 14:16:56 UTC 2019] skip dns.
[Mon Sep 16 14:16:56 UTC 2019] _on_issue_err
[Mon Sep 16 14:16:56 UTC 2019] Please check log file for more details: /root/.acme.sh/acme.sh.log

Note: There is neither Letsencrypt folder in /etc/ nor the config file /usr/local/apache/conf.d/vhosts-ssl-letsencrypt.conf

using Nginx-varnish-apache


Offline
*
Re: SSL hostname Issue
« Reply #1 on: September 16, 2019, 07:27:49 PM »
Your records show that your server cannot reach "https://acme-v02.api.letsencrypt.org/directory" - it times out. You need to make sure you have access to the internet and that your server on that domain is reachable. Think firewall, or proper port forwarding...

Offline
*
Re: SSL hostname Issue
« Reply #2 on: September 16, 2019, 09:47:16 PM »
Your records show that your server cannot reach "https://acme-v02.api.letsencrypt.org/directory" - it times out. You need to make sure you have access to the internet and that your server on that domain is reachable. Think firewall, or proper port forwarding...

its a VPS on the datacenter and there is no port forwarding and firewall is off

Offline
***
Re: SSL hostname Issue
« Reply #3 on: September 16, 2019, 10:21:54 PM »
are you using ivp6?
If so, disable that and try again.