Acme.sh: 无法找到NGINX_CONF

Created on 27 May 2018 · 2Comments · Source: acmesh-official/acme.sh

我发现acme.sh中查找nginx-conf是通过以下这个命令：
NGINX_CONF="$(nginx -V 2>&1 | _egrep_o "--conf-path=[^ ]* " | tr -d " ")"
但是我通过这个命令并没有在我的nginx上发现有--conf-path参数（事实上我的nginx启动时是使用的默认de $NGINX_HOME/conf/nginx.conf配置文件），这样最终导致证书获取失败。
我的nginx启动时用的官方的启动脚本nginx start，以下是nginx配置输出：
[root@server-01 ~]# nginx -V
nginx version: nginx/1.12.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC)
built with OpenSSL 1.1.0g 2 Nov 2017
TLS SNI support enabled
configure arguments: --prefix=/www/server/product/nginx/gateway/nginx-1.12.2 --pid-path=/www/server/product/nginx/gateway/nginx-1.12.2/logs/nginx.pid --lock-path=/www/server/product/nginx/gateway/nginx-1.12.2/logs/nginx.lock --user=nginx --group=nginx --with-threads --with-file-aio --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_image_filter_module --with-http_dav_module --with-http_gzip_static_module --with-http_slice_module --with-http_stub_status_module --with-http_sub_module --with-http_stub_status_module --with-mail --with-mail_ssl_module --with-stream --with-stream_ssl_module --with-stream_realip_module --with-pcre=/www/software/pcre-8.42 --with-pcre-jit --with-openssl=/www/software/openssl-1.1.0g --with-zlib=/www/software/zlib-1.2.11 --add-module=/www/server/product/nginx/gateway/nginx-1.12.2/modules/nginx-goodies-nginx-sticky-module-ng-08a395c66e42
[root@server-01 ~]#

