Neuinstallation mit Let’s Encrypt-Fehlern

wanghaisheng · 26. Dezember 2019 um 04:57

succesfully enter app container, is this saying my domain restricted by Encrypt?

root@docker-s-1vcpu-2gb-sgp1-01-app:/shared/letsencrypt# ./acme.sh --issue -d bbs.antivte.com -k 4096 -w /var/www/discourse/public --debug 2
[Thu 26 Dec 2019 04:52:39 AM UTC] Lets find script dir.
[Thu 26 Dec 2019 04:52:39 AM UTC] _SCRIPT_='./acme.sh'
[Thu 26 Dec 2019 04:52:39 AM UTC] _script='/shared/letsencrypt/acme.sh'
[Thu 26 Dec 2019 04:52:39 AM UTC] _script_home='/shared/letsencrypt'
[Thu 26 Dec 2019 04:52:39 AM UTC] Using default home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:39 AM UTC] Using config home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:39 AM UTC] LE_WORKING_DIR='/root/.acme.sh'
https://github.com/Neilpang/acme.sh
v2.8.4
[Thu 26 Dec 2019 04:52:39 AM UTC] Running cmd: issue
[Thu 26 Dec 2019 04:52:39 AM UTC] _main_domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:39 AM UTC] _alt_domains='no'
[Thu 26 Dec 2019 04:52:39 AM UTC] Using config home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:39 AM UTC] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Thu 26 Dec 2019 04:52:39 AM UTC] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Thu 26 Dec 2019 04:52:39 AM UTC] DOMAIN_PATH='/root/.acme.sh/bbs.antivte.com'
[Thu 26 Dec 2019 04:52:39 AM UTC] '/var/www/discourse/public' does not contain 'dns'
[Thu 26 Dec 2019 04:52:39 AM UTC] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Thu 26 Dec 2019 04:52:39 AM UTC] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Thu 26 Dec 2019 04:52:39 AM UTC] GET
[Thu 26 Dec 2019 04:52:39 AM UTC] url='https://acme-v02.api.letsencrypt.org/directory'
[Thu 26 Dec 2019 04:52:39 AM UTC] timeout=
[Thu 26 Dec 2019 04:52:39 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.LOXvOHFIhy  -g '
[Thu 26 Dec 2019 04:52:40 AM UTC] ret='0'
[Thu 26 Dec 2019 04:52:40 AM UTC] response='{
  "FniD_4JroWM": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_NEW_AUTHZ
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_VERSION='2'
[Thu 26 Dec 2019 04:52:40 AM UTC] _on_before_issue
[Thu 26 Dec 2019 04:52:40 AM UTC] _chk_main_domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:40 AM UTC] _chk_alt_domains
[Thu 26 Dec 2019 04:52:40 AM UTC] '/var/www/discourse/public' does not contain 'no'
[Thu 26 Dec 2019 04:52:41 AM UTC] Le_LocalAddress
[Thu 26 Dec 2019 04:52:41 AM UTC] d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:41 AM UTC] Check for domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:41 AM UTC] _currentRoot='/var/www/discourse/public'
[Thu 26 Dec 2019 04:52:41 AM UTC] d
[Thu 26 Dec 2019 04:52:41 AM UTC] '/var/www/discourse/public' does not contain 'apache'
[Thu 26 Dec 2019 04:52:41 AM UTC] config file is empty, can not read CA_KEY_HASH
[Thu 26 Dec 2019 04:52:41 AM UTC] _saved_account_key_hash
[Thu 26 Dec 2019 04:52:41 AM UTC] Using config home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:41 AM UTC] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Thu 26 Dec 2019 04:52:41 AM UTC] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Thu 26 Dec 2019 04:52:41 AM UTC] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Thu 26 Dec 2019 04:52:41 AM UTC] Use default length 2048
[Thu 26 Dec 2019 04:52:41 AM UTC] length='2048'
[Thu 26 Dec 2019 04:52:41 AM UTC] Using config home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:41 AM UTC] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Thu 26 Dec 2019 04:52:41 AM UTC] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Thu 26 Dec 2019 04:52:41 AM UTC] _createkey for file:/root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:41 AM UTC] Use length 2048
[Thu 26 Dec 2019 04:52:41 AM UTC] Using RSA: 2048
[Thu 26 Dec 2019 04:52:41 AM UTC] Create account key ok.
[Thu 26 Dec 2019 04:52:41 AM UTC] RSA key
[Thu 26 Dec 2019 04:52:41 AM UTC] Registering account
[Thu 26 Dec 2019 04:52:41 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Thu 26 Dec 2019 04:52:41 AM UTC] payload='{"termsOfServiceAgreed": true}'
[Thu 26 Dec 2019 04:52:41 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:41 AM UTC] Get nonce with HEAD. ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Thu 26 Dec 2019 04:52:41 AM UTC] HEAD
[Thu 26 Dec 2019 04:52:41 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Thu 26 Dec 2019 04:52:41 AM UTC] body
[Thu 26 Dec 2019 04:52:41 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:41 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g  -I  '
[Thu 26 Dec 2019 04:52:42 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:42 AM UTC] _headers='HTTP/2 200 
server: nginx
date: Thu, 26 Dec 2019 04:52:42 GMT
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0001AxpV5dyHJWwOhObR8yiKO2ziG89-APmQJeBR7we6-w4
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:42 AM UTC] _CACHED_NONCE='0001AxpV5dyHJWwOhObR8yiKO2ziG89-APmQJeBR7we6-w4'
[Thu 26 Dec 2019 04:52:42 AM UTC] nonce='0001AxpV5dyHJWwOhObR8yiKO2ziG89-APmQJeBR7we6-w4'
[Thu 26 Dec 2019 04:52:42 AM UTC] POST
[Thu 26 Dec 2019 04:52:42 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Thu 26 Dec 2019 04:52:42 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMDAxQXhwVjVkeUhKV3dPaE9iUjh5aUtPMnppRzg5LUFQbVFKZUJSN3dlNi13NCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LWFjY3QiLCAiYWxnIjogIlJTMjU2IiwgImp3ayI6IHsiZSI6ICJBUUFCIiwgImt0eSI6ICJSU0EiLCAibiI6ICJ4M1hraWV0dnVNd0N5SS1iR0xmVkgyNkg3NmlOSnhSNm5Dc0JFWXJJTTZlZVNUdm1YZ2MzdlZhWU1lejNidGROTHkwWjM2V0FsYWx4X25FcUpGVnJ6cjd1U3BhM2hMS1pjaGF4My1Nd2pnMVdnNUVUbFJxWEE1WDdneEk1Ni1FMVhOUDdVMmktMmg2XzMxbnRvZld1VlZ4aGI1YzFXaDNYcDZJTkZvZXdsbWVwN01SNVAwWG1McnI4bFlWNjVYbzlOcy1pTy05R0JNRXhtOEh6cUVieGMxdTNUUGJGQUtjUzJ3MHpqWDE2X0w0V3lwejZha3pHLXNDZ0E4OUVLTW92eWxfd28tSUNiZnlxckZTaDRLU1BaVlhORTJfazVHN0hsTlVNVTZ0RUN4RHNrN05POUhkRGx1NXR2TmxJeFZEZ2N3R2w3NXJJeDJ1dG0wTm81V0RkeVEifX0", "payload": "eyJ0ZXJtc09mU2VydmljZUFncmVlZCI6IHRydWV9", "signature": "BkT6xyNOcbLShm1d2BLFCwopq7biySJLbbMWrylQ76da_1GPc030OgecWHdF1QWYDxC7PlHuL6JGAhSgssbgCti6cOw_tehil1oFGbNsq_AEe152eZKxeSNXIDCqIfShIj6JZzRIV3h8E-XpIRhn_z1t5M4FBp4jmQAxJG0cjq84YwruPqm6rQbRuU_JIhc2K61b6awcTyAAjmv9CKk1WLHe9TQoTHPRqZxQvLyTU0tOPqW19hHbBWSg_ZKTrtBOvIYh8PrHaZ0hN9NtY8UwxjOtpen5K5OAPFwvHurBceeftnEO-NSPC4K_gwagGIbfzBrAg-b56smVQocyF7quHQ"}'
