Acme.sh: Can not connect to https://acme-v01.api.letsencrypt.org/directory to get nonce.

add --debug 2 , and paste the output here.

See how to debug :　https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh

I guess your qnap is ipv6 enabled ?

No, I am pretty sure ipv6 is disabled.

This is the command debugged:

[Mon Jun 20 12:09:47 CEST 2016] APP
[Mon Jun 20 12:09:47 CEST 2016] /share/homes/admin/.acme.sh/mydomain.com/mydomain.com.conf:1:Le_Domain="mydomain.com"
[Mon Jun 20 12:09:47 CEST 2016] APP
[Mon Jun 20 12:09:47 CEST 2016] /share/homes/admin/.acme.sh/mydomain.com/mydomain.com.conf:2:Le_Alt="no"
[Mon Jun 20 12:09:47 CEST 2016] APP
[Mon Jun 20 12:09:47 CEST 2016] /share/homes/admin/.acme.sh/mydomain.com/mydomain.com.conf:3:Le_Webroot="/share/homes/admin/acme"
[Mon Jun 20 12:09:47 CEST 2016] APP
[Mon Jun 20 12:09:47 CEST 2016] /share/homes/admin/.acme.sh/mydomain.com/mydomain.com.conf:4:Le_Keylength="no"
[Mon Jun 20 12:09:47 CEST 2016] '/share/homes/admin/acme' does not contain 'no'
[Mon Jun 20 12:09:47 CEST 2016] '/share/homes/admin/acme' does not contain 'tls'
[Mon Jun 20 12:09:47 CEST 2016] '/share/homes/admin/acme' does not contain 'apache'
[Mon Jun 20 12:09:47 CEST 2016] Creating account key
[Mon Jun 20 12:09:47 CEST 2016] account='mydomain.com'
[Mon Jun 20 12:09:47 CEST 2016] length
[Mon Jun 20 12:09:47 CEST 2016] Use default length 2048
[Mon Jun 20 12:09:47 CEST 2016] Use length 2048
[Mon Jun 20 12:10:29 CEST 2016] RSA key
[Mon Jun 20 12:10:29 CEST 2016] pub_exp='010001'
[Mon Jun 20 12:10:29 CEST 2016] let exists=0
[Mon Jun 20 12:10:29 CEST 2016] uselet='1'
[Mon Jun 20 12:10:29 CEST 2016] _URGLY_PRINTF
[Mon Jun 20 12:10:29 CEST 2016] e='AQAB'
[Mon Jun 20 12:10:29 CEST 2016] modulus='B1C1CE1E3BC5E1DAE3B1571047A8D078CFAED0C71E7126F51B1C73673C0035AFE531994600C6C2C58263C398B364492FB83599E 18EE612A39F04203341B1D746488AC4833C7C092D4245735760B332655B73BDCF787F0E913E14E12296FDE7698A5C1BC91FCA9CB4BA5E7249FD60F45F28E2D6387D97BB5A82619F1 11D18459F4D9DDCA9E686CD6EF10CDCF1D36E3BF4C109D3618BABE46C3C51A9BE672478B543463159D63F69223C5FF9B92BA6BAC0E595B503E23416FA9A7CB483297F6A211D8C103 10AC0A8E2333C962BB62C16824FF9CF5C7C723F5D32A86CE0907FA69B049EE9DEA591CC3D4EF79BE99E0A576AF922C7A6FBBC861442E016D1A2D69B61'
[Mon Jun 20 12:10:29 CEST 2016] let exists=0
[Mon Jun 20 12:10:29 CEST 2016] uselet='1'
[Mon Jun 20 12:10:29 CEST 2016] _URGLY_PRINTF
[Mon Jun 20 12:10:33 CEST 2016] jwk='{"e": "AQAB", "kty": "RSA", "n": "scHOHjvF4drjsVcQR6jQeM-u0McecSb1GxxzZzwANa_lMZlGAMbCxYJjw5izZEkvuDWZ4Y7mE qOfBCAzQbHXRkiKxIM8fAktQkVzV2CzMmVbc73PeH8OkT4U4SKW_edpilwbyR_KnLS6XnJJ_WD0Xyji1jh9l7tagmGfER0YRZ9Nndyp5obNbvEM3PHTbjv0wQnTYYur5Gw8Uam-ZyR4tUNGM VnWP2kiPF_5uSumusDllbUD4jQW-pp8tIMpf2ohHYwQMQrAqOIzPJYrtiwWgk_5z1x8cj9dMqhs4JB_ppsEnunepZHMPU73m-meCldq-SLHpvu8hhRC4BbRotabYQ"}'
[Mon Jun 20 12:10:33 CEST 2016] HEADER='{"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "scHOHjvF4drjsVcQR6jQeM-u0McecSb1GxxzZzwANa_lMZ lGAMbCxYJjw5izZEkvuDWZ4Y7mEqOfBCAzQbHXRkiKxIM8fAktQkVzV2CzMmVbc73PeH8OkT4U4SKW_edpilwbyR_KnLS6XnJJ_WD0Xyji1jh9l7tagmGfER0YRZ9Nndyp5obNbvEM3PHTbj v0wQnTYYur5Gw8Uam-ZyR4tUNGMVnWP2kiPF_5uSumusDllbUD4jQW-pp8tIMpf2ohHYwQMQrAqOIzPJYrtiwWgk_5z1x8cj9dMqhs4JB_ppsEnunepZHMPU73m-meCldq-SLHpvu8hhRC4B bRotabYQ"}}'
