Get the most out of your Centmin Mod LEMP stack
Become a Member

SSL Letsencrypt SSL Issues With Acmetool

Discussion in 'Domains, DNS, Email & SSL Certificates' started by UsmanGTA, Sep 29, 2018.

  1. UsmanGTA

    UsmanGTA New Member

    11
    2
    3
    Sep 14, 2017
    Ratings:
    +2
    Local Time:
    1:51 AM
    Please fill in any relevant information that applies to you:
    • CentOS Version: i.e. CentOS 7 64bit
    • Centmin Mod Version Installed:123.09beta01
    • Nginx Version Installed: i.e. 1.15.3
    • PHP Version Installed:7.2.9
    • When was last time updated Centmin Mod code base ? : just installed it.
    I tried to run acmetool.sh acme-menu and reissue SSL certificates for live HTTPS sites default. Every time I try it... I am getting this issue. I did migrate to another VPS and decided to try out CMM.

    www and @ are directed towards the right IP address BTW

    This is the error
    Code (Text):
    -----------------------------------------------------------
    reissue & install letsencrypt ssl certificate for geeksultd.com
    -----------------------------------------------------------
    /root/.acme.sh/acme.sh --force --createDomainKey -d geeksultd.com -d [URL='http://www.geeksultd.com']www.geeksultd.com[/URL] -k 2048 --useragent centminmod-centos7-acmesh-webroot
    [Fri Sep 28 19:30:11 UTC 2018] Creating domain key
    [Fri Sep 28 19:30:11 UTC 2018] The domain key is here: /root/.acme.sh/geeksultd.com/geeksultd.com.key
    testcert value = lived
    /root/.acme.sh/acme.sh --force --issue -d geeksultd.com -d [URL='http://www.geeksultd.com']www.geeksultd.com[/URL] --days 60 -w /home/nginx/domains/geeksultd.com/public -k 2048 --useragent centminmod-centos7-acmesh-webroot --log /root/centminlogs/acmetool.sh-debug-log-280918-193005.log --log-level 2
    [Fri Sep 28 19:30:11 UTC 2018] Multi domain='DNS:geeksultd.com,DNS:[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:12 UTC 2018] Getting domain auth token for each domain
    [Fri Sep 28 19:30:12 UTC 2018] Getting webroot for domain='geeksultd.com'
    [Fri Sep 28 19:30:12 UTC 2018] Getting new-authz for domain='geeksultd.com'
    [Fri Sep 28 19:30:13 UTC 2018] The new-authz request is ok.
    [Fri Sep 28 19:30:13 UTC 2018] Getting webroot for domain='[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] Getting new-authz for domain='[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] The new-authz request is ok.
    [Fri Sep 28 19:30:13 UTC 2018] Verifying:geeksultd.com
    
    [Fri Sep 28 19:30:16 UTC 2018] geeksultd.com:Verify error:Invalid response from [URL]http://geeksultd.com/.well-known/acme-challenge/iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ[/URL]:
    [Fri Sep 28 19:30:16 UTC 2018] Please check log file for more details: /root/centminlogs/acmetool.sh-debug-log-280918-193005.log
    LECHECK = 1
    
    log files saved at /root/centminlogs
    -rw-r--r-- 1 root root  38K Sep 28 19:30 acmetool.sh-debug-log-280918-193005.log
    -rw-r--r-- 1 root root 4.1K Sep 28 19:30 acmesh-reissue_280918-193005.log
    
    
    DIGGING INTO THE ERROR LOGS... HERE'S WHAT I FOUND...
    [SIZE=6]acmesh-reissue_280918-193005.log[/SIZE]
    [1;32;40m-----------------------------------------------------
    (B[mupdating acme.sh client...
    [1;32;40m-----------------------------------------------------
    (B[mCloning into 'acme.sh'...
    [Fri Sep 28 19:30:08 UTC 2018] It is recommended to install socat first.
    [Fri Sep 28 19:30:08 UTC 2018] We use socat for standalone server if you use standalone mode.
    [Fri Sep 28 19:30:08 UTC 2018] If you don't use standalone mode, just ignore this warning.
    [Fri Sep 28 19:30:08 UTC 2018] Installing to /root/.acme.sh
    [Fri Sep 28 19:30:08 UTC 2018] Installed to /root/.acme.sh/acme.sh
    [Fri Sep 28 19:30:08 UTC 2018] Installing alias to '/root/.bashrc'
    [Fri Sep 28 19:30:08 UTC 2018] OK, Close and reopen your terminal to start using acme.sh
    [Fri Sep 28 19:30:08 UTC 2018] Installing alias to '/root/.cshrc'
    [Fri Sep 28 19:30:08 UTC 2018] Installing alias to '/root/.tcshrc'
    [Fri Sep 28 19:30:08 UTC 2018] Installing cron job
    5 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
    [Fri Sep 28 19:30:08 UTC 2018] Good, bash is found, so change the shebang to use bash as preferred.
    [Fri Sep 28 19:30:09 UTC 2018] OK
    [URL='https://github.com/Neilpang/acme.sh']Neilpang/acme.sh[/URL]
    v2.8.0
    [1;32;40m-----------------------------------------------------
    (B[macme.sh updated
    [1;32;40m-----------------------------------------------------
    (B[mbackup & remove /usr/local/nginx/conf/conf.d/geeksultd.com.conf
    
    [self-signed ssl cert check] required by acmetool.sh
    
    [self-signed ssl] /usr/local/nginx/conf/ssl/geeksultd.com/dhparam.pem exists
    [self-signed ssl] /usr/local/nginx/conf/ssl/geeksultd.com/geeksultd.com.crt exists
    [self-signed ssl] /usr/local/nginx/conf/ssl/geeksultd.com/geeksultd.com.key exists
    
    [sslvhostsetup] create /usr/local/nginx/conf/conf.d/geeksultd.com.ssl.conf
    
    [non-wp] backup & remove /usr/local/nginx/conf/conf.d/geeksultd.com.conf
    cat /usr/local/nginx/conf/ssl/geeksultd.com/geeksultd.com.crt.key.conf
      ssl_dhparam /usr/local/nginx/conf/ssl/geeksultd.com/dhparam.pem;
      ssl_certificate      /usr/local/nginx/conf/ssl/geeksultd.com/geeksultd.com.crt;
      ssl_certificate_key  /usr/local/nginx/conf/ssl/geeksultd.com/geeksultd.com.key;
      #ssl_trusted_certificate /usr/local/nginx/conf/ssl/geeksultd.com/geeksultd.com-trusted.crt;
    Reloading nginx configuration (via systemctl):  [  OK  ]
    grep 'root' /usr/local/nginx/conf/conf.d/geeksultd.com.ssl.conf
      root /home/nginx/domains/geeksultd.com/public;
    
    -----------------------------------------------------------
    reissue & install letsencrypt ssl certificate for geeksultd.com
    -----------------------------------------------------------
    /root/.acme.sh/acme.sh --force --createDomainKey -d geeksultd.com -d [URL='http://www.geeksultd.com']www.geeksultd.com[/URL] -k 2048 --useragent centminmod-centos7-acmesh-webroot
    [Fri Sep 28 19:30:11 UTC 2018] Creating domain key
    [Fri Sep 28 19:30:11 UTC 2018] The domain key is here: /root/.acme.sh/geeksultd.com/geeksultd.com.key
    testcert value = lived
    /root/.acme.sh/acme.sh --force --issue -d geeksultd.com -d [URL='http://www.geeksultd.com']www.geeksultd.com[/URL] --days 60 -w /home/nginx/domains/geeksultd.com/public -k 2048 --useragent centminmod-centos7-acmesh-webroot --log /root/centminlogs/acmetool.sh-debug-log-280918-193005.log --log-level 2
    [Fri Sep 28 19:30:11 UTC 2018] Multi domain='DNS:geeksultd.com,DNS:[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:12 UTC 2018] Getting domain auth token for each domain
    [Fri Sep 28 19:30:12 UTC 2018] Getting webroot for domain='geeksultd.com'
    [Fri Sep 28 19:30:12 UTC 2018] Getting new-authz for domain='geeksultd.com'
    [Fri Sep 28 19:30:13 UTC 2018] The new-authz request is ok.
    [Fri Sep 28 19:30:13 UTC 2018] Getting webroot for domain='[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] Getting new-authz for domain='[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] The new-authz request is ok.
    [Fri Sep 28 19:30:13 UTC 2018] Verifying:geeksultd.com
    [Fri Sep 28 19:30:16 UTC 2018] geeksultd.com:Verify error:Invalid response from [URL]http://geeksultd.com/.well-known/acme-challenge/iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ[/URL]:
    [Fri Sep 28 19:30:16 UTC 2018] Please check log file for more details: /root/centminlogs/acmetool.sh-debug-log-280918-193005.log
    LECHECK = 1
    
    log files saved at /root/centminlogs
    -rw-r--r-- 1 root root  38K Sep 28 19:30 acmetool.sh-debug-log-280918-193005.log
    -rw-r--r-- 1 root root 4.1K Sep 28 19:30 acmesh-reissue_280918-193005.log
    