[Thu 26 Dec 2019 04:52:42 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:42 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:42 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:43 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:43 AM UTC] responseHeaders='HTTP/2 201 
server: nginx
date: Thu, 26 Dec 2019 04:52:43 GMT
content-type: application/json
content-length: 527
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
link: <https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf>;rel="terms-of-service"
location: https://acme-v02.api.letsencrypt.org/acme/acct/74543816
replay-nonce: 0001hK3kXUp-A9i-YWF777bGt1i68imK6SGSbbeAh3s5raA
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:43 AM UTC] code='201'
[Thu 26 Dec 2019 04:52:43 AM UTC] original='{
  "key": {
    "kty": "RSA",
    "n": "x3XkietvuMwCyI-bGLfVH26H76iNJxR6nCsBEYrIM6eeSTvmXgc3vVaYMez3btdNLy0Z36WAlalx_nEqJFVrzr7uSpa3hLKZchax3-Mwjg1Wg5ETlRqXA5X7gxI56-E1XNP7U2i-2h6_31ntofWuVVxhb5c1Wh3Xp6INFoewlmep7MR5P0XmLrr8lYV65Xo9Ns-iO-9GBMExm8HzqEbxc1u3TPbFAKcS2w0zjX16_L4Wypz6akzG-sCgA89EKMovyl_wo-ICbfyqrFSh4KSPZVXNE2_k5G7HlNUMU6tECxDsk7NO9HdDlu5tvNlIxVDgcwGl75rIx2utm0No5WDdyQ",
    "e": "AQAB"
  },
  "contact": [],
  "initialIp": "128.199.246.56",
  "createdAt": "2019-12-26T04:52:43.173478473Z",
  "status": "valid"
}'
[Thu 26 Dec 2019 04:52:43 AM UTC] response='{"key":{"kty":"RSA","n":"x3XkietvuMwCyI-bGLfVH26H76iNJxR6nCsBEYrIM6eeSTvmXgc3vVaYMez3btdNLy0Z36WAlalx_nEqJFVrzr7uSpa3hLKZchax3-Mwjg1Wg5ETlRqXA5X7gxI56-E1XNP7U2i-2h6_31ntofWuVVxhb5c1Wh3Xp6INFoewlmep7MR5P0XmLrr8lYV65Xo9Ns-iO-9GBMExm8HzqEbxc1u3TPbFAKcS2w0zjX16_L4Wypz6akzG-sCgA89EKMovyl_wo-ICbfyqrFSh4KSPZVXNE2_k5G7HlNUMU6tECxDsk7NO9HdDlu5tvNlIxVDgcwGl75rIx2utm0No5WDdyQ","e":"AQAB"},"contact":[],"initialIp":"128.199.246.56","createdAt":"2019-12-26T04:52:43.173478473Z","status":"valid"}'
[Thu 26 Dec 2019 04:52:43 AM UTC] Registered
[Thu 26 Dec 2019 04:52:43 AM UTC] responseHeaders='HTTP/2 201 
server: nginx
date: Thu, 26 Dec 2019 04:52:43 GMT
content-type: application/json
content-length: 527
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
link: <https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf>;rel="terms-of-service"
location: https://acme-v02.api.letsencrypt.org/acme/acct/74543816
replay-nonce: 0001hK3kXUp-A9i-YWF777bGt1i68imK6SGSbbeAh3s5raA
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:43 AM UTC] _accUri='https://acme-v02.api.letsencrypt.org/acme/acct/74543816'
[Thu 26 Dec 2019 04:52:43 AM UTC] Calc CA_KEY_HASH='5TMvDldeJtWEHra6Xqn3izEY40++QnSBx2M2BvFMWAw='
[Thu 26 Dec 2019 04:52:43 AM UTC] ACCOUNT_THUMBPRINT='QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M'
[Thu 26 Dec 2019 04:52:43 AM UTC] Read key length:
[Thu 26 Dec 2019 04:52:43 AM UTC] Creating domain key
[Thu 26 Dec 2019 04:52:43 AM UTC] Using config home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:43 AM UTC] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Thu 26 Dec 2019 04:52:43 AM UTC] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Thu 26 Dec 2019 04:52:43 AM UTC] _createkey for file:/root/.acme.sh/bbs.antivte.com/bbs.antivte.com.key
[Thu 26 Dec 2019 04:52:43 AM UTC] Use length 4096
[Thu 26 Dec 2019 04:52:43 AM UTC] Using RSA: 4096
[Thu 26 Dec 2019 04:52:44 AM UTC] The domain key is here: /root/.acme.sh/bbs.antivte.com/bbs.antivte.com.key
[Thu 26 Dec 2019 04:52:44 AM UTC] _createcsr
[Thu 26 Dec 2019 04:52:44 AM UTC] domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] domainlist
[Thu 26 Dec 2019 04:52:44 AM UTC] csrkey='/root/.acme.sh/bbs.antivte.com/bbs.antivte.com.key'
[Thu 26 Dec 2019 04:52:44 AM UTC] csr='/root/.acme.sh/bbs.antivte.com/bbs.antivte.com.csr'
[Thu 26 Dec 2019 04:52:44 AM UTC] csrconf='/root/.acme.sh/bbs.antivte.com/bbs.antivte.com.csr.conf'
[Thu 26 Dec 2019 04:52:44 AM UTC] Single domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] _is_idn_d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] _idn_temp
[Thu 26 Dec 2019 04:52:44 AM UTC] _is_idn_d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] _idn_temp
[Thu 26 Dec 2019 04:52:44 AM UTC] _csr_cn='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] Getting domain auth token for each domain
[Thu 26 Dec 2019 04:52:44 AM UTC] _is_idn_d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] _idn_temp
[Thu 26 Dec 2019 04:52:44 AM UTC] d
[Thu 26 Dec 2019 04:52:44 AM UTC] _identifiers='{"type":"dns","value":"bbs.antivte.com"}'
[Thu 26 Dec 2019 04:52:44 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Thu 26 Dec 2019 04:52:44 AM UTC] payload='{"identifiers": [{"type":"dns","value":"bbs.antivte.com"}]}'
[Thu 26 Dec 2019 04:52:44 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:44 AM UTC] Use _CACHED_NONCE='0001hK3kXUp-A9i-YWF777bGt1i68imK6SGSbbeAh3s5raA'
[Thu 26 Dec 2019 04:52:44 AM UTC] nonce='0001hK3kXUp-A9i-YWF777bGt1i68imK6SGSbbeAh3s5raA'
[Thu 26 Dec 2019 04:52:44 AM UTC] POST
[Thu 26 Dec 2019 04:52:44 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Thu 26 Dec 2019 04:52:44 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMDAxaEsza1hVcC1BOWktWVdGNzc3Ykd0MWk2OGltSzZTR1NiYmVBaDNzNXJhQSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC83NDU0MzgxNiJ9", "payload": "eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6ImJicy5hbnRpdnRlLmNvbSJ9XX0", "signature": "Nv53ZkpgvCfJI5_U8j1GicqOCR2kOgSTmmGi1NT0TieO9ObSCU0F_clTBSkm8jGQn8ulikfkvRReTcqU2pLYicgCs73wmAG597Ot5lZlGog50-yYeBeU9xGPwzBUqR9PH8pA3jAwbuKxwwuLq8cFooOFBKujIJwhPPgMXSOkc21BnRwPpxqUwH3bN6SlHqt_kgOegFzR_znUPkl3z2WJxFCXwxy6IH2h6WygblQUPC8T-jgO2YnoBB3LYJeQyOI2pHhhd3_puEbxN70lK-9asUzIKIGVO35IY3yP_XEI3iL8RDbFGnqyDdZBI-0rRyCeqMk6Sr1ia9p6fVPnqb8qgg"}'