以下是DEBUG2日志：

[Sun May 27 11:06:33 CST 2018] Sleep 120 seconds for the txt records to take effect
[Sun May 27 11:08:34 CST 2018] ok, let's start to verify
[Sun May 27 11:08:34 CST 2018] Verifying:nazavoya.com
[Sun May 27 11:08:34 CST 2018] d='nazavoya.com'
[Sun May 27 11:08:34 CST 2018] keyauthorization='clQzEKa10L85cKbQJuwkF-DTHcZAnn_IR1xL9sxuqN0.BlWmYUOZpvoph1lO2mg7tL4JiNzuLUj1chY65Zh2ioc'
[Sun May 27 11:08:34 CST 2018] uri='https://acme-v02.api.letsencrypt.org/acme/challenge/yd7tytrqd_S9Yg30HxKCM7SvOl2HDopxbTdFWW3h_x8/4829129309'
[Sun May 27 11:08:34 CST 2018] _currentRoot='nginx:'
[Sun May 27 11:08:34 CST 2018] Nginx mode for domain:nazavoya.com
[Sun May 27 11:08:34 CST 2018] _croot='nginx:'
[Sun May 27 11:08:34 CST 2018] _start_f
[Sun May 27 11:08:34 CST 2018] find start conf from nginx command
[Sun May 27 11:08:34 CST 2018] NGINX_CONF
[Sun May 27 11:08:34 CST 2018] NGINX_CONF
[Sun May 27 11:08:34 CST 2018] '' doesn't exist.
[Sun May 27 11:08:34 CST 2018] pid
[Sun May 27 11:08:34 CST 2018] No need to restore nginx, skip.
[Sun May 27 11:08:34 CST 2018] _clearupdns
[Sun May 27 11:08:34 CST 2018] Removing DNS records.
[Sun May 27 11:08:34 CST 2018] txt='CHZsNAxO4G4GUTjT4V0qVOluNLKOQ5rrrh5dHANtNCg'
[Sun May 27 11:08:34 CST 2018] Skip nazavoya.com for http-01
[Sun May 27 11:08:34 CST 2018] txt='WacwqI05efOW_wksKXMCVU30hXRGjdWq028W4ryoc3s'
[Sun May 27 11:08:34 CST 2018] d_api='/www/runtime/acme/dnsapi/dns_ali.sh'
[Sun May 27 11:08:34 CST 2018] _d_alias
[Sun May 27 11:08:34 CST 2018] First detect the root zone
[Sun May 27 11:08:35 CST 2018] GET
[Sun May 27 11:08:35 CST 2018] url='https://alidns.aliyuncs.com/?AccessKeyId=S110itPFq87XmCxX&Action=DescribeDomainRecords&DomainName=nazavoya.com&Format=json&SignatureMethod=HMAC-SHA1&SignatureNonce=1527390514939321952&SignatureVersion=1.0&Timestamp=2018-05-27T03%3A08%3A34Z&Version=2015-01-09&Signature=a3wxXGD%2FLwSy20Za8pKsAnrlb%2BI%3D'
[Sun May 27 11:08:35 CST 2018] timeout=
[Sun May 27 11:08:35 CST 2018] Http already initialized.
[Sun May 27 11:08:35 CST 2018] _CURL='curl -L --silent --dump-header /www/runtime/acme/data/http.header --trace-ascii /tmp/tmp.HFcJjVcqjs -g '
[Sun May 27 11:08:35 CST 2018] ret='0'
[Sun May 27 11:08:35 CST 2018] response='{"PageNumber":1,"TotalCount":50,"PageSize":20,"RequestId":"BA85BA6A-61A1-412A-9D81-E1037E7687C8","DomainRecords":{"Record":[{"RR":"_acme-challenge","Status":"ENABLE","Value":"WacwqI05efOW_wksKXMCVU30hXRGjdWq028W4ryoc3s","Weight":1,"RecordId":"3908491979293696","Type":"TXT","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"eureka-03.apollo","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3893020547454976","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"eureka-02.apollo","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3893008129742848","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"eureka-01.apollo","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3893007989556224","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"admin-03.apollo","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3890452386219008","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"admin-02.apollo","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3890452250248192","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"admin-01.apollo","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3890452101399552","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"config-03.apollo","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3890415584106496","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"config-02.apollo","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3890415438140416","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"config-01.apollo","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3890415278572544","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"portal.apollo","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3884612246328320","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"uat.meta.apollo","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3884485168743424","