    [SIZE=6]acmetool.sh-debug-log-280918-193005[/SIZE]
    [Fri Sep 28 19:30:11 UTC 2018] Lets find script dir.
    [Fri Sep 28 19:30:11 UTC 2018] _SCRIPT_='/root/.acme.sh/acme.sh'
    [Fri Sep 28 19:30:11 UTC 2018] _script='/root/.acme.sh/acme.sh'
    [Fri Sep 28 19:30:11 UTC 2018] _script_home='/root/.acme.sh'
    [Fri Sep 28 19:30:11 UTC 2018] Using config home:/root/.acme.sh
    [Fri Sep 28 19:30:11 UTC 2018] LE_WORKING_DIR='/root/.acme.sh'
    [Fri Sep 28 19:30:11 UTC 2018] _main_domain='geeksultd.com'
    [Fri Sep 28 19:30:11 UTC 2018] _alt_domains='[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:11 UTC 2018] Using config home:/root/.acme.sh
    [Fri Sep 28 19:30:11 UTC 2018] ACME_DIRECTORY='[URL]https://acme-v01.api.letsencrypt.org/directory[/URL]'
    [Fri Sep 28 19:30:11 UTC 2018] _ACME_SERVER_HOST='acme-v01.api.letsencrypt.org'
    [Fri Sep 28 19:30:11 UTC 2018] DOMAIN_PATH='/root/.acme.sh/geeksultd.com'
    [Fri Sep 28 19:30:11 UTC 2018] '/home/nginx/domains/geeksultd.com/public' does not contain 'dns'
    [Fri Sep 28 19:30:11 UTC 2018] Using ACME_DIRECTORY: [URL]https://acme-v01.api.letsencrypt.org/directory[/URL]
    [Fri Sep 28 19:30:11 UTC 2018] _init api for server: [URL]https://acme-v01.api.letsencrypt.org/directory[/URL]
    [Fri Sep 28 19:30:11 UTC 2018] GET
    [Fri Sep 28 19:30:11 UTC 2018] url='[URL]https://acme-v01.api.letsencrypt.org/directory[/URL]'
    [Fri Sep 28 19:30:11 UTC 2018] timeout=
    [Fri Sep 28 19:30:11 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Fri Sep 28 19:30:11 UTC 2018] ret='0'
    [Fri Sep 28 19:30:11 UTC 2018] response='{
      "key-change": "[URL]https://acme-v01.api.letsencrypt.org/acme/key-change[/URL]",
      "meta": {
        "caaIdentities": [
          "letsencrypt.org"
        ],
        "terms-of-service": "[URL]https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf[/URL]",
        "website": "[URL='https://letsencrypt.org']Let's Encrypt - Free SSL/TLS Certificates[/URL]"
      },
      "ndthn40moCI": "[URL='https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417']Adding random entries to the directory[/URL]",
      "new-authz": "[URL]https://acme-v01.api.letsencrypt.org/acme/new-authz[/URL]",
      "new-cert": "[URL]https://acme-v01.api.letsencrypt.org/acme/new-cert[/URL]",
      "new-reg": "[URL]https://acme-v01.api.letsencrypt.org/acme/new-reg[/URL]",
      "revoke-cert": "[URL]https://acme-v01.api.letsencrypt.org/acme/revoke-cert[/URL]"
    }'
    [Fri Sep 28 19:30:11 UTC 2018] ACME_KEY_CHANGE='[URL]https://acme-v01.api.letsencrypt.org/acme/key-change[/URL]'
    [Fri Sep 28 19:30:11 UTC 2018] ACME_NEW_AUTHZ='[URL]https://acme-v01.api.letsencrypt.org/acme/new-authz[/URL]'
    [Fri Sep 28 19:30:11 UTC 2018] ACME_NEW_ORDER='[URL]https://acme-v01.api.letsencrypt.org/acme/new-cert[/URL]'
    [Fri Sep 28 19:30:11 UTC 2018] ACME_NEW_ACCOUNT='[URL]https://acme-v01.api.letsencrypt.org/acme/new-reg[/URL]'
    [Fri Sep 28 19:30:11 UTC 2018] ACME_REVOKE_CERT='[URL]https://acme-v01.api.letsencrypt.org/acme/revoke-cert[/URL]'
    [Fri Sep 28 19:30:11 UTC 2018] ACME_AGREEMENT='[URL]https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf[/URL]'
    [Fri Sep 28 19:30:11 UTC 2018] ACME_NEW_NONCE
    [Fri Sep 28 19:30:11 UTC 2018] ACME_VERSION
    [Fri Sep 28 19:30:11 UTC 2018] Le_NextRenewTime
    [Fri Sep 28 19:30:11 UTC 2018] _on_before_issue
    [Fri Sep 28 19:30:11 UTC 2018] _chk_main_domain='geeksultd.com'
    [Fri Sep 28 19:30:11 UTC 2018] _chk_alt_domains='[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:11 UTC 2018] '/home/nginx/domains/geeksultd.com/public' does not contain 'no'
    [Fri Sep 28 19:30:11 UTC 2018] Le_LocalAddress
    [Fri Sep 28 19:30:11 UTC 2018] d='geeksultd.com'
    [Fri Sep 28 19:30:11 UTC 2018] Check for domain='geeksultd.com'
    [Fri Sep 28 19:30:11 UTC 2018] _currentRoot='/home/nginx/domains/geeksultd.com/public'
    [Fri Sep 28 19:30:11 UTC 2018] d='[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:11 UTC 2018] Check for domain='[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:11 UTC 2018] _currentRoot='/home/nginx/domains/geeksultd.com/public'
    [Fri Sep 28 19:30:11 UTC 2018] d
    [Fri Sep 28 19:30:11 UTC 2018] '/home/nginx/domains/geeksultd.com/public' does not contain 'apache'
    [Fri Sep 28 19:30:11 UTC 2018] _saved_account_key_hash='mINIYWMV8+ivwixKes9IniS5XyjaVuwcR4OEdEsltkw='
    [Fri Sep 28 19:30:11 UTC 2018] _saved_account_key_hash is not changed, skip register account.
    [Fri Sep 28 19:30:11 UTC 2018] Read key length:2048
    [Fri Sep 28 19:30:11 UTC 2018] _createcsr
    [Fri Sep 28 19:30:11 UTC 2018] domain='geeksultd.com'
    [Fri Sep 28 19:30:11 UTC 2018] domainlist='[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:11 UTC 2018] csrkey='/root/.acme.sh/geeksultd.com/geeksultd.com.key'
    [Fri Sep 28 19:30:11 UTC 2018] csr='/root/.acme.sh/geeksultd.com/geeksultd.com.csr'
    [Fri Sep 28 19:30:11 UTC 2018] csrconf='/root/.acme.sh/geeksultd.com/geeksultd.com.csr.conf'
    [Fri Sep 28 19:30:11 UTC 2018] _is_idn_d='[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:11 UTC 2018] _idn_temp
    [Fri Sep 28 19:30:11 UTC 2018] domainlist='[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:11 UTC 2018] Multi domain='DNS:geeksultd.com,DNS:[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:11 UTC 2018] _is_idn_d='geeksultd.com'
    [Fri Sep 28 19:30:11 UTC 2018] _idn_temp
    [Fri Sep 28 19:30:11 UTC 2018] _csr_cn='geeksultd.com'
    [Fri Sep 28 19:30:12 UTC 2018] Getting domain auth token for each domain
    [Fri Sep 28 19:30:12 UTC 2018] d='geeksultd.com'
    [Fri Sep 28 19:30:12 UTC 2018] Getting webroot for domain='geeksultd.com'
    [Fri Sep 28 19:30:12 UTC 2018] _w='/home/nginx/domains/geeksultd.com/public'
    [Fri Sep 28 19:30:12 UTC 2018] _currentRoot='/home/nginx/domains/geeksultd.com/public'
    [Fri Sep 28 19:30:12 UTC 2018] Getting new-authz for domain='geeksultd.com'
    [Fri Sep 28 19:30:12 UTC 2018] _init api for server: [URL]https://acme-v01.api.letsencrypt.org/directory[/URL]
    [Fri Sep 28 19:30:12 UTC 2018] Try new-authz for the 0 time.
    [Fri Sep 28 19:30:12 UTC 2018] _is_idn_d='geeksultd.com'
    [Fri Sep 28 19:30:12 UTC 2018] _idn_temp
    [Fri Sep 28 19:30:12 UTC 2018] url='[URL]https://acme-v01.api.letsencrypt.org/acme/new-authz[/URL]'
    [Fri Sep 28 19:30:12 UTC 2018] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "geeksultd.com"}}'
    [Fri Sep 28 19:30:12 UTC 2018] RSA key
    [Fri Sep 28 19:30:12 UTC 2018] Get nonce. ACME_DIRECTORY='[URL]https://acme-v01.api.letsencrypt.org/directory[/URL]'
    [Fri Sep 28 19:30:12 UTC 2018] GET
    [Fri Sep 28 19:30:12 UTC 2018] url='[URL]https://acme-v01.api.letsencrypt.org/directory[/URL]'
    [Fri Sep 28 19:30:12 UTC 2018] timeout=
    [Fri Sep 28 19:30:12 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Fri Sep 28 19:30:12 UTC 2018] ret='0'
    [Fri Sep 28 19:30:12 UTC 2018] _headers='HTTP/1.1 200 OK
    Server: nginx
    Content-Type: application/json
    Content-Length: 658
    Replay-Nonce: 4ZPSPE-X4xv5RJFhadBIeWZducsd9x71KNlMNxH3tU0
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    Expires: Fri, 28 Sep 2018 19:30:12 GMT
    Cache-Control: max-age=0, no-cache, no-store
    Pragma: no-cache
    Date: Fri, 28 Sep 2018 19:30:12 GMT
    Connection: keep-alive
    
    '
    [Fri Sep 28 19:30:12 UTC 2018] _CACHED_NONCE='4ZPSPE-X4xv5RJFhadBIeWZducsd9x71KNlMNxH3tU0'
    [Fri Sep 28 19:30:12 UTC 2018] nonce='4ZPSPE-X4xv5RJFhadBIeWZducsd9x71KNlMNxH3tU0'
    [Fri Sep 28 19:30:12 UTC 2018] POST
    [Fri Sep 28 19:30:12 UTC 2018] _post_url='[URL]https://acme-v01.api.letsencrypt.org/acme/new-authz[/URL]'
    [Fri Sep 28 19:30:12 UTC 2018] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "plSJ_O55-kBqSPPN91fJoQRsR7-NMbqAZIpKCVcAw52bLKo8dYuX9UWCtC6LDQK_CMzYS_6UtzD-MTv9bwBjaSFtCEawL7G9Xb5Icphc_6ZFVvLAz_oJdqSZ6oV2x3g_aOwkQb6wG_f3PgHNMxizLJepHFSQJx0TVxyNxI-rCdn9X6D3cyKorE_p9w5IZbtjiunExd7WdPS7Xvb41LCCdQpNk3OIASeP20YoyKZU26yD_ENJASvDCoZA5yykkykIsL7fXLB7L-T66US5sKmr3AWXHlBSlUrREoF1S6Su7V281CoFaaj-4x-EZfKOCQTHYjswZy_paLYjOkanUxZ-2w"}}, "protected": "eyJub25jZSI6ICI0WlBTUEUtWDR4djVSSkZoYWRCSWVXWmR1Y3NkOXg3MUtObE1OeEgzdFUwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctYXV0aHoiLCAiYWxnIjogIlJTMjU2IiwgImp3ayI6IHsiZSI6ICJBUUFCIiwgImt0eSI6ICJSU0EiLCAibiI6ICJwbFNKX081NS1rQnFTUFBOOTFmSm9RUnNSNy1OTWJxQVpJcEtDVmNBdzUyYkxLbzhkWXVYOVVXQ3RDNkxEUUtfQ016WVNfNlV0ekQtTVR2OWJ3QmphU0Z0Q0Vhd0w3RzlYYjVJY3BoY182WkZWdkxBel9vSmRxU1o2b1YyeDNnX2FPd2tRYjZ3R19mM1BnSE5NeGl6TEplcEhGU1FKeDBUVnh5TnhJLXJDZG45WDZEM2N5S29yRV9wOXc1SVpidGppdW5FeGQ3V2RQUzdYdmI0MUxDQ2RRcE5rM09JQVNlUDIwWW95S1pVMjZ5RF9FTkpBU3ZEQ29aQTV5eWtreWtJc0w3ZlhMQjdMLVQ2NlVTNXNLbXIzQVdYSGxCU2xVclJFb0YxUzZTdTdWMjgxQ29GYWFqLTR4LUVaZktPQ1FUSFlqc3daeV9wYUxZak9rYW5VeFotMncifX0", "payload": "eyJyZXNvdXJjZSI6ICJuZXctYXV0aHoiLCAiaWRlbnRpZmllciI6IHsidHlwZSI6ICJkbnMiLCAidmFsdWUiOiAiZ2Vla3N1bHRkLmNvbSJ9fQ", "signature": "Io-C-UJJGuLT0sDV9bGe4H_u-NYpc1Hxq2jiUhiLxPzxeD4st9HUAZ3sJkUwHrugkbc6lMFSpd6HVwCurdfyBh9H8KgemGNw4T6cWOy1Fz-dqDBSUUdjJwhiAW_yp6jrqEjmjlkepr5p3hV7HVZUtRmZa3LaL67fy3JgzUTmyisUBUqP64rSAf1BUWNpa_VBCo1AF69FG25DHJyDtad9_u6b2NPDM5anifR3hNQH8U_2ujLxd9Ka8R_wR4sdBFRiEBZ3A1fowGdcFLWC7rsCW71PRjuGm52mR356Xljeu0yVkGm2mneAq4K_dZ2mBVP2gaGEX_9t1XBWqIVCIsmkGA"}'
    [Fri Sep 28 19:30:12 UTC 2018] _postContentType='application/jose+json'
    [Fri Sep 28 19:30:12 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Fri Sep 28 19:30:13 UTC 2018] _ret='0'
    [Fri Sep 28 19:30:13 UTC 2018] original='{
      "identifier": {
        "type": "dns",
        "value": "geeksultd.com"
      },
      "status": "pending",
      "expires": "2018-10-05T19:30:13Z",
      "challenges": [
        {
          "type": "tls-alpn-01",
          "status": "pending",
          "uri": "[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784686[/URL]",
          "token": "Q-blfkB96kUKd3gbB5wN3U9GvuqFN_SIt-u4TIpZ-ZQ"
        },
        {
          "type": "http-01",
          "status": "pending",
          "uri": "[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688[/URL]",
          "token": "iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ"
        },
        {
          "type": "dns-01",
          "status": "pending",
          "uri": "[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784690[/URL]",
          "token": "lXJEsYalEKI340dEei23Hs1jlnfr87aljzFI72V30q8"
        }
      ],
      "combinations": [
        [
          2
        ],
        [
          0
        ],
        [
          1
        ]
      ]
    }'
    [Fri Sep 28 19:30:13 UTC 2018] responseHeaders='HTTP/1.1 100 Continue
    Expires: Fri, 28 Sep 2018 19:30:12 GMT
    Cache-Control: max-age=0, no-cache, no-store
    Pragma: no-cache
    