[Thu 26 Dec 2019 04:52:44 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:44 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:44 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:45 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:45 AM UTC] responseHeaders='HTTP/2 201 
server: nginx
date: Thu, 26 Dec 2019 04:52:45 GMT
content-type: application/json
content-length: 345
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
location: https://acme-v02.api.letsencrypt.org/acme/order/74543816/1853681043
replay-nonce: 00022VVZj9eHRQusUFyIaI5oSPJqhryfDBQdR8OTdGCyplc
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:45 AM UTC] code='201'
[Thu 26 Dec 2019 04:52:45 AM UTC] original='{
  "status": "pending",
  "expires": "2020-01-02T04:52:45.777717689Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "bbs.antivte.com"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/74543816/1853681043"
}'
[Thu 26 Dec 2019 04:52:45 AM UTC] response='{"status":"pending","expires":"2020-01-02T04:52:45.777717689Z","identifiers":[{"type":"dns","value":"bbs.antivte.com"}],"authorizations":["https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397"],"finalize":"https://acme-v02.api.letsencrypt.org/acme/finalize/74543816/1853681043"}'
[Thu 26 Dec 2019 04:52:45 AM UTC] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/74543816/1853681043'
[Thu 26 Dec 2019 04:52:46 AM UTC] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/74543816/1853681043'
[Thu 26 Dec 2019 04:52:46 AM UTC] _authorizations_seg='https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397'
[Thu 26 Dec 2019 04:52:46 AM UTC] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397'
[Thu 26 Dec 2019 04:52:46 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397'
[Thu 26 Dec 2019 04:52:46 AM UTC] payload
[Thu 26 Dec 2019 04:52:46 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:46 AM UTC] Use _CACHED_NONCE='00022VVZj9eHRQusUFyIaI5oSPJqhryfDBQdR8OTdGCyplc'
[Thu 26 Dec 2019 04:52:46 AM UTC] nonce='00022VVZj9eHRQusUFyIaI5oSPJqhryfDBQdR8OTdGCyplc'
[Thu 26 Dec 2019 04:52:46 AM UTC] POST
[Thu 26 Dec 2019 04:52:46 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397'
[Thu 26 Dec 2019 04:52:46 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMDAyMlZWWmo5ZUhSUXVzVUZ5SWFJNW9TUEpxaHJ5ZkRCUWRSOE9UZEdDeXBsYyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMTkzNDA2ODM5NyIsICJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzQ1NDM4MTYifQ", "payload": "", "signature": "hgHFxU5Si0acgUuXbZqmGS46O8A9-mv57wNqs_99exOWOTQlv61yFTrYm18LGSALvdB5GUMnxMh0e0djS4eew02DgcBPdHTkkaJADD90N0-UhiT8Ze1eHFg1BG6bR-Ylwy9NJWf6x2Oz0U9hWk5qxUnqNRR6uuzLgCNE4wJP7XPWHAzuWfbOQhNaW9bai2-qKEI1ofhnOumcPgxj0ne8t8ALZezjDjTSQ4xJbMWEZnNv8GuthE9_iI9FfGZ8NX0Q0QsLngO_qwRdGYjNli-0sOwIUgNuQlrbugJlcAJr9uSOofuIExKCHm2CQ14Nc8OdzXKVq5gzm0EeqcGRN_M0ig"}'
[Thu 26 Dec 2019 04:52:46 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:46 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:46 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:47 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:47 AM UTC] responseHeaders='HTTP/2 200 
server: nginx
date: Thu, 26 Dec 2019 04:52:46 GMT
content-type: application/json
content-length: 793
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0001wsQPuTFIYRuN7O_cE5bkCzOOC2kqwiYWurj2g4K2YxQ
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:47 AM UTC] code='200'
[Thu 26 Dec 2019 04:52:47 AM UTC] original='{
  "identifier": {
    "type": "dns",
    "value": "bbs.antivte.com"
  },
  "status": "pending",
  "expires": "2020-01-02T04:52:45Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw",
      "token": "IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw",
      "token": "IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw",
      "token": "IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"
    }
  ]
}'
[Thu 26 Dec 2019 04:52:47 AM UTC] response='{"identifier":{"type":"dns","value":"bbs.antivte.com"},"status":"pending","expires":"2020-01-02T04:52:45Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}]}'
[Thu 26 Dec 2019 04:52:47 AM UTC] response='{"identifier":{"type":"dns","value":"bbs.antivte.com"},"status":"pending","expires":"2020-01-02T04:52:45Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}]}'
[Thu 26 Dec 2019 04:52:47 AM UTC] _d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] _authorizations_map='bbs.antivte.com,{"identifier":{"type":"dns","value":"bbs.antivte.com"},"status":"pending","expires":"2020-01-02T04:52:45Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}]}
'
[Thu 26 Dec 2019 04:52:47 AM UTC] d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] Getting webroot for domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] _w='/var/www/discourse/public'
[Thu 26 Dec 2019 04:52:47 AM UTC] _currentRoot='/var/www/discourse/public'
[Thu 26 Dec 2019 04:52:47 AM UTC] _is_idn_d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] _idn_temp
[Thu 26 Dec 2019 04:52:47 AM UTC] _candindates='bbs.antivte.com,{"identifier":{"type":"dns","value":"bbs.antivte.com"},"status":"pending","expires":"2020-01-02T04:52:45Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}]}'
[Thu 26 Dec 2019 04:52:47 AM UTC] response='{"identifier":{"type":"dns","value":"bbs.antivte.com"},"status":"pending","expires":"2020-01-02T04:52:45Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}]}'
[Thu 26 Dec 2019 04:52:47 AM UTC] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"'
[Thu 26 Dec 2019 04:52:47 AM UTC] token='IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M'
[Thu 26 Dec 2019 04:52:47 AM UTC] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:47 AM UTC] keyauthorization='IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M'
[Thu 26 Dec 2019 04:52:47 AM UTC] dvlist='bbs.antivte.com#IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M#https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw#http-01#/var/www/discourse/public'
[Thu 26 Dec 2019 04:52:47 AM UTC] d
[Thu 26 Dec 2019 04:52:47 AM UTC] vlist='bbs.antivte.com#IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M#https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw#http-01#/var/www/discourse/public,'
