Welcome to Centmin Mod Community
Become a Member

SSL Letsencrypt Can not renew SSL Invalid Response 404

Discussion in 'Domains, DNS, Email & SSL Certificates' started by skringjer, May 29, 2023.

Tags:
  1. skringjer

    skringjer NoobMaster69

    208
    26
    28
    Apr 21, 2019
    Ratings:
    +43
    Local Time:
    12:10 PM
    Nginx 1.21.6
    MariaDB 10.3.x
    • Persistent Config: Do you have any persistent config file options set in /etc/centminmod/custom_config.inc ? You can check via this command:
      Code (Text):
      NGINX_SSLCACHE_ALLOWOVERRIDE='y'
      NGINX_STAPLE_CACHE_OVERRIDE='y'
      NGINX_STAPLE_CACHE_TTL='86400'
      SET_DEFAULT_MYSQLCHARSET='utf8mb4'
      AUTOHARDTUNE_NGINXBACKLOG='y'
      ZSTD_LOGROTATE_NGINX='y'
      ZSTD_LOGROTATE_PHPFPM='y'
      LETSENCRYPT_DETECT='y'
      DUALCERTS='y'
      SELFSIGNEDSSL_ECDSA='y'
      NGINX_LIBBROTLI='y'
      NGXDYNAMIC_BROTLI='y'
      PHP_PGO_ALWAYS='y'
      PHP_PGO='y'
      PHP_BROTLI='y'
      PHP_LZFOUR='y'
      PHP_LZF='y'
      PHP_ZSTD='y'
      DMOTD_PHPCHECK='y'
      PHPFINFO='y'
      WPCLI_CE_QUERYSTRING_INCLUDED='y'
      MM_LICENSE_KEY=''
      MM_CSF_SRC='y'
      
      MARCH_TARGETNATIVE='n'
      AUDITD_ENABLE='y'
      
      

    My ssl expired for one of my domain and when i try to renew it

    ./acmetool.sh reissue domain.com lived or ./acmetool.sh renew domain.com lived

    I get the following error Invalid response from domain.com/.well-known/acme-challenge/foBdR3qgMNPhzTmWVaZHIT_IR99QC1oC2gmAoeriTQc: 404