    HTTP/1.1 201 Created
    Server: nginx
    Content-Type: application/json
    Content-Length: 992
    Boulder-Requester: 42937650
    Link: <[URL]https://acme-v01.api.letsencrypt.org/acme/new-cert[/URL]>;rel="next"
    Location: [URL]https://acme-v01.api.letsencrypt.org/acme/authz/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE[/URL]
    Replay-Nonce: jaSSysmEFjaAou5i3L4r3qFHcqKE0qCwKWoAkFU5dvQ
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    Expires: Fri, 28 Sep 2018 19:30:13 GMT
    Cache-Control: max-age=0, no-cache, no-store
    Pragma: no-cache
    Date: Fri, 28 Sep 2018 19:30:13 GMT
    Connection: keep-alive
    
    '
    [Fri Sep 28 19:30:13 UTC 2018] response='{"identifier":{"type":"dns","value":"geeksultd.com"},"status":"pending","expires":"2018-10-05T19:30:13Z","challenges":[{"type":"tls-alpn-01","status":"pending","uri":"[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784686[/URL]","token":"Q-blfkB96kUKd3gbB5wN3U9GvuqFN_SIt-u4TIpZ-ZQ"},{"type":"http-01","status":"pending","uri":"[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688[/URL]","token":"iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ"},{"type":"dns-01","status":"pending","uri":"[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784690[/URL]","token":"lXJEsYalEKI340dEei23Hs1jlnfr87aljzFI72V30q8"}],"combinations":[[2],[0],[1]]}'
    [Fri Sep 28 19:30:13 UTC 2018] code='201'
    [Fri Sep 28 19:30:13 UTC 2018] The new-authz request is ok.
    [Fri Sep 28 19:30:13 UTC 2018] entry='"type":"http-01","status":"pending","uri":"[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688[/URL]","token":"iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ"'
    [Fri Sep 28 19:30:13 UTC 2018] token='iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ'
    [Fri Sep 28 19:30:13 UTC 2018] uri='[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] keyauthorization='iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM'
    [Fri Sep 28 19:30:13 UTC 2018] dvlist='geeksultd.com#iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM#[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688#http-01#/home/nginx/domains/geeksultd.com/public[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] d='[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] Getting webroot for domain='[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] _w='/home/nginx/domains/geeksultd.com/public'
    [Fri Sep 28 19:30:13 UTC 2018] _currentRoot='/home/nginx/domains/geeksultd.com/public'
    [Fri Sep 28 19:30:13 UTC 2018] Getting new-authz for domain='[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] _init api for server: [URL]https://acme-v01.api.letsencrypt.org/directory[/URL]
    [Fri Sep 28 19:30:13 UTC 2018] Try new-authz for the 0 time.
    [Fri Sep 28 19:30:13 UTC 2018] _is_idn_d='[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] _idn_temp
    [Fri Sep 28 19:30:13 UTC 2018] url='[URL]https://acme-v01.api.letsencrypt.org/acme/new-authz[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]"}}'
    [Fri Sep 28 19:30:13 UTC 2018] Use cached jwk for file: /root/.acme.sh/ca/acme-v01.api.letsencrypt.org/account.key
    [Fri Sep 28 19:30:13 UTC 2018] Use _CACHED_NONCE='jaSSysmEFjaAou5i3L4r3qFHcqKE0qCwKWoAkFU5dvQ'
    [Fri Sep 28 19:30:13 UTC 2018] nonce='jaSSysmEFjaAou5i3L4r3qFHcqKE0qCwKWoAkFU5dvQ'
    [Fri Sep 28 19:30:13 UTC 2018] POST
    [Fri Sep 28 19:30:13 UTC 2018] _post_url='[URL]https://acme-v01.api.letsencrypt.org/acme/new-authz[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "plSJ_O55-kBqSPPN91fJoQRsR7-NMbqAZIpKCVcAw52bLKo8dYuX9UWCtC6LDQK_CMzYS_6UtzD-MTv9bwBjaSFtCEawL7G9Xb5Icphc_6ZFVvLAz_oJdqSZ6oV2x3g_aOwkQb6wG_f3PgHNMxizLJepHFSQJx0TVxyNxI-rCdn9X6D3cyKorE_p9w5IZbtjiunExd7WdPS7Xvb41LCCdQpNk3OIASeP20YoyKZU26yD_ENJASvDCoZA5yykkykIsL7fXLB7L-T66US5sKmr3AWXHlBSlUrREoF1S6Su7V281CoFaaj-4x-EZfKOCQTHYjswZy_paLYjOkanUxZ-2w"}}, "protected": "eyJub25jZSI6ICJqYVNTeXNtRUZqYUFvdTVpM0w0cjNxRkhjcUtFMHFDd0tXb0FrRlU1ZHZRIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctYXV0aHoiLCAiYWxnIjogIlJTMjU2IiwgImp3ayI6IHsiZSI6ICJBUUFCIiwgImt0eSI6ICJSU0EiLCAibiI6ICJwbFNKX081NS1rQnFTUFBOOTFmSm9RUnNSNy1OTWJxQVpJcEtDVmNBdzUyYkxLbzhkWXVYOVVXQ3RDNkxEUUtfQ016WVNfNlV0ekQtTVR2OWJ3QmphU0Z0Q0Vhd0w3RzlYYjVJY3BoY182WkZWdkxBel9vSmRxU1o2b1YyeDNnX2FPd2tRYjZ3R19mM1BnSE5NeGl6TEplcEhGU1FKeDBUVnh5TnhJLXJDZG45WDZEM2N5S29yRV9wOXc1SVpidGppdW5FeGQ3V2RQUzdYdmI0MUxDQ2RRcE5rM09JQVNlUDIwWW95S1pVMjZ5RF9FTkpBU3ZEQ29aQTV5eWtreWtJc0w3ZlhMQjdMLVQ2NlVTNXNLbXIzQVdYSGxCU2xVclJFb0YxUzZTdTdWMjgxQ29GYWFqLTR4LUVaZktPQ1FUSFlqc3daeV9wYUxZak9rYW5VeFotMncifX0", "payload": "eyJyZXNvdXJjZSI6ICJuZXctYXV0aHoiLCAiaWRlbnRpZmllciI6IHsidHlwZSI6ICJkbnMiLCAidmFsdWUiOiAid3d3LmdlZWtzdWx0ZC5jb20ifX0", "signature": "R-mPvrSlXty6UyU8IztS528wNDB6ZP7vmCo8B4rqZBeFQ0P6aASP66FFbFp2r9Aa8V_kJE2tHSIbGVjwqI6EppwdkTVl0COH6i83Py-0kvjPdamQAOnSnji4AGDKkQoLcyId8jYE_VqbEdeRVAFxruAFl8xqx1uLrgo9ARX7zy1SYDpEi2Xwg7lZqZPUPh5P1_hnDQaXrkS0ikYcfSow6NdZjjNn4_Dx7XC9zBz1uSoHPXGxWBfgqikgp87ne5BP1j88vDEXgQr2vGIss7C6NRsU-gwtGvhmvabZJk7ew38Cn8FgbFEi9oCD7UP4s8siVfGWzDadUG-6DpfI7Kqtww"}'
    [Fri Sep 28 19:30:13 UTC 2018] _postContentType='application/jose+json'
    [Fri Sep 28 19:30:13 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Fri Sep 28 19:30:13 UTC 2018] _ret='0'
    [Fri Sep 28 19:30:13 UTC 2018] original='{
      "identifier": {
        "type": "dns",
        "value": "[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]"
      },
      "status": "pending",
      "expires": "2018-10-05T19:30:13Z",
      "challenges": [
        {
          "type": "http-01",
          "status": "pending",
          "uri": "[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785188[/URL]",
          "token": "qLhTKTALgxOmieSHhq1ldMoRs1l1u-ZnOn6Z2tv-cHM"
        },
        {
          "type": "tls-alpn-01",
          "status": "pending",
          "uri": "[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785189[/URL]",
          "token": "0Gv3CCZwDgYugCRjYiKgowDMyEDvNJK87-KrySGUpBo"
        },
        {
          "type": "dns-01",
          "status": "pending",
          "uri": "[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785190[/URL]",
          "token": "eHfBuiEo-laaQtkClOS6Ntn8-G2_myX2zscX1ZokAAE"
        }
      ],
      "combinations": [
        [
          0
        ],
        [
          1
        ],
        [
          2
        ]
      ]
    }'
    [Fri Sep 28 19:30:13 UTC 2018] responseHeaders='HTTP/1.1 100 Continue
    Expires: Fri, 28 Sep 2018 19:30:13 GMT
    Cache-Control: max-age=0, no-cache, no-store
    Pragma: no-cache
    
    HTTP/1.1 201 Created
    Server: nginx
    Content-Type: application/json
    Content-Length: 996
    Boulder-Requester: 42937650
    Link: <[URL]https://acme-v01.api.letsencrypt.org/acme/new-cert[/URL]>;rel="next"
    Location: [URL]https://acme-v01.api.letsencrypt.org/acme/authz/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM[/URL]
    Replay-Nonce: HKsrNtzD56knVtXTFktgaHn5Y-ma2Tk6q12Gn_7nZX8
    X-Frame-Options: DENY
    Strict-Transport-Security: max-age=604800
    Expires: Fri, 28 Sep 2018 19:30:13 GMT
    Cache-Control: max-age=0, no-cache, no-store
    Pragma: no-cache
    Date: Fri, 28 Sep 2018 19:30:13 GMT
    Connection: keep-alive
    