[Thu 26 Dec 2019 04:52:47 AM UTC] d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] ok, let's start to verify
[Thu 26 Dec 2019 04:52:47 AM UTC] Verifying: bbs.antivte.com
[Thu 26 Dec 2019 04:52:47 AM UTC] d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] keyauthorization='IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M'
[Thu 26 Dec 2019 04:52:47 AM UTC] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:47 AM UTC] _currentRoot='/var/www/discourse/public'
[Thu 26 Dec 2019 04:52:47 AM UTC] wellknown_path='/var/www/discourse/public/.well-known/acme-challenge'
[Thu 26 Dec 2019 04:52:47 AM UTC] writing token:IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M to /var/www/discourse/public/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M
[Thu 26 Dec 2019 04:52:47 AM UTC] Changing owner/group of .well-known to discourse:discourse
[Thu 26 Dec 2019 04:52:47 AM UTC] Trigger domain validation.
[Thu 26 Dec 2019 04:52:47 AM UTC] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:47 AM UTC] _t_key_authz='IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M'
[Thu 26 Dec 2019 04:52:47 AM UTC] _t_vtype='http-01'
[Thu 26 Dec 2019 04:52:47 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:47 AM UTC] payload='{}'
[Thu 26 Dec 2019 04:52:47 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:47 AM UTC] Use _CACHED_NONCE='0001wsQPuTFIYRuN7O_cE5bkCzOOC2kqwiYWurj2g4K2YxQ'
[Thu 26 Dec 2019 04:52:47 AM UTC] nonce='0001wsQPuTFIYRuN7O_cE5bkCzOOC2kqwiYWurj2g4K2YxQ'
[Thu 26 Dec 2019 04:52:47 AM UTC] POST
[Thu 26 Dec 2019 04:52:47 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:47 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMDAxd3NRUHVURklZUnVON09fY0U1YmtDek9PQzJrcXdpWVd1cmoyZzRLMll4USIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMTkzNDA2ODM5Ny9MU2hSSHciLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0Lzc0NTQzODE2In0", "payload": "e30", "signature": "iLhXlf3XDE6RqQuDbAfA4MYTXONqCXxgI8SeGwhBNn1BW0dz4EhYoG-GrE5SrXiNuwflkbLEmvDEMZSTgeuqDM3MIMaE-qw2fF2XrZVCf1madkWlKlwi8BYwiz-7ebFWatv8bAHsDSA_l-XC5eT1c4M3-sRsy6RyqPUxzUhvHzwUa4ePDJf0nmvpDq_iQB6mBf-VaqNUtqdhHIpb-Pz7qDDxIhxMcfDVuxKOjX3mf1KvggGSJbVBTffaBGc58vtuXBXAPNlpXbEPXMQBJcYjRJX_cwCRgYakRj1pBj39uVqHK096Qc30N9ALS18gHj5iTYqsWZzRlnYg5zYPO137zA"}'
[Thu 26 Dec 2019 04:52:47 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:47 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:47 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:48 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:48 AM UTC] responseHeaders='HTTP/2 200 
server: nginx
date: Thu, 26 Dec 2019 04:52:48 GMT
content-type: application/json
content-length: 185
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
link: <https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397>;rel="up"
location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw
replay-nonce: 0101orbWi92uCZTOWbj0--xl238zJ_lVCupwfti7W9-2Qzc
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:48 AM UTC] code='200'
[Thu 26 Dec 2019 04:52:48 AM UTC] original='{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw",
  "token": "IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"
}'
[Thu 26 Dec 2019 04:52:48 AM UTC] response='{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}'
[Thu 26 Dec 2019 04:52:48 AM UTC] trigger validation code: 200
[Thu 26 Dec 2019 04:52:48 AM UTC] sleep 2 secs to verify
[Thu 26 Dec 2019 04:52:50 AM UTC] checking
[Thu 26 Dec 2019 04:52:50 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:50 AM UTC] payload
[Thu 26 Dec 2019 04:52:50 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:50 AM UTC] Use _CACHED_NONCE='0101orbWi92uCZTOWbj0--xl238zJ_lVCupwfti7W9-2Qzc'
[Thu 26 Dec 2019 04:52:50 AM UTC] nonce='0101orbWi92uCZTOWbj0--xl238zJ_lVCupwfti7W9-2Qzc'
[Thu 26 Dec 2019 04:52:50 AM UTC] POST
[Thu 26 Dec 2019 04:52:50 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:50 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMTAxb3JiV2k5MnVDWlRPV2JqMC0teGwyMzh6Sl9sVkN1cHdmdGk3VzktMlF6YyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMTkzNDA2ODM5Ny9MU2hSSHciLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0Lzc0NTQzODE2In0", "payload": "", "signature": "G4UzMSDRVQvvXplTdXTKGwD8DSExTv6nxDOKE4xhLVvSM5pRr-uJqivsuL6iPQu-Efru4QdgtJ31kg4CVZ_R8aSk-JJRfC31fCYdrBkpFS-_G5BUosoV0CEyH2-IPo1c2TaNviV7QA8nRE3EwBQmI2oWegT5jav5mU4XvdYxjl32ihPHkg06jIggzhnrJJfU2wtHQjUahR6C3mEgcJD4EVci10Df5Vvk4MUWh5YiwvYeyBf4VbOGHHos1nQpin2EKBKgdvcnEfr3HrNLnrL_NVGTOz5I6EmZ2alizEKGEOfMZXip_aII8YZ_AjM_pH8bdEUwBdY6xFN5z53pFrjUZw"}'
[Thu 26 Dec 2019 04:52:50 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:50 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:50 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:51 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:51 AM UTC] responseHeaders='HTTP/2 200 
server: nginx
date: Thu, 26 Dec 2019 04:52:51 GMT
content-type: application/json
content-length: 1446
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
link: <https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397>;rel="up"
location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw
replay-nonce: 0102DQYrXDXyqbQCHTjIWnquZuDokct_c1V7AOj2-L9rskQ
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:51 AM UTC] code='200'
[Thu 26 Dec 2019 04:52:51 AM UTC] original='{
  "type": "http-01",
  "status": "invalid",
  "error": {
    "type": "urn:ietf:params:acme:error:unauthorized",
    "detail": "Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: \"\u003c!DOCTYPE html\u003e\\n\u003c!--[if lt IE 7]\u003e \u003chtml class=\\\"no-js ie6 oldie\\\" lang=\\\"en-US\\\"\u003e \u003c![endif]--\u003e\\n\u003c!--[if IE 7]\u003e    \u003chtml class=\\\"no-js \"",
    "status": 403
  },
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw",
  "token": "IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M",
  "validationRecord": [
    {
      "url": "http://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M",