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"fat.meta.apollo","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3884485012292608","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"pro.meta.apollo","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3884484742071296","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"dev.meta.apollo","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3884484578919424","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"sparkworker-03","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3878987476521984","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"sparkworker-02","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3878987341579264","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"sparkworker-01","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3878912105628672","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"sparkmaster","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3878892796565504","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600},{"RR":"zentao","Status":"ENABLE","Value":"39.106.62.127","Weight":1,"RecordId":"3877256224691200","Type":"A","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600}]}}'
[Sun May 27 11:08:35 CST 2018] _sub_domain='_acme-challenge'
[Sun May 27 11:08:35 CST 2018] _domain='nazavoya.com'
[Sun May 27 11:08:36 CST 2018] GET
[Sun May 27 11:08:36 CST 2018] url='https://alidns.aliyuncs.com/?AccessKeyId=S110itPFq87XmCxX&Action=DescribeDomainRecords&DomainName=nazavoya.com&Format=json&RRKeyWord=_acme-challenge&SignatureMethod=HMAC-SHA1&SignatureNonce=1527390515751055154&SignatureVersion=1.0&Timestamp=2018-05-27T03%3A08%3A35Z&TypeKeyWord=TXT&Version=2015-01-09&Signature=yhQzwEMUglUEV9zxp0b0pGvr33Y%3D'
[Sun May 27 11:08:36 CST 2018] timeout=
[Sun May 27 11:08:36 CST 2018] Http already initialized.
[Sun May 27 11:08:36 CST 2018] _CURL='curl -L --silent --dump-header /www/runtime/acme/data/http.header --trace-ascii /tmp/tmp.HFcJjVcqjs -g '
[Sun May 27 11:08:36 CST 2018] ret='0'
[Sun May 27 11:08:36 CST 2018] response='{"PageNumber":1,"TotalCount":1,"PageSize":20,"RequestId":"C79AF975-6D72-476B-94A6-9A2D50020144","DomainRecords":{"Record":[{"RR":"_acme-challenge","Status":"ENABLE","Value":"WacwqI05efOW_wksKXMCVU30hXRGjdWq028W4ryoc3s","Weight":1,"RecordId":"3908491979293696","Type":"TXT","DomainName":"nazavoya.com","Locked":false,"Line":"default","TTL":600}]}}'
[Sun May 27 11:08:36 CST 2018] record_id='3908491979293696'
[Sun May 27 11:08:37 CST 2018] GET
[Sun May 27 11:08:37 CST 2018] url='https://alidns.aliyuncs.com/?AccessKeyId=S110itPFq87XmCxX&Action=DeleteDomainRecord&Format=json&RecordId=3908491979293696&SignatureMethod=HMAC-SHA1&SignatureNonce=1527390516625520938&SignatureVersion=1.0&Timestamp=2018-05-27T03%3A08%3A36Z&Version=2015-01-09&Signature=rB3CrKejPHcbvU6cn9F2iD%2B%2BzQ0%3D'
[Sun May 27 11:08:37 CST 2018] timeout=
[Sun May 27 11:08:37 CST 2018] Http already initialized.
[Sun May 27 11:08:37 CST 2018] _CURL='curl -L --silent --dump-header /www/runtime/acme/data/http.header --trace-ascii /tmp/tmp.HFcJjVcqjs -g '
[Sun May 27 11:08:37 CST 2018] ret='0'
[Sun May 27 11:08:37 CST 2018] response='{"RecordId":"3908491979293696","RequestId":"D89DE5C7-BC21-468C-B01C-892621C93396"}'
[Sun May 27 11:08:37 CST 2018] _on_issue_err
[Sun May 27 11:08:37 CST 2018] Please add '--debug' or '--log' to check more details.
[Sun May 27 11:08:37 CST 2018] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
[Sun May 27 11:08:37 CST 2018] _chk_vlist='nazavoya.com#clQzEKa10L85cKbQJuwkF-DTHcZAnn_IR1xL9sxuqN0.BlWmYUOZpvoph1lO2mg7tL4JiNzuLUj1chY65Zh2ioc#https://acme-v02.api.letsencrypt.org/acme/challenge/yd7tytrqd_S9Yg30HxKCM7SvOl2HDopxbTdFWW3h_x8/4829129309#http-01#nginx:,*.nazavoya.com#USWtDlb9YMVEBaQ2XReY4jQPubB7g3skHqtJKHIjSSA.BlWmYUOZpvoph1lO2mg7tL4JiNzuLUj1chY65Zh2ioc#https://acme-v02.api.letsencrypt.org/acme/challenge/UYaWAFAbN3MLNL5fUbR2petZa925JauPfa8LFCRKYig/4829129308#dns-01#dns_ali,'
[Sun May 27 11:08:37 CST 2018] start to deactivate authz
[Sun May 27 11:08:37 CST 2018] tigger domain validation.