    '
    [Fri Sep 28 19:30:13 UTC 2018] response='{"identifier":{"type":"dns","value":"[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]"},"status":"pending","expires":"2018-10-05T19:30:13Z","challenges":[{"type":"http-01","status":"pending","uri":"[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785188[/URL]","token":"qLhTKTALgxOmieSHhq1ldMoRs1l1u-ZnOn6Z2tv-cHM"},{"type":"tls-alpn-01","status":"pending","uri":"[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785189[/URL]","token":"0Gv3CCZwDgYugCRjYiKgowDMyEDvNJK87-KrySGUpBo"},{"type":"dns-01","status":"pending","uri":"[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785190[/URL]","token":"eHfBuiEo-laaQtkClOS6Ntn8-G2_myX2zscX1ZokAAE"}],"combinations":[[0],[1],[2]]}'
    [Fri Sep 28 19:30:13 UTC 2018] code='201'
    [Fri Sep 28 19:30:13 UTC 2018] The new-authz request is ok.
    [Fri Sep 28 19:30:13 UTC 2018] entry='"type":"http-01","status":"pending","uri":"[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785188[/URL]","token":"qLhTKTALgxOmieSHhq1ldMoRs1l1u-ZnOn6Z2tv-cHM"'
    [Fri Sep 28 19:30:13 UTC 2018] token='qLhTKTALgxOmieSHhq1ldMoRs1l1u-ZnOn6Z2tv-cHM'
    [Fri Sep 28 19:30:13 UTC 2018] uri='[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785188[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] keyauthorization='qLhTKTALgxOmieSHhq1ldMoRs1l1u-ZnOn6Z2tv-cHM.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM'
    [Fri Sep 28 19:30:13 UTC 2018] dvlist='[URL='http://www.geeksultd.com#qLhTKTALgxOmieSHhq1ldMoRs1l1u-ZnOn6Z2tv-cHM.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM#https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785188#http-01#/home/nginx/domains/geeksultd.com/public']www.geeksultd.com#qLhTKTALgxOmieSHhq1ldMoRs1l1u-ZnOn6Z2tv-cHM.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM#https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785188#http-01#/home/nginx/domains/geeksultd.com/public[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] d
    [Fri Sep 28 19:30:13 UTC 2018] vlist='geeksultd.com#iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM#[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688#http-01#/home/nginx/domains/geeksultd.com/public,www.geeksultd.com#qLhTKTALgxOmieSHhq1ldMoRs1l1u-ZnOn6Z2tv-cHM.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM#https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785188#http-01#/home/nginx/domains/geeksultd.com/public[/URL],'
    [Fri Sep 28 19:30:13 UTC 2018] d='geeksultd.com'
    [Fri Sep 28 19:30:13 UTC 2018] d='[URL='http://www.geeksultd.com']www.geeksultd.com[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] ok, let's start to verify
    [Fri Sep 28 19:30:13 UTC 2018] Verifying:geeksultd.com
    [Fri Sep 28 19:30:13 UTC 2018] d='geeksultd.com'
    [Fri Sep 28 19:30:13 UTC 2018] keyauthorization='iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM'
    [Fri Sep 28 19:30:13 UTC 2018] uri='[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] _currentRoot='/home/nginx/domains/geeksultd.com/public'
    [Fri Sep 28 19:30:13 UTC 2018] wellknown_path='/home/nginx/domains/geeksultd.com/public/.well-known/acme-challenge'
    [Fri Sep 28 19:30:13 UTC 2018] writing token:iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ to /home/nginx/domains/geeksultd.com/public/.well-known/acme-challenge/iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ
    [Fri Sep 28 19:30:13 UTC 2018] Changing owner/group of .well-known to nginx:nginx
    [Fri Sep 28 19:30:13 UTC 2018] tigger domain validation.
    [Fri Sep 28 19:30:13 UTC 2018] _t_url='[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] _t_key_authz='iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM'
    [Fri Sep 28 19:30:13 UTC 2018] url='[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688[/URL]'
    [Fri Sep 28 19:30:13 UTC 2018] payload='{"resource": "challenge", "keyAuthorization": "iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM"}'
    [Fri Sep 28 19:30:14 UTC 2018] Use cached jwk for file: /root/.acme.sh/ca/acme-v01.api.letsencrypt.org/account.key
    [Fri Sep 28 19:30:14 UTC 2018] Use _CACHED_NONCE='HKsrNtzD56knVtXTFktgaHn5Y-ma2Tk6q12Gn_7nZX8'
    [Fri Sep 28 19:30:14 UTC 2018] nonce='HKsrNtzD56knVtXTFktgaHn5Y-ma2Tk6q12Gn_7nZX8'
    [Fri Sep 28 19:30:14 UTC 2018] POST
    [Fri Sep 28 19:30:14 UTC 2018] _post_url='[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688[/URL]'
    [Fri Sep 28 19:30:14 UTC 2018] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "plSJ_O55-kBqSPPN91fJoQRsR7-NMbqAZIpKCVcAw52bLKo8dYuX9UWCtC6LDQK_CMzYS_6UtzD-MTv9bwBjaSFtCEawL7G9Xb5Icphc_6ZFVvLAz_oJdqSZ6oV2x3g_aOwkQb6wG_f3PgHNMxizLJepHFSQJx0TVxyNxI-rCdn9X6D3cyKorE_p9w5IZbtjiunExd7WdPS7Xvb41LCCdQpNk3OIASeP20YoyKZU26yD_ENJASvDCoZA5yykkykIsL7fXLB7L-T66US5sKmr3AWXHlBSlUrREoF1S6Su7V281CoFaaj-4x-EZfKOCQTHYjswZy_paLYjOkanUxZ-2w"}}, "protected": "eyJub25jZSI6ICJIS3NyTnR6RDU2a25WdFhURmt0Z2FIbjVZLW1hMlRrNnExMkduXzduWlg4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UvWnEtT2lCQjkyVTJrNnEyNlN0Qzc3Tl9OaHNUYmVaY1QzVGtpNUdMQ2dQRS83NzYzNzg0Njg4IiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAicGxTSl9PNTUta0JxU1BQTjkxZkpvUVJzUjctTk1icUFaSXBLQ1ZjQXc1MmJMS284ZFl1WDlVV0N0QzZMRFFLX0NNellTXzZVdHpELU1Udjlid0JqYVNGdENFYXdMN0c5WGI1SWNwaGNfNlpGVnZMQXpfb0pkcVNaNm9WMngzZ19hT3drUWI2d0dfZjNQZ0hOTXhpekxKZXBIRlNRSngwVFZ4eU54SS1yQ2RuOVg2RDNjeUtvckVfcDl3NUlaYnRqaXVuRXhkN1dkUFM3WHZiNDFMQ0NkUXBOazNPSUFTZVAyMFlveUtaVTI2eURfRU5KQVN2RENvWkE1eXlra3lrSXNMN2ZYTEI3TC1UNjZVUzVzS21yM0FXWEhsQlNsVXJSRW9GMVM2U3U3VjI4MUNvRmFhai00eC1FWmZLT0NRVEhZanN3WnlfcGFMWWpPa2FuVXhaLTJ3In19", "payload": "eyJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLCAia2V5QXV0aG9yaXphdGlvbiI6ICJpS040Q0NZZHQxVkJDdjNfb1ZxTFdoUE04MFpGd3J1SVpNYnlKWFRjM0hRLk1vZUNLTC1QVXlPU2tXUWtmbEp3UWJjZm85eDBJa3RiTkt1ODEtQjdVUE0ifQ", "signature": "OwGfeiUPPWWKQXjCh8BoXkfqJ6Xal942tLoYLZFIwBOoWZO4tDsvgXj0ti0H1p3NzfhTJKpZMD-XhRqxCvKPiKb2NU1R88wvN8v9x7PvHYGqdTsNK7deoyc0HTPrg4InnlraXp287e0F55NMikB05FpwlmUBNpFnR48coFXfmDwWp7rjK9a4Ps8d2bYNbOBIlar6vIU5NjSpW1g--FWpvED0OhB5VB7NrreKBxqU9mptRlJkCIe-g0hEf05eR5uq_DJKxzBopbvcfNlpkM_1V0tpkEdShsIljHNXkBu8PFC7dSTkIhFhy__A1PrYDR0CRHveizM0mkHXopDIr_Fccw"}'
    [Fri Sep 28 19:30:14 UTC 2018] _postContentType='application/jose+json'
    [Fri Sep 28 19:30:14 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Fri Sep 28 19:30:14 UTC 2018] _ret='0'
    [Fri Sep 28 19:30:14 UTC 2018] original='{
      "type": "http-01",
      "status": "pending",
      "uri": "[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688[/URL]",
      "token": "iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ",
      "keyAuthorization": "iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM"
    }'
    [Fri Sep 28 19:30:14 UTC 2018] responseHeaders='HTTP/1.1 100 Continue
    Expires: Fri, 28 Sep 2018 19:30:14 GMT
    Cache-Control: max-age=0, no-cache, no-store
    Pragma: no-cache
    
    HTTP/1.1 202 Accepted
    Server: nginx
    Content-Type: application/json
    Content-Length: 336
    Boulder-Requester: 42937650
    Link: <[URL]https://acme-v01.api.letsencrypt.org/acme/authz/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE[/URL]>;rel="up"
    Location: [URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688[/URL]
    Replay-Nonce: W9WVqd49t2avv-y20W7D4WYr0ofY2xpezlz9H4hklXs
    Expires: Fri, 28 Sep 2018 19:30:14 GMT
    Cache-Control: max-age=0, no-cache, no-store
    Pragma: no-cache
    Date: Fri, 28 Sep 2018 19:30:14 GMT
    Connection: keep-alive
    
    '
    [Fri Sep 28 19:30:14 UTC 2018] response='{"type":"http-01","status":"pending","uri":"[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688[/URL]","token":"iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ","keyAuthorization":"iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM"}'
    [Fri Sep 28 19:30:14 UTC 2018] code='202'
    [Fri Sep 28 19:30:14 UTC 2018] sleep 2 secs to verify
    [Fri Sep 28 19:30:16 UTC 2018] checking
    [Fri Sep 28 19:30:16 UTC 2018] GET
    [Fri Sep 28 19:30:16 UTC 2018] url='[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688[/URL]'
    [Fri Sep 28 19:30:16 UTC 2018] timeout=
    [Fri Sep 28 19:30:16 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Fri Sep 28 19:30:16 UTC 2018] ret='0'
    [Fri Sep 28 19:30:16 UTC 2018] original='{
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:acme:error:unauthorized",
        "detail": "Invalid response from [URL]http://geeksultd.com/.well-known/acme-challenge/iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ[/URL]: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e300 Multiple Choices\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eMultiple C\"",
        "status": 403
      },
      "uri": "[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688[/URL]",
      "token": "iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ",
      "validationRecord": [
        {
          "url": "[URL]http://geeksultd.com/.well-known/acme-challenge/iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ[/URL]",
          "hostname": "geeksultd.com",
          "port": "80",
          "addressesResolved": [
            "144.202.101.170",
            "2607:f1c0:1000:90aa:cc09:4c40:2418:182d"
          ],
          "addressUsed": "2607:f1c0:1000:90aa:cc09:4c40:2418:182d"
        }
      ]
    }'
    [Fri Sep 28 19:30:16 UTC 2018] response='{"type":"http-01","status":"invalid","error":{"type":"urn:acme:error:unauthorized","detail":"Invalid response from [URL]http://geeksultd.com/.well-known/acme-challenge/iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ[/URL]: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e300 Multiple Choices\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eMultiple C\"","status": 403},"uri":"[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688[/URL]","token":"iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ","validationRecord":[{"url":"[URL]http://geeksultd.com/.well-known/acme-challenge/iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ[/URL]","hostname":"geeksultd.com","port":"80","addressesResolved":["144.202.101.170","2607:f1c0:1000:90aa:cc09:4c40:2418:182d"],"addressUsed":"2607:f1c0:1000:90aa:cc09:4c40:2418:182d"}]}'
    [Fri Sep 28 19:30:16 UTC 2018] error='"error":{"type":"urn:acme:error:unauthorized","detail":"Invalid response from [URL]http://geeksultd.com/.well-known/acme-challenge/iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ[/URL]: '
    [Fri Sep 28 19:30:16 UTC 2018] errordetail='Invalid response from [URL]http://geeksultd.com/.well-known/acme-challenge/iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ[/URL]: '
    [Fri Sep 28 19:30:16 UTC 2018] geeksultd.com:Verify error:Invalid response from [URL]http://geeksultd.com/.well-known/acme-challenge/iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ[/URL]:
    [Fri Sep 28 19:30:16 UTC 2018] pid
    [Fri Sep 28 19:30:16 UTC 2018] No need to restore nginx, skip.
    [Fri Sep 28 19:30:16 UTC 2018] _clearupdns
    [Fri Sep 28 19:30:16 UTC 2018] skip dns.
    [Fri Sep 28 19:30:16 UTC 2018] _on_issue_err
    [Fri Sep 28 19:30:16 UTC 2018] Please check log file for more details: /root/centminlogs/acmetool.sh-debug-log-280918-193005.log
    [Fri Sep 28 19:30:16 UTC 2018] _chk_vlist='geeksultd.com#iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM#[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688#http-01#/home/nginx/domains/geeksultd.com/public,www.geeksultd.com#qLhTKTALgxOmieSHhq1ldMoRs1l1u-ZnOn6Z2tv-cHM.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM#https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785188#http-01#/home/nginx/domains/geeksultd.com/public[/URL],'
    [Fri Sep 28 19:30:16 UTC 2018] start to deactivate authz
    [Fri Sep 28 19:30:16 UTC 2018] tigger domain validation.
    [Fri Sep 28 19:30:16 UTC 2018] _t_url='[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688[/URL]'
    [Fri Sep 28 19:30:16 UTC 2018] _t_key_authz='iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM'
    [Fri Sep 28 19:30:16 UTC 2018] url='[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688[/URL]'
    [Fri Sep 28 19:30:16 UTC 2018] payload='{"resource": "challenge", "keyAuthorization": "iKN4CCYdt1VBCv3_oVqLWhPM80ZFwruIZMbyJXTc3HQ.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM"}'
    [Fri Sep 28 19:30:16 UTC 2018] Use cached jwk for file: /root/.acme.sh/ca/acme-v01.api.letsencrypt.org/account.key
    [Fri Sep 28 19:30:16 UTC 2018] Use _CACHED_NONCE='W9WVqd49t2avv-y20W7D4WYr0ofY2xpezlz9H4hklXs'
    [Fri Sep 28 19:30:16 UTC 2018] nonce='W9WVqd49t2avv-y20W7D4WYr0ofY2xpezlz9H4hklXs'
    [Fri Sep 28 19:30:16 UTC 2018] POST
    [Fri Sep 28 19:30:16 UTC 2018] _post_url='[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Zq-OiBB92U2k6q26StC77N_NhsTbeZcT3Tki5GLCgPE/7763784688[/URL]'
    [Fri Sep 28 19:30:16 UTC 2018] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "plSJ_O55-kBqSPPN91fJoQRsR7-NMbqAZIpKCVcAw52bLKo8dYuX9UWCtC6LDQK_CMzYS_6UtzD-MTv9bwBjaSFtCEawL7G9Xb5Icphc_6ZFVvLAz_oJdqSZ6oV2x3g_aOwkQb6wG_f3PgHNMxizLJepHFSQJx0TVxyNxI-rCdn9X6D3cyKorE_p9w5IZbtjiunExd7WdPS7Xvb41LCCdQpNk3OIASeP20YoyKZU26yD_ENJASvDCoZA5yykkykIsL7fXLB7L-T66US5sKmr3AWXHlBSlUrREoF1S6Su7V281CoFaaj-4x-EZfKOCQTHYjswZy_paLYjOkanUxZ-2w"}}, "protected": "eyJub25jZSI6ICJXOVdWcWQ0OXQyYXZ2LXkyMFc3RDRXWXIwb2ZZMnhwZXpsejlINGhrbFhzIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UvWnEtT2lCQjkyVTJrNnEyNlN0Qzc3Tl9OaHNUYmVaY1QzVGtpNUdMQ2dQRS83NzYzNzg0Njg4IiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAicGxTSl9PNTUta0JxU1BQTjkxZkpvUVJzUjctTk1icUFaSXBLQ1ZjQXc1MmJMS284ZFl1WDlVV0N0QzZMRFFLX0NNellTXzZVdHpELU1Udjlid0JqYVNGdENFYXdMN0c5WGI1SWNwaGNfNlpGVnZMQXpfb0pkcVNaNm9WMngzZ19hT3drUWI2d0dfZjNQZ0hOTXhpekxKZXBIRlNRSngwVFZ4eU54SS1yQ2RuOVg2RDNjeUtvckVfcDl3NUlaYnRqaXVuRXhkN1dkUFM3WHZiNDFMQ0NkUXBOazNPSUFTZVAyMFlveUtaVTI2eURfRU5KQVN2RENvWkE1eXlra3lrSXNMN2ZYTEI3TC1UNjZVUzVzS21yM0FXWEhsQlNsVXJSRW9GMVM2U3U3VjI4MUNvRmFhai00eC1FWmZLT0NRVEhZanN3WnlfcGFMWWpPa2FuVXhaLTJ3In19", "payload": "eyJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLCAia2V5QXV0aG9yaXphdGlvbiI6ICJpS040Q0NZZHQxVkJDdjNfb1ZxTFdoUE04MFpGd3J1SVpNYnlKWFRjM0hRLk1vZUNLTC1QVXlPU2tXUWtmbEp3UWJjZm85eDBJa3RiTkt1ODEtQjdVUE0ifQ", "signature": "oeYFljjDev7wGGSxSsZ00TydaH0dCeakGxpMWjJYliimF4dhRzxVCiFr0kSRStpVKbSPcQgbo0RzVRXNN0zHtoa-zDLsz9Yo9bj0kWetKJbCHJ48OkC8QNoOu1evYoGDjkOLnEurHvhKdsWUyKpSLZsSigHBhYlKHg5B-DlyS2Qk5MAG-AthQZD9DyKMyOd0f9aaUQkDRKu45zwm9lZDe4Hjyz4Yc_JBDVGJ-C5q98c3WpgUJNpqOKqOf6GMhG7UExlIt0Y-it-IclyDhXYRCLxyBn_K2KajeMjf09DsVxP8vVU41-p2gpISt9xBYq84bMLaq0sb8ec7yRlK32c73w"}'
    [Fri Sep 28 19:30:16 UTC 2018] _postContentType='application/jose+json'
    [Fri Sep 28 19:30:16 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Fri Sep 28 19:30:17 UTC 2018] _ret='0'
    [Fri Sep 28 19:30:17 UTC 2018] original='{
      "type": "urn:acme:error:malformed",
      "detail": "Unable to update challenge :: The challenge is not pending.",
      "status": 400
    }'
    [Fri Sep 28 19:30:17 UTC 2018] responseHeaders='HTTP/1.1 100 Continue
    Expires: Fri, 28 Sep 2018 19:30:17 GMT
    Cache-Control: max-age=0, no-cache, no-store
    Pragma: no-cache
    