      "hostname": "bbs.antivte.com",
      "port": "80",
      "addressesResolved": [
        "104.27.177.113",
        "104.27.176.113",
        "2606:4700:30::681b:b071",
        "2606:4700:30::681b:b171"
      ],
      "addressUsed": "2606:4700:30::681b:b071"
    },
    {
      "url": "https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M",
      "hostname": "bbs.antivte.com",
      "port": "443",
      "addressesResolved": [
        "104.27.177.113",
        "104.27.176.113",
        "2606:4700:30::681b:b071",
        "2606:4700:30::681b:b171"
      ],
      "addressUsed": "2606:4700:30::681b:b071"
    }
  ]
}'
[Thu 26 Dec 2019 04:52:51 AM UTC] response='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: \"\u003c!DOCTYPE html\u003e\\n\u003c!--[if lt IE 7]\u003e \u003chtml class=\\\"no-js ie6 oldie\\\" lang=\\\"en-US\\\"\u003e \u003c![endif]--\u003e\\n\u003c!--[if IE 7]\u003e    \u003chtml class=\\\"no-js \"","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","validationRecord":[{"url":"http://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"80","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"},{"url":"https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"443","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"}]}'
[Thu 26 Dec 2019 04:52:51 AM UTC] original='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: \"\u003c!DOCTYPE html\u003e\\n\u003c!--[if lt IE 7]\u003e \u003chtml class=\\\"no-js ie6 oldie\\\" lang=\\\"en-US\\\"\u003e \u003c![endif]--\u003e\\n\u003c!--[if IE 7]\u003e    \u003chtml class=\\\"no-js \"","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","validationRecord":[{"url":"http://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"80","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"},{"url":"https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"443","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"}]}'
[Thu 26 Dec 2019 04:52:51 AM UTC] response='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: \"\u003c!DOCTYPE html\u003e\\n\u003c!--[if lt IE 7]\u003e \u003chtml class=\\\"no-js ie6 oldie\\\" lang=\\\"en-US\\\"\u003e \u003c![endif]--\u003e\\n\u003c!--[if IE 7]\u003e    \u003chtml class=\\\"no-js \"","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","validationRecord":[{"url":"http://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"80","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"},{"url":"https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"443","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"}]}'
[Thu 26 Dec 2019 04:52:51 AM UTC] error='"error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: '
[Thu 26 Dec 2019 04:52:51 AM UTC] errordetail='Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: '
[Thu 26 Dec 2019 04:52:51 AM UTC] bbs.antivte.com:Verify error:Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: 
[Thu 26 Dec 2019 04:52:51 AM UTC] Debug: get token url.
[Thu 26 Dec 2019 04:52:51 AM UTC] GET
[Thu 26 Dec 2019 04:52:51 AM UTC] url='http://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M'
[Thu 26 Dec 2019 04:52:51 AM UTC] timeout=1
[Thu 26 Dec 2019 04:52:51 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:51 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g  --connect-timeout 1'
<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->
<!--[if IE 7]>    <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->
<!--[if IE 8]>    <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]-->
<head>
<meta http-equiv="refresh" content="0">
<title>bbs.antivte.com | 521: Web server is down</title>
<meta charset="UTF-8" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" />
<meta name="robots" content="noindex, nofollow" />
<meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1" />
<script src="/cdn-cgi/apps/head/eW0hx6oSIsT-EkFq6T0G23tSHbI.js"></script><link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" type="text/css" media="screen,projection" />
<!--[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" type="text/css" media="screen,projection" /><![endif]-->
<style type="text/css">body{margin:0;padding:0}</style>
</head>
<body>
<div id="cf-wrapper">
<div id="cf-error-details" class="cf-error-details-wrapper">
<div class="cf-wrapper cf-error-overview">
<h1>
<span class="cf-error-type">Error</span>
<span class="cf-error-code">521</span>
<small class="heading-ray-id">Ray ID: 54b072a03614ddd3 &bull; 2019-12-26 04:52:51 UTC</small>
</h1>
<h2 class="cf-subheadline">Web server is down</h2>
</div>
<div class="cf-section cf-highlight cf-status-display">
<div class="cf-wrapper">
<div class="cf-columns cols-3">
<div id="cf-browser-status" class="cf-column cf-status-item cf-browser-status ">
<div class="cf-icon-error-container">
<i class="cf-icon cf-icon-browser"></i>
<i class="cf-icon-status cf-icon-ok"></i>
</div>
<span class="cf-status-desc">You</span>
<h3 class="cf-status-name">Browser</h3>
<span class="cf-status-label">Working</span>
</div>
<div id="cf-cloudflare-status" class="cf-column cf-status-item cf-cloudflare-status ">
<div class="cf-icon-error-container">
<i class="cf-icon cf-icon-cloud"></i>
<i class="cf-icon-status cf-icon-ok"></i>
</div>
<span class="cf-status-desc">Singapore</span>
<h3 class="cf-status-name">Cloudflare</h3>
<span class="cf-status-label">Working</span>
</div>
<div id="cf-host-status" class="cf-column cf-status-item cf-host-status cf-error-source">
<div class="cf-icon-error-container">
<i class="cf-icon cf-icon-server"></i>
<i class="cf-icon-status cf-icon-error"></i>
</div>
<span class="cf-status-desc">bbs.antivte.com</span>
<h3 class="cf-status-name">Host</h3>
<span class="cf-status-label">Error</span>
</div>
</div>
</div>
</div>
<div class="cf-section cf-wrapper">
<div class="cf-columns two">
<div class="cf-column">
<h2>What happened?</h2>
<p>The web server is not returning a connection. As a result, the web page is not displaying.</p>
</div>
<div class="cf-column">
<h2>What can I do?</h2>