    So upon checking the logs, i see

    Code:
    [Mon May 29 09:13:21 UTC 2023] Lets find script dir.
    [Mon May 29 09:13:21 UTC 2023] _SCRIPT_='/root/.acme.sh/acme.sh'
    [Mon May 29 09:13:21 UTC 2023] _script='/root/.acme.sh/acme.sh'
    [Mon May 29 09:13:21 UTC 2023] _script_home='/root/.acme.sh'
    [Mon May 29 09:13:21 UTC 2023] Using config home:/root/.acme.sh
    [Mon May 29 09:13:21 UTC 2023] LE_WORKING_DIR='/root/.acme.sh'
    [Mon May 29 09:13:21 UTC 2023] Running cmd: issue
    [Mon May 29 09:13:21 UTC 2023] _main_domain='domain.com'
    [Mon May 29 09:13:21 UTC 2023] _alt_domains='www.domain.com'
    [Mon May 29 09:13:21 UTC 2023] Using config home:/root/.acme.sh
    [Mon May 29 09:13:21 UTC 2023] default_acme_server='https://acme-v02.api.letsencrypt.org/directory'
    [Mon May 29 09:13:21 UTC 2023] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
    [Mon May 29 09:13:21 UTC 2023] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
    [Mon May 29 09:13:21 UTC 2023] _ACME_SERVER_PATH='directory'
    [Mon May 29 09:13:21 UTC 2023] DOMAIN_PATH='/root/.acme.sh/domain.com'
    [Mon May 29 09:13:21 UTC 2023] '/home/nginx/domains/domain.com/public' does not contain 'dns'
    [Mon May 29 09:13:21 UTC 2023] Le_NextRenewTime='1682533841'
    [Mon May 29 09:13:21 UTC 2023] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
    [Mon May 29 09:13:21 UTC 2023] _init api for server: https://acme-v02.api.letsencrypt.org/directory
    [Mon May 29 09:13:21 UTC 2023] GET
    [Mon May 29 09:13:21 UTC 2023] url='https://acme-v02.api.letsencrypt.org/directory'
    [Mon May 29 09:13:21 UTC 2023] timeout=
    [Mon May 29 09:13:21 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    [Mon May 29 09:13:22 UTC 2023] ret='0'
    [Mon May 29 09:13:22 UTC 2023] response='{
      "KYC8z5dM5nk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
      "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
      "meta": {
        "caaIdentities": [
          "letsencrypt.org"
        ],
        "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
        "website": "https://letsencrypt.org"
      },
      "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
      "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
      "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
      "renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-01/renewalInfo/",
      "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
    }'
    [Mon May 29 09:13:22 UTC 2023] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
    [Mon May 29 09:13:22 UTC 2023] ACME_NEW_AUTHZ
    [Mon May 29 09:13:22 UTC 2023] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
    [Mon May 29 09:13:22 UTC 2023] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
    [Mon May 29 09:13:22 UTC 2023] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
    [Mon May 29 09:13:22 UTC 2023] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf'
    [Mon May 29 09:13:22 UTC 2023] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
    [Mon May 29 09:13:22 UTC 2023] Using CA: https://acme-v02.api.letsencrypt.org/directory
    [Mon May 29 09:13:22 UTC 2023] _on_before_issue
    [Mon May 29 09:13:22 UTC 2023] _chk_main_domain='domain.com'
    [Mon May 29 09:13:22 UTC 2023] _chk_alt_domains='www.domain.com'
    [Mon May 29 09:13:22 UTC 2023] '/home/nginx/domains/domain.com/public' does not contain 'no'
    [Mon May 29 09:13:22 UTC 2023] Le_LocalAddress
    [Mon May 29 09:13:22 UTC 2023] d='domain.com'
    [Mon May 29 09:13:22 UTC 2023] Check for domain='domain.com'
    [Mon May 29 09:13:22 UTC 2023] _currentRoot='/home/nginx/domains/domain.com/public'
    [Mon May 29 09:13:22 UTC 2023] d='www.domain.com'
    [Mon May 29 09:13:22 UTC 2023] Check for domain='www.domain.com'
    [Mon May 29 09:13:22 UTC 2023] _currentRoot='/home/nginx/domains/domain.com/public'
    [Mon May 29 09:13:22 UTC 2023] d
    [Mon May 29 09:13:22 UTC 2023] '/home/nginx/domains/domain.com/public' does not contain 'apache'
    [Mon May 29 09:13:22 UTC 2023] _saved_account_key_hash='NFdPeDpGldByW+C4TGvEPQgOpLUzaIlT8ZitJ/3KOEU='
    [Mon May 29 09:13:22 UTC 2023] _saved_account_key_hash is not changed, skip register account.
    [Mon May 29 09:13:22 UTC 2023] Read key length:2048
    [Mon May 29 09:13:22 UTC 2023] _createcsr
    [Mon May 29 09:13:22 UTC 2023] domain='domain.com'
    [Mon May 29 09:13:22 UTC 2023] domainlist='www.domain.com'
    [Mon May 29 09:13:22 UTC 2023] csrkey='/root/.acme.sh/domain.com/domain.com.key'
    [Mon May 29 09:13:22 UTC 2023] csr='/root/.acme.sh/domain.com/domain.com.csr'
    [Mon May 29 09:13:22 UTC 2023] csrconf='/root/.acme.sh/domain.com/domain.com.csr.conf'
    [Mon May 29 09:13:22 UTC 2023] _is_idn_d='www.domain.com'
    [Mon May 29 09:13:22 UTC 2023] _idn_temp
    [Mon May 29 09:13:22 UTC 2023] domainlist='www.domain.com'
    [Mon May 29 09:13:22 UTC 2023] seg='123-apk'
    [Mon May 29 09:13:22 UTC 2023] _is_idn_d='domain.com'
    [Mon May 29 09:13:22 UTC 2023] _idn_temp
    [Mon May 29 09:13:22 UTC 2023] seg='www'
    [Mon May 29 09:13:22 UTC 2023] Multi domain='DNS:domain.com,DNS:www.domain.com'
    [Mon May 29 09:13:22 UTC 2023] _is_idn_d='domain.com'
    [Mon May 29 09:13:22 UTC 2023] _idn_temp
    [Mon May 29 09:13:22 UTC 2023] _csr_cn='domain.com'
    [Mon May 29 09:13:22 UTC 2023] seg='123-apk'
    [Mon May 29 09:13:22 UTC 2023] Getting domain auth token for each domain
    [Mon May 29 09:13:22 UTC 2023] seg='123-apk'
    [Mon May 29 09:13:22 UTC 2023] _is_idn_d='domain.com'
    [Mon May 29 09:13:22 UTC 2023] _idn_temp
    [Mon May 29 09:13:22 UTC 2023] d='www.domain.com'
    [Mon May 29 09:13:22 UTC 2023] seg='www'
    [Mon May 29 09:13:22 UTC 2023] _is_idn_d='www.domain.com'
    [Mon May 29 09:13:22 UTC 2023] _idn_temp
    [Mon May 29 09:13:22 UTC 2023] d
    [Mon May 29 09:13:22 UTC 2023] _identifiers='{"type":"dns","value":"domain.com"},{"type":"dns","value":"www.domain.com"}'
    [Mon May 29 09:13:22 UTC 2023] _notBefore
    [Mon May 29 09:13:22 UTC 2023] _notAfter
    [Mon May 29 09:13:22 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
    [Mon May 29 09:13:22 UTC 2023] payload='{"identifiers": [{"type":"dns","value":"domain.com"},{"type":"dns","value":"www.domain.com"}]}'
    [Mon May 29 09:13:22 UTC 2023] EC key
    [Mon May 29 09:13:22 UTC 2023] _URGLY_PRINTF
    [Mon May 29 09:13:22 UTC 2023] xargs
    [Mon May 29 09:13:22 UTC 2023] _URGLY_PRINTF
    [Mon May 29 09:13:22 UTC 2023] xargs
    [Mon May 29 09:13:22 UTC 2023] Get nonce with HEAD. ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
    [Mon May 29 09:13:22 UTC 2023] HEAD
    [Mon May 29 09:13:22 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
    [Mon May 29 09:13:22 UTC 2023] body
    [Mon May 29 09:13:22 UTC 2023] _postContentType='application/jose+json'
    [Mon May 29 09:13:22 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g  -I  '
    [Mon May 29 09:13:23 UTC 2023] _ret='0'
    [Mon May 29 09:13:23 UTC 2023] _headers='HTTP/1.1 200 OK
    Server: nginx
    Date: Mon, 29 May 2023 09:13:23 GMT
    Connection: keep-alive
    Cache-Control: public, max-age=0, no-cache
    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
    Replay-Nonce: 1AADADjDfjzP8ZH73f6572A-J5j3iQdRazWpgi5AY_oDuQo
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    
    '
    [Mon May 29 09:13:23 UTC 2023] _CACHED_NONCE='1AADADjDfjzP8ZH73f6572A-J5j3iQdRazWpgi5AY_oDuQo'
    [Mon May 29 09:13:23 UTC 2023] nonce='1AADADjDfjzP8ZH73f6572A-J5j3iQdRazWpgi5AY_oDuQo'
    [Mon May 29 09:13:23 UTC 2023] _URGLY_PRINTF
    [Mon May 29 09:13:23 UTC 2023] xargs
    [Mon May 29 09:13:23 UTC 2023] POST
    [Mon May 29 09:13:23 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
    [Mon May 29 09:13:23 UTC 2023] body='{"protected": "eyJub25jZSI6ICIxQUFEQURqRGZqelA4Wkg3M2Y2NTcyQS1KNWozaVFkUmF6V3BnaTVBWV9vRHVRbyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIiwgImFsZyI6ICJFUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85ODM4MTAwMjYifQ", "payload": "eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6IjEyMy1hcGsuY29tIn0seyJ0eXBlIjoiZG5zIiwidmFsdWUiOiJ3d3cuMTIzLWFway5jb20ifV19", "signature": "RhonentxQ2ACSOVplru8OsMZbNf8Y73N0DM2pXzNpQKxQ0pO8YAJU-q4yI-MqubEIcVAXJJ1PuNV9Z-hIjcoRw"}'
    [Mon May 29 09:13:23 UTC 2023] _postContentType='application/jose+json'
    [Mon May 29 09:13:23 UTC 2023] Http already initialized.
    [Mon May 29 09:13:23 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    [Mon May 29 09:13:24 UTC 2023] _ret='0'
    [Mon May 29 09:13:24 UTC 2023] responseHeaders='HTTP/1.1 201 Created
    Server: nginx
    Date: Mon, 29 May 2023 09:13:24 GMT
    Content-Type: application/json
    Content-Length: 474
    Connection: keep-alive
    Boulder-Requester: 983810026
    Cache-Control: public, max-age=0, no-cache
    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
    Location: https://acme-v02.api.letsencrypt.org/acme/order/983810026/185227359967
    Replay-Nonce: 15C9-n-nJ_xYO7cE8D-b41R3EhKBYNCM6eTQcdG732UJP-s
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    
    '
    [Mon May 29 09:13:24 UTC 2023] code='201'
    [Mon May 29 09:13:24 UTC 2023] original='{
      "status": "pending",
      "expires": "2023-06-05T09:13:24Z",
      "identifiers": [
        {
          "type": "dns",
          "value": "domain.com"
        },
        {
          "type": "dns",
          "value": "www.domain.com"
        }
      ],
      "authorizations": [
        "https://acme-v02.api.letsencrypt.org/acme/authz-v3/232077478107",
        "https://acme-v02.api.letsencrypt.org/acme/authz-v3/232077478117"
      ],
      "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/983810026/185227359967"
    }'
    [Mon May 29 09:13:24 UTC 2023] response='{"status":"pending","expires":"2023-06-05T09:13:24Z","identifiers":[{"type":"dns","value":"domain.com"},{"type":"dns","value":"www.domain.com"}],"authorizations":["https://acme-v02.api.letsencrypt.org/acme/authz-v3/232077478107","https://acme-v02.api.letsencrypt.org/acme/authz-v3/232077478117"],"finalize":"https://acme-v02.api.letsencrypt.org/acme/finalize/983810026/185227359967"}'
    [Mon May 29 09:13:24 UTC 2023] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/983810026/185227359967'
    [Mon May 29 09:13:24 UTC 2023] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/983810026/185227359967'
    [Mon May 29 09:13:24 UTC 2023] _authorizations_seg='https://acme-v02.api.letsencrypt.org/acme/authz-v3/232077478107,https://acme-v02.api.letsencrypt.org/acme/authz-v3/232077478117'
    [Mon May 29 09:13:24 UTC 2023] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/232077478107'
    [Mon May 29 09:13:24 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/232077478107'
    [Mon May 29 09:13:24 UTC 2023] payload
    [Mon May 29 09:13:24 UTC 2023] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
    [Mon May 29 09:13:24 UTC 2023] Use _CACHED_NONCE='15C9-n-nJ_xYO7cE8D-b41R3EhKBYNCM6eTQcdG732UJP-s'
    [Mon May 29 09:13:24 UTC 2023] nonce='15C9-n-nJ_xYO7cE8D-b41R3EhKBYNCM6eTQcdG732UJP-s'
    [Mon May 29 09:13:24 UTC 2023] _URGLY_PRINTF
    [Mon May 29 09:13:24 UTC 2023] xargs
    [Mon May 29 09:13:24 UTC 2023] POST
    [Mon May 29 09:13:24 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/232077478107'
    [Mon May 29 09:13:24 UTC 2023] body='{"protected": "eyJub25jZSI6ICIxNUM5LW4tbkpfeFlPN2NFOEQtYjQxUjNFaEtCWU5DTTZlVFFjZEc3MzJVSlAtcyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjMyMDc3NDc4MTA3IiwgImFsZyI6ICJFUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85ODM4MTAwMjYifQ", "payload": "", "signature": "D34CMyzw2xoJp5amyW7SCRU_c4i1KMhq50pHkmQ0Lg1xTJTDWsvqprPN0uEJxsPeLWTEH1GFQKbz4IYQFgS1rg"}'
    [Mon May 29 09:13:24 UTC 2023] _postContentType='application/jose+json'
    [Mon May 29 09:13:24 UTC 2023] Http already initialized.
    [Mon May 29 09:13:24 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    [Mon May 29 09:13:25 UTC 2023] _ret='0'
    [Mon May 29 09:13:25 UTC 2023] responseHeaders='HTTP/1.1 200 OK
    Server: nginx
    Date: Mon, 29 May 2023 09:13:24 GMT
    Content-Type: application/json
    Content-Length: 795
    Connection: keep-alive
    Boulder-Requester: 983810026
    Cache-Control: public, max-age=0, no-cache
    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
    Replay-Nonce: 1AADjpKqE2-OxRt0R0vcvyTAHoXe-XOO-j73TK4Uj2HRWFQ
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    
    '
    [Mon May 29 09:13:25 UTC 2023] code='200'
    [Mon May 29 09:13:25 UTC 2023] original='{
      "identifier": {
        "type": "dns",
        "value": "domain.com"
      },
      "status": "pending",
      "expires": "2023-06-05T09:13:24Z",
      "challenges": [
        {
          "type": "http-01",
          "status": "pending",
          "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w",
          "token": "s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"
        },
        {
          "type": "dns-01",
          "status": "pending",
          "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/W9xDaw",
          "token": "s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"
        },
        {
          "type": "tls-alpn-01",
          "status": "pending",
          "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/9pck6w",
          "token": "s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"
        }
      ]
    }'
    [Mon May 29 09:13:25 UTC 2023] response='{"identifier":{"type":"dns","value":"domain.com"},"status":"pending","expires":"2023-06-05T09:13:24Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/W9xDaw","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/9pck6w","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"}]}'
    [Mon May 29 09:13:25 UTC 2023] response='{"identifier":{"type":"dns","value":"domain.com"},"status":"pending","expires":"2023-06-05T09:13:24Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/W9xDaw","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/9pck6w","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"}]}'
    [Mon May 29 09:13:25 UTC 2023] _d='domain.com'
    [Mon May 29 09:13:25 UTC 2023] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/232077478117'
    [Mon May 29 09:13:25 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/232077478117'
    [Mon May 29 09:13:25 UTC 2023] payload
    [Mon May 29 09:13:25 UTC 2023] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
    [Mon May 29 09:13:25 UTC 2023] Use _CACHED_NONCE='1AADjpKqE2-OxRt0R0vcvyTAHoXe-XOO-j73TK4Uj2HRWFQ'
    [Mon May 29 09:13:25 UTC 2023] nonce='1AADjpKqE2-OxRt0R0vcvyTAHoXe-XOO-j73TK4Uj2HRWFQ'
    [Mon May 29 09:13:25 UTC 2023] _URGLY_PRINTF
    [Mon May 29 09:13:25 UTC 2023] xargs
    [Mon May 29 09:13:25 UTC 2023] POST
    [Mon May 29 09:13:25 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/232077478117'
    [Mon May 29 09:13:25 UTC 2023] body='{"protected": "eyJub25jZSI6ICIxQUFEanBLcUUyLU94UnQwUjB2Y3Z5VEFIb1hlLVhPTy1qNzNUSzRVajJIUldGUSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjMyMDc3NDc4MTE3IiwgImFsZyI6ICJFUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85ODM4MTAwMjYifQ", "payload": "", "signature": "ZvX6GGVDt5y_4haXFfuT1tQsNLJ5tSzR-BT8wP_K6y3FrjgITuqRIF1EScBS3k4kOQEo8O1IPFJJmtQ0Vrz2dg"}'
    [Mon May 29 09:13:25 UTC 2023] _postContentType='application/jose+json'
    [Mon May 29 09:13:25 UTC 2023] Http already initialized.
    [Mon May 29 09:13:25 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    [Mon May 29 09:13:25 UTC 2023] _ret='0'
    [Mon May 29 09:13:25 UTC 2023] responseHeaders='HTTP/1.1 200 OK
    Server: nginx
    Date: Mon, 29 May 2023 09:13:25 GMT
    Content-Type: application/json
    Content-Length: 799
    Connection: keep-alive
    Boulder-Requester: 983810026
    Cache-Control: public, max-age=0, no-cache
    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
    Replay-Nonce: 2712r83Cds0wo2Pyl7QuT9-4qGoMwdJnM3N2Eswp7nAk94s
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    
    '
    [Mon May 29 09:13:25 UTC 2023] code='200'
    [Mon May 29 09:13:25 UTC 2023] original='{
      "identifier": {
        "type": "dns",
        "value": "www.domain.com"
      },
      "status": "pending",
      "expires": "2023-06-05T09:13:24Z",
      "challenges": [
        {
          "type": "http-01",
          "status": "pending",
          "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Fhgpg",
          "token": "hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"
        },
        {
          "type": "dns-01",
          "status": "pending",
          "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Xks8Q",
          "token": "hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"
        },
        {
          "type": "tls-alpn-01",
          "status": "pending",
          "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/hCzkXQ",
          "token": "hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"
        }
      ]
    }'
    [Mon May 29 09:13:25 UTC 2023] response='{"identifier":{"type":"dns","value":"www.domain.com"},"status":"pending","expires":"2023-06-05T09:13:24Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Fhgpg","token":"hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Xks8Q","token":"hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/hCzkXQ","token":"hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"}]}'
    [Mon May 29 09:13:25 UTC 2023] response='{"identifier":{"type":"dns","value":"www.domain.com"},"status":"pending","expires":"2023-06-05T09:13:24Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Fhgpg","token":"hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Xks8Q","token":"hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/hCzkXQ","token":"hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"}]}'
    [Mon May 29 09:13:25 UTC 2023] _d='www.domain.com'
    [Mon May 29 09:13:25 UTC 2023] _authorizations_map='www.domain.com,{"identifier":{"type":"dns","value":"www.domain.com"},"status":"pending","expires":"2023-06-05T09:13:24Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Fhgpg","token":"hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Xks8Q","token":"hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/hCzkXQ","token":"hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"}]}
    domain.com,{"identifier":{"type":"dns","value":"domain.com"},"status":"pending","expires":"2023-06-05T09:13:24Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/W9xDaw","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/9pck6w","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"}]}
    '
    [Mon May 29 09:13:25 UTC 2023] d='domain.com'
    [Mon May 29 09:13:25 UTC 2023] Getting webroot for domain='domain.com'
    [Mon May 29 09:13:25 UTC 2023] _w='/home/nginx/domains/domain.com/public'
    [Mon May 29 09:13:25 UTC 2023] _currentRoot='/home/nginx/domains/domain.com/public'
    [Mon May 29 09:13:25 UTC 2023] _is_idn_d='domain.com'
    [Mon May 29 09:13:25 UTC 2023] _idn_temp
    [Mon May 29 09:13:25 UTC 2023] _candidates='domain.com,{"identifier":{"type":"dns","value":"domain.com"},"status":"pending","expires":"2023-06-05T09:13:24Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/W9xDaw","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/9pck6w","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"}]}'
    [Mon May 29 09:13:25 UTC 2023] response='{"identifier":{"type":"dns","value":"domain.com"},"status":"pending","expires":"2023-06-05T09:13:24Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/W9xDaw","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/9pck6w","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"}]}'
    [Mon May 29 09:13:25 UTC 2023] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"'
    [Mon May 29 09:13:25 UTC 2023] token='s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY'
    [Mon May 29 09:13:25 UTC 2023] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w'
    [Mon May 29 09:13:25 UTC 2023] keyauthorization='s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4'
    [Mon May 29 09:13:25 UTC 2023] dvlist='domain.com#s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4#https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w#http-01#/home/nginx/domains/domain.com/public'
    [Mon May 29 09:13:25 UTC 2023] d='www.domain.com'
    [Mon May 29 09:13:25 UTC 2023] Getting webroot for domain='www.domain.com'
    [Mon May 29 09:13:25 UTC 2023] _w='/home/nginx/domains/domain.com/public'
    [Mon May 29 09:13:25 UTC 2023] _currentRoot='/home/nginx/domains/domain.com/public'
    [Mon May 29 09:13:25 UTC 2023] _is_idn_d='www.domain.com'
    [Mon May 29 09:13:25 UTC 2023] _idn_temp
    [Mon May 29 09:13:25 UTC 2023] _candidates='www.domain.com,{"identifier":{"type":"dns","value":"www.domain.com"},"status":"pending","expires":"2023-06-05T09:13:24Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Fhgpg","token":"hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Xks8Q","token":"hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/hCzkXQ","token":"hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"}]}'
    [Mon May 29 09:13:25 UTC 2023] response='{"identifier":{"type":"dns","value":"www.domain.com"},"status":"pending","expires":"2023-06-05T09:13:24Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Fhgpg","token":"hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Xks8Q","token":"hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/hCzkXQ","token":"hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"}]}'
    [Mon May 29 09:13:25 UTC 2023] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Fhgpg","token":"hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"'
    [Mon May 29 09:13:26 UTC 2023] token='hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0'
    [Mon May 29 09:13:26 UTC 2023] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Fhgpg'
    [Mon May 29 09:13:26 UTC 2023] keyauthorization='hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4'
    [Mon May 29 09:13:26 UTC 2023] dvlist='www.domain.com#hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4#https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Fhgpg#http-01#/home/nginx/domains/domain.com/public'
    [Mon May 29 09:13:26 UTC 2023] d
    [Mon May 29 09:13:26 UTC 2023] vlist='domain.com#s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4#https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w#http-01#/home/nginx/domains/domain.com/public,www.domain.com#hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4#https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Fhgpg#http-01#/home/nginx/domains/domain.com/public,'
    [Mon May 29 09:13:26 UTC 2023] d='domain.com'
    [Mon May 29 09:13:26 UTC 2023] d='www.domain.com'
    [Mon May 29 09:13:26 UTC 2023] ok, let's start to verify
    [Mon May 29 09:13:26 UTC 2023] Verifying: domain.com
    [Mon May 29 09:13:26 UTC 2023] d='domain.com'
    [Mon May 29 09:13:26 UTC 2023] keyauthorization='s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4'
    [Mon May 29 09:13:26 UTC 2023] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w'
    [Mon May 29 09:13:26 UTC 2023] _currentRoot='/home/nginx/domains/domain.com/public'
    [Mon May 29 09:13:26 UTC 2023] wellknown_path='/home/nginx/domains/domain.com/public/.well-known/acme-challenge'
    [Mon May 29 09:13:26 UTC 2023] writing token:s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY to /home/nginx/domains/domain.com/public/.well-known/acme-challenge/s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY
    [Mon May 29 09:13:26 UTC 2023] Changing owner/group of .well-known to nginx:nginx
    [Mon May 29 09:13:26 UTC 2023] Trigger domain validation.
    [Mon May 29 09:13:26 UTC 2023] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w'
    [Mon May 29 09:13:26 UTC 2023] _t_key_authz='s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4'
    [Mon May 29 09:13:26 UTC 2023] _t_vtype='http-01'
    [Mon May 29 09:13:26 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w'
    [Mon May 29 09:13:26 UTC 2023] payload='{}'
    [Mon May 29 09:13:26 UTC 2023] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
    [Mon May 29 09:13:26 UTC 2023] Use _CACHED_NONCE='2712r83Cds0wo2Pyl7QuT9-4qGoMwdJnM3N2Eswp7nAk94s'
    [Mon May 29 09:13:26 UTC 2023] nonce='2712r83Cds0wo2Pyl7QuT9-4qGoMwdJnM3N2Eswp7nAk94s'
    [Mon May 29 09:13:26 UTC 2023] _URGLY_PRINTF
    [Mon May 29 09:13:26 UTC 2023] xargs
    [Mon May 29 09:13:26 UTC 2023] POST
    [Mon May 29 09:13:26 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w'
    [Mon May 29 09:13:26 UTC 2023] body='{"protected": "eyJub25jZSI6ICIyNzEycjgzQ2RzMHdvMlB5bDdRdVQ5LTRxR29Nd2RKbk0zTjJFc3dwN25Bazk0cyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMjMyMDc3NDc4MTA3L3kxdXkydyIsICJhbGciOiAiRVMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTgzODEwMDI2In0", "payload": "e30", "signature": "SZ3SnD6qXT-kU84GB08rLeQCPQ48jEc7t5L9sllhJ4ei6peYQdVw6AToDn_bJ0J4Og3wVJQ7ry-RsJ0vDoozCw"}'
    [Mon May 29 09:13:26 UTC 2023] _postContentType='application/jose+json'
    [Mon May 29 09:13:26 UTC 2023] Http already initialized.
    [Mon May 29 09:13:26 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    [Mon May 29 09:13:26 UTC 2023] _ret='0'
    [Mon May 29 09:13:26 UTC 2023] responseHeaders='HTTP/1.1 200 OK
    Server: nginx
    Date: Mon, 29 May 2023 09:13:26 GMT
    Content-Type: application/json
    Content-Length: 187
    Connection: keep-alive
    Boulder-Requester: 983810026
    Cache-Control: public, max-age=0, no-cache
    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
    Link: <https://acme-v02.api.letsencrypt.org/acme/authz-v3/232077478107>;rel="up"
    Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w
    Replay-Nonce: 20F6ltTQ5O6upPuzDuXg2vCg3jnjzTI_JcPFlmRhWyGxYLg
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    
    '
    [Mon May 29 09:13:26 UTC 2023] code='200'
    [Mon May 29 09:13:26 UTC 2023] original='{
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w",
      "token": "s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"
    }'
    [Mon May 29 09:13:26 UTC 2023] response='{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"}'
    [Mon May 29 09:13:26 UTC 2023] trigger validation code: 200
    [Mon May 29 09:13:26 UTC 2023] original='{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"}'
    [Mon May 29 09:13:26 UTC 2023] response='{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY"}'
    [Mon May 29 09:13:26 UTC 2023] status='pending'
    [Mon May 29 09:13:26 UTC 2023] Pending, The CA is processing your order, please just wait. (1/30)
    [Mon May 29 09:13:26 UTC 2023] sleep 2 secs to verify again
    [Mon May 29 09:13:28 UTC 2023] checking
    [Mon May 29 09:13:28 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w'
    [Mon May 29 09:13:28 UTC 2023] payload
    [Mon May 29 09:13:28 UTC 2023] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
    [Mon May 29 09:13:28 UTC 2023] Use _CACHED_NONCE='20F6ltTQ5O6upPuzDuXg2vCg3jnjzTI_JcPFlmRhWyGxYLg'
    [Mon May 29 09:13:28 UTC 2023] nonce='20F6ltTQ5O6upPuzDuXg2vCg3jnjzTI_JcPFlmRhWyGxYLg'
    [Mon May 29 09:13:28 UTC 2023] _URGLY_PRINTF
    [Mon May 29 09:13:28 UTC 2023] xargs
    [Mon May 29 09:13:28 UTC 2023] POST
    [Mon May 29 09:13:28 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w'
    [Mon May 29 09:13:28 UTC 2023] body='{"protected": "eyJub25jZSI6ICIyMEY2bHRUUTVPNnVwUHV6RHVYZzJ2Q2czam5qelRJX0pjUEZsbVJoV3lHeFlMZyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMjMyMDc3NDc4MTA3L3kxdXkydyIsICJhbGciOiAiRVMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTgzODEwMDI2In0", "payload": "", "signature": "NUfvdKp-Wpk2_H91sl92lO0tgXw4GKLvAkKb7tDSwVXt5moqB0OaMJ4Cp77IGnsn32fG9r2ckJtrS2fpDhmaBA"}'
    [Mon May 29 09:13:28 UTC 2023] _postContentType='application/jose+json'
    [Mon May 29 09:13:28 UTC 2023] Http already initialized.
    [Mon May 29 09:13:28 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    [Mon May 29 09:13:29 UTC 2023] _ret='0'
    [Mon May 29 09:13:29 UTC 2023] responseHeaders='HTTP/1.1 200 OK
    Server: nginx
    Date: Mon, 29 May 2023 09:13:29 GMT
    Content-Type: application/json
    Content-Length: 1034
    Connection: keep-alive
    Boulder-Requester: 983810026
    Cache-Control: public, max-age=0, no-cache
    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
    Link: <https://acme-v02.api.letsencrypt.org/acme/authz-v3/232077478107>;rel="up"
    Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w
    Replay-Nonce: 1AADUbMDwQhLKIgC9OPS6-sCrLJsW9lmLatD5vuuljuoy8k
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    
    '
    [Mon May 29 09:13:29 UTC 2023] code='200'
    [Mon May 29 09:13:29 UTC 2023] original='{
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:unauthorized",
        "detail": "MY.IP.MY.IP: Invalid response from https://domain.com/.well-known/acme-challenge/s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY: 404",
        "status": 403
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w",
      "token": "s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY",
      "validationRecord": [
        {
          "url": "http://domain.com/.well-known/acme-challenge/s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY",
          "hostname": "domain.com",
          "port": "80",
          "addressesResolved": [
            "MY.IP.MY.IP"
          ],
          "addressUsed": "MY.IP.MY.IP"
        },
        {
          "url": "https://domain.com/.well-known/acme-challenge/s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY",
          "hostname": "domain.com",
          "port": "443",
          "addressesResolved": [
            "MY.IP.MY.IP"
          ],
          "addressUsed": "MY.IP.MY.IP"
        }
      ],
      "validated": "2023-05-29T09:13:26Z"
    }'
    [Mon May 29 09:13:29 UTC 2023] response='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"MY.IP.MY.IP: Invalid response from https://domain.com/.well-known/acme-challenge/s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY: 404","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY","validationRecord":[{"url":"http://domain.com/.well-known/acme-challenge/s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY","hostname":"domain.com","port":"80","addressesResolved":["MY.IP.MY.IP"],"addressUsed":"MY.IP.MY.IP"},{"url":"https://domain.com/.well-known/acme-challenge/s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY","hostname":"domain.com","port":"443","addressesResolved":["MY.IP.MY.IP"],"addressUsed":"MY.IP.MY.IP"}],"validated":"2023-05-29T09:13:26Z"}'
    [Mon May 29 09:13:29 UTC 2023] original='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"MY.IP.MY.IP: Invalid response from https://domain.com/.well-known/acme-challenge/s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY: 404","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY","validationRecord":[{"url":"http://domain.com/.well-known/acme-challenge/s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY","hostname":"domain.com","port":"80","addressesResolved":["MY.IP.MY.IP"],"addressUsed":"MY.IP.MY.IP"},{"url":"https://domain.com/.well-known/acme-challenge/s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY","hostname":"domain.com","port":"443","addressesResolved":["MY.IP.MY.IP"],"addressUsed":"MY.IP.MY.IP"}],"validated":"2023-05-29T09:13:26Z"}'
    [Mon May 29 09:13:29 UTC 2023] response='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"MY.IP.MY.IP: Invalid response from https://domain.com/.well-known/acme-challenge/s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY: 404","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w","token":"s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY","validationRecord":[{"url":"http://domain.com/.well-known/acme-challenge/s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY","hostname":"domain.com","port":"80","addressesResolved":["MY.IP.MY.IP"],"addressUsed":"MY.IP.MY.IP"},{"url":"https://domain.com/.well-known/acme-challenge/s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY","hostname":"domain.com","port":"443","addressesResolved":["MY.IP.MY.IP"],"addressUsed":"MY.IP.MY.IP"}],"validated":"2023-05-29T09:13:26Z"}'
    [Mon May 29 09:13:29 UTC 2023] status='invalid'
    [Mon May 29 09:13:29 UTC 2023] error='"error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"MY.IP.MY.IP: Invalid response from https://domain.com/.well-known/acme-challenge/s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY: 404","status": 403'
    [Mon May 29 09:13:29 UTC 2023] errordetail='MY.IP.MY.IP: Invalid response from https://domain.com/.well-known/acme-challenge/s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY: 404'
    [Mon May 29 09:13:29 UTC 2023] domain.com:Verify error:MY.IP.MY.IP: Invalid response from https://domain.com/.well-known/acme-challenge/s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY: 404
    [Mon May 29 09:13:29 UTC 2023] pid
    [Mon May 29 09:13:29 UTC 2023] No need to restore nginx, skip.
    [Mon May 29 09:13:29 UTC 2023] _clearupdns
    [Mon May 29 09:13:29 UTC 2023] dns_entries
    [Mon May 29 09:13:29 UTC 2023] skip dns.
    [Mon May 29 09:13:29 UTC 2023] _on_issue_err
    [Mon May 29 09:13:29 UTC 2023] Please check log file for more details: /root/centminlogs/acmetool.sh-debug-log-290523-091316.log
    [Mon May 29 09:13:29 UTC 2023] _chk_vlist='domain.com#s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4#https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w#http-01#/home/nginx/domains/domain.com/public,www.domain.com#hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4#https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Fhgpg#http-01#/home/nginx/domains/domain.com/public,'
    [Mon May 29 09:13:29 UTC 2023] start to deactivate authz
    [Mon May 29 09:13:29 UTC 2023] Trigger domain validation.
    [Mon May 29 09:13:29 UTC 2023] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w'
    [Mon May 29 09:13:29 UTC 2023] _t_key_authz='s4qvz7ylORVXmvHgV8LdLBo0GpVwDY9CLwFUbrWOzAY.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4'
    [Mon May 29 09:13:29 UTC 2023] _t_vtype
    [Mon May 29 09:13:29 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w'
    [Mon May 29 09:13:29 UTC 2023] payload='{}'
    [Mon May 29 09:13:29 UTC 2023] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
    [Mon May 29 09:13:29 UTC 2023] Use _CACHED_NONCE='1AADUbMDwQhLKIgC9OPS6-sCrLJsW9lmLatD5vuuljuoy8k'
    [Mon May 29 09:13:29 UTC 2023] nonce='1AADUbMDwQhLKIgC9OPS6-sCrLJsW9lmLatD5vuuljuoy8k'
    [Mon May 29 09:13:29 UTC 2023] _URGLY_PRINTF
    [Mon May 29 09:13:29 UTC 2023] xargs
    [Mon May 29 09:13:29 UTC 2023] POST
    [Mon May 29 09:13:29 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478107/y1uy2w'
    [Mon May 29 09:13:29 UTC 2023] body='{"protected": "eyJub25jZSI6ICIxQUFEVWJNRHdRaExLSWdDOU9QUzYtc0NyTEpzVzlsbUxhdEQ1dnV1bGp1b3k4ayIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMjMyMDc3NDc4MTA3L3kxdXkydyIsICJhbGciOiAiRVMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTgzODEwMDI2In0", "payload": "e30", "signature": "EcYFGg1JL4Wuc4cd3JnR57OVL4ZZqE7TRr9geK2auY4nsZXGPnh-IC__wpFFsl2Y2e4tijjAInlX_y64_aoynw"}'
    [Mon May 29 09:13:29 UTC 2023] _postContentType='application/jose+json'
    [Mon May 29 09:13:29 UTC 2023] Http already initialized.
    [Mon May 29 09:13:29 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    [Mon May 29 09:13:30 UTC 2023] _ret='0'
    [Mon May 29 09:13:30 UTC 2023] responseHeaders='HTTP/1.1 400 Bad Request
    Server: nginx
    Date: Mon, 29 May 2023 09:13:30 GMT
    Content-Type: application/problem+json
    Content-Length: 144
    Connection: keep-alive
    Boulder-Requester: 983810026
    Cache-Control: public, max-age=0, no-cache
    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
    Replay-Nonce: 1AADserVQ6xXThwIjw-pCVXgO9yF5n3i4rHptamWVTPlnqo
    
    '
    [Mon May 29 09:13:30 UTC 2023] code='400'
    [Mon May 29 09:13:30 UTC 2023] original='{
      "type": "urn:ietf:params:acme:error:malformed",
      "detail": "Unable to update challenge :: authorization must be pending",
      "status": 400
    }'
    [Mon May 29 09:13:30 UTC 2023] response='{
      "type": "urn:ietf:params:acme:error:malformed",
      "detail": "Unable to update challenge :: authorization must be pending",
      "status": 400
    }'
    [Mon May 29 09:13:30 UTC 2023] Trigger domain validation.
    [Mon May 29 09:13:30 UTC 2023] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Fhgpg'
    [Mon May 29 09:13:30 UTC 2023] _t_key_authz='hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4'
    [Mon May 29 09:13:30 UTC 2023] _t_vtype
    [Mon May 29 09:13:30 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Fhgpg'
    [Mon May 29 09:13:30 UTC 2023] payload='{}'
    [Mon May 29 09:13:30 UTC 2023] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
    [Mon May 29 09:13:30 UTC 2023] Use _CACHED_NONCE='1AADserVQ6xXThwIjw-pCVXgO9yF5n3i4rHptamWVTPlnqo'
    [Mon May 29 09:13:30 UTC 2023] nonce='1AADserVQ6xXThwIjw-pCVXgO9yF5n3i4rHptamWVTPlnqo'
    [Mon May 29 09:13:30 UTC 2023] _URGLY_PRINTF
    [Mon May 29 09:13:30 UTC 2023] xargs
    [Mon May 29 09:13:30 UTC 2023] POST
    [Mon May 29 09:13:30 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Fhgpg'
    [Mon May 29 09:13:30 UTC 2023] body='{"protected": "eyJub25jZSI6ICIxQUFEc2VyVlE2eFhUaHdJanctcENWWGdPOXlGNW4zaTRySHB0YW1XVlRQbG5xbyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMjMyMDc3NDc4MTE3LzFGaGdwZyIsICJhbGciOiAiRVMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTgzODEwMDI2In0", "payload": "e30", "signature": "JKuhrsSb-HDVyBY17VpcBA-qxBqsdhDXkmycpmRcvoVPqrutuBbraNo1TzxoWs-NBVAuYupm52nDUZSeEscwoQ"}'
    [Mon May 29 09:13:30 UTC 2023] _postContentType='application/jose+json'
    [Mon May 29 09:13:30 UTC 2023] Http already initialized.
    [Mon May 29 09:13:30 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    [Mon May 29 09:13:31 UTC 2023] _ret='0'
    [Mon May 29 09:13:31 UTC 2023] responseHeaders='HTTP/1.1 200 OK
    Server: nginx
    Date: Mon, 29 May 2023 09:13:31 GMT
    Content-Type: application/json
    Content-Length: 187
    Connection: keep-alive
    Boulder-Requester: 983810026
    Cache-Control: public, max-age=0, no-cache
    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
    Link: <https://acme-v02.api.letsencrypt.org/acme/authz-v3/232077478117>;rel="up"
    Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Fhgpg
    Replay-Nonce: 20F6wNubwxlbNCOi4y6lS1ZziirsC_vD4IDWwJIwNNYHOGc
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    
    '
    [Mon May 29 09:13:31 UTC 2023] code='200'
    [Mon May 29 09:13:31 UTC 2023] original='{
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Fhgpg",
      "token": "hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"
    }'
    [Mon May 29 09:13:31 UTC 2023] response='{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/232077478117/1Fhgpg","token":"hSdJ3dmqyMXbHRPH1BKKyo9gxXw25f3FQs8kIA6o2T0"}'
    