    HTTP/1.1 400 Bad Request
    Server: nginx
    Content-Type: application/problem+json
    Content-Length: 132
    Boulder-Requester: 42937650
    Replay-Nonce: _D51mEYVP7FprzoGMTuSR9nGGviWK_d0G_d6d2qtuN8
    Expires: Fri, 28 Sep 2018 19:30:17 GMT
    Cache-Control: max-age=0, no-cache, no-store
    Pragma: no-cache
    Date: Fri, 28 Sep 2018 19:30:17 GMT
    Connection: close
    
    '
    [Fri Sep 28 19:30:17 UTC 2018] response='{"type":"urn:acme:error:malformed","detail":"Unable to update challenge :: The challenge is not pending.","status": 400}'
    [Fri Sep 28 19:30:17 UTC 2018] code='400'
    [Fri Sep 28 19:30:17 UTC 2018] tigger domain validation.
    [Fri Sep 28 19:30:17 UTC 2018] _t_url='[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785188[/URL]'
    [Fri Sep 28 19:30:17 UTC 2018] _t_key_authz='qLhTKTALgxOmieSHhq1ldMoRs1l1u-ZnOn6Z2tv-cHM.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM'
    [Fri Sep 28 19:30:17 UTC 2018] url='[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785188[/URL]'
    [Fri Sep 28 19:30:17 UTC 2018] payload='{"resource": "challenge", "keyAuthorization": "qLhTKTALgxOmieSHhq1ldMoRs1l1u-ZnOn6Z2tv-cHM.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM"}'
    [Fri Sep 28 19:30:17 UTC 2018] Use cached jwk for file: /root/.acme.sh/ca/acme-v01.api.letsencrypt.org/account.key
    [Fri Sep 28 19:30:17 UTC 2018] Use _CACHED_NONCE='_D51mEYVP7FprzoGMTuSR9nGGviWK_d0G_d6d2qtuN8'
    [Fri Sep 28 19:30:17 UTC 2018] nonce='_D51mEYVP7FprzoGMTuSR9nGGviWK_d0G_d6d2qtuN8'
    [Fri Sep 28 19:30:17 UTC 2018] POST
    [Fri Sep 28 19:30:17 UTC 2018] _post_url='[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785188[/URL]'
    [Fri Sep 28 19:30:17 UTC 2018] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "plSJ_O55-kBqSPPN91fJoQRsR7-NMbqAZIpKCVcAw52bLKo8dYuX9UWCtC6LDQK_CMzYS_6UtzD-MTv9bwBjaSFtCEawL7G9Xb5Icphc_6ZFVvLAz_oJdqSZ6oV2x3g_aOwkQb6wG_f3PgHNMxizLJepHFSQJx0TVxyNxI-rCdn9X6D3cyKorE_p9w5IZbtjiunExd7WdPS7Xvb41LCCdQpNk3OIASeP20YoyKZU26yD_ENJASvDCoZA5yykkykIsL7fXLB7L-T66US5sKmr3AWXHlBSlUrREoF1S6Su7V281CoFaaj-4x-EZfKOCQTHYjswZy_paLYjOkanUxZ-2w"}}, "protected": "eyJub25jZSI6ICJfRDUxbUVZVlA3RnByem9HTVR1U1I5bkdHdmlXS19kMEdfZDZkMnF0dU44IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UvQmIxeTRoU3B5Z2pGSF9Sd0xDN2lqQUF1VHVKNmFzZk1fWTVBQW9LRjNBTS83NzYzNzg1MTg4IiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAicGxTSl9PNTUta0JxU1BQTjkxZkpvUVJzUjctTk1icUFaSXBLQ1ZjQXc1MmJMS284ZFl1WDlVV0N0QzZMRFFLX0NNellTXzZVdHpELU1Udjlid0JqYVNGdENFYXdMN0c5WGI1SWNwaGNfNlpGVnZMQXpfb0pkcVNaNm9WMngzZ19hT3drUWI2d0dfZjNQZ0hOTXhpekxKZXBIRlNRSngwVFZ4eU54SS1yQ2RuOVg2RDNjeUtvckVfcDl3NUlaYnRqaXVuRXhkN1dkUFM3WHZiNDFMQ0NkUXBOazNPSUFTZVAyMFlveUtaVTI2eURfRU5KQVN2RENvWkE1eXlra3lrSXNMN2ZYTEI3TC1UNjZVUzVzS21yM0FXWEhsQlNsVXJSRW9GMVM2U3U3VjI4MUNvRmFhai00eC1FWmZLT0NRVEhZanN3WnlfcGFMWWpPa2FuVXhaLTJ3In19", "payload": "eyJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLCAia2V5QXV0aG9yaXphdGlvbiI6ICJxTGhUS1RBTGd4T21pZVNIaHExbGRNb1JzMWwxdS1abk9uNloydHYtY0hNLk1vZUNLTC1QVXlPU2tXUWtmbEp3UWJjZm85eDBJa3RiTkt1ODEtQjdVUE0ifQ", "signature": "V5hALkQyr4LsnMb4y4YtcTVK9jkGzBOKMAgNozMQ2drrtVWhNhJqXfju5q7lqtC6iNceveeMn06Ps81nwfjZy5MPaZ3pMgDsRaMCmqPQ5mHXYa0PrqOyorRnLhmxyfALHKDq0zQ-hejfLiGkOR7yJ7YozaAkKKoBlqsxJ6IXAgtZkyGt14OqLFp6Xg1eFEsUsHi4O6udrKxVvUHspKjTCdm7zBp3aximXOzDhu78JlZOmMoIP7UnzvE4lOypwsW1Bs8k0BpkhmFsqaKCjFGIVKj_ACt3hp8X-BpVj6c_1gQNCWz5UlS75K53oVb5foyXMAjcw4ZEoDq-6Jv3lFDHFA"}'
    [Fri Sep 28 19:30:17 UTC 2018] _postContentType='application/jose+json'
    [Fri Sep 28 19:30:17 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Fri Sep 28 19:30:17 UTC 2018] _ret='0'
    [Fri Sep 28 19:30:17 UTC 2018] original='{
      "type": "http-01",
      "status": "pending",
      "uri": "[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785188[/URL]",
      "token": "qLhTKTALgxOmieSHhq1ldMoRs1l1u-ZnOn6Z2tv-cHM",
      "keyAuthorization": "qLhTKTALgxOmieSHhq1ldMoRs1l1u-ZnOn6Z2tv-cHM.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM"
    }'
    [Fri Sep 28 19:30:17 UTC 2018] responseHeaders='HTTP/1.1 100 Continue
    Expires: Fri, 28 Sep 2018 19:30:17 GMT
    Cache-Control: max-age=0, no-cache, no-store
    Pragma: no-cache
    
    HTTP/1.1 202 Accepted
    Server: nginx
    Content-Type: application/json
    Content-Length: 336
    Boulder-Requester: 42937650
    Link: <[URL]https://acme-v01.api.letsencrypt.org/acme/authz/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM[/URL]>;rel="up"
    Location: [URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785188[/URL]
    Replay-Nonce: GvBxGRPwlZ0BCtL-ots_4zpo3JM02W527TUxeT--DsA
    Expires: Fri, 28 Sep 2018 19:30:17 GMT
    Cache-Control: max-age=0, no-cache, no-store
    Pragma: no-cache
    Date: Fri, 28 Sep 2018 19:30:17 GMT
    Connection: keep-alive
    
