Acme.sh: Nginx mode :: Can not find conf file for domain
In log file, it seems acme.sh found and resolve the included file /etc/nginx/conf.d/django_nginx.conf, but it still report Can not find conf file for domain mydomain.com
Steps to reproduce
Install and upgrade in default
curl https://get.acme.sh | sh
ln -s ~/.acme.sh/acme.sh /usr/bin/acme.sh
acme.sh --upgrade
Nginx configs
/etc/nginx/nginx.conf
# the user start this nginx
user root;
worker_processes 2;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/django_nginx.conf;
}
/etc/nginx/conf.d/django_nginx.conf
# client <---> nginx <---> uwsgi <---> django
upstream django {
server web:8001;
}
server {
listen 80;
server_name mydomain.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
location /static {
alias /staticfile;
}
location / {
uwsgi_pass django;
include /etc/nginx/uwsgi_params;
}
ssl_certificate /etc/nginx/ssl/mydomain.com/fullchain.cer;
ssl_certificate_key /etc/nginx/ssl/mydomain.com/privkey.key;
}
Debug log
acme.sh --issue -d mydomain.com --nginx --debug 2
[Wed Nov 7 02:24:45 UTC 2018] Lets find script dir.
[Wed Nov 7 02:24:45 UTC 2018] _SCRIPT_='/usr/bin/acme.sh'
[Wed Nov 7 02:24:45 UTC 2018] _script='/root/.acme.sh/acme.sh'
[Wed Nov 7 02:24:45 UTC 2018] _script_home='/root/.acme.sh'
[Wed Nov 7 02:24:45 UTC 2018] Using default home:/root/.acme.sh
[Wed Nov 7 02:24:45 UTC 2018] Using config home:/root/.acme.sh
[Wed Nov 7 02:24:45 UTC 2018] LE_WORKING_DIR='/root/.acme.sh'
https://github.com/Neilpang/acme.sh
v2.8.0
[Wed Nov 7 02:24:45 UTC 2018] _main_domain='mydomain.com'
[Wed Nov 7 02:24:45 UTC 2018] _alt_domains='no'
[Wed Nov 7 02:24:45 UTC 2018] Using config home:/root/.acme.sh
[Wed Nov 7 02:24:45 UTC 2018] ACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory'
[Wed Nov 7 02:24:45 UTC 2018] _ACME_SERVER_HOST='acme-v01.api.letsencrypt.org'
[Wed Nov 7 02:24:45 UTC 2018] DOMAIN_PATH='/root/.acme.sh/mydomain.com'
[Wed Nov 7 02:24:45 UTC 2018] 'nginx:' does not contain 'dns'
[Wed Nov 7 02:24:45 UTC 2018] Using ACME_DIRECTORY: https://acme-v01.api.letsencrypt.org/directory
[Wed Nov 7 02:24:45 UTC 2018] _init api for server: https://acme-v01.api.letsencrypt.org/directory
[Wed Nov 7 02:24:45 UTC 2018] GET
[Wed Nov 7 02:24:45 UTC 2018] url='https://acme-v01.api.letsencrypt.org/directory'
[Wed Nov 7 02:24:45 UTC 2018] timeout=
[Wed Nov 7 02:24:45 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.GIoVHnSCa1 -g '
[Wed Nov 7 02:24:45 UTC 2018] ret='0'
[Wed Nov 7 02:24:45 UTC 2018] response='{
"3a9F9LUaRsk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"terms-of-service": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",
"new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",