[Sun May 27 11:08:37 CST 2018] _t_url='https://acme-v02.api.letsencrypt.org/acme/challenge/yd7tytrqd_S9Yg30HxKCM7SvOl2HDopxbTdFWW3h_x8/4829129309'
[Sun May 27 11:08:37 CST 2018] _t_key_authz='clQzEKa10L85cKbQJuwkF-DTHcZAnn_IR1xL9sxuqN0.BlWmYUOZpvoph1lO2mg7tL4JiNzuLUj1chY65Zh2ioc'
[Sun May 27 11:08:37 CST 2018] url='https://acme-v02.api.letsencrypt.org/acme/challenge/yd7tytrqd_S9Yg30HxKCM7SvOl2HDopxbTdFWW3h_x8/4829129309'
[Sun May 27 11:08:37 CST 2018] payload='{"keyAuthorization": "clQzEKa10L85cKbQJuwkF-DTHcZAnn_IR1xL9sxuqN0.BlWmYUOZpvoph1lO2mg7tL4JiNzuLUj1chY65Zh2ioc"}'
[Sun May 27 11:08:37 CST 2018] Use cached jwk for file: /www/runtime/acme/data/ca/acme-v02.api.letsencrypt.org/account.key
[Sun May 27 11:08:37 CST 2018] Use _CACHED_NONCE='tXSFRr4wXaBrtLpwPiK9SMpsKxaBjyPzS0bIpe-AKpw'
[Sun May 27 11:08:37 CST 2018] nonce='tXSFRr4wXaBrtLpwPiK9SMpsKxaBjyPzS0bIpe-AKpw'
[Sun May 27 11:08:37 CST 2018] POST
[Sun May 27 11:08:37 CST 2018] _post_url='https://acme-v02.api.letsencrypt.org/acme/challenge/yd7tytrqd_S9Yg30HxKCM7SvOl2HDopxbTdFWW3h_x8/4829129309'
[Sun May 27 11:08:37 CST 2018] body='{"protected": "eyJub25jZSI6ICJ0WFNGUnI0d1hhQnJ0THB3UGlLOVNNcHNLeGFCanlQelMwYklwZS1BS3B3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UveWQ3dHl0cnFkX1M5WWczMEh4S0NNN1N2T2wySERvcHhiVGRGV1czaF94OC80ODI5MTI5MzA5IiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8zNTYyNzAwNyJ9", "payload": "eyJrZXlBdXRob3JpemF0aW9uIjogImNsUXpFS2ExMEw4NWNLYlFKdXdrRi1EVEhjWkFubl9JUjF4TDlzeHVxTjAuQmxXbVlVT1pwdm9waDFsTzJtZzd0TDRKaU56dUxVajFjaFk2NVpoMmlvYyJ9", "signature": "eg306bkGooN4cSpBmocIPDKYbi9W_X36HEl-xmXQf4ZQzPVHURI3xU_SilftRn9ex9e1A0Q1AjsBjdYCsJ6bZfoDZ_n9tyRvv0ztFeqkiP8GdCAkn-1DeX_XC5MAIcGEXnEYvK-NIQzRJD5gczwZChlph-_Z9fQ0rsuisysDZT1EA1KM9F8uCkBJyxhWjqwNYdVGs2IoFm91JDLYtpTr903l6HlKsHBO8uJ4nkHEDrpSRyIuPRWme3Q_z-8eze6JIfBLvNnWT5iVDfHWgIgM4AkoHCtblB8fXnPiiR8Qchx61Ann_nnwggWDEbD36NaGds4rXJvrWKZSmSo8eAXHhw"}'
[Sun May 27 11:08:37 CST 2018] _postContentType='application/jose+json'
[Sun May 27 11:08:37 CST 2018] Http already initialized.
[Sun May 27 11:08:37 CST 2018] _CURL='curl -L --silent --dump-header /www/runtime/acme/data/http.header --trace-ascii /tmp/tmp.HFcJjVcqjs -g '
[Sun May 27 11:08:38 CST 2018] _ret='0'
[Sun May 27 11:08:38 CST 2018] original='{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/yd7tytrqd_S9Yg30HxKCM7SvOl2HDopxbTdFWW3h_x8/4829129309",
"token": "clQzEKa10L85cKbQJuwkF-DTHcZAnn_IR1xL9sxuqN0"
}'
[Sun May 27 11:08:38 CST 2018] responseHeaders='HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Content-Length: 223
Boulder-Requester: 35627007
Link: https://acme-v02.api.letsencrypt.org/acme/authz/yd7tytrqd_S9Yg30HxKCM7SvOl2HDopxbTdFWW3h_x8;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/challenge/yd7tytrqd_S9Yg30HxKCM7SvOl2HDopxbTdFWW3h_x8/4829129309
Replay-Nonce: vIh5A8R9ks9-SN3QKsltxX-VyPu6qw2N5E4EY7_GBvc
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sun, 27 May 2018 03:08:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 27 May 2018 03:08:38 GMT
Connection: keep-alive
'
[Sun May 27 11:08:38 CST 2018] response='{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/yd7tytrqd_S9Yg30HxKCM7SvOl2HDopxbTdFWW3h_x8/4829129309","token":"clQzEKa10L85cKbQJuwkF-DTHcZAnn_IR1xL9sxuqN0"}'
[Sun May 27 11:08:38 CST 2018] code='200'
[Sun May 27 11:08:38 CST 2018] tigger domain validation.
[Sun May 27 11:08:38 CST 2018] _t_url='https://acme-v02.api.letsencrypt.org/acme/challenge/UYaWAFAbN3MLNL5fUbR2petZa925JauPfa8LFCRKYig/4829129308'
[Sun May 27 11:08:38 CST 2018] _t_key_authz='USWtDlb9YMVEBaQ2XReY4jQPubB7g3skHqtJKHIjSSA.BlWmYUOZpvoph1lO2mg7tL4JiNzuLUj1chY65Zh2ioc'
[Sun May 27 11:08:38 CST 2018] url='https://acme-v02.api.letsencrypt.org/acme/challenge/UYaWAFAbN3MLNL5fUbR2petZa925JauPfa8LFCRKYig/4829129308'
[Sun May 27 11:08:38 CST 2018] payload='{"keyAuthorization": "USWtDlb9YMVEBaQ2XReY4jQPubB7g3skHqtJKHIjSSA.BlWmYUOZpvoph1lO2mg7tL4JiNzuLUj1chY65Zh2ioc"}'
[Sun May 27 11:08:38 CST 2018] Use cached jwk for file: /www/runtime/acme/data/ca/acme-v02.api.letsencrypt.org/account.key
[Sun May 27 11:08:38 CST 2018] Use _CACHED_NONCE='vIh5A8R9ks9-SN3QKsltxX-VyPu6qw2N5E4EY7_GBvc'