    '
    [Fri Sep 28 19:30:17 UTC 2018] response='{"type":"http-01","status":"pending","uri":"[URL]https://acme-v01.api.letsencrypt.org/acme/challenge/Bb1y4hSpygjFH_RwLC7ijAAuTuJ6asfM_Y5AAoKF3AM/7763785188[/URL]","token":"qLhTKTALgxOmieSHhq1ldMoRs1l1u-ZnOn6Z2tv-cHM","keyAuthorization":"qLhTKTALgxOmieSHhq1ldMoRs1l1u-ZnOn6Z2tv-cHM.MoeCKL-PUyOSkWQkflJwQbcfo9x0IktbNKu81-B7UPM"}'
    [Fri Sep 28 19:30:17 UTC 2018] code='202'
    [Fri Sep 28 19:36:26 UTC 2018] ACME_DIRECTORY='[URL]https://acme-v01.api.letsencrypt.org/directory[/URL]'
    [Fri Sep 28 19:36:26 UTC 2018] _ACME_SERVER_HOST='acme-v01.api.letsencrypt.org'
    [Fri Sep 28 19:36:26 UTC 2018] It is recommended to install socat first.
    [Fri Sep 28 19:36:26 UTC 2018] We use socat for standalone server if you use standalone mode.
    [Fri Sep 28 19:36:26 UTC 2018] If you don't use standalone mode, just ignore this warning.
    [Fri Sep 28 19:36:26 UTC 2018] Installing to /root/.acme.sh
    [Fri Sep 28 19:36:26 UTC 2018] Installed to /root/.acme.sh/acme.sh
    [Fri Sep 28 19:36:26 UTC 2018] Using config home:/root/.acme.sh
    [Fri Sep 28 19:36:26 UTC 2018] ACME_DIRECTORY='[URL]https://acme-v01.api.letsencrypt.org/directory[/URL]'
    [Fri Sep 28 19:36:26 UTC 2018] _ACME_SERVER_HOST='acme-v01.api.letsencrypt.org'
    [Fri Sep 28 19:36:26 UTC 2018] options='/^export LE_CONFIG_HOME/d'
    [Fri Sep 28 19:36:26 UTC 2018] Using sed  -i
    [Fri Sep 28 19:36:26 UTC 2018] Found profile: /root/.bashrc
    [Fri Sep 28 19:36:26 UTC 2018] Installing alias to '/root/.bashrc'
    [Fri Sep 28 19:36:26 UTC 2018] OK, Close and reopen your terminal to start using acme.sh
    [Fri Sep 28 19:36:26 UTC 2018] Installing alias to '/root/.cshrc'
    [Fri Sep 28 19:36:26 UTC 2018] options='/^setenv LE_CONFIG_HOME/d'
    [Fri Sep 28 19:36:26 UTC 2018] Using sed  -i
    [Fri Sep 28 19:36:26 UTC 2018] Installing alias to '/root/.tcshrc'
    [Fri Sep 28 19:36:26 UTC 2018] Using config home:/root/.acme.sh
    [Fri Sep 28 19:36:26 UTC 2018] ACME_DIRECTORY='[URL]https://acme-v01.api.letsencrypt.org/directory[/URL]'
    [Fri Sep 28 19:36:26 UTC 2018] _ACME_SERVER_HOST='acme-v01.api.letsencrypt.org'
    [Fri Sep 28 19:36:26 UTC 2018] Installing cron job
    [Fri Sep 28 19:36:26 UTC 2018] Good, bash is found, so change the shebang to use bash as preferred.
    [Fri Sep 28 19:36:26 UTC 2018] OK
    [Fri Sep 28 19:36:27 UTC 2018] LE_WORKING_DIR='/root/.acme.sh'
    [Fri Sep 28 19:36:27 UTC 2018] Creating domain key
    [Fri Sep 28 19:36:27 UTC 2018] Using config home:/root/.acme.sh
    [Fri Sep 28 19:36:27 UTC 2018] ACME_DIRECTORY='[URL]https://acme-v01.api.letsencrypt.org/directory[/URL]'
    [Fri Sep 28 19:36:27 UTC 2018] _ACME_SERVER_HOST='acme-v01.api.letsencrypt.org'
    [Fri Sep 28 19:36:27 UTC 2018] DOMAIN_PATH='/root/.acme.sh/geeksultd.com'
    [Fri Sep 28 19:36:27 UTC 2018] _createkey for file:/root/.acme.sh/geeksultd.com/geeksultd.com.key
    [Fri Sep 28 19:36:27 UTC 2018] Use length 2048
    [Fri Sep 28 19:36:27 UTC 2018] Using RSA: 2048
    [Fri Sep 28 19:36:27 UTC 2018] The domain key is here: /root/.acme.sh/geeksultd.com/geeksultd.com.key
    
     
    Last edited by a moderator: Sep 29, 2018
  2. eva2000

    eva2000 Administrator Staff Member

    36,323
    7,979
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,287
    Local Time:
    3:51 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    FYI, for posting code or output from commands to keep the formatting and prevent parsing of domain names, you might want to use CODE tags for code How to use forum BBCODE code tags :) I updated your post to wrap your output in CODEB tags though domains already got parsed so messes with output.

    Which of the acmetool.sh options did you run ? the ./acmetool.sh reissue domainname lived one ?
    Code (Text):
     ./acmetool.sh {acme-menu|acmeinstall|acmeupdate|acmesetup|manual|issue|reissue|renew|certonly-issue|s3issue|s3reissue|s3renew|renewall|checkdates|checkdomains}
    
     Usage Commands: 
     ./acmetool.sh acme-menu
     ./acmetool.sh acmeinstall
     ./acmetool.sh acmeupdate
     ./acmetool.sh acmesetup
     ./acmetool.sh manual
     ./acmetool.sh issue domainname
     ./acmetool.sh issue domainname d
     ./acmetool.sh issue domainname live
     ./acmetool.sh issue domainname lived
     ./acmetool.sh reissue domainname
     ./acmetool.sh reissue domainname d
     ./acmetool.sh reissue domainname live
     ./acmetool.sh reissue domainname lived
     ./acmetool.sh renew domainname
     ./acmetool.sh renew domainname d
     ./acmetool.sh renew domainname live
     ./acmetool.sh renew domainname lived
     ./acmetool.sh webroot-issue domainname /path/to/custom/webroot
     ./acmetool.sh webroot-issue domainname /path/to/custom/webroot d
     ./acmetool.sh webroot-issue domainname /path/to/custom/webroot live
     ./acmetool.sh webroot-issue domainname /path/to/custom/webroot lived
     ./acmetool.sh webroot-reissue domainname /path/to/custom/webroot
     ./acmetool.sh webroot-reissue domainname /path/to/custom/webroot d
     ./acmetool.sh webroot-reissue domainname /path/to/custom/webroot live
     ./acmetool.sh webroot-reissue domainname /path/to/custom/webroot lived
     ./acmetool.sh webroot-renew domainname /path/to/custom/webroot
     ./acmetool.sh webroot-renew domainname /path/to/custom/webroot d
     ./acmetool.sh webroot-renew domainname /path/to/custom/webroot live
     ./acmetool.sh webroot-renew domainname /path/to/custom/webroot lived
     ./acmetool.sh certonly-issue domainname
     ./acmetool.sh certonly-issue domainname live
     ./acmetool.sh s3issue domainname
     ./acmetool.sh s3issue domainname d
     ./acmetool.sh s3issue domainname live
     ./acmetool.sh s3issue domainname lived
     ./acmetool.sh s3reissue domainname
     ./acmetool.sh s3reissue domainname d
     ./acmetool.sh s3reissue domainname live
     ./acmetool.sh s3reissue domainname lived
     ./acmetool.sh s3renew domainname
     ./acmetool.sh s3renew domainname d
     ./acmetool.sh s3renew domainname live
     ./acmetool.sh s3renew domainname lived
     ./acmetool.sh renewall
     ./acmetool.sh renewall live
     ./acmetool.sh renewall lived
     ./acmetool.sh checkdates
     ./acmetool.sh checkdomains
    


    When you create a new nginx vhost domain via centmin.sh menu option 2 or menu option 22 or via /usr/bin/nv cli command line, you will create the Nginx vhost files and directories. You will get an outputted the path location where it will create the domain name's vhost conf file named newdomain.com.conf (and newdomain.com.ssl.conf if you selected yes to self signed SSL)
    • Nginx vhost conf path will be at /usr/local/nginx/conf/conf.d/newdomain.com.conf
    • Nginx HTTP/2 SSL vhost conf path will be at /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf
    • Nginx Self-Signed SSL Certificate Directory at /usr/local/nginx/conf/ssl/newdomain.com
    • Vhost public web root will be at /home/nginx/domains/newdomain.com/public
    • Vhost log directory will be at /home/nginx/domains/newdomain.com/log
    Please post the contents of /usr/local/nginx/conf/conf.d/newdomain.com.conf and if applicable /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf wrapped in CODE tags (outlined at How to use forum BBCODE code tags)

    what is output of these commands in ssh
    Code (Text):
    curl -I https://domain.com
    

    Code (Text):
    curl -I https://www.domain.com
    

    Code (Text):
    curl -I http://domain.com
    

    Code (Text):
    curl -I http://www.domain.com
    

    wrap output in CODE tags
     
  3. UsmanGTA

    UsmanGTA New Member

    11
    2
    3
    Sep 14, 2017
    Ratings:
    +2
    Local Time:
    1:51 AM
    I chose option 6 and then 4 when in ./acmetool.sh acme-menu

    This is the output of the CURL commands you told me to check.

    I installed my website via centmin.sh menu #22 without the custom_config.ini. But since I had SSL issues, I tried to get the certificate with acme menu at first. Then, I wasn't able to get it. So I chose option 6 and 4 the next time in acme menu... and now we're here...

    Code (Text):
    [21:10][[email protected] ~]# curl -I https://geeksultd.com
    curl: (35) Encountered end of file
    [21:10][[email protected] ~]# curl -I https://www.geeksultd.com
    curl: (60) Peer's certificate issuer has been marked as not trusted by the user.
    More details here: http://curl.haxx.se/docs/sslcerts.html
    
    curl performs SSL certificate verification by default, using a "bundle"
     of Certificate Authority (CA) public keys (CA certs). If the default
     bundle file isn't adequate, you can specify an alternate file
     using the --cacert option.
    If this HTTPS server uses a certificate signed by a CA represented in
     the bundle, the certificate verification probably failed due to a
     problem with the certificate (it might be expired, or the name might
     not match the domain name in the URL).
    If you'd like to turn off curl's verification of the certificate, use
     the -k (or --insecure) option.
    [21:10][[email protected] ~]# curl -I http://www.geeksultd.com
    HTTP/1.1 302 Moved Temporarily
    Date: Fri, 28 Sep 2018 21:11:03 GMT
    Content-Type: text/html
    Content-Length: 138
    Connection: keep-alive
    Location: https://geeksultd.com/
    Server: nginx centminmod
    X-Powered-By: centminmod
    
    [21:11][[email protected] ~]# curl -I http://geeksultd.com
    HTTP/1.1 200 OK
    Content-Type: text/html
    Content-Length: 229
    Connection: keep-alive
    Keep-Alive: timeout=15
    Date: Fri, 28 Sep 2018 21:11:15 GMT
    Server: Apache
    Last-Modified: Sun, 18 Oct 2015 08:10:44 GMT
    ETag: "e5-5225c90ba7e4f"
    Accept-Ranges: bytes
    
    [21:11][[email protected] ~]#
    
     
  4. eva2000

    eva2000 Administrator Staff Member

    36,323
    7,979
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,287
    Local Time:
    3:51 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    you mean the 1st option listed from these ?
    Code (Text):
     ./acmetool.sh issue domainname
     ./acmetool.sh issue domainname d
     ./acmetool.sh issue domainname live
     ./acmetool.sh issue domainname lived
     ./acmetool.sh reissue domainname
     ./acmetool.sh reissue domainname d
     ./acmetool.sh reissue domainname live
     ./acmetool.sh reissue domainname lived
    

    the options listed without word live/lived are for non-trusted staging test letsencrypt certs as outlined at Letsencrypt - Official acmetool.sh testing thread for Centmin Mod 123.09beta01 while options with words live/lived are for live trusted letsencrypt ssl certs. These menu options are still in beta hence why acmetool.sh is disabled by default due to beta testing not having enough user test/feedback to test for every conceivable bug.

    Sounds like you have messed up your wordpress install (via centmin.sh menu option 22) and it's https configuration by choosing the wrong options in acmetool.sh and/or it having now messed up your wordpress nginx site vhost to the point of not being able to validate domain for letsencrypt ssl cert issuance.