[Mon Jun 20 12:10:33 CEST 2016] Registering account
[Mon Jun 20 12:10:33 CEST 2016] url='https://acme-v01.api.letsencrypt.org/acme/new-reg'
[Mon Jun 20 12:10:33 CEST 2016] payload='{"resource": "new-reg", "agreement": "https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf"} '
[Mon Jun 20 12:10:34 CEST 2016] RSA key
[Mon Jun 20 12:10:34 CEST 2016] pub_exp='010001'
[Mon Jun 20 12:10:34 CEST 2016] let exists=0
[Mon Jun 20 12:10:34 CEST 2016] uselet='1'
[Mon Jun 20 12:10:34 CEST 2016] _URGLY_PRINTF
[Mon Jun 20 12:10:34 CEST 2016] e='AQAB'
[Mon Jun 20 12:10:34 CEST 2016] modulus='B1C1CE1E3BC5E1DAE3B1571047A8D078CFAED0C71E7126F51B1C73673C0035AFE531994600C6C2C58263C398B364492FB83599E 18EE612A39F04203341B1D746488AC4833C7C092D4245735760B332655B73BDCF787F0E913E14E12296FDE7698A5C1BC91FCA9CB4BA5E7249FD60F45F28E2D6387D97BB5A82619F1 11D18459F4D9DDCA9E686CD6EF10CDCF1D36E3BF4C109D3618BABE46C3C51A9BE672478B543463159D63F69223C5FF9B92BA6BAC0E595B503E23416FA9A7CB483297F6A211D8C103 10AC0A8E2333C962BB62C16824FF9CF5C7C723F5D32A86CE0907FA69B049EE9DEA591CC3D4EF79BE99E0A576AF922C7A6FBBC861442E016D1A2D69B61'
[Mon Jun 20 12:10:34 CEST 2016] let exists=0
[Mon Jun 20 12:10:34 CEST 2016] uselet='1'
[Mon Jun 20 12:10:34 CEST 2016] _URGLY_PRINTF
[Mon Jun 20 12:10:38 CEST 2016] jwk='{"e": "AQAB", "kty": "RSA", "n": "scHOHjvF4drjsVcQR6jQeM-u0McecSb1GxxzZzwANa_lMZlGAMbCxYJjw5izZEkvuDWZ4Y7mE qOfBCAzQbHXRkiKxIM8fAktQkVzV2CzMmVbc73PeH8OkT4U4SKW_edpilwbyR_KnLS6XnJJ_WD0Xyji1jh9l7tagmGfER0YRZ9Nndyp5obNbvEM3PHTbjv0wQnTYYur5Gw8Uam-ZyR4tUNGM VnWP2kiPF_5uSumusDllbUD4jQW-pp8tIMpf2ohHYwQMQrAqOIzPJYrtiwWgk_5z1x8cj9dMqhs4JB_ppsEnunepZHMPU73m-meCldq-SLHpvu8hhRC4BbRotabYQ"}'
[Mon Jun 20 12:10:38 CEST 2016] HEADER='{"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "scHOHjvF4drjsVcQR6jQeM-u0McecSb1GxxzZzwANa_lMZ lGAMbCxYJjw5izZEkvuDWZ4Y7mEqOfBCAzQbHXRkiKxIM8fAktQkVzV2CzMmVbc73PeH8OkT4U4SKW_edpilwbyR_KnLS6XnJJ_WD0Xyji1jh9l7tagmGfER0YRZ9Nndyp5obNbvEM3PHTbj v0wQnTYYur5Gw8Uam-ZyR4tUNGMVnWP2kiPF_5uSumusDllbUD4jQW-pp8tIMpf2ohHYwQMQrAqOIzPJYrtiwWgk_5z1x8cj9dMqhs4JB_ppsEnunepZHMPU73m-meCldq-SLHpvu8hhRC4B bRotabYQ"}}'
[Mon Jun 20 12:10:38 CEST 2016] payload64='eyJyZXNvdXJjZSI6ICJuZXctcmVnIiwgImFncmVlbWVudCI6ICJodHRwczovL2xldHNlbmNyeXB0Lm9yZy9kb2N1bWVudHMvTEUtU 0EtdjEuMC4xLUp1bHktMjctMjAxNS5wZGYifQ'
[Mon Jun 20 12:10:38 CEST 2016] GET
[Mon Jun 20 12:10:38 CEST 2016] url='https://acme-v01.api.letsencrypt.org/directory'
[Mon Jun 20 12:10:38 CEST 2016] curl exists=0
[Mon Jun 20 12:10:38 CEST 2016] CURL='curl -L --silent --trace-ascii /share/homes/admin/.acme.sh/curl.dump '
[Mon Jun 20 12:10:39 CEST 2016] ret='60'
[Mon Jun 20 12:10:39 CEST 2016] Can not connect to https://acme-v01.api.letsencrypt.org/directory to get nonce.
[Mon Jun 20 12:10:39 CEST 2016] Registered
[Mon Jun 20 12:10:39 CEST 2016] APP
[Mon Jun 20 12:10:39 CEST 2016] /share/homes/admin/.acme.sh/account.conf:1:ACCOUNT_KEY_HASH="z3+F+0H/CZzMXEtgiuveWuHsI2V+waPLbFytrzPtJzk="
[Mon Jun 20 12:10:39 CEST 2016] Creating domain key
[Mon Jun 20 12:10:39 CEST 2016] Use length 2048
[Mon Jun 20 12:10:49 CEST 2016] Creating csr
[Mon Jun 20 12:10:49 CEST 2016] _createcsr