    

    I have set in my vhost the root folder as
    /home/nginx/domains/domain.com/public/custom-app/public;

    Could that cause the issue?

     
  2. eva2000

    eva2000 Administrator Staff Member

    54,368
    12,198
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,763
    Local Time:
    5:10 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    could be as Centmin Mod default uses a different web root unless you tell it to look else where before the first time you create Nginx vhost with letsencrypt. Or if you use Cloudflare for DNS for domain, you can switch away from webroot authentication for Letsencrypt to Cloudflare DNS API authentication so that webroot doesn't matter Letsencrypt Free SSL Certificates
    Code (Text):
    [Mon May 29 09:13:22 UTC 2023] Check for domain='domain.com'
    [Mon May 29 09:13:22 UTC 2023] _currentRoot='/home/nginx/domains/domain.com/public'
    [Mon May 29 09:13:22 UTC 2023] d='www.domain.com'
    [Mon May 29 09:13:22 UTC 2023] Check for domain='www.domain.com'
    [Mon May 29 09:13:22 UTC 2023] _currentRoot='/home/nginx/domains/domain.com/public'
    

    You can try post-nginx vhost creation modifications to see if it works by editing underlying acme.sh config for domain at /root/.acme.sh/domain.com/domain.com.conf and change the assigned Le_Webroot variable's default web root path to yours
    Code (Text):
    Le_Domain='domain.com'
    Le_Alt='no'
    Le_Webroot='/home/nginx/domains/domain.com/public'
    

    and then run the renewal cronjob command
    Code (Text):
    "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh"


    When you create a new nginx vhost domain via centmin.sh menu option 2 or menu option 22 or via /usr/bin/nv cli command line, you will create the Nginx vhost files and directories. You will get an outputted the path location where it will create the domain name's vhost conf file named newdomain.com.conf (and newdomain.com.ssl.conf if you selected yes to self signed SSL)
    • Nginx vhost conf path will be at /usr/local/nginx/conf/conf.d/newdomain.com.conf
    • Nginx HTTP/2 SSL vhost conf path will be at /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf
    • Nginx Self-Signed SSL Certificate Directory at /usr/local/nginx/conf/ssl/newdomain.com
    • Vhost public web root will be at /home/nginx/domains/newdomain.com/public
    • Vhost log directory will be at /home/nginx/domains/newdomain.com/log
    Please post the contents of /usr/local/nginx/conf/conf.d/newdomain.com.conf and if applicable /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf wrapped in CODE tags (outlined at How to use forum BBCODE code tags)

    what is output of these commands in ssh
    Code (Text):
    curl -I https://domain.com
    

    Code (Text):
    curl -I https://www.domain.com
    

    Code (Text):
    curl -I http://domain.com
    

    Code (Text):
    curl -I http://www.domain.com
    

    wrap output in CODE tags
     
  3. skringjer

    skringjer NoobMaster69

    208
    26
    28
    Apr 21, 2019
    Ratings:
    +43
    Local Time:
    12:10 PM
    Nginx 1.21.6
    MariaDB 10.3.x
    Thank you so much for replying,

    after chaning /root/.acme.sh/domain.com/domain.com.conf root dir, the renewal worked fine.
     
  4. eva2000

    eva2000 Administrator Staff Member

    54,368
    12,198
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,763
    Local Time:
    5:10 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  5. skringjer

    skringjer NoobMaster69

    208
    26
    28
    Apr 21, 2019
    Ratings:
    +43
    Local Time:
    12:10 PM
    Nginx 1.21.6
    MariaDB 10.3.x
    I am once again facing the same issue, But this time even after changing LE_Webroot to the correct path.

    The debug log is as follows, it seems its not picking up the new location or not reading the new file or something.