"new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",
"revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"
}'
[Wed Nov 7 02:24:45 UTC 2018] ACME_KEY_CHANGE='https://acme-v01.api.letsencrypt.org/acme/key-change'
[Wed Nov 7 02:24:45 UTC 2018] ACME_NEW_AUTHZ='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Wed Nov 7 02:24:45 UTC 2018] ACME_NEW_ORDER='https://acme-v01.api.letsencrypt.org/acme/new-cert'
[Wed Nov 7 02:24:45 UTC 2018] ACME_NEW_ACCOUNT='https://acme-v01.api.letsencrypt.org/acme/new-reg'
[Wed Nov 7 02:24:45 UTC 2018] ACME_REVOKE_CERT='https://acme-v01.api.letsencrypt.org/acme/revoke-cert'
[Wed Nov 7 02:24:45 UTC 2018] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Wed Nov 7 02:24:45 UTC 2018] ACME_NEW_NONCE
[Wed Nov 7 02:24:45 UTC 2018] ACME_VERSION
[Wed Nov 7 02:24:45 UTC 2018] Le_NextRenewTime
[Wed Nov 7 02:24:45 UTC 2018] _on_before_issue
[Wed Nov 7 02:24:45 UTC 2018] _chk_main_domain='mydomain.com'
[Wed Nov 7 02:24:45 UTC 2018] _chk_alt_domains
[Wed Nov 7 02:24:45 UTC 2018] 'nginx:' does not contain 'no'
[Wed Nov 7 02:24:45 UTC 2018] Le_LocalAddress
[Wed Nov 7 02:24:45 UTC 2018] d='mydomain.com'
[Wed Nov 7 02:24:45 UTC 2018] Check for domain='mydomain.com'
[Wed Nov 7 02:24:45 UTC 2018] _currentRoot='nginx:'
[Wed Nov 7 02:24:45 UTC 2018] d
[Wed Nov 7 02:24:45 UTC 2018] 'nginx:' does not contain 'apache'
[Wed Nov 7 02:24:45 UTC 2018] _saved_account_key_hash='uL6svuopx9eclISV0w9uo6FRgO+mHyq/LEATJnDG+gY='
[Wed Nov 7 02:24:45 UTC 2018] _saved_account_key_hash is not changed, skip register account.
[Wed Nov 7 02:24:45 UTC 2018] Read key length:
[Wed Nov 7 02:24:45 UTC 2018] _createcsr
[Wed Nov 7 02:24:45 UTC 2018] domain='mydomain.com'
[Wed Nov 7 02:24:45 UTC 2018] domainlist
[Wed Nov 7 02:24:45 UTC 2018] csrkey='/root/.acme.sh/mydomain.com/mydomain.com.key'
[Wed Nov 7 02:24:45 UTC 2018] csr='/root/.acme.sh/mydomain.com/mydomain.com.csr'
[Wed Nov 7 02:24:45 UTC 2018] csrconf='/root/.acme.sh/mydomain.com/mydomain.com.csr.conf'
[Wed Nov 7 02:24:45 UTC 2018] Single domain='mydomain.com'
[Wed Nov 7 02:24:45 UTC 2018] _is_idn_d='mydomain.com'
[Wed Nov 7 02:24:45 UTC 2018] _idn_temp
[Wed Nov 7 02:24:45 UTC 2018] _csr_cn='mydomain.com'
[Wed Nov 7 02:24:45 UTC 2018] Getting domain auth token for each domain
[Wed Nov 7 02:24:45 UTC 2018] d='mydomain.com'
[Wed Nov 7 02:24:45 UTC 2018] Getting webroot for domain='mydomain.com'
[Wed Nov 7 02:24:45 UTC 2018] _w='nginx:'
[Wed Nov 7 02:24:45 UTC 2018] _currentRoot='nginx:'
[Wed Nov 7 02:24:45 UTC 2018] Getting new-authz for domain='mydomain.com'
[Wed Nov 7 02:24:45 UTC 2018] _init api for server: https://acme-v01.api.letsencrypt.org/directory
[Wed Nov 7 02:24:45 UTC 2018] Try new-authz for the 0 time.