    If the wordpress site can be reinstalled data file/database wise, the easiest fix would be to uninstall the wordpress nginx vhost site via the centmin.sh menu option 22 generated site uninstaller and try proper centmin.sh menu option 22 run with LETSENCRYPT_DETECT='y' set in persistent config file /etc/centminmod/custom_config.inc prior to running centmin.sh menu option 22

    Every centmin.sh menu option 22 run has an accompanying uninstall script at /root/tools/wp_uninstall_${vhostname}.sh where ${vhostname} = your domain name. You can run that to uninstall almost everything except mysql database which you have to manually remove yourself - extra precaution in case you accidentally run the wrong uninstall script.
     
  5. UsmanGTA

    UsmanGTA New Member

    11
    2
    3
    Sep 14, 2017
    Ratings:
    +2
    Local Time:
    1:51 AM
    I ran the following commands
    ./acmetool.sh acme-menu
    6
    4

    That's it.... I have my databased and stuff backed up...
     
  6. UsmanGTA

    UsmanGTA New Member

    11
    2
    3
    Sep 14, 2017
    Ratings:
    +2
    Local Time:
    1:51 AM
    I just uninstalled it... And then set the /etc/centminmod/custom_config.inc with the following single line LETSENCRYPT_DETECT='y'

    Did that, re-ran centmin.sh, then chose option 22... Still having the same issue

    Code (Text):
    Enter option [ 1 - 24 ] 22
    --------------------------------------------------------
    ------------------------------------------------------------
    Update wp-cli tool
    ------------------------------------------------------------
    updating...
    -------------------------------------------------------------
    update wp-cli packages
    Using Composer to update packages...
    ---
    Loading composer repositories with package information
    Updating dependencies
    Resolving dependencies through SAT
    Looking at all rules.
    Something's changed, looking at all rules again (pass #1)
    
    Dependency resolution completed in 0.009 seconds
    Analyzed 1369 packages to resolve dependencies
    Analyzed 24859 rules to resolve dependencies
    Nothing to install or update
    Generating autoload files
    ---
    Success: Packages updated.
    -------------------------------------------------------------
    update wp-cli
    2018-09-28 22:10:36 URL:https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar [5366981/5366981] -> "/usr/bin/wp" [1]
    OS:     Linux 3.10.0-862.14.4.el7.x86_64 #1 SMP Wed Sep 26 15:12:11 UTC 2018 x86_64
    Shell:  /bin/bash
    PHP binary:     /usr/local/bin/php
    PHP version:    7.2.10
    php.ini used:   /usr/local/lib/php.ini
    WP-CLI root dir:        phar://wp-cli.phar/vendor/wp-cli/wp-cli
    WP-CLI vendor dir:      phar://wp-cli.phar/vendor
    WP_CLI phar path:       /usr/local/src/centminmod/addons
    WP-CLI packages dir:    /root/.wp-cli/packages/
    WP-CLI global config:
    WP-CLI project config:
    WP-CLI version: 2.0.1
    
    -------------------------------------------------------------
    wp-cli update completed
    Read http://wp-cli.org/ for full usage info
    -------------------------------------------------------------
    
    
    -------------------------------------------------------------
    Setup full Nginx vhost + Wordpress + WP Plugins
    -------------------------------------------------------------
    
    ---------------------------------------------------------------
    Important Information
    ---------------------------------------------------------------
    
    You are about to create an Wordpress based Nginx vhost site with
    or without HTTPS/SSL support.
    Also read the continually updated Getting Started Guide
    at centminmod.com/getstarted.html if you haven't already
    ---------------------------------------------------------------
    403 Permission denied message handling
    if after vhost site setup you encounter 403 permission denied errors,
    check https://community.centminmod.com/threads/11215/ to see if your
    site needs tools/autoprotect.sh tweaking & whitelisting
    ---------------------------------------------------------------
    
    Do you want to continue with Nginx vhost site creation ? [y/n] y
    
    Enter vhost domain name you want to add (without www. prefix): geeksultd.com
    
    Create a self-signed SSL certificate Nginx vhost? [y/n]: y
    Get Letsencrypt SSL certificate Nginx vhost? [y/n]: y
    
    You have 4 options:
    1. issue staging test cert with HTTP + HTTPS (untrusted)
    2. issue staging test cert with HTTPS default (untrusted)
    3. issue live cert with HTTP + HTTPS (trusted)
    4. issue live cert with HTTPS default (trusted)
    Enter option number 1-4: 4
    
    Theme Setup:
    Install CyberChimps Responsive Theme (cyberchimps.com/responsive-theme/) [y/n]: n
    
    Wordpress Setup:
    Set custom WP Admin Display Name ? [y/n]: n
    Install Wordpress in subdirectory /blog ? [y/n]: n
    Disable Auto Generated WP Admin Username / Password ? [y/n]: n
    Disable wp-login.php password protection ? (less security) [y/n]: y
    Enter email address for Admin User for Wordpress Installation: HIDDEN
    
    Default is to install KeyCDN WP Cache Enabler Plugin
    as it's more stable and reliable than WP Super Cache.
    Redis cache may have issues with caching due to long 6hr cache TTL
    You can select which caching method to use below:
    
    --------------------------------------------------------
            Wordpress Caching
    --------------------------------------------------------
    1). KeyCDN Cache Enabler (default & recommended)
    2). Redis Nginx Level Caching (may have issues with some wp plugins)
    3). Wordpress Super Cache
    --------------------------------------------------------
    Enter option [ 1 - 3 ] 2
    
    Create FTP username for vhost domain (enter username): HIDDEN
    Do you want to auto generate FTP password (recommended) [y/n]: n
    Create FTP password for HIDDEN (enter password): --------------
    
    FTP username you entered: HIDDEN
    FTP password you entered: -------------
    
    Password:
    Enter it again:
    ---------------------------------------------------------------
    SSL Vhost Setup...
    ---------------------------------------------------------------
    
    ---------------------------------------------------------------
    Generating self signed SSL certificate...
    CSR file can also be used to be submitted for paid SSL certificates
    If using for paid SSL certificates be sure to keep both private key and CSR safe
    creating CSR File: geeksultd.com.csr
    creating private key: geeksultd.com.key
    creating self-signed SSL certificate: geeksultd.com.crt
    Generating a 2048 bit RSA private key
    ........+++
    .................................................................+++
    writing new private key to 'geeksultd.com.key'
    -----
    Signature ok
    subject=/C=US/ST=California/L=Los Angeles/O=geeksultd.com/OU=geeksultd.com/CN=geeksultd.com
    Getting Private key
    
    ---------------------------------------------------------------
    Copy/setup dhparam.pem file...
    ------------------------------------------------------------
    Setup Wordpress + Redis Nginx Level Cache for geeksultd.com
    ------------------------------------------------------------
    
    Using full static page caching may cause problems for mobile & tablet device
    visitors depending on your WP themes used so you may want to exclude those
    
    Do you want to exclude mobile/tablet devices from Cache Enabler caching ? [y/n]: y
    Downloading WordPress 4.9.8 (en_US)...
    Using cached file '/root/.wp-cli/cache/core/wordpress-4.9.8-en_US.tar.gz'...
    Success: WordPress downloaded.
    Success: Generated 'wp-config.php' file.
    13 23 * * * /usr/local/src/centminmod/tools/autoprotect.sh >/dev/null 2>&1
    0 */4 * * * /usr/bin/cminfo_updater 2>/dev/null
    #*/15 * * * * sleep 163s ; wget -O - -q -t 1 http://rummaninternational.com/wp-cron.php?doing_wp_cron > /dev/null 2>&1
    0 */8 * * * sleep 184s ;/root/tools/wp_updater_rummaninternational.com.sh >/dev/null 2>&1
    5 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
    #*/15 * * * * sleep 266s ; wget -O - -q -t 1 http://geeksultd.com/wp-cron.php?doing_wp_cron > /dev/null 2>&1
    Success: WordPress installed successfully.
    Success: Rewrite rules flushed.
    Success: Rewrite structure set.
    ------------------------------------------------------------
    Installing Nginx Helper (1.9.12)
    Downloading installation package from https://downloads.wordpress.org/plugin/nginx-helper.1.9.12.zip...
    Using cached file '/root/.wp-cli/cache/plugin/nginx-helper-1.9.12.zip'...
    Unpacking the package...
    Installing the plugin...
    Plugin installed successfully.
    Activating 'nginx-helper'...
    Plugin 'nginx-helper' activated.
    Success: Installed 1 of 1 plugins.
    ------------------------------------------------------------
    ------------------------------------------------------------
    Installing Sucuri Security – Auditing, Malware Scanner and Security Hardening (1.8.18)
    Downloading installation package from https://downloads.wordpress.org/plugin/sucuri-scanner.1.8.18.zip...
    Using cached file '/root/.wp-cli/cache/plugin/sucuri-scanner-1.8.18.zip'...
    Unpacking the package...
    Installing the plugin...
    Plugin installed successfully.
    Activating 'sucuri-scanner'...
    Plugin 'sucuri-scanner' activated.
    Success: Installed 1 of 1 plugins.
    ------------------------------------------------------------
    Installing Disable XML-RPC (1.0.1)
    Downloading installation package from https://downloads.wordpress.org/plugin/disable-xml-rpc.1.0.1.zip...
    Using cached file '/root/.wp-cli/cache/plugin/disable-xml-rpc-1.0.1.zip'...
    Unpacking the package...
    Installing the plugin...
    Plugin installed successfully.
    Activating 'disable-xml-rpc'...
    Plugin 'disable-xml-rpc' activated.
    Success: Installed 1 of 1 plugins.
    ------------------------------------------------------------
    Installing CDN Enabler – WordPress CDN Plugin (1.0.8)
    Downloading installation package from https://downloads.wordpress.org/plugin/cdn-enabler.zip...
    Using cached file '/root/.wp-cli/cache/plugin/cdn-enabler-1.0.8.zip'...
    Unpacking the package...
    Installing the plugin...
    Plugin installed successfully.
    Activating 'cdn-enabler'...
    Plugin 'cdn-enabler' activated.
    Success: Installed 1 of 1 plugins.
    ------------------------------------------------------------
    Uninstalled and deleted 'hello' plugin.
    Success: Uninstalled 1 of 1 plugins.
    Success: Plugin already updated.
    
    5 installed plugins:
      I akismet         4.0.8
      A cdn-enabler     1.0.8
      A disable-xml-rpc 1.0.1
      A nginx-helper    1.9.12
      A sucuri-scanner  1.8.18
    
    Legend: I = Inactive, A = Active
    ------------------------------------------------------------
    total 8.0K
    drwxr-sr-x 2 nginx nginx 4.0K Sep 28 22:13 .
    drwxr-s--- 8 nginx nginx 4.0K Sep 28 22:13 ..
    <?php exit(0); ?>
    {"sucuriscan_selfhosting_monitor":"disabled","sucuriscan_selfhosting_fpath":"","sucuriscan_api_service":"enabled","sucuriscan_notify_to":"[email protected]","sucuriscan_notify_plugin_activated":"enabled","sucuriscan_addr_header":"HTTP_X_SUCURI_CLIENTIP","sucuriscan_prettify_mails":"disabled","sucuriscan_emails_per_hour":5,"sucuriscan_last_email_at":1538172831,"sucuriscan_emails_sent":3,"sucuriscan_timezone":"UTC+00.00","sucuriscan_email_subject":"Sucuri Alert, :domain, :event, :remoteaddr","sucuriscan_use_wpmail":"enabled","sucuriscan_lastlogin_redirection":"enabled","sucuriscan_revproxy":"disabled","sucuriscan_datastore_path":"\/home\/nginx\/domains\/geeksultd.com\/sucuri_data_storage"}
    ------------------------------------------------------------
    Created uninstall script
    /root/tools/wp_uninstall_geeksultd.com.sh
    ------------------------------------------------------------
    ------------------------------------------------------------
    Created wp_updater_geeksultd.com.sh script
    /root/tools/wp_updater_geeksultd.com.sh
    ------------------------------------------------------------
    263
    26
    783
    78
    calculated 783
    calculated 78
    final 783
    final 78
    13 23 * * * /usr/local/src/centminmod/tools/autoprotect.sh >/dev/null 2>&1
    0 */4 * * * /usr/bin/cminfo_updater 2>/dev/null
    #*/15 * * * * sleep 163s ; wget -O - -q -t 1 http://rummaninternational.com/wp-cron.php?doing_wp_cron > /dev/null 2>&1
    0 */8 * * * sleep 184s ;/root/tools/wp_updater_rummaninternational.com.sh >/dev/null 2>&1
    5 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
    #*/15 * * * * sleep 266s ; wget -O - -q -t 1 http://geeksultd.com/wp-cron.php?doing_wp_cron > /dev/null 2>&1
    0 */8 * * * sleep 783s ;/root/tools/wp_updater_geeksultd.com.sh >/dev/null 2>&1
    
    -------------------------------------------------------------
    generated nginx include file [same]: /usr/local/nginx/conf/autoprotect/demodomain.com/autoprotect-demodomain.com.conf
    generated nginx include file [diff]: /usr/local/nginx/conf/autoprotect/geeksultd.com/autoprotect-geeksultd.com.conf
    generated nginx include file [diff]: /usr/local/nginx/conf/autoprotect/rummaninternational.com/autoprotect-rummaninternational.com.conf
    
    autoprotect.sh run completed...
    