<h5>If you are a visitor of this website:</h5>
<p>Please try again in a few minutes.</p>
<h5>If you are the owner of this website:</h5>
<p><span>Contact your hosting provider letting them know your web server is not responding.</span> <a href="https://support.cloudflare.com/hc/en-us/articles/200171916-Error-521">Additional troubleshooting information</a>.</p>
</div>
</div>
</div>
<div class="cf-error-footer cf-wrapper">
<p>
<span class="cf-footer-item">Cloudflare Ray ID: <strong>54b072a03614ddd3</strong></span>
<span class="cf-footer-separator">&bull;</span>
<span class="cf-footer-item"><span>Your IP</span>: 128.199.246.56</span>
<span class="cf-footer-separator">&bull;</span>
<span class="cf-footer-item"><span>Performance &amp; security by</span> <a href="https://www.cloudflare.com/5xx-error-landing?utm_source=error_footer" id="brand_link" target="_blank">Cloudflare</a></span>
</p>
</div>
</div>
</div>
</body>
</html>
[Thu 26 Dec 2019 04:52:51 AM UTC] ret='0'
[Thu 26 Dec 2019 04:52:51 AM UTC] Debugging, skip removing: /var/www/discourse/public/.well-known
[Thu 26 Dec 2019 04:52:51 AM UTC] pid
[Thu 26 Dec 2019 04:52:51 AM UTC] No need to restore nginx, skip.
[Thu 26 Dec 2019 04:52:51 AM UTC] _clearupdns
[Thu 26 Dec 2019 04:52:51 AM UTC] dns_entries
[Thu 26 Dec 2019 04:52:51 AM UTC] skip dns.
[Thu 26 Dec 2019 04:52:51 AM UTC] _on_issue_err
[Thu 26 Dec 2019 04:52:51 AM UTC] Please add '--debug' or '--log' to check more details.
[Thu 26 Dec 2019 04:52:51 AM UTC] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
[Thu 26 Dec 2019 04:52:51 AM UTC] _chk_vlist='bbs.antivte.com#IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M#https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw#http-01#/var/www/discourse/public,'
[Thu 26 Dec 2019 04:52:51 AM UTC] start to deactivate authz
[Thu 26 Dec 2019 04:52:51 AM UTC] Trigger domain validation.
[Thu 26 Dec 2019 04:52:52 AM UTC] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:52 AM UTC] _t_key_authz='IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M'
[Thu 26 Dec 2019 04:52:52 AM UTC] _t_vtype
[Thu 26 Dec 2019 04:52:52 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:52 AM UTC] payload='{}'
[Thu 26 Dec 2019 04:52:52 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:52 AM UTC] Use _CACHED_NONCE='0102DQYrXDXyqbQCHTjIWnquZuDokct_c1V7AOj2-L9rskQ'
[Thu 26 Dec 2019 04:52:52 AM UTC] nonce='0102DQYrXDXyqbQCHTjIWnquZuDokct_c1V7AOj2-L9rskQ'
[Thu 26 Dec 2019 04:52:52 AM UTC] POST
[Thu 26 Dec 2019 04:52:52 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:52 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMTAyRFFZclhEWHlxYlFDSFRqSVducXVadURva2N0X2MxVjdBT2oyLUw5cnNrUSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMTkzNDA2ODM5Ny9MU2hSSHciLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0Lzc0NTQzODE2In0", "payload": "e30", "signature": "igOVATkPfSpNRp5SMfIJ6V7X-a5h2M2S3l-spWXoM7K5m6sznoXsHerqL_PhcD22hYxGdkflu3QYaYCVd7D0jOcrbWX4w8KyeKFyVRQboJHj5_z0aeaPrXOFzoFuofgKTMU5UcisjFWvN5TbKrR-FGSP2gcLOA1XDuzuiWH791Zyw-i0cJp8oLuIglHuhwpS6dLezYkq8wFAfXKyO961BKsZ3o2ioG_vay6jQVEfnjxI72Hbsd5KJdkG_bQ84rRCdbGYoDh38Q-YAIZlDhm10iCrEARAltgnr0JICl4lrlKJA7ONYlloG6tJIrpgpl30NdmNiAROYlFYyqNK2QTp_Q"}'
[Thu 26 Dec 2019 04:52:52 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:52 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:52 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:53 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:53 AM UTC] responseHeaders='HTTP/2 400 
server: nginx
date: Thu, 26 Dec 2019 04:52:52 GMT
content-type: application/problem+json
content-length: 144
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0001uzKVPUnkkwsWQ1sqfu1khlNSQEYHgiKCGy_Lb2VeS20
'
[Thu 26 Dec 2019 04:52:53 AM UTC] code='400'
[Thu 26 Dec 2019 04:52:53 AM UTC] original='{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Unable to update challenge :: authorization must be pending",
  "status": 400
}'
[Thu 26 Dec 2019 04:52:53 AM UTC] response='{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Unable to update challenge :: authorization must be pending",
  "status": 400
}'
[Thu 26 Dec 2019 04:52:53 AM UTC] Diagnosis versions: 
openssl:openssl
OpenSSL 1.1.1d  10 Sep 2019
apache:
apache doesn't exists.
nginx:
nginx version: nginx/1.17.4
built by gcc 8.3.0 (Debian 8.3.0-6) 
built with OpenSSL 1.1.1d  10 Sep 2019
TLS SNI support enabled
configure arguments: --with-cc-opt='-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -Wno-deprecated-declarations' --with-ld-opt='-Wl,-Bsymbolic-functions -fPIE -pie -Wl,-z,relro -Wl,-z,now' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_addition_module --with-http_dav_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_v2_module --with-http_sub_module --with-stream --with-stream_ssl_module --with-mail --with-mail_ssl_module --with-threads --add-module=/tmp/ngx_brotli
socat:
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
Usage:
socat [options] <bi-address> <bi-address>
   options:
      -V     print version and feature information to stdout, and exit
      -h|-?  print a help text describing command line options and addresses
      -hh    like -h, plus a list of all common address option names
      -hhh   like -hh, plus a list of all available address option names
      -d     increase verbosity (use up to 4 times; 2 are recommended)
      -D     analyze file descriptors before loop
      -ly[facility]  log to syslog, using facility (default is daemon)
      -lf<logfile>   log to file
      -ls            log to stderr (default if no other log)
      -lm[facility]  mixed log mode (stderr during initialization, then syslog)
      -lp<progname>  set the program name used for logging
      -lu            use microseconds for logging timestamps
      -lh            add hostname to log messages
      -v     verbose data traffic, text
      -x     verbose data traffic, hexadecimal
      -b<size_t>     set data buffer size (8192)
      -s     sloppy (continue on error)
      -t<timeout>    wait seconds before closing second channel