    Restarted nginx, and gave the server a reboot still the same issue and the same logs

    Code:
    [Thu Aug  3 20:25:40 UTC 2023] Lets find script dir.
    [Thu Aug  3 20:25:40 UTC 2023] _SCRIPT_='/root/.acme.sh/acme.sh'
    [Thu Aug  3 20:25:40 UTC 2023] _script='/root/.acme.sh/acme.sh'
    [Thu Aug  3 20:25:40 UTC 2023] _script_home='/root/.acme.sh'
    [Thu Aug  3 20:25:40 UTC 2023] Using config home:/root/.acme.sh
    [Thu Aug  3 20:25:40 UTC 2023] LE_WORKING_DIR='/root/.acme.sh'
    [Thu Aug  3 20:25:40 UTC 2023] Running cmd: issue
    [Thu Aug  3 20:25:40 UTC 2023] _main_domain='domain.com'
    [Thu Aug  3 20:25:40 UTC 2023] _alt_domains='www.domain.com'
    [Thu Aug  3 20:25:40 UTC 2023] Using config home:/root/.acme.sh
    [Thu Aug  3 20:25:40 UTC 2023] default_acme_server='https://acme-v02.api.letsencrypt.org/directory'
    [Thu Aug  3 20:25:40 UTC 2023] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
    [Thu Aug  3 20:25:40 UTC 2023] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
    [Thu Aug  3 20:25:40 UTC 2023] _ACME_SERVER_PATH='directory'
    [Thu Aug  3 20:25:40 UTC 2023] DOMAIN_PATH='/root/.acme.sh/domain.com'
    [Thu Aug  3 20:25:40 UTC 2023] '/home/nginx/domains/domain.com/public' does not contain 'dns'
    [Thu Aug  3 20:25:40 UTC 2023] Le_NextRenewTime='1688227039'
    [Thu Aug  3 20:25:40 UTC 2023] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
    [Thu Aug  3 20:25:40 UTC 2023] _init api for server: https://acme-v02.api.letsencrypt.org/directory
    [Thu Aug  3 20:25:40 UTC 2023] GET
    [Thu Aug  3 20:25:40 UTC 2023] url='https://acme-v02.api.letsencrypt.org/directory'
    [Thu Aug  3 20:25:40 UTC 2023] timeout=
    [Thu Aug  3 20:25:40 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    [Thu Aug  3 20:25:41 UTC 2023] ret='0'
    [Thu Aug  3 20:25:41 UTC 2023] response='{
      "ZqhQRgW8JCw": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
      "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
      "meta": {
        "caaIdentities": [
          "letsencrypt.org"
        ],
        "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
        "website": "https://letsencrypt.org"
      },
      "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
      "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
      "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
      "renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-01/renewalInfo/",
      "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
    }'
    [Thu Aug  3 20:25:41 UTC 2023] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
    [Thu Aug  3 20:25:41 UTC 2023] ACME_NEW_AUTHZ
    [Thu Aug  3 20:25:41 UTC 2023] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
    [Thu Aug  3 20:25:41 UTC 2023] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
    [Thu Aug  3 20:25:41 UTC 2023] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
    [Thu Aug  3 20:25:41 UTC 2023] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf'
    [Thu Aug  3 20:25:41 UTC 2023] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
    [Thu Aug  3 20:25:41 UTC 2023] Using CA: https://acme-v02.api.letsencrypt.org/directory
    [Thu Aug  3 20:25:41 UTC 2023] _on_before_issue
    [Thu Aug  3 20:25:41 UTC 2023] _chk_main_domain='domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] _chk_alt_domains='www.domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] Run pre hook:'/usr/local/src/centminmod/tools/pre-acme-hooks.sh all-check domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] '/home/nginx/domains/domain.com/public' does not contain 'no'
    [Thu Aug  3 20:25:41 UTC 2023] Le_LocalAddress
    [Thu Aug  3 20:25:41 UTC 2023] d='domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] Check for domain='domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] _currentRoot='/home/nginx/domains/domain.com/public'
    [Thu Aug  3 20:25:41 UTC 2023] d='www.domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] Check for domain='www.domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] _currentRoot='/home/nginx/domains/domain.com/public'
    [Thu Aug  3 20:25:41 UTC 2023] d
    [Thu Aug  3 20:25:41 UTC 2023] '/home/nginx/domains/domain.com/public' does not contain 'apache'
    [Thu Aug  3 20:25:41 UTC 2023] _saved_account_key_hash='NFdPeDpGldByW+C4TGvEPQgOpLUzaIlT8ZitJ/3KOEU='
    [Thu Aug  3 20:25:41 UTC 2023] _saved_account_key_hash is not changed, skip register account.
    [Thu Aug  3 20:25:41 UTC 2023] Read key length:2048
    [Thu Aug  3 20:25:41 UTC 2023] _createcsr
    [Thu Aug  3 20:25:41 UTC 2023] domain='domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] domainlist='www.domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] csrkey='/root/.acme.sh/domain.com/domain.com.key'
    [Thu Aug  3 20:25:41 UTC 2023] csr='/root/.acme.sh/domain.com/domain.com.csr'
    [Thu Aug  3 20:25:41 UTC 2023] csrconf='/root/.acme.sh/domain.com/domain.com.csr.conf'
    [Thu Aug  3 20:25:41 UTC 2023] _is_idn_d='www.domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] _idn_temp
    [Thu Aug  3 20:25:41 UTC 2023] domainlist='www.domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] seg='app-gallery'
    [Thu Aug  3 20:25:41 UTC 2023] _is_idn_d='domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] _idn_temp
    [Thu Aug  3 20:25:41 UTC 2023] seg='www'
    [Thu Aug  3 20:25:41 UTC 2023] Multi domain='DNS:domain.com,DNS:www.domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] _is_idn_d='domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] _idn_temp
    [Thu Aug  3 20:25:41 UTC 2023] _csr_cn='domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] seg='app-gallery'
    [Thu Aug  3 20:25:41 UTC 2023] Getting domain auth token for each domain
    [Thu Aug  3 20:25:41 UTC 2023] seg='app-gallery'
    [Thu Aug  3 20:25:41 UTC 2023] _is_idn_d='domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] _idn_temp
    [Thu Aug  3 20:25:41 UTC 2023] d='www.domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] seg='www'
    [Thu Aug  3 20:25:41 UTC 2023] _is_idn_d='www.domain.com'
    [Thu Aug  3 20:25:41 UTC 2023] _idn_temp
    [Thu Aug  3 20:25:41 UTC 2023] d
    [Thu Aug  3 20:25:41 UTC 2023] _identifiers='{"type":"dns","value":"domain.com"},{"type":"dns","value":"www.domain.com"}'
    [Thu Aug  3 20:25:41 UTC 2023] _notBefore
    [Thu Aug  3 20:25:41 UTC 2023] _notAfter
    [Thu Aug  3 20:25:41 UTC 2023] =======Begin Send Signed Request=======
    [Thu Aug  3 20:25:41 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
    [Thu Aug  3 20:25:41 UTC 2023] payload='{"identifiers": [{"type":"dns","value":"domain.com"},{"type":"dns","value":"www.domain.com"}]}'
    [Thu Aug  3 20:25:41 UTC 2023] EC key
    [Thu Aug  3 20:25:41 UTC 2023] _URGLY_PRINTF
    [Thu Aug  3 20:25:41 UTC 2023] xargs
    [Thu Aug  3 20:25:41 UTC 2023] _URGLY_PRINTF
    [Thu Aug  3 20:25:41 UTC 2023] xargs
    [Thu Aug  3 20:25:41 UTC 2023] Get nonce with HEAD. ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
    [Thu Aug  3 20:25:41 UTC 2023] HEAD
    [Thu Aug  3 20:25:41 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
    [Thu Aug  3 20:25:41 UTC 2023] body
    [Thu Aug  3 20:25:41 UTC 2023] _postContentType='application/jose+json'
    [Thu Aug  3 20:25:41 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g  -I  '
    [Thu Aug  3 20:25:42 UTC 2023] _ret='0'
    [Thu Aug  3 20:25:42 UTC 2023] _headers='HTTP/1.1 200 OK
    Server: nginx
    Date: Thu, 03 Aug 2023 20:25:42 GMT
    Connection: keep-alive
    Cache-Control: public, max-age=0, no-cache
    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
    Replay-Nonce: 4397r-qVu52naCutVdo8ZEUCZvl0d0h4uSP0FqeBwP8dbR4
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    
    '
    [Thu Aug  3 20:25:42 UTC 2023] _CACHED_NONCE='4397r-qVu52naCutVdo8ZEUCZvl0d0h4uSP0FqeBwP8dbR4'
    [Thu Aug  3 20:25:42 UTC 2023] nonce='4397r-qVu52naCutVdo8ZEUCZvl0d0h4uSP0FqeBwP8dbR4'
    [Thu Aug  3 20:25:42 UTC 2023] _URGLY_PRINTF
    [Thu Aug  3 20:25:42 UTC 2023] xargs
    [Thu Aug  3 20:25:42 UTC 2023] POST
    [Thu Aug  3 20:25:42 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
    [Thu Aug  3 20:25:42 UTC 2023] body='{"protected": "eyJub25jZSI6ICI0Mzk3ci1xVnU1Mm5hQ3V0VmRvOFpFVUNadmwwZDBoNHVTUDBGcWVCd1A4ZGJSNCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIiwgImFsZyI6ICJFUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85ODM4MTAwMjYifQ", "payload": "eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6ImFwcC1nYWxsZXJ5Lm5ldCJ9LHsidHlwZSI6ImRucyIsInZhbHVlIjoid3d3LmFwcC1nYWxsZXJ5Lm5ldCJ9XX0", "signature": "CRpnkBvb8SeyylycOvfEGMZxnsaje9pjH0dl_27C1U0bZvshHHzmbnYNOynm2tPkHZb6Rwvk8u_SuPGJSxqElA"}'
    [Thu Aug  3 20:25:42 UTC 2023] _postContentType='application/jose+json'
    [Thu Aug  3 20:25:42 UTC 2023] Http already initialized.
    [Thu Aug  3 20:25:42 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    [Thu Aug  3 20:25:43 UTC 2023] _ret='0'
    [Thu Aug  3 20:25:43 UTC 2023] responseHeaders='HTTP/1.1 201 Created
    Server: nginx
    Date: Thu, 03 Aug 2023 20:25:43 GMT
    Content-Type: application/json
    Content-Length: 482
    Connection: keep-alive
    Boulder-Requester: 983810026
    Cache-Control: public, max-age=0, no-cache
    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
    Location: https://acme-v02.api.letsencrypt.org/acme/order/983810026/199223054906
    Replay-Nonce: 891FlDUFUvXFHhAOEppmch3FtdodxogF-gVdfvxZHNHenNo
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    
    '
    [Thu Aug  3 20:25:43 UTC 2023] code='201'
    [Thu Aug  3 20:25:43 UTC 2023] original='{
      "status": "pending",
      "expires": "2023-08-10T20:25:43Z",
      "identifiers": [
        {
          "type": "dns",
          "value": "domain.com"
        },
        {
          "type": "dns",
          "value": "www.domain.com"
        }
      ],
      "authorizations": [
        "https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459856",
        "https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459866"
      ],
      "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/983810026/199223054906"
    }'
    [Thu Aug  3 20:25:43 UTC 2023] response='{"status":"pending","expires":"2023-08-10T20:25:43Z","identifiers":[{"type":"dns","value":"domain.com"},{"type":"dns","value":"www.domain.com"}],"authorizations":["https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459856","https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459866"],"finalize":"https://acme-v02.api.letsencrypt.org/acme/finalize/983810026/199223054906"}'
    [Thu Aug  3 20:25:43 UTC 2023] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/983810026/199223054906'
    [Thu Aug  3 20:25:43 UTC 2023] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/983810026/199223054906'
    [Thu Aug  3 20:25:43 UTC 2023] _authorizations_seg='https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459856,https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459866'
    [Thu Aug  3 20:25:43 UTC 2023] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459856'
    [Thu Aug  3 20:25:43 UTC 2023] =======Begin Send Signed Request=======
    [Thu Aug  3 20:25:43 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459856'
    [Thu Aug  3 20:25:43 UTC 2023] payload
    [Thu Aug  3 20:25:43 UTC 2023] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
    [Thu Aug  3 20:25:43 UTC 2023] Use _CACHED_NONCE='891FlDUFUvXFHhAOEppmch3FtdodxogF-gVdfvxZHNHenNo'
    [Thu Aug  3 20:25:43 UTC 2023] nonce='891FlDUFUvXFHhAOEppmch3FtdodxogF-gVdfvxZHNHenNo'
    [Thu Aug  3 20:25:43 UTC 2023] _URGLY_PRINTF
    [Thu Aug  3 20:25:43 UTC 2023] xargs
    [Thu Aug  3 20:25:43 UTC 2023] POST
    [Thu Aug  3 20:25:43 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459856'
    [Thu Aug  3 20:25:43 UTC 2023] body='{"protected": "eyJub25jZSI6ICI4OTFGbERVRlV2WEZIaEFPRXBwbWNoM0Z0ZG9keG9nRi1nVmRmdnhaSE5IZW5ObyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjUxNjYwNDU5ODU2IiwgImFsZyI6ICJFUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85ODM4MTAwMjYifQ", "payload": "", "signature": "CVBoyvpDiMz6yKyuwXGbA5iTTr4WJlqzi4nnwLnI4fvcqbfkiRH-P6kJcuwMuDVuyxiN4jJOyXkSQuKeGbSb1g"}'
    [Thu Aug  3 20:25:43 UTC 2023] _postContentType='application/jose+json'
    [Thu Aug  3 20:25:43 UTC 2023] Http already initialized.
    [Thu Aug  3 20:25:43 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    [Thu Aug  3 20:25:44 UTC 2023] _ret='0'
    [Thu Aug  3 20:25:44 UTC 2023] responseHeaders='HTTP/1.1 200 OK
    Server: nginx
    Date: Thu, 03 Aug 2023 20:25:44 GMT
    Content-Type: application/json
    Content-Length: 799
    Connection: keep-alive
    Boulder-Requester: 983810026
    Cache-Control: public, max-age=0, no-cache
    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
    Replay-Nonce: 371CDSGuPQQg6xluGGJK64vpkdwOvG3ARdJDWroSeL5qRIM
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    
    '
    [Thu Aug  3 20:25:44 UTC 2023] code='200'
    [Thu Aug  3 20:25:44 UTC 2023] original='{
      "identifier": {
        "type": "dns",
        "value": "domain.com"
      },
      "status": "pending",
      "expires": "2023-08-10T20:25:43Z",
      "challenges": [
        {
          "type": "http-01",
          "status": "pending",
          "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ",
          "token": "g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"
        },
        {
          "type": "dns-01",
          "status": "pending",
          "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/0jmqvQ",
          "token": "g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"
        },
        {
          "type": "tls-alpn-01",
          "status": "pending",
          "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/1moyRg",
          "token": "g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"
        }
      ]
    }'
    [Thu Aug  3 20:25:44 UTC 2023] response='{"identifier":{"type":"dns","value":"domain.com"},"status":"pending","expires":"2023-08-10T20:25:43Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/0jmqvQ","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/1moyRg","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"}]}'
    [Thu Aug  3 20:25:44 UTC 2023] response='{"identifier":{"type":"dns","value":"domain.com"},"status":"pending","expires":"2023-08-10T20:25:43Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/0jmqvQ","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/1moyRg","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"}]}'
    [Thu Aug  3 20:25:44 UTC 2023] _d='domain.com'
    [Thu Aug  3 20:25:44 UTC 2023] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459866'
    [Thu Aug  3 20:25:44 UTC 2023] =======Begin Send Signed Request=======
    [Thu Aug  3 20:25:44 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459866'
    [Thu Aug  3 20:25:44 UTC 2023] payload
    [Thu Aug  3 20:25:44 UTC 2023] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
    [Thu Aug  3 20:25:44 UTC 2023] Use _CACHED_NONCE='371CDSGuPQQg6xluGGJK64vpkdwOvG3ARdJDWroSeL5qRIM'
    [Thu Aug  3 20:25:44 UTC 2023] nonce='371CDSGuPQQg6xluGGJK64vpkdwOvG3ARdJDWroSeL5qRIM'
    [Thu Aug  3 20:25:44 UTC 2023] _URGLY_PRINTF
    [Thu Aug  3 20:25:44 UTC 2023] xargs
    [Thu Aug  3 20:25:44 UTC 2023] POST
    [Thu Aug  3 20:25:44 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459866'
    [Thu Aug  3 20:25:44 UTC 2023] body='{"protected": "eyJub25jZSI6ICIzNzFDRFNHdVBRUWc2eGx1R0dKSzY0dnBrZHdPdkczQVJkSkRXcm9TZUw1cVJJTSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjUxNjYwNDU5ODY2IiwgImFsZyI6ICJFUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85ODM4MTAwMjYifQ", "payload": "", "signature": "LbSKfKhT72NomHrb0n3fnDFv5IyEROOUShXwv98wTuEPCs7CT_Ou1TIt6dR_rE9wT-6PQmxsx4kEMBUhp7Angg"}'
    [Thu Aug  3 20:25:44 UTC 2023] _postContentType='application/jose+json'
    [Thu Aug  3 20:25:44 UTC 2023] Http already initialized.
    [Thu Aug  3 20:25:44 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    [Thu Aug  3 20:25:45 UTC 2023] _ret='0'
    [Thu Aug  3 20:25:45 UTC 2023] responseHeaders='HTTP/1.1 200 OK
    Server: nginx
    Date: Thu, 03 Aug 2023 20:25:44 GMT
    Content-Type: application/json
    Content-Length: 803
    Connection: keep-alive
    Boulder-Requester: 983810026
    Cache-Control: public, max-age=0, no-cache
    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
    Replay-Nonce: C400OKvGT1OHsedW3M1zp7KEia5CYTweOjrAgJRdP5Sj81Y
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    
    '
    [Thu Aug  3 20:25:45 UTC 2023] code='200'
    [Thu Aug  3 20:25:45 UTC 2023] original='{
      "identifier": {
        "type": "dns",
        "value": "www.domain.com"
      },
      "status": "pending",
      "expires": "2023-08-10T20:25:43Z",
      "challenges": [
        {
          "type": "http-01",
          "status": "pending",
          "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/piqKVg",
          "token": "CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"
        },
        {
          "type": "dns-01",
          "status": "pending",
          "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/wW9FnA",
          "token": "CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"
        },
        {
          "type": "tls-alpn-01",
          "status": "pending",
          "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/R1oUlg",
          "token": "CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"
        }
      ]
    }'
    [Thu Aug  3 20:25:45 UTC 2023] response='{"identifier":{"type":"dns","value":"www.domain.com"},"status":"pending","expires":"2023-08-10T20:25:43Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/piqKVg","token":"CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/wW9FnA","token":"CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/R1oUlg","token":"CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"}]}'
    [Thu Aug  3 20:25:45 UTC 2023] response='{"identifier":{"type":"dns","value":"www.domain.com"},"status":"pending","expires":"2023-08-10T20:25:43Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/piqKVg","token":"CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/wW9FnA","token":"CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/R1oUlg","token":"CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"}]}'
    [Thu Aug  3 20:25:45 UTC 2023] _d='www.domain.com'
    [Thu Aug  3 20:25:45 UTC 2023] _authorizations_map='www.domain.com,{"identifier":{"type":"dns","value":"www.domain.com"},"status":"pending","expires":"2023-08-10T20:25:43Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/piqKVg","token":"CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/wW9FnA","token":"CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/R1oUlg","token":"CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"}]}#https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459866
    domain.com,{"identifier":{"type":"dns","value":"domain.com"},"status":"pending","expires":"2023-08-10T20:25:43Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/0jmqvQ","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/1moyRg","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"}]}#https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459856