[Mon Jun 20 12:10:49 CEST 2016] domain='mydomain.com'
[Mon Jun 20 12:10:49 CEST 2016] domainlist
[Mon Jun 20 12:10:49 CEST 2016] Single domain='mydomain.com'
[Mon Jun 20 12:10:50 CEST 2016] Verify each domain
[Mon Jun 20 12:10:50 CEST 2016] Getting webroot for domain='mydomain.com'
[Mon Jun 20 12:10:50 CEST 2016] _w='/share/homes/admin/acme'
[Mon Jun 20 12:10:50 CEST 2016] _currentRoot='/share/homes/admin/acme'
[Mon Jun 20 12:10:50 CEST 2016] Getting token for domain='mydomain.com'
[Mon Jun 20 12:10:50 CEST 2016] url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Mon Jun 20 12:10:50 CEST 2016] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value":
"mydomain.com"}}'
[Mon Jun 20 12:10:50 CEST 2016] RSA key
[Mon Jun 20 12:10:50 CEST 2016] pub_exp='010001'
[Mon Jun 20 12:10:50 CEST 2016] let exists=0
[Mon Jun 20 12:10:50 CEST 2016] uselet='1'
[Mon Jun 20 12:10:50 CEST 2016] _URGLY_PRINTF
[Mon Jun 20 12:10:50 CEST 2016] e='AQAB'
[Mon Jun 20 12:10:50 CEST 2016] modulus='B1C1CE1E3BC5E1DAE3B1571047A8D078CFAED0C71E7126F51B1C73673C0035AFE531994600C6C2C58263C398B364492FB83599E 18EE612A39F04203341B1D746488AC4833C7C092D4245735760B332655B73BDCF787F0E913E14E12296FDE7698A5C1BC91FCA9CB4BA5E7249FD60F45F28E2D6387D97BB5A82619F1 11D18459F4D9DDCA9E686CD6EF10CDCF1D36E3BF4C109D3618BABE46C3C51A9BE672478B543463159D63F69223C5FF9B92BA6BAC0E595B503E23416FA9A7CB483297F6A211D8C103 10AC0A8E2333C962BB62C16824FF9CF5C7C723F5D32A86CE0907FA69B049EE9DEA591CC3D4EF79BE99E0A576AF922C7A6FBBC861442E016D1A2D69B61'
[Mon Jun 20 12:10:50 CEST 2016] let exists=0
[Mon Jun 20 12:10:50 CEST 2016] uselet='1'
[Mon Jun 20 12:10:50 CEST 2016] _URGLY_PRINTF
[Mon Jun 20 12:10:54 CEST 2016] jwk='{"e": "AQAB", "kty": "RSA", "n": "scHOHjvF4drjsVcQR6jQeM-u0McecSb1GxxzZzwANa_lMZlGAMbCxYJjw5izZEkvuDWZ4Y7mEqOfBCAzQbHXRkiKxIM8fAktQkVzV2CzMmVbc73PeH8OkT4U4SKW_edpilwbyR_KnLS6XnJJ_WD0Xyji1jh9l7tagmGfER0YRZ9Nndyp5obNbvEM3PHTbjv0wQnTYYur5Gw8Uam-ZyR4tUNGMVnWP2kiPF_5uSumusDllbUD4jQW-pp8tIMpf2ohHYwQMQrAqOIzPJYrtiwWgk_5z1x8cj9dMqhs4JB_ppsEnunepZHMPU73m-meCldq-SLHpvu8hhRC4BbRotabYQ"}'
[Mon Jun 20 12:10:54 CEST 2016] HEADER='{"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "scHOHjvF4drjsVcQR6jQeM-u0McecSb1GxxzZzwANa_lMZlGAMbCxYJjw5izZEkvuDWZ4Y7mEqOfBCAzQbHXRkiKxIM8fAktQkVzV2CzMmVbc73PeH8OkT4U4SKW_edpilwbyR_KnLS6XnJJ_WD0Xyji1jh9l7tagmGfER0YRZ9Nndyp5obNbvEM3PHTbjv0wQnTYYur5Gw8Uam-ZyR4tUNGMVnWP2kiPF_5uSumusDllbUD4jQW-pp8tIMpf2ohHYwQMQrAqOIzPJYrtiwWgk_5z1x8cj9dMqhs4JB_ppsEnunepZHMPU73m-meCldq-SLHpvu8hhRC4BbRotabYQ"}}'
[Mon Jun 20 12:10:54 CEST 2016] payload64='eyJyZXNvdXJjZSI6ICJuZXctYXV0aHoiLCAiaWRlbnRpZmllciI6IHsidHlwZSI6ICJkbnMiLCAidmFsdWUiOiAiYW1hbGFydGUuaXQifX0'
[Mon Jun 20 12:10:54 CEST 2016] GET
[Mon Jun 20 12:10:54 CEST 2016] url='https://acme-v01.api.letsencrypt.org/directory'
[Mon Jun 20 12:10:54 CEST 2016] curl exists=0
[Mon Jun 20 12:10:54 CEST 2016] CURL='curl -L --silent --trace-ascii /share/homes/admin/.acme.sh/curl.dump '
[Mon Jun 20 12:10:55 CEST 2016] ret='60'
[Mon Jun 20 12:10:55 CEST 2016] Can not connect to https://acme-v01.api.letsencrypt.org/directory to get nonce.
[Mon Jun 20 12:10:55 CEST 2016] Can not get domain token.
[Mon Jun 20 12:10:55 CEST 2016] pid