      -T<timeout>    total inactivity timeout in seconds
      -u     unidirectional mode (left to right)
      -U     unidirectional mode (right to left)
      -g     do not check option groups
      -L <lockfile>  try to obtain lock, or fail
      -W <lockfile>  try to obtain lock, or wait
      -4     prefer IPv4 if version is not explicitly specified
      -6     prefer IPv6 if version is not explicitly specified
   bi-address:
      pipe[,<opts>]	groups=FD,FIFO
      <single-address>!!<single-address>
      <single-address>
   single-address:
      <address-head>[,<opts>]
   address-head:
      abstract-client:<filename>	groups=FD,SOCKET,RETRY,UNIX
      abstract-connect:<filename>	groups=FD,SOCKET,RETRY,UNIX
      abstract-listen:<filename>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,UNIX
      abstract-recv:<filename>	groups=FD,SOCKET,RETRY,UNIX
      abstract-recvfrom:<filename>	groups=FD,SOCKET,CHILD,RETRY,UNIX
      abstract-sendto:<filename>	groups=FD,SOCKET,RETRY,UNIX
      create:<filename>	groups=FD,REG,NAMED
      exec:<command-line>	groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
      fd:<num>	groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      gopen:<filename>	groups=FD,FIFO,CHR,BLK,REG,SOCKET,NAMED,OPEN,TERMIOS,UNIX
      interface:<interface>	groups=FD,SOCKET
      ip-datagram:<host>:<protocol>	groups=FD,SOCKET,RANGE,IP4,IP6
      ip-recv:<protocol>	groups=FD,SOCKET,RANGE,IP4,IP6
      ip-recvfrom:<protocol>	groups=FD,SOCKET,CHILD,RANGE,IP4,IP6
      ip-sendto:<host>:<protocol>	groups=FD,SOCKET,IP4,IP6
      ip4-datagram:<host>:<protocol>	groups=FD,SOCKET,RANGE,IP4
      ip4-recv:<protocol>	groups=FD,SOCKET,RANGE,IP4
      ip4-recvfrom:<protocol>	groups=FD,SOCKET,CHILD,RANGE,IP4
      ip4-sendto:<host>:<protocol>	groups=FD,SOCKET,IP4
      ip6-datagram:<host>:<protocol>	groups=FD,SOCKET,RANGE,IP6
      ip6-recv:<protocol>	groups=FD,SOCKET,RANGE,IP6
      ip6-recvfrom:<protocol>	groups=FD,SOCKET,CHILD,RANGE,IP6
      ip6-sendto:<host>:<protocol>	groups=FD,SOCKET,IP6
      open:<filename>	groups=FD,FIFO,CHR,BLK,REG,NAMED,OPEN,TERMIOS
      openssl:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,OPENSSL
      openssl-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP,OPENSSL
      pipe:<filename>	groups=FD,FIFO,NAMED,OPEN
      proxy:<proxy-server>:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,HTTP
      pty	groups=FD,NAMED,TERMIOS,PTY
      sctp-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,SCTP
      sctp-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,SCTP
      sctp4-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,SCTP
      sctp4-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,SCTP
      sctp6-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP6,SCTP
      sctp6-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,SCTP
      socket-connect:<domain>:<protocol>:<remote-address>	groups=FD,SOCKET,CHILD,RETRY
      socket-datagram:<domain>:<type>:<protocol>:<remote-address>	groups=FD,SOCKET,RANGE
      socket-listen:<domain>:<protocol>:<local-address>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE
      socket-recv:<domain>:<type>:<protocol>:<local-address>	groups=FD,SOCKET,RANGE
      socket-recvfrom:<domain>:<type>:<protocol>:<local-address>	groups=FD,SOCKET,CHILD,RANGE
      socket-sendto:<domain>:<type>:<protocol>:<remote-address>	groups=FD,SOCKET
      socks4:<socks-server>:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
      socks4a:<socks-server>:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
      stderr	groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      stdin	groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      stdio	groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      stdout	groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      system:<shell-command>	groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
      tcp-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP
      tcp-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP
      tcp4-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,TCP
      tcp4-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,TCP
      tcp6-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP6,TCP
      tcp6-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,TCP
      tun[:<ip-addr>/<bits>]	groups=FD,CHR,NAMED,OPEN,INTERFACE
      udp-connect:<host>:<port>	groups=FD,SOCKET,IP4,IP6,UDP
      udp-datagram:<host>:<port>	groups=FD,SOCKET,RANGE,IP4,IP6,UDP
      udp-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,IP6,UDP
      udp-recv:<port>	groups=FD,SOCKET,RANGE,IP4,IP6,UDP
      udp-recvfrom:<port>	groups=FD,SOCKET,CHILD,RANGE,IP4,IP6,UDP
      udp-sendto:<host>:<port>	groups=FD,SOCKET,IP4,IP6,UDP
      udp4-connect:<host>:<port>	groups=FD,SOCKET,IP4,UDP
      udp4-datagram:<remote-address>:<port>	groups=FD,SOCKET,RANGE,IP4,UDP
      udp4-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,UDP
      udp4-recv:<port>	groups=FD,SOCKET,RANGE,IP4,UDP
      udp4-recvfrom:<host>:<port>	groups=FD,SOCKET,CHILD,RANGE,IP4,UDP
      udp4-sendto:<host>:<port>	groups=FD,SOCKET,IP4,UDP
      udp6-connect:<host>:<port>	groups=FD,SOCKET,IP6,UDP
      udp6-datagram:<host>:<port>	groups=FD,SOCKET,RANGE,IP6,UDP
      udp6-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP6,UDP
      udp6-recv:<port>	groups=FD,SOCKET,RANGE,IP6,UDP
      udp6-recvfrom:<port>	groups=FD,SOCKET,CHILD,RANGE,IP6,UDP
      udp6-sendto:<host>:<port>	groups=FD,SOCKET,IP6,UDP
      unix-client:<filename>	groups=FD,SOCKET,NAMED,RETRY,UNIX
      unix-connect:<filename>	groups=FD,SOCKET,NAMED,RETRY,UNIX
      unix-listen:<filename>	groups=FD,SOCKET,NAMED,LISTEN,CHILD,RETRY,UNIX
      unix-recv:<filename>	groups=FD,SOCKET,NAMED,RETRY,UNIX
      unix-recvfrom:<filename>	groups=FD,SOCKET,NAMED,CHILD,RETRY,UNIX
      unix-sendto:<filename>	groups=FD,SOCKET,NAMED,RETRY,UNIX
root@docker-s-1vcpu-2gb-sgp1-01-app:/shared/letsencrypt#