[Wed Nov 7 02:24:45 UTC 2018] _is_idn_d='mydomain.com'
[Wed Nov 7 02:24:45 UTC 2018] _idn_temp
[Wed Nov 7 02:24:45 UTC 2018] url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Wed Nov 7 02:24:45 UTC 2018] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "mydomain.com"}}'
[Wed Nov 7 02:24:45 UTC 2018] RSA key
[Wed Nov 7 02:24:45 UTC 2018] _URGLY_PRINTF
[Wed Nov 7 02:24:45 UTC 2018] xargs
[Wed Nov 7 02:24:45 UTC 2018] _URGLY_PRINTF
[Wed Nov 7 02:24:45 UTC 2018] xargs
[Wed Nov 7 02:24:45 UTC 2018] Get nonce with GET. ACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory'
[Wed Nov 7 02:24:45 UTC 2018] GET
[Wed Nov 7 02:24:45 UTC 2018] url='https://acme-v01.api.letsencrypt.org/directory'
[Wed Nov 7 02:24:45 UTC 2018] timeout=
[Wed Nov 7 02:24:45 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.PlB34xsm25 -g '
[Wed Nov 7 02:24:45 UTC 2018] ret='0'
[Wed Nov 7 02:24:45 UTC 2018] _headers='HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Content-Length: 658
Replay-Nonce: vTbjnIQDDP0FaqFY93aKVWEcifTFDGVNTcCMY9qe2Ew
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Wed, 07 Nov 2018 02:24:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 07 Nov 2018 02:24:45 GMT
Connection: keep-alive
'
[Wed Nov 7 02:24:45 UTC 2018] _CACHED_NONCE='vTbjnIQDDP0FaqFY93aKVWEcifTFDGVNTcCMY9qe2Ew'
[Wed Nov 7 02:24:45 UTC 2018] nonce='vTbjnIQDDP0FaqFY93aKVWEcifTFDGVNTcCMY9qe2Ew'
[Wed Nov 7 02:24:45 UTC 2018] POST
[Wed Nov 7 02:24:45 UTC 2018] _post_url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Wed Nov 7 02:24:45 UTC 2018] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "0iw7LLznJYIQfnszMdfjFkoUWQid4GTrzp6oPG2h5DjYlebpT8_BFPpeAvY3Bl7pR9-vfmhTXvQ0tYVr5tDLL200aFWYPouB3UG88d6X5YfW30YaLzb2itbu_dTH-jnGo6voz5cS8UfWWsVQXeJYSFm1NgG-SvaeO8ReSIhFNKZzFRX8EAF9BRWyfHRR_e2s3qB-GqGfvxioRWQDwsmmNVB0UCJhvnegySBWZllbpa1PdkdIsFnjXFT215N2bVxMrpbJxJqZ_uzXD1GfiBAC5czOI7NV_Uufx_Hol2maT1Ug6n4huSxOwuTFnsx-6ROelGaP8_lYzI7xWqObSEBeUw"}}, "protected": "eyJub25jZSI6ICJ2VGJqbklRRERQMEZhcUZZOTNhS1ZXRWNpZlRGREdWTlRjQ01ZOXFlMkV3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctYXV0aHoiLCAiYWxnIjogIlJTMjU2IiwgImp3ayI6IHsiZSI6ICJBUUFCIiwgImt0eSI6ICJSU0EiLCAibiI6ICIwaXc3TEx6bkpZSVFmbnN6TWRmakZrb1VXUWlkNEdUcnpwNm9QRzJoNURqWWxlYnBUOF9CRlBwZUF2WTNCbDdwUjktdmZtaFRYdlEwdFlWcjV0RExMMjAwYUZXWVBvdUIzVUc4OGQ2WDVZZlczMFlhTHpiMml0YnVfZFRILWpuR282dm96NWNTOFVmV1dzVlFYZUpZU0ZtMU5nRy1TdmFlTzhSZVNJaEZOS1p6RlJYOEVBRjlCUld5ZkhSUl9lMnMzcUItR3FHZnZ4aW9SV1FEd3NtbU5WQjBVQ0podm5lZ3lTQldabGxicGExUGRrZElzRm5qWEZUMjE1TjJiVnhNcnBiSnhKcVpfdXpYRDFHZmlCQUM1Y3pPSTdOVl9VdWZ4X0hvbDJtYVQxVWc2bjRodVN4T3d1VEZuc3gtNlJPZWxHYVA4X2xZekk3eFdxT2JTRUJlVXcifX0", "payload": "eyJyZXNvdXJjZSI6ICJuZXctYXV0aHoiLCAiaWRlbnRpZmllciI6IHsidHlwZSI6ICJkbnMiLCAidmFsdWUiOiAiaG9ybmV0dHJhY2suY29tIn19", "signature": "DzjiaMOw2441Pf-xm_Q86rSpD4ZbQEOF3q9NmHd18IgLDoPwCF-KNmF1SA6Nmc4kMklVdr7I9yTV9YmcdC0w8rUvpN1cBbBrauGoKL2vsWayG26DOQ8KQuALaQ49VXd9EvEe4VWmL80-oxYYs15iBwKvlaaN8ti_jb3cauApmaOAaGymJk8j9SZt8aN3Ksz7B3CXviJoxit_c0MYK4PfSBQfadUiJZyIvVbV6Gq7OyFRe3p_7CfvqZ8u2NVeot79TqWAVVucDQiV7xIIPpwXmChWNG0f8okslF8qFjpRg9yb5NL4RxNaETAbSgPzQsOMWtOls43GNpHoqd0ZMyc8ow"}'
[Wed Nov 7 02:24:45 UTC 2018] _postContentType='application/jose+json'
[Wed Nov 7 02:24:45 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.OFv74X93tb -g '
[Wed Nov 7 02:24:46 UTC 2018] _ret='0'
[Wed Nov 7 02:24:46 UTC 2018] original='{
"identifier": {
"type": "dns",
"value": "mydomain.com"
},
"status": "pending",
"expires": "2018-11-14T02:24:46Z",
"challenges": [
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999469",
"token": "8XafZuL8NjuzYpZkFKCToCAlNrUmuk_CUM3nUw9jiLk"
},
{
"type": "tls-alpn-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999470",
"token": "bGKTwaWllb4PyqctSB4cW-aZsfBbWdlyPY60EWLnqug"
},
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999471",
"token": "ZJyRNe0WZEHlOdjmGumFuHq9vUszxDYbAKAI36PPowY"
}
],
"combinations": [
[
0
],
[
1
],
[
2
]
]
}'
[Wed Nov 7 02:24:46 UTC 2018] responseHeaders='HTTP/1.1 100 Continue
Expires: Wed, 07 Nov 2018 02:24:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
HTTP/1.1 201 Created
Server: nginx
Content-Type: application/json
Content-Length: 994
Boulder-Requester: 45257976
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Location: https://acme-v01.api.letsencrypt.org/acme/authz/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8
Replay-Nonce: ffXcghQyqddR-TaU34-_S7P9phV7fp5-vxP7bt4YHqA
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Wed, 07 Nov 2018 02:24:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 07 Nov 2018 02:24:46 GMT
Connection: keep-alive
'
[Wed Nov 7 02:24:46 UTC 2018] response='{"identifier":{"type":"dns","value":"mydomain.com"},"status":"pending","expires":"2018-11-14T02:24:46Z","challenges":[{"type":"dns-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999469","token":"8XafZuL8NjuzYpZkFKCToCAlNrUmuk_CUM3nUw9jiLk"},{"type":"tls-alpn-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999470","token":"bGKTwaWllb4PyqctSB4cW-aZsfBbWdlyPY60EWLnqug"},{"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999471","token":"ZJyRNe0WZEHlOdjmGumFuHq9vUszxDYbAKAI36PPowY"}],"combinations":[[0],[1],[2]]}'
[Wed Nov 7 02:24:46 UTC 2018] code='201'
[Wed Nov 7 02:24:46 UTC 2018] The new-authz request is ok.