    '
    [Thu Aug  3 20:25:45 UTC 2023] d='domain.com'
    [Thu Aug  3 20:25:45 UTC 2023] Getting webroot for domain='domain.com'
    [Thu Aug  3 20:25:45 UTC 2023] _w='/home/nginx/domains/domain.com/public'
    [Thu Aug  3 20:25:45 UTC 2023] _currentRoot='/home/nginx/domains/domain.com/public'
    [Thu Aug  3 20:25:45 UTC 2023] _is_idn_d='domain.com'
    [Thu Aug  3 20:25:45 UTC 2023] _idn_temp
    [Thu Aug  3 20:25:45 UTC 2023] _candidates='domain.com,{"identifier":{"type":"dns","value":"domain.com"},"status":"pending","expires":"2023-08-10T20:25:43Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/0jmqvQ","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/1moyRg","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"}]}#https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459856'
    [Thu Aug  3 20:25:45 UTC 2023] response='{"identifier":{"type":"dns","value":"domain.com"},"status":"pending","expires":"2023-08-10T20:25:43Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/0jmqvQ","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/1moyRg","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"}]}#https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459856'
    [Thu Aug  3 20:25:45 UTC 2023] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459856'
    [Thu Aug  3 20:25:45 UTC 2023] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"'
    [Thu Aug  3 20:25:45 UTC 2023] token='g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE'
    [Thu Aug  3 20:25:45 UTC 2023] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ'
    [Thu Aug  3 20:25:45 UTC 2023] keyauthorization='g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4'
    [Thu Aug  3 20:25:45 UTC 2023] dvlist='domain.com#g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4#https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ#http-01#/home/nginx/domains/domain.com/public#https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459856'
    [Thu Aug  3 20:25:45 UTC 2023] d='www.domain.com'
    [Thu Aug  3 20:25:45 UTC 2023] Getting webroot for domain='www.domain.com'
    [Thu Aug  3 20:25:45 UTC 2023] _w='/home/nginx/domains/domain.com/public'
    [Thu Aug  3 20:25:45 UTC 2023] _currentRoot='/home/nginx/domains/domain.com/public'
    [Thu Aug  3 20:25:45 UTC 2023] _is_idn_d='www.domain.com'
    [Thu Aug  3 20:25:45 UTC 2023] _idn_temp
    [Thu Aug  3 20:25:45 UTC 2023] _candidates='www.domain.com,{"identifier":{"type":"dns","value":"www.domain.com"},"status":"pending","expires":"2023-08-10T20:25:43Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/piqKVg","token":"CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/wW9FnA","token":"CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/R1oUlg","token":"CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"}]}#https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459866'
    [Thu Aug  3 20:25:45 UTC 2023] response='{"identifier":{"type":"dns","value":"www.domain.com"},"status":"pending","expires":"2023-08-10T20:25:43Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/piqKVg","token":"CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/wW9FnA","token":"CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/R1oUlg","token":"CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"}]}#https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459866'
    [Thu Aug  3 20:25:45 UTC 2023] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459866'
    [Thu Aug  3 20:25:45 UTC 2023] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/piqKVg","token":"CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"'
    [Thu Aug  3 20:25:45 UTC 2023] token='CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8'
    [Thu Aug  3 20:25:45 UTC 2023] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/piqKVg'
    [Thu Aug  3 20:25:45 UTC 2023] keyauthorization='CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4'
    [Thu Aug  3 20:25:45 UTC 2023] dvlist='www.domain.com#CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4#https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/piqKVg#http-01#/home/nginx/domains/domain.com/public#https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459866'
    [Thu Aug  3 20:25:45 UTC 2023] d
    [Thu Aug  3 20:25:45 UTC 2023] vlist='domain.com#g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4#https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ#http-01#/home/nginx/domains/domain.com/public#https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459856,www.domain.com#CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4#https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/piqKVg#http-01#/home/nginx/domains/domain.com/public#https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459866,'
    [Thu Aug  3 20:25:45 UTC 2023] d='domain.com'
    [Thu Aug  3 20:25:45 UTC 2023] d='www.domain.com'
    [Thu Aug  3 20:25:45 UTC 2023] ok, let's start to verify
    [Thu Aug  3 20:25:45 UTC 2023] Verifying: domain.com
    [Thu Aug  3 20:25:45 UTC 2023] d='domain.com'
    [Thu Aug  3 20:25:45 UTC 2023] keyauthorization='g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4'
    [Thu Aug  3 20:25:45 UTC 2023] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ'
    [Thu Aug  3 20:25:45 UTC 2023] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459856'
    [Thu Aug  3 20:25:45 UTC 2023] _currentRoot='/home/nginx/domains/domain.com/public'
    [Thu Aug  3 20:25:45 UTC 2023] wellknown_path='/home/nginx/domains/domain.com/public/.well-known/acme-challenge'
    [Thu Aug  3 20:25:45 UTC 2023] writing token:g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE to /home/nginx/domains/domain.com/public/.well-known/acme-challenge/g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE
    [Thu Aug  3 20:25:45 UTC 2023] Trigger domain validation.
    [Thu Aug  3 20:25:45 UTC 2023] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ'
    [Thu Aug  3 20:25:45 UTC 2023] _t_key_authz='g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4'
    [Thu Aug  3 20:25:45 UTC 2023] _t_vtype='http-01'
    [Thu Aug  3 20:25:45 UTC 2023] =======Begin Send Signed Request=======
    [Thu Aug  3 20:25:45 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ'
    [Thu Aug  3 20:25:45 UTC 2023] payload='{}'
    [Thu Aug  3 20:25:45 UTC 2023] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
    [Thu Aug  3 20:25:45 UTC 2023] Use _CACHED_NONCE='C400OKvGT1OHsedW3M1zp7KEia5CYTweOjrAgJRdP5Sj81Y'
    [Thu Aug  3 20:25:45 UTC 2023] nonce='C400OKvGT1OHsedW3M1zp7KEia5CYTweOjrAgJRdP5Sj81Y'
    [Thu Aug  3 20:25:45 UTC 2023] _URGLY_PRINTF
    [Thu Aug  3 20:25:45 UTC 2023] xargs
    [Thu Aug  3 20:25:45 UTC 2023] POST
    [Thu Aug  3 20:25:45 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ'
    [Thu Aug  3 20:25:45 UTC 2023] body='{"protected": "eyJub25jZSI6ICJDNDAwT0t2R1QxT0hzZWRXM00xenA3S0VpYTVDWVR3ZU9qckFnSlJkUDVTajgxWSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMjUxNjYwNDU5ODU2L0huRW5TUSIsICJhbGciOiAiRVMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTgzODEwMDI2In0", "payload": "e30", "signature": "3-lqpSDIVcjyvYscPDIJM_Hs5c60wg59VE2kUGs3pf2VCerChgoFrv8Bn4xMGManWXPoPuXj65Bifw51K7QtVA"}'
    [Thu Aug  3 20:25:45 UTC 2023] _postContentType='application/jose+json'
    [Thu Aug  3 20:25:45 UTC 2023] Http already initialized.
    [Thu Aug  3 20:25:45 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    [Thu Aug  3 20:25:46 UTC 2023] _ret='0'
    [Thu Aug  3 20:25:46 UTC 2023] responseHeaders='HTTP/1.1 200 OK
    Server: nginx
    Date: Thu, 03 Aug 2023 20:25:45 GMT
    Content-Type: application/json
    Content-Length: 187
    Connection: keep-alive
    Boulder-Requester: 983810026
    Cache-Control: public, max-age=0, no-cache
    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
    Link: <https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459856>;rel="up"
    Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ
    Replay-Nonce: C400m9SanmgzpyFbIIReJugI4CV_FaA8uxchwk5P8bmH95Y
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    
    '
    [Thu Aug  3 20:25:46 UTC 2023] code='200'
    [Thu Aug  3 20:25:46 UTC 2023] original='{
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ",
      "token": "g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"
    }'
    [Thu Aug  3 20:25:46 UTC 2023] response='{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"}'
    [Thu Aug  3 20:25:46 UTC 2023] trigger validation code: 200
    [Thu Aug  3 20:25:46 UTC 2023] Lets check the status of the authz
    [Thu Aug  3 20:25:46 UTC 2023] original='{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"}'
    [Thu Aug  3 20:25:46 UTC 2023] response='{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE"}'
    [Thu Aug  3 20:25:46 UTC 2023] status='pending'
    [Thu Aug  3 20:25:46 UTC 2023] Pending, The CA is processing your order, please just wait. (1/30)
    [Thu Aug  3 20:25:46 UTC 2023] sleep 2 secs to verify again
    [Thu Aug  3 20:25:48 UTC 2023] checking
    [Thu Aug  3 20:25:48 UTC 2023] =======Begin Send Signed Request=======
    [Thu Aug  3 20:25:48 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459856'
    [Thu Aug  3 20:25:48 UTC 2023] payload
    [Thu Aug  3 20:25:48 UTC 2023] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
    [Thu Aug  3 20:25:48 UTC 2023] Use _CACHED_NONCE='C400m9SanmgzpyFbIIReJugI4CV_FaA8uxchwk5P8bmH95Y'
    [Thu Aug  3 20:25:48 UTC 2023] nonce='C400m9SanmgzpyFbIIReJugI4CV_FaA8uxchwk5P8bmH95Y'
    [Thu Aug  3 20:25:48 UTC 2023] _URGLY_PRINTF
    [Thu Aug  3 20:25:48 UTC 2023] xargs
    [Thu Aug  3 20:25:48 UTC 2023] POST
    [Thu Aug  3 20:25:48 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459856'
    [Thu Aug  3 20:25:48 UTC 2023] body='{"protected": "eyJub25jZSI6ICJDNDAwbTlTYW5tZ3pweUZiSUlSZUp1Z0k0Q1ZfRmFBOHV4Y2h3azVQOGJtSDk1WSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjUxNjYwNDU5ODU2IiwgImFsZyI6ICJFUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85ODM4MTAwMjYifQ", "payload": "", "signature": "QJm3a0HIb5mUOZjoHfUXdYhUKSAtVFFSF5XpKedS3SaGPj4KR9Y_GOZD8nnRvqNkRyY0iv4vaY2MDyIlqqiYKQ"}'
    [Thu Aug  3 20:25:48 UTC 2023] _postContentType='application/jose+json'
    [Thu Aug  3 20:25:48 UTC 2023] Http already initialized.
    [Thu Aug  3 20:25:48 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    [Thu Aug  3 20:25:48 UTC 2023] _ret='0'
    [Thu Aug  3 20:25:48 UTC 2023] responseHeaders='HTTP/1.1 200 OK
    Server: nginx
    Date: Thu, 03 Aug 2023 20:25:48 GMT
    Content-Type: application/json
    Content-Length: 1341
    Connection: keep-alive
    Boulder-Requester: 983810026
    Cache-Control: public, max-age=0, no-cache
    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
    Replay-Nonce: 4397SoiftZoQsOm-Nb63D-fywXAqS4msi520KjLNnZSmzlM
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    
    '
    [Thu Aug  3 20:25:48 UTC 2023] code='200'
    [Thu Aug  3 20:25:48 UTC 2023] original='{
      "identifier": {
        "type": "dns",
        "value": "domain.com"
      },
      "status": "invalid",
      "expires": "2023-08-10T20:25:43Z",
      "challenges": [
        {
          "type": "http-01",
          "status": "invalid",
          "error": {
            "type": "urn:ietf:params:acme:error:unauthorized",
            "detail": "0.0.0.0: Invalid response from https://domain.com/.well-known/acme-challenge/g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE: 404",
            "status": 403
          },
          "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ",
          "token": "g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE",
          "validationRecord": [
            {
              "url": "http://domain.com/.well-known/acme-challenge/g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE",
              "hostname": "domain.com",
              "port": "80",
              "addressesResolved": [
                "0.0.0.0"
              ],
              "addressUsed": "0.0.0.0"
            },
            {
              "url": "https://domain.com/.well-known/acme-challenge/g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE",
              "hostname": "domain.com",
              "port": "443",
              "addressesResolved": [
                "0.0.0.0"
              ],
              "addressUsed": "0.0.0.0"
            }
          ],
          "validated": "2023-08-03T20:25:45Z"
        }
      ]
    }'
    [Thu Aug  3 20:25:48 UTC 2023] response='{"identifier":{"type":"dns","value":"domain.com"},"status":"invalid","expires":"2023-08-10T20:25:43Z","challenges":[{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"0.0.0.0: Invalid response from https://domain.com/.well-known/acme-challenge/g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE: 404","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE","validationRecord":[{"url":"http://domain.com/.well-known/acme-challenge/g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE","hostname":"domain.com","port":"80","addressesResolved":["0.0.0.0"],"addressUsed":"0.0.0.0"},{"url":"https://domain.com/.well-known/acme-challenge/g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE","hostname":"domain.com","port":"443","addressesResolved":["0.0.0.0"],"addressUsed":"0.0.0.0"}],"validated":"2023-08-03T20:25:45Z"}]}'
    [Thu Aug  3 20:25:48 UTC 2023] original='{"identifier":{"type":"dns","value":"domain.com"},"status":"invalid","expires":"2023-08-10T20:25:43Z","challenges":[{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"0.0.0.0: Invalid response from https://domain.com/.well-known/acme-challenge/g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE: 404","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE","validationRecord":[{"url":"http://domain.com/.well-known/acme-challenge/g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE","hostname":"domain.com","port":"80","addressesResolved":["0.0.0.0"],"addressUsed":"0.0.0.0"},{"url":"https://domain.com/.well-known/acme-challenge/g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE","hostname":"domain.com","port":"443","addressesResolved":["0.0.0.0"],"addressUsed":"0.0.0.0"}],"validated":"2023-08-03T20:25:45Z"}]}'
    [Thu Aug  3 20:25:48 UTC 2023] response='{"identifier":{"type":"dns","value":"domain.com"},"status":"invalid","expires":"2023-08-10T20:25:43Z","challenges":[{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"0.0.0.0: Invalid response from https://domain.com/.well-known/acme-challenge/g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE: 404","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ","token":"g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE","validationRecord":[{"url":"http://domain.com/.well-known/acme-challenge/g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE","hostname":"domain.com","port":"80","addressesResolved":["0.0.0.0"],"addressUsed":"0.0.0.0"},{"url":"https://domain.com/.well-known/acme-challenge/g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE","hostname":"domain.com","port":"443","addressesResolved":["0.0.0.0"],"addressUsed":"0.0.0.0"}],"validated":"2023-08-03T20:25:45Z"}]}'
    [Thu Aug  3 20:25:48 UTC 2023] status='invalid
    invalid'
    [Thu Aug  3 20:25:48 UTC 2023] error='"error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"0.0.0.0: Invalid response from https://domain.com/.well-known/acme-challenge/g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE: 404","status": 403'
    [Thu Aug  3 20:25:48 UTC 2023] errordetail='0.0.0.0: Invalid response from https://domain.com/.well-known/acme-challenge/g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE: 404'
    [Thu Aug  3 20:25:48 UTC 2023] domain.com:Verify error:0.0.0.0: Invalid response from https://domain.com/.well-known/acme-challenge/g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE: 404
    [Thu Aug  3 20:25:48 UTC 2023] pid
    [Thu Aug  3 20:25:48 UTC 2023] No need to restore nginx, skip.
    [Thu Aug  3 20:25:48 UTC 2023] _clearupdns
    [Thu Aug  3 20:25:48 UTC 2023] dns_entries
    [Thu Aug  3 20:25:48 UTC 2023] skip dns.
    [Thu Aug  3 20:25:48 UTC 2023] _on_issue_err
    [Thu Aug  3 20:25:48 UTC 2023] Please check log file for more details: /root/centminlogs/acmetool.sh-debug-log-030823-202535.log
    [Thu Aug  3 20:25:48 UTC 2023] _chk_vlist='domain.com#g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4#https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ#http-01#/home/nginx/domains/domain.com/public#https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459856,www.domain.com#CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4#https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/piqKVg#http-01#/home/nginx/domains/domain.com/public#https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459866,'
    [Thu Aug  3 20:25:48 UTC 2023] start to deactivate authz
    [Thu Aug  3 20:25:48 UTC 2023] Trigger domain validation.
    [Thu Aug  3 20:25:48 UTC 2023] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ'
    [Thu Aug  3 20:25:48 UTC 2023] _t_key_authz='g-zptbox6KxiqYr21Opzw69kJpEH2X_3jFfbYeO0LVE.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4'
    [Thu Aug  3 20:25:48 UTC 2023] _t_vtype
    [Thu Aug  3 20:25:48 UTC 2023] =======Begin Send Signed Request=======
    [Thu Aug  3 20:25:48 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ'
    [Thu Aug  3 20:25:48 UTC 2023] payload='{}'
    [Thu Aug  3 20:25:48 UTC 2023] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
    [Thu Aug  3 20:25:48 UTC 2023] Use _CACHED_NONCE='4397SoiftZoQsOm-Nb63D-fywXAqS4msi520KjLNnZSmzlM'
    [Thu Aug  3 20:25:48 UTC 2023] nonce='4397SoiftZoQsOm-Nb63D-fywXAqS4msi520KjLNnZSmzlM'
    [Thu Aug  3 20:25:48 UTC 2023] _URGLY_PRINTF
    [Thu Aug  3 20:25:48 UTC 2023] xargs
    [Thu Aug  3 20:25:48 UTC 2023] POST
    [Thu Aug  3 20:25:48 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459856/HnEnSQ'
    [Thu Aug  3 20:25:48 UTC 2023] body='{"protected": "eyJub25jZSI6ICI0Mzk3U29pZnRab1FzT20tTmI2M0QtZnl3WEFxUzRtc2k1MjBLakxOblpTbXpsTSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMjUxNjYwNDU5ODU2L0huRW5TUSIsICJhbGciOiAiRVMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTgzODEwMDI2In0", "payload": "e30", "signature": "T07Hb9GmxJ1r1DyXCyrc5DY_mHymov3L639s_sWAeT0RqVZcOy5-oA6-JJPU7qlPaA1Rh-o_0Y7sT5CJ-8JAWQ"}'
    [Thu Aug  3 20:25:48 UTC 2023] _postContentType='application/jose+json'
    [Thu Aug  3 20:25:48 UTC 2023] Http already initialized.
    [Thu Aug  3 20:25:48 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    [Thu Aug  3 20:25:49 UTC 2023] _ret='0'
    [Thu Aug  3 20:25:49 UTC 2023] responseHeaders='HTTP/1.1 400 Bad Request
    Server: nginx
    Date: Thu, 03 Aug 2023 20:25:49 GMT
    Content-Type: application/problem+json
    Content-Length: 144
    Connection: keep-alive
    Boulder-Requester: 983810026
    Cache-Control: public, max-age=0, no-cache
    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
    Replay-Nonce: C400VaFLa3UyS6rqFMF8oBaODEAcBWh6Do9qCPISpPwOUpo
    