itsbhanusharma · 26. Dezember 2019 um 06:43

Der häufigste Grund für dieses Problem ist, dass Ihre Domain nicht auf Ihre Server-IP-Adresse verweist. Haben Sie bestätigt, dass Ihre Subdomain über einen A-Eintrag verfügt, der auf die Server-IP-Adresse zeigt?

wanghaisheng · 26. Dezember 2019 um 06:50

Es scheint, als würde ich wirklich das Verschlüsselungslimit erreichen. Ich habe einen A-Eintrag, das ist mir vertraut, und die alten Domain-Einstellungen meiner vorherigen erfolgreichen Installation sind noch vorhanden. Ich habe die Domain nicht geändert. Egal, ich habe die Domain geändert, und jetzt funktioniert es.

wanghaisheng · 26. Dezember 2019 um 06:51

Hast du es schon versucht, eine Wiederherstellung aus einem Backup durchzuführen? Ich bekomme folgende Meldung:

Kann /categories.json nicht laden.

itsbhanusharma · 26. Dezember 2019 um 07:03

Das könnte ein anderes Problem sein. Ich habe einen anderen Beitrag gesehen, in dem sich jemand darüber beschwerte, dass Kategorien nicht geladen werden können. Du kannst auf dem Forum nach relevanten Themen dazu suchen.

Was Let’s Encrypt angeht: Sie erlauben nur 5–7 Zertifikate pro Woche für dieselbe (Sub-)Domain, und es ist in einer Testumgebung sehr leicht, dieses Limit zu überschreiten.

JimPas · 26. Dezember 2019 um 07:51

Ich habe etwa eine Stunde später (07:45 UTC) nachgeschaut und deine Seite ist offline. Es besteht keine Verbindung. Es erscheint ein Fehler „521: Webserver ist ausgefallen“. Als ich bbs.antivte.com eingegeben habe, wurde ich auf bloodclot.antivte.com weitergeleitet. Wahrscheinlich liegt ein Weiterleitungsfehler oder ein DNS-Fehler vor, oder du hast möglicherweise nur für eine Domain und nicht für die www-Subdomain ein Zertifikat erstellt.
Es wäre wahrscheinlich besser, wenn du zu community.LetsEncrypt.org gehst und dort deinen Test auf deiner Domain durchführen lässt. Unter Verwendung des von dir verwendeten Befehls sollte sich zeigen, wo das Problem liegt. Ich sehe, dass du Cloudflare nutzt. Sie können dir spezifische Anweisungen geben, wie du Cloudflare und den von dir verwendeten CA-Client (z. B. Certbot, Apache usw.) einrichtest.
Was du auch tust: Lösche niemals Zertifikate. Das ist ein absolutes No-Go, das sie ständig betonen.

Die Testumgebung von Let’s Encrypt hat kein Limit, da dort kein echtes Zertifikat ausgestellt wird. Das ist der ganze Sinn des Test-Parameters … aber du musst den Test-Schalter in deinen Befehl aufnehmen, sonst denkt der Client, du versuchst, ein neues Zertifikat zu erwerben oder zu erneuern. Eine Sache noch: Wenn du das Limit von 5 gescheiterten Versuchen erreichst, gilt dies nur für 1 Stunde. Nach einer Stunde kannst du erneut testen.

wanghaisheng · 26. Dezember 2019 um 08:56

Info, die du wissen solltest:

Ich betreibe diese BBS-Domain seit einem Monat. In den letzten zwei Tagen habe ich sie manuell gelöscht und versucht, eine neue zu installieren. Ich stecke seit einer Weile bei diesem CA-Problem fest. Ich habe die alte BBS-Domain einfach aufgegeben. Vielleicht versuche ich es in ein paar Tagen noch einmal.

Als du getestet hast, habe ich eine neue Instanz für Bloodclot betrieben und die originale BBS über Cloudflare auf Bloodclot umgeleitet.

wanghaisheng · 26. Dezember 2019 um 09:20

Ein kurzer Versuch, aber immer noch kein Erfolg bei bbs.antivte.com – dasselbe CA-Problem.

itsbhanusharma · 26. Dezember 2019 um 10:56

Hallo @JimPas, nur zur Klarstellung: Die discourse-setup-Installation (oder jede andere unterstützte Installationsmethode für Discourse) verwendet Let’s Encrypt im Produktionsmodus, nicht im Staging-Modus. Für die Produktion gelten Limits, für das Staging nicht. Es gibt keine Umschaltmöglichkeit in der