[Wed Nov 7 02:24:46 UTC 2018] entry='"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999471","token":"ZJyRNe0WZEHlOdjmGumFuHq9vUszxDYbAKAI36PPowY"'
[Wed Nov 7 02:24:46 UTC 2018] token='ZJyRNe0WZEHlOdjmGumFuHq9vUszxDYbAKAI36PPowY'
[Wed Nov 7 02:24:46 UTC 2018] uri='https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999471'
[Wed Nov 7 02:24:46 UTC 2018] keyauthorization='ZJyRNe0WZEHlOdjmGumFuHq9vUszxDYbAKAI36PPowY.gBPAzF4bAFhAmDQ89LvaN7Q5dJhxvJga1XESkkIIcG4'
[Wed Nov 7 02:24:46 UTC 2018] dvlist='mydomain.com#ZJyRNe0WZEHlOdjmGumFuHq9vUszxDYbAKAI36PPowY.gBPAzF4bAFhAmDQ89LvaN7Q5dJhxvJga1XESkkIIcG4#https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999471#http-01#nginx:'
[Wed Nov 7 02:24:46 UTC 2018] d
[Wed Nov 7 02:24:46 UTC 2018] vlist='mydomain.com#ZJyRNe0WZEHlOdjmGumFuHq9vUszxDYbAKAI36PPowY.gBPAzF4bAFhAmDQ89LvaN7Q5dJhxvJga1XESkkIIcG4#https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999471#http-01#nginx:,'
[Wed Nov 7 02:24:46 UTC 2018] d='mydomain.com'
[Wed Nov 7 02:24:46 UTC 2018] ok, let's start to verify
[Wed Nov 7 02:24:46 UTC 2018] Verifying:mydomain.com
[Wed Nov 7 02:24:46 UTC 2018] d='mydomain.com'
[Wed Nov 7 02:24:46 UTC 2018] keyauthorization='ZJyRNe0WZEHlOdjmGumFuHq9vUszxDYbAKAI36PPowY.gBPAzF4bAFhAmDQ89LvaN7Q5dJhxvJga1XESkkIIcG4'
[Wed Nov 7 02:24:46 UTC 2018] uri='https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999471'
[Wed Nov 7 02:24:46 UTC 2018] _currentRoot='nginx:'
[Wed Nov 7 02:24:46 UTC 2018] Nginx mode for domain:mydomain.com
[Wed Nov 7 02:24:46 UTC 2018] _croot='nginx:'
[Wed Nov 7 02:24:46 UTC 2018] _start_f
[Wed Nov 7 02:24:46 UTC 2018] find start conf from nginx command
[Wed Nov 7 02:24:46 UTC 2018] NGINX_CONF='--conf-path=/etc/nginx/nginx.conf'
[Wed Nov 7 02:24:46 UTC 2018] NGINX_CONF='/etc/nginx/nginx.conf'
[Wed Nov 7 02:24:46 UTC 2018] Found nginx conf file:/etc/nginx/nginx.conf
[Wed Nov 7 02:24:46 UTC 2018] Start detect nginx conf for mydomain.com from:/etc/nginx/nginx.conf
[Wed Nov 7 02:24:46 UTC 2018] Start _checkConf from:/etc/nginx/nginx.conf
[Wed Nov 7 02:24:46 UTC 2018] single
[Wed Nov 7 02:24:46 UTC 2018] _isRealNginxConf mydomain.com /etc/nginx/nginx.conf
[Wed Nov 7 02:24:46 UTC 2018] Try include files
[Wed Nov 7 02:24:46 UTC 2018] check included /etc/nginx/mime.types
[Wed Nov 7 02:24:46 UTC 2018] Start _checkConf from:/etc/nginx/mime.types
not found. 02:24:46 UTC 2018] /etc/nginx/mime.types
[Wed Nov 7 02:24:46 UTC 2018] check included /etc/nginx/conf.d/django_nginx.conf
[Wed Nov 7 02:24:46 UTC 2018] Start _checkConf from:/etc/nginx/conf.d/django_nginx.conf
not found. 02:24:46 UTC 2018] /etc/nginx/conf.d/django_nginx.conf
[Wed Nov 7 02:24:46 UTC 2018] Can not find conf file for domain mydomain.com
[Wed Nov 7 02:24:46 UTC 2018] pid
[Wed Nov 7 02:24:46 UTC 2018] No need to restore nginx, skip.
[Wed Nov 7 02:24:46 UTC 2018] _clearupdns
[Wed Nov 7 02:24:46 UTC 2018] skip dns.