    Reloading nginx configuration (via systemctl):  [  OK  ]
    service nginx reload
    Reloading nginx configuration (via systemctl):  [  OK  ]
    service php-fpm restart
    Gracefully shutting down php-fpm . done
    Starting php-fpm  done
    systemctl restart pure-ftpd.service
    
    -------------------------------------------------------------
    ok: /usr/local/src/centminmod/addons/acmetool.sh
    /usr/local/src/centminmod/addons/acmetool.sh issue geeksultd.com wplived
    
    -------------------------------------------------
    acmetool.sh is in beta testing phase
    please read & provide bug reports &
    feedback for this tool via the forums
    https://centminmod.com/acmetool
    -------------------------------------------------
    
    continue [y/n] ? y
    
    -----------------------------------------------------
    updating acme.sh client...
    -----------------------------------------------------
    Cloning into 'acme.sh'...
    [Fri Sep 28 22:14:07 UTC 2018] It is recommended to install socat first.
    [Fri Sep 28 22:14:07 UTC 2018] We use socat for standalone server if you use standalone mode.
    [Fri Sep 28 22:14:07 UTC 2018] If you don't use standalone mode, just ignore this warning.
    [Fri Sep 28 22:14:07 UTC 2018] Installing to /root/.acme.sh
    [Fri Sep 28 22:14:07 UTC 2018] Installed to /root/.acme.sh/acme.sh
    [Fri Sep 28 22:14:07 UTC 2018] Installing alias to '/root/.bashrc'
    [Fri Sep 28 22:14:07 UTC 2018] OK, Close and reopen your terminal to start using acme.sh
    [Fri Sep 28 22:14:07 UTC 2018] Installing alias to '/root/.cshrc'
    [Fri Sep 28 22:14:07 UTC 2018] Installing alias to '/root/.tcshrc'
    [Fri Sep 28 22:14:07 UTC 2018] Installing cron job
    5 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
    [Fri Sep 28 22:14:07 UTC 2018] Good, bash is found, so change the shebang to use bash as preferred.
    [Fri Sep 28 22:14:07 UTC 2018] OK
    https://github.com/Neilpang/acme.sh
    v2.8.0
    -----------------------------------------------------
    acme.sh updated
    -----------------------------------------------------
    backup & remove /usr/local/nginx/conf/conf.d/geeksultd.com.conf
    
    [self-signed ssl cert check] required by acmetool.sh
    
    [self-signed ssl] /usr/local/nginx/conf/ssl/geeksultd.com/dhparam.pem exists
    [self-signed ssl] /usr/local/nginx/conf/ssl/geeksultd.com/geeksultd.com.crt exists
    [self-signed ssl] /usr/local/nginx/conf/ssl/geeksultd.com/geeksultd.com.key exists
    
    [sslvhostsetup] create /usr/local/nginx/conf/conf.d/geeksultd.com.ssl.conf
    
    [wp] backup & remove /usr/local/nginx/conf/conf.d/geeksultd.com.conf
    [wp] create /usr/local/nginx/conf/conf.d/geeksultd.com.ssl.conf
    cp -a /usr/local/nginx/conf/conf.d/geeksultd.com.ssl.conf /usr/local/nginx/conf/conf.d/geeksultd.com.ssl.conf-wp2
    sed -i '1,12d' /usr/local/nginx/conf/conf.d/geeksultd.com.ssl.conf-wp2
    cat /usr/local/nginx/conf/conf.d/geeksultd.com.ssl.conf-wp1 /usr/local/nginx/conf/conf.d/geeksultd.com.ssl.conf-wp2 > /usr/local/nginx/conf/conf.d/geeksultd.com.ssl.conf
    cat /usr/local/nginx/conf/ssl/geeksultd.com/geeksultd.com.crt.key.conf
      ssl_dhparam /usr/local/nginx/conf/ssl/geeksultd.com/dhparam.pem;
      ssl_certificate      /usr/local/nginx/conf/ssl/geeksultd.com/geeksultd.com.crt;
      ssl_certificate_key  /usr/local/nginx/conf/ssl/geeksultd.com/geeksultd.com.key;
      #ssl_trusted_certificate /usr/local/nginx/conf/ssl/geeksultd.com/geeksultd.com-trusted.crt;
    Reloading nginx configuration (via systemctl):  [  OK  ]
    
    setting HTTPS default in /usr/local/nginx/conf/conf.d/geeksultd.com.ssl.conf
    
    sed -i 's|^##x# HTTPS-DEFAULT|#x# HTTPS-DEFAULT|g' /usr/local/nginx/conf/conf.d/geeksultd.com.ssl.conf
    
    remove /usr/local/nginx/conf/conf.d/geeksultd.com.conf
    
    grep 'root' /usr/local/nginx/conf/conf.d/geeksultd.com.ssl.conf
      root /home/nginx/domains/geeksultd.com/public;
    
    -----------------------------------------------------------
    issue & install letsencrypt ssl certificate for geeksultd.com
    -----------------------------------------------------------
    testcert value = wplived
    wp routine detected use reissue instead via --force
    /root/.acme.sh/acme.sh --force --issue -d geeksultd.com -d www.geeksultd.com --days 60 -w /home/nginx/domains/geeksultd.com/public -k 2048 --useragent centminmod-centos7-acmesh-webroot --log /root/centminlogs/acmetool.sh-debug-log-280918-221359.log --log-level 2
    [Fri Sep 28 22:14:09 UTC 2018] Creating domain key
    [Fri Sep 28 22:14:09 UTC 2018] The domain key is here: /root/.acme.sh/geeksultd.com/geeksultd.com.key
    [Fri Sep 28 22:14:09 UTC 2018] Multi domain='DNS:geeksultd.com,DNS:www.geeksultd.com'
    [Fri Sep 28 22:14:09 UTC 2018] Getting domain auth token for each domain
    [Fri Sep 28 22:14:09 UTC 2018] Getting webroot for domain='geeksultd.com'
    [Fri Sep 28 22:14:09 UTC 2018] Getting new-authz for domain='geeksultd.com'
    [Fri Sep 28 22:14:10 UTC 2018] The new-authz request is ok.
    [Fri Sep 28 22:14:10 UTC 2018] Getting webroot for domain='www.geeksultd.com'
    [Fri Sep 28 22:14:10 UTC 2018] Getting new-authz for domain='www.geeksultd.com'
    [Fri Sep 28 22:14:11 UTC 2018] The new-authz request is ok.
    [Fri Sep 28 22:14:11 UTC 2018] Verifying:geeksultd.com
    [Fri Sep 28 22:14:14 UTC 2018] geeksultd.com:Verify error:Invalid response from http://geeksultd.com/.well-known/acme-challenge/i-U1XK3wjomWYe2UmM-bhVTev3P-s2LgTZ6qXFrluyk:
    [Fri Sep 28 22:14:14 UTC 2018] Please check log file for more details: /root/centminlogs/acmetool.sh-debug-log-280918-221359.log
    LECHECK = 1
    
    log files saved at /root/centminlogs
    -rw-r--r-- 1 root root  38K Sep 28 22:14 acmetool.sh-debug-log-280918-221359.log
    -rw-r--r-- 1 root root 4.7K Sep 28 22:14 acmesh-issue_280918-221359.log
    
    
    -------------------------------------------------------------
    
    Success: Updated 'home' option.
    Success: Updated 'siteurl' option.
    
    -------------------------------------------------------------
    FTP hostname : 144.202.101.170
    FTP port : 21
    FTP mode : FTP (explicit SSL)
    FTP Passive (PASV) : ensure is checked/enabled
    FTP username created for geeksultd.com : HIDDEN
    FTP password created for geeksultd.com : ---------------
    -------------------------------------------------------------
    vhost for geeksultd.com created successfully
    
    
    vhost ssl for geeksultd.com created successfully
    
    domain: https://geeksultd.com
    vhost ssl conf file for geeksultd.com created: /usr/local/nginx/conf/conf.d/geeksultd.com.ssl.conf
    /usr/local/nginx/conf/ssl_include.conf created
    Self-signed SSL Certificate: /usr/local/nginx/conf/ssl/geeksultd.com/geeksultd.com.crt
    SSL Private Key: /usr/local/nginx/conf/ssl/geeksultd.com/geeksultd.com.key
    SSL CSR File: /usr/local/nginx/conf/ssl/geeksultd.com/geeksultd.com.csr
    Backup SSL Private Key: /usr/local/nginx/conf/ssl/geeksultd.com/geeksultd.com-backup.key
    Backup SSL CSR File: /usr/local/nginx/conf/ssl/geeksultd.com/geeksultd.com-backup.csr
    
    upload files to /home/nginx/domains/geeksultd.com/public
    vhost log files directory is /home/nginx/domains/geeksultd.com/log
    
    ------------------------------------------------------------
    SSH commands to uninstall created Wordpress install and Nginx vhost:
      /root/tools/wp_uninstall_geeksultd.com.sh
    ------------------------------------------------------------
    
    ------------------------------------------------------------
    Wordpress Auto Updater created at:
      /root/tools/wp_updater_geeksultd.com.sh
    cronjob set for every 8 hours update (3x times per day)
    ------------------------------------------------------------
     
  7. eva2000

    eva2000 Administrator Staff Member

    36,323
    7,979
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,287
    Local Time:
    3:51 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    so your domain is failing letsencrypt domain validation ! Checked status of letsencrypt service and no outages have been reported Let's Encrypt Status at their end.

    what's current contents of /usr/local/nginx/conf/conf.d/geeksultd.com.ssl.conf ? you can use cat command
    Code (Text):
    cat /usr/local/nginx/conf/conf.d/geeksultd.com.ssl.conf
    

    and then copy and paste the cat output and wrap in post CODE/CODEB tags
     
  8. eva2000

    eva2000 Administrator Staff Member

    36,323
    7,979
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,287
    Local Time:
    3:51 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    oh just rechecked your first post and curl header check for non-https returned apache web server not nginx centmin mod so seems your domain DNS is pointing to wrong IP and not to Centmin Mod Nginx server's IP hehe
    Code (Text):
    curl -I http://geeksultd.com
    HTTP/1.1 200 OK
    Content-Type: text/html
    Content-Length: 229
    Connection: keep-alive
    Keep-Alive: timeout=15
    Date: Fri, 28 Sep 2018 21:11:15 GMT
    Server: Apache
    Last-Modified: Sun, 18 Oct 2015 08:10:44 GMT
    ETag: "e5-5225c90ba7e4f"
    Accept-Ranges: bytes
    
     
  9. UsmanGTA

    UsmanGTA New Member

    11
    2
    3
    Sep 14, 2017
    Ratings:
    +2
    Local Time:
    1:51 AM
    It was indeed pointing to the right server... The problem was an orphaned IPV6 address at my registrar... As soon as I removed it... it worked.... Thanks a ton lot anyways for being so active and informative man... Got it fixed... Hopefully this might help someone
     
    • Like Like x 1
..