[Sun May 27 11:08:38 CST 2018] nonce='vIh5A8R9ks9-SN3QKsltxX-VyPu6qw2N5E4EY7_GBvc'
[Sun May 27 11:08:38 CST 2018] POST
[Sun May 27 11:08:38 CST 2018] _post_url='https://acme-v02.api.letsencrypt.org/acme/challenge/UYaWAFAbN3MLNL5fUbR2petZa925JauPfa8LFCRKYig/4829129308'
[Sun May 27 11:08:38 CST 2018] body='{"protected": "eyJub25jZSI6ICJ2SWg1QThSOWtzOS1TTjNRS3NsdHhYLVZ5UHU2cXcyTjVFNEVZN19HQnZjIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UvVVlhV0FGQWJOM01MTkw1ZlViUjJwZXRaYTkyNUphdVBmYThMRkNSS1lpZy80ODI5MTI5MzA4IiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8zNTYyNzAwNyJ9", "payload": "eyJrZXlBdXRob3JpemF0aW9uIjogIlVTV3REbGI5WU1WRUJhUTJYUmVZNGpRUHViQjdnM3NrSHF0SktISWpTU0EuQmxXbVlVT1pwdm9waDFsTzJtZzd0TDRKaU56dUxVajFjaFk2NVpoMmlvYyJ9", "signature": "iS1IOL94GnN3c2D8rqS5fETBbX3IL0H17XbI5MjYPke15mYSVeHcJ_pYGEPM1yvdOc8V28sgdeao1Uzhd_jKtHQEKckuPJTKLa6QA8rBp_h7x265oQ8Kl7bkW4FXFKuo87JfEc4h1ZGUmKd5zFn8mNVsFSFXSrYuXyd01tcDvjhaPXKg6SykTUfTenVqepu0ddntvAlvHJ1w6nKTNYycGldHa-zdvC3gEnmpaY-YfsAGdfmA_IO0myDAVSQHln9gNb8zkGFguC-tztrUEOQvpLeDcg8s1_NiGCauwcj3vTCRIzlVAQ-OP5KSx4JnBHab8mxJNen7CAPBXBrppxPsyg"}'
[Sun May 27 11:08:38 CST 2018] _postContentType='application/jose+json'
[Sun May 27 11:08:38 CST 2018] Http already initialized.
[Sun May 27 11:08:38 CST 2018] _CURL='curl -L --silent --dump-header /www/runtime/acme/data/http.header --trace-ascii /tmp/tmp.HFcJjVcqjs -g '
[Sun May 27 11:08:39 CST 2018] _ret='0'
[Sun May 27 11:08:39 CST 2018] original='{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/UYaWAFAbN3MLNL5fUbR2petZa925JauPfa8LFCRKYig/4829129308",
"token": "USWtDlb9YMVEBaQ2XReY4jQPubB7g3skHqtJKHIjSSA"
}'
[Sun May 27 11:08:39 CST 2018] responseHeaders='HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Content-Length: 222
Boulder-Requester: 35627007
Link: https://acme-v02.api.letsencrypt.org/acme/authz/UYaWAFAbN3MLNL5fUbR2petZa925JauPfa8LFCRKYig;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/challenge/UYaWAFAbN3MLNL5fUbR2petZa925JauPfa8LFCRKYig/4829129308
Replay-Nonce: Jyio2HCDCkI_pD4aslxGOcztxxTT56h2cKvAImEfTZc
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sun, 27 May 2018 03:08:39 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 27 May 2018 03:08:39 GMT
Connection: keep-alive
'
[Sun May 27 11:08:39 CST 2018] response='{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/challenge/UYaWAFAbN3MLNL5fUbR2petZa925JauPfa8LFCRKYig/4829129308","token":"USWtDlb9YMVEBaQ2XReY4jQPubB7g3skHqtJKHIjSSA"}'
[Sun May 27 11:08:39 CST 2018] code='200'
[Sun May 27 11:08:39 CST 2018] socat doesn't exists.
[Sun May 27 11:08:39 CST 2018] Diagnosis versions:
openssl:openssl
OpenSSL 1.0.2k-fips 26 Jan 2017
apache:
apache doesn't exists.
nginx:
nginx version: nginx/1.12.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC)
built with OpenSSL 1.1.0g 2 Nov 2017
TLS SNI support enabled
configure arguments: --prefix=/www/server/product/nginx/gateway/nginx-1.12.2 --pid-path=/www/server/product/nginx/gateway/nginx-1.12.2/logs/nginx.pid --lock-path=/www/server/product/nginx/gateway/nginx-1.12.2/logs/nginx.lock --user=nginx --group=nginx --with-threads --with-file-aio --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_image_filter_module --with-http_dav_module --with-http_gzip_static_module --with-http_slice_module --with-http_stub_status_module --with-http_sub_module --with-http_stub_status_module --with-mail --with-mail_ssl_module --with-stream --with-stream_ssl_module --with-stream_realip_module --with-pcre=/www/software/pcre-8.42 --with-pcre-jit --with-openssl=/www/software/openssl-1.1.0g --with-zlib=/www/software/zlib-1.2.11 --add-module=/www/server/product/nginx/gateway/nginx-1.12.2/modules/nginx-goodies-nginx-sticky-module-ng-08a395c66e42
socat:
[Sun May 27 11:08:39 CST 2018] Installing key to:/www/config/ca/private/certbot/nazavoya.com-key.pem
[Sun May 27 11:08:39 CST 2018] Installing full chain to:/www/config/ca/certs/certbot/nazavoya.com-chain.pem
cat: /www/runtime/acme/data/nazavoya.com/fullchain.cer: No such file or directory
[Sun May 27 11:08:39 CST 2018] Run reload cmd: /www/script/product/nginx force-reload

其中关于nginx conf的输出是：
[Sun May 27 11:08:34 CST 2018] NGINX_CONF
[Sun May 27 11:08:34 CST 2018] NGINX_CONF
[Sun May 27 11:08:34 CST 2018] '' doesn't exist.

Source

nazavoya

Most helpful comment

首先, 日志里面为啥还有 dns 的输出. 你是把 nginx 和 dns 方法混合使用了吗. 一般情况下不需要. 这是高级用法. 如果你确定明白混合模式的意思, 可以这样用. 否则建议你只使用一种, nginx 或者 dns
其次, 如果你使用nginx 模式, 我们有隐藏功能可以手动指定 nginx conf. 只是目前没有在命令行公开. 你可以试试:

acme.sh --issue  -d domain.com  -w nginx:$NGINX_HOME/conf/nginx.conf

Neilpang on 1 Jun 2018

👍3

All 2 comments

+1, same problem.

Rysle on 1 Jun 2018

首先, 日志里面为啥还有 dns 的输出. 你是把 nginx 和 dns 方法混合使用了吗. 一般情况下不需要. 这是高级用法. 如果你确定明白混合模式的意思, 可以这样用. 否则建议你只使用一种, nginx 或者 dns
其次, 如果你使用nginx 模式, 我们有隐藏功能可以手动指定 nginx conf. 只是目前没有在命令行公开. 你可以试试:

acme.sh --issue  -d domain.com  -w nginx:$NGINX_HOME/conf/nginx.conf

Neilpang on 1 Jun 2018

👍3

Was this page helpful?

0 / 5 - 0 ratings

Related issues

after testing a domain with --staging acme.sh does not revert to non-staging mode

hxx-fetch · 4Comments

DNS API password with special characters

noplanman · 4Comments

Display /home/username/.acme.sh/acme.sh.env: Not find while login super user

mskian · 3Comments

Could not get nonce, let's try again

haiopaii · 3Comments

PKCS #12

FernandoMiguel · 5Comments