[Wed Nov 7 02:24:46 UTC 2018] _on_issue_err
[Wed Nov 7 02:24:46 UTC 2018] Please add '--debug' or '--log' to check more details.
[Wed Nov 7 02:24:46 UTC 2018] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
[Wed Nov 7 02:24:46 UTC 2018] _chk_vlist='mydomain.com#ZJyRNe0WZEHlOdjmGumFuHq9vUszxDYbAKAI36PPowY.gBPAzF4bAFhAmDQ89LvaN7Q5dJhxvJga1XESkkIIcG4#https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999471#http-01#nginx:,'
[Wed Nov 7 02:24:46 UTC 2018] start to deactivate authz
[Wed Nov 7 02:24:46 UTC 2018] tigger domain validation.
[Wed Nov 7 02:24:46 UTC 2018] _t_url='https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999471'[Wed Nov 7 02:24:46 UTC 2018] _t_key_authz='ZJyRNe0WZEHlOdjmGumFuHq9vUszxDYbAKAI36PPowY.gBPAzF4bAFhAmDQ89LvaN7Q5dJhxvJga1XESkkIIcG4'
[Wed Nov 7 02:24:46 UTC 2018] url='https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999471'
[Wed Nov 7 02:24:46 UTC 2018] payload='{"resource": "challenge", "keyAuthorization": "ZJyRNe0WZEHlOdjmGumFuHq9vUszxDYbAKAI36PPowY.gBPAzF4bAFhAmDQ89LvaN7Q5dJhxvJga1XESkkIIcG4"}'
[Wed Nov 7 02:24:46 UTC 2018] Use cached jwk for file: /root/.acme.sh/ca/acme-v01.api.letsencrypt.org/account.key
[Wed Nov 7 02:24:46 UTC 2018] Use _CACHED_NONCE='ffXcghQyqddR-TaU34-_S7P9phV7fp5-vxP7bt4YHqA'
[Wed Nov 7 02:24:46 UTC 2018] nonce='ffXcghQyqddR-TaU34-_S7P9phV7fp5-vxP7bt4YHqA'
[Wed Nov 7 02:24:46 UTC 2018] POST
[Wed Nov 7 02:24:46 UTC 2018] _post_url='https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999471'
[Wed Nov 7 02:24:46 UTC 2018] body='{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "0iw7LLznJYIQfnszMdfjFkoUWQid4GTrzp6oPG2h5DjYlebpT8_BFPpeAvY3Bl7pR9-vfmhTXvQ0tYVr5tDLL200aFWYPouB3UG88d6X5YfW30YaLzb2itbu_dTH-jnGo6voz5cS8UfWWsVQXeJYSFm1NgG-SvaeO8ReSIhFNKZzFRX8EAF9BRWyfHRR_e2s3qB-GqGfvxioRWQDwsmmNVB0UCJhvnegySBWZllbpa1PdkdIsFnjXFT215N2bVxMrpbJxJqZ_uzXD1GfiBAC5czOI7NV_Uufx_Hol2maT1Ug6n4huSxOwuTFnsx-6ROelGaP8_lYzI7xWqObSEBeUw"}}, "protected": "eyJub25jZSI6ICJmZlhjZ2hReXFkZFItVGFVMzQtX1M3UDlwaFY3ZnA1LXZ4UDdidDRZSHFBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbGVuZ2UvdGtsQVZ2RUZLUm1FRVdpd0tPZkROaE5PS3RHRTl4Y3AyZUpQSFk1eWdOOC85MDMyOTk5NDcxIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAiMGl3N0xMem5KWUlRZm5zek1kZmpGa29VV1FpZDRHVHJ6cDZvUEcyaDVEallsZWJwVDhfQkZQcGVBdlkzQmw3cFI5LXZmbWhUWHZRMHRZVnI1dERMTDIwMGFGV1lQb3VCM1VHODhkNlg1WWZXMzBZYUx6YjJpdGJ1X2RUSC1qbkdvNnZvejVjUzhVZldXc1ZRWGVKWVNGbTFOZ0ctU3