    '
    [Thu Aug  3 20:25:49 UTC 2023] code='400'
    [Thu Aug  3 20:25:49 UTC 2023] original='{
      "type": "urn:ietf:params:acme:error:malformed",
      "detail": "Unable to update challenge :: authorization must be pending",
      "status": 400
    }'
    [Thu Aug  3 20:25:49 UTC 2023] response='{
      "type": "urn:ietf:params:acme:error:malformed",
      "detail": "Unable to update challenge :: authorization must be pending",
      "status": 400
    }'
    [Thu Aug  3 20:25:49 UTC 2023] Trigger domain validation.
    [Thu Aug  3 20:25:49 UTC 2023] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/piqKVg'
    [Thu Aug  3 20:25:49 UTC 2023] _t_key_authz='CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8.d18m-madZuHSLvdpjo8duarslCqFmXq947-fjaMsAY4'
    [Thu Aug  3 20:25:49 UTC 2023] _t_vtype
    [Thu Aug  3 20:25:49 UTC 2023] =======Begin Send Signed Request=======
    [Thu Aug  3 20:25:49 UTC 2023] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/piqKVg'
    [Thu Aug  3 20:25:49 UTC 2023] payload='{}'
    [Thu Aug  3 20:25:49 UTC 2023] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
    [Thu Aug  3 20:25:49 UTC 2023] Use _CACHED_NONCE='C400VaFLa3UyS6rqFMF8oBaODEAcBWh6Do9qCPISpPwOUpo'
    [Thu Aug  3 20:25:49 UTC 2023] nonce='C400VaFLa3UyS6rqFMF8oBaODEAcBWh6Do9qCPISpPwOUpo'
    [Thu Aug  3 20:25:49 UTC 2023] _URGLY_PRINTF
    [Thu Aug  3 20:25:49 UTC 2023] xargs
    [Thu Aug  3 20:25:49 UTC 2023] POST
    [Thu Aug  3 20:25:49 UTC 2023] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/piqKVg'
    [Thu Aug  3 20:25:49 UTC 2023] body='{"protected": "eyJub25jZSI6ICJDNDAwVmFGTGEzVXlTNnJxRk1GOG9CYU9ERUFjQldoNkRvOXFDUElTcFB3T1VwbyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMjUxNjYwNDU5ODY2L3BpcUtWZyIsICJhbGciOiAiRVMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTgzODEwMDI2In0", "payload": "e30", "signature": "ZQeXH_tZ6A4LRf6jvXTHMQim1AGPcMHh0NO9B0kvPtkMBu5ZjH-5TZXW4MYBvZTNgFJf7Gx3AhkQbVieJIvs9A"}'
    [Thu Aug  3 20:25:49 UTC 2023] _postContentType='application/jose+json'
    [Thu Aug  3 20:25:49 UTC 2023] Http already initialized.
    [Thu Aug  3 20:25:49 UTC 2023] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
    [Thu Aug  3 20:25:50 UTC 2023] _ret='0'
    [Thu Aug  3 20:25:50 UTC 2023] responseHeaders='HTTP/1.1 200 OK
    Server: nginx
    Date: Thu, 03 Aug 2023 20:25:50 GMT
    Content-Type: application/json
    Content-Length: 187
    Connection: keep-alive
    Boulder-Requester: 983810026
    Cache-Control: public, max-age=0, no-cache
    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
    Link: <https://acme-v02.api.letsencrypt.org/acme/authz-v3/251660459866>;rel="up"
    Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/piqKVg
    Replay-Nonce: C400KBTPJ89LZj1Vbitjgq729D2qN9Xs95cRh4U3Ft8B6Jk
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    
    '
    [Thu Aug  3 20:25:50 UTC 2023] code='200'
    [Thu Aug  3 20:25:50 UTC 2023] original='{
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/piqKVg",
      "token": "CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"
    }'
    [Thu Aug  3 20:25:50 UTC 2023] response='{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/251660459866/piqKVg","token":"CQIIstRRf8NFmAMvfdr12O3sEk2httoXyPbVtrhhKR8"}'
    