See these lines:

[Mon Jun 20 12:10:38 CEST 2016] url='https://acme-v01.api.letsencrypt.org/directory'
[Mon Jun 20 12:10:38 CEST 2016] curl exists=0
[Mon Jun 20 12:10:38 CEST 2016] CURL='curl -L --silent --trace-ascii /share/homes/admin/.acme.sh/curl.dump '
[Mon Jun 20 12:10:39 CEST 2016] ret='60'
[Mon Jun 20 12:10:39 CEST 2016] Can not connect to https://acme-v01.api.letsencrypt.org/directory to get nonce.

It seems that the curl returns error code 60.

https://curl.haxx.se/libcurl/c/libcurl-errors.html

Which means your device doesn't trust the ssl certificate of https://acme-v01.api.letsencrypt.org/directory

So, the connection is failed.

Is it possible for you to update your cert store in the device ?

I will try, even if I guess I am not able to :(

Don't worry. 　　I just made a fix for you : 13d7cae9e22db91654af94526330d82701ecaa48

You can now add --insecure to ignore the certificate error:

Please install the latest version, and try:

acme.sh  --issue  --insecure  .......

First of all, thank you so much, you are very gentle.
Anyway I got another error:

egrep: invalid option -- o

My qnap linux version does not support that option on grep command.
Thanks anyway, I am starting to think to buy a cheap ssl certificate.

p.s. just to know, why your script create .acme.sh/ directory? is it the normal behaviour?

Please give me your egrep version:

egrep --version

And :

egrep  --help

I don't have that option either. This is the help of the grep command:

BusyBox v1.01 (2016.05.31-19:45+0000) multi-call binary

Usage: grep [-ihHnqvs] PATTERN [FILEs...]

Search for PATTERN in each FILE or standard input.

Options:
-H prefix output lines with filename where match was found
-h suppress the prefixing filename on output
-i ignore case distinctions
-l list names of files that match
-n print line number with output lines
-q be quiet. Returns 0 if result was found, 1 otherwise
-v select non-matching lines
-s suppress file open/read error messages

try:

 grep --version

grep: unrecognized option `--version'

Hi @GiacomoK ,

I have a new project that can issue free cert from startssl.com.

https://github.com/Neilpang/startapi.sh

It's much simpler, so, I guess it should work for you.

had same problem as OP, used new --insecure switch.
I have gnu grep, not busybox, so everything worked after adding the switch. :)

So anyone else with the problem, upgrade to at least 2.3.2 and add --insecure