ZhZU84UmVTSWhGTktaekZSWDhFQUY5QlJXeWZIUlJfZTJzM3FCLUdxR2Z2eGlvUldRRHdzbW1OVkIwVUNKaHZuZWd5U0JXWmxsYnBhMVBka2RJc0ZualhGVDIxNU4yYlZ4TXJwYkp4SnFaX3V6WEQxR2ZpQkFDNWN6T0k3TlZfVXVmeF9Ib2wybWFUMVVnNm40aHVTeE93dVRGbnN4LTZST2VsR2FQOF9sWXpJN3hXcU9iU0VCZVV3In19", "payload": "eyJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLCAia2V5QXV0aG9yaXphdGlvbiI6ICJaSnlSTmUwV1pFSGxPZGptR3VtRnVIcTl2VXN6eERZYkFLQUkzNlBQb3dZLmdCUEF6RjRiQUZoQW1EUTg5THZhTjdRNWRKaHh2SmdhMVhFU2trSUljRzQifQ", "signature": "BiIHqiIwCToxlLFn0ZUgcBNjNw3GoRv_F4HIxv1qHl-nz1aUyMLblGsAw09bZw3xG6dpNTa3Ol-f9u8iFcFS1eP7tiX7jytGx55VYFoYoLdmDpb_dYp7Tovdg34cWIdQpswJxWGPy4oLERTjgksiUo46vaPJY30ikv1OOeCeP7xAMq6kX1YtDoIM5c_myVM8RVDyAfgTHcfSK1RWEFoSSIHnpWJT4GSSv-w7FPQ77NEMWb4T9Y_7Tp9QJeiK-s8pqwzg_5R2SaDVJ2-c-qCKmlzEkjKrtp1Et1oqz56r9my_82BsO6Rwf3oCdhlUY-0mzmqaSXYC2jvo1Q_WrP3yww"}'
[Wed Nov 7 02:24:46 UTC 2018] _postContentType='application/jose+json'
[Wed Nov 7 02:24:46 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header --trace-ascii /tmp/tmp.jSUm6nqnp4 -g '
[Wed Nov 7 02:24:46 UTC 2018] _ret='0'
[Wed Nov 7 02:24:46 UTC 2018] original='{
"type": "http-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999471",
"token": "ZJyRNe0WZEHlOdjmGumFuHq9vUszxDYbAKAI36PPowY",
"keyAuthorization": "ZJyRNe0WZEHlOdjmGumFuHq9vUszxDYbAKAI36PPowY.gBPAzF4bAFhAmDQ89LvaN7Q5dJhxvJga1XESkkIIcG4"
}'
[Wed Nov 7 02:24:46 UTC 2018] responseHeaders='HTTP/1.1 100 Continue
Expires: Wed, 07 Nov 2018 02:24:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
HTTP/1.1 202 Accepted
Server: nginx
Content-Type: application/json
Content-Length: 336
Boulder-Requester: 45257976
Link: <https://acme-v01.api.letsencrypt.org/acme/authz/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8>;rel="up"
Location: https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999471
Replay-Nonce: sd16Mn7dJJPPsxysJwpRRcM5Fh8deaQJRxNrBeYlhvY
Expires: Wed, 07 Nov 2018 02:24:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 07 Nov 2018 02:24:46 GMT
Connection: keep-alive
'
[Wed Nov 7 02:24:46 UTC 2018] response='{"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/tklAVvEFKRmEEWiwKOfDNhNOKtGE9xcp2eJPHY5ygN8/9032999471","token":"ZJyRNe0WZEHlOdjmGumFuHq9vUszxDYbAKAI36PPowY","keyAuthorization":"ZJyRNe0WZEHlOdjmGumFuHq9vUszxDYbAKAI36PPowY.gBPAzF4bAFhAmDQ89LvaN7Q5dJhxvJga1XESkkIIcG4"}'
[Wed Nov 7 02:24:46 UTC 2018] code='202'
[Wed Nov 7 02:24:47 UTC 2018] socat doesn't exists.