    Gist link Acme Log
     
  6. skringjer

    skringjer NoobMaster69

    208
    26
    28
    Apr 21, 2019
    Ratings:
    +43
    Local Time:
    12:10 PM
    Nginx 1.21.6
    MariaDB 10.3.x
    And here is the

    Code:
    Le_Domain='domain.com'
    Le_Alt='www.domain.com'
    Le_Webroot='/home/nginx/domains/domain.com/public/custom-app-portal/public'
    Le_PreHook='__ACME_BASE64__START_L3Vzci9sb2NhbC9zcmMvY2VudG1pbm1vZC90b29scy9wcmUtYWNtZS1ob29rcy5zaCBhbGwtY2hlY2sgYXBwLWdhbGxlcnkubmV0__ACME_BASE64__END_'
    Le_PostHook=''
    Le_RenewHook=''
    Le_Preferred_Chain='__ACME_BASE64__START_IklTUkci__ACME_BASE64__END_'
    Le_API='https://acme-v02.api.letsencrypt.org/directory'
    Le_Keylength='2048'
    Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/983810026/199222101326'
    Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/983810026/179925839637'
    Le_LinkCert='https://acme-v02.api.letsencrypt.org/acme/cert/04bcd6161aca437ccf85a3ef8bc9e77efb92'
    Le_CertCreateTime='1683129439'
    Le_CertCreateTimeStr='2023-05-03T15:57:19Z'
    Le_RenewalDays='60'
    Le_NextRenewTimeStr='2023-07-01T15:57:19Z'
    Le_NextRenewTime='1688227039'
    Le_RealCertPath='/usr/local/nginx/conf/ssl/domain.com/domain.com-acme.cer'
    Le_RealCACertPath='/usr/local/nginx/conf/ssl/domain.com/domain.com-acme.cer'
    Le_RealKeyPath='/usr/local/nginx/conf/ssl/domain.com/domain.com-acme.key'
    Le_ReloadCmd='__ACME_BASE64__START_L3Vzci9iaW4vbmd4cmVsb2Fk__ACME_BASE64__END_'
    Le_RealFullChainPath='/usr/local/nginx/conf/ssl/domain.com/domain.com-fullchain-acme.key'
    
    
     
  7. eva2000

    eva2000 Administrator Staff Member

    54,368
    12,198
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,763
    Local Time:
    5:10 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    make sure your custom nginx web root at /home/nginx/domains/domain.com/public/custom-app/public
    has the correct permissions

    Code (Text):
    getfacl /home/nginx/domains/domain.com/public/custom-app
    

    and
    Code (Text):
    getfacl /home/nginx/domains/domain.com/public/custom-app/public
    

    on default Centmin Mod Nginx web root at /home/nginx/domains/domain.com/public, it would be something like
    Code (Text):
    getfacl /home/nginx/domains/domain.com/public
    # file: public
    # owner: nginx
    # group: nginx
    # flags: -s-
    user::rwx
    group::r-x
    other::---
    

    When you create a new nginx vhost domain via centmin.sh menu option 2 or menu option 22 or via /usr/bin/nv cli command line, you will create the Nginx vhost files and directories. You will get an outputted the path location where it will create the domain name's vhost conf file named newdomain.com.conf (and newdomain.com.ssl.conf if you selected yes to self signed SSL)
    • Nginx vhost conf path will be at /usr/local/nginx/conf/conf.d/newdomain.com.conf
    • Nginx HTTP/2 SSL vhost conf path will be at /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf
    • Nginx Self-Signed SSL Certificate Directory at /usr/local/nginx/conf/ssl/newdomain.com
    • Vhost public web root will be at /home/nginx/domains/newdomain.com/public
    • Vhost log directory will be at /home/nginx/domains/newdomain.com/log
    Please post the contents of /usr/local/nginx/conf/conf.d/newdomain.com.conf and if applicable /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf wrapped in CODE tags (outlined at How to use forum BBCODE code tags)

    what is output of these commands in ssh
    Code (Text):
    curl -I https://domain.com
    

    Code (Text):
    curl -I https://www.domain.com
    

    Code (Text):
    curl -I http://domain.com
    

    Code (Text):
    curl -I http://www.domain.com
    

    wrap output in CODE tags
     
  8. eva2000

    eva2000 Administrator Staff Member

    54,368
    12,198
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,763
    Local Time:
    5:10 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    also you have DUALCERTS='y' set so you will have 2x SSL certs one RSA 2048bit and one ECC 256bit and they each have their own acme.sh config file

    Code (Text):
    /root/.acme.sh/domain.com/domain.com.conf
    /root/.acme.sh/domain.com_ecc/domain.com.conf

    ensure you edited both respective config's custom web root paths
     
  9. eva2000

    eva2000 Administrator Staff Member

    54,368
    12,198
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,763
    Local Time:
    5:10 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Also are you running 130.00beta01 or 124.00stable? As 130.00beta01 also added a prehook to acme.sh to check for mismatched Nginx webroot values in Nginx vhost compared to one listed in acme.sh domain config file's Le_Webroot value

    what output do you get for command
    Code (Text):
    /usr/local/src/centminmod/tools/pre-acme-hooks.sh all-check-dryrun domain.com
    

    when the Nginx config web root value matches acme.sh config Le_Webroot value, you'd get something like
    Code (Text):
    /usr/local/src/centminmod/tools/pre-acme-hooks.sh all-check-dryrun domain.com
    Nginx root path: /home/nginx/domains/domain.com/public
    Le_Webroot: /home/nginx/domains/domain.com/public
    The root paths match. Proceeding with the acme.sh operation.
    
     
  10. KlueMaster

    KlueMaster Member

    71
    11
    8
    Aug 5, 2017
    Ratings:
    +30
    Local Time:
    12:40 PM
    MariaDB 10
    For anyone using proxy_pass (specially for javascript apps), note that you will get errors in renewal if you are using proxy_pass on location /, unless you add something like this before that block:

    Code (Text):
    location /.well-known/acme-challenge {
      root /home/nginx/domains/your.domain.com/public;
    }
     
  11. eva2000

    eva2000 Administrator Staff Member

    54,368
    12,198
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,763
    Local Time:
    5:10 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Yes indeed if you manually add a proxy_pass directive to use Nginx as a reverse proxy, then you'll need to allow and direct /.well-known/acme-challenge paths to the right domain web root i.e. /home/nginx/domains/your.domain.com/public