[Wed Nov 7 02:24:47 UTC 2018] Diagnosis versions:
openssl:openssl
OpenSSL 1.1.0f 25 May 2017
apache:
apache doesn't exists.
nginx:
nginx version: nginx/1.10.3
built with OpenSSL 1.1.0f 25 May 2017
TLS SNI support enabled
configure arguments: --with-cc-opt='-g -O2 -fdebug-prefix-map=/build/nginx-2tpxfc/nginx-1.10.3=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-z,relro -Wl,-z,now' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --modules-path=/usr/lib/nginx/modules --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_v2_module --with-http_dav_module --with-http_slice_module --with-threads --with-http_addition_module --with-http_geoip_module=dynamic --with-http_gunzip_module --with-http_gzip_static_module --with-http_image_filter_module=dynamic --with-http_sub_module --with-http_xslt_module=dynamic --with-stream=dynamic --with-stream_ssl_module --with-mail=dynamic --with-mail_ssl_module --add-dynamic-module=/build/nginx-2tpxfc/nginx-1.10.3/debian/modules/nginx-auth-pam --add-dynamic-module=/build/nginx-2tpxfc/nginx-1.10.3/debian/modules/nginx-dav-ext-module --add-dynamic-module=/build/nginx-2tpxfc/nginx-1.10.3/debian/modules/nginx-echo --add-dynamic-module=/build/nginx-2tpxfc/nginx-1.10.3/debian/modules/nginx-upstream-fair --add-dynamic-module=/build/nginx-2tpxfc/nginx-1.10.3/debian/modules/ngx_http_substitutions_filter_module
socat:
timtorChen
All 10 comments
Can you add server_name to the https block pls?
FernandoMiguel
on 7 Nov 2018
I add the server_name to https block, but It report the same error Can not find conf file for domain mydomain.com
timtorChen
on 8 Nov 2018
I assume you restarted nginx?
FernandoMiguel
on 8 Nov 2018
I run acme.sh under no nginx service running in the docker I build my own.
Dockerfile
FROM debian:stretch
WORKDIR /code
RUN apt-get update;\
apt-get update && apt-get install nginx curl cron -y > /dev/null
ADD . .
RUN cp nginx.conf /etc/nginx/nginx.conf; \
cp uwsgi_params /etc/nginx/uwsgi_params; \
cp django_nginx.production.conf /etc/nginx/conf.d/django_nginx.conf
RUN curl https://get.acme.sh | sh ;\
ln -s ~/.acme.sh/acme.sh /usr/bin/acme.sh;\
acme.sh --upgrade
After image builded, in docker-compose It will issue the cert and run the nginx service.
However, the error occur on acme.sh blocks the process.
timtorChen
on 9 Nov 2018
I am facing the same issue
pupattan
on 16 Apr 2020
👍1
me tooo
thunderwin
on 22 Apr 2020
👍1
nginx version: nginx/1.10.3 (Ubuntu)
not working with the same error (Can not find conf file for domain...):
acme.sh --issue --nginx -d example.org -w /var/www/html/example.org/
suddenly working:
acme.sh --issue -d example.org -w /var/www/html/example.org/
- so i removed key
--nginx
lasczki-da
on 19 May 2020
Same issue on old Ununtu 12.04:
nginx version: nginx/1.8.1
4815162342lost
on 30 Sep 2020
I implemented a workaround:
Created /tmp/1/ . Disabled real nginx config and activated fake site:
server {
listen 443 ssl;
server_name mysite;
ssl_certificate /etc/nginx/ssl/cert.crt;
ssl_certificate_key /etc/nginx/ssl/priv.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SH
A256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
keepalive_timeout 65;
location / {
alias /tmp/1/;
index 1.txt;
include proxy_params;
}
}
After run following command:
acme.sh --issue -d mysite -w /tmp/1/
And i got a certificate!
4815162342lost
on 30 Sep 2020
fix this immediatley, me too
danielgran
on 31 Oct 2020
👍1
Was this page helpful?
0 / 5 - 0 ratings
Related issues
luochenzhimu
·
3Comments
extensionsapp
·
3Comments
centminmod
·
4Comments
mskian
·
3Comments
feiyu0
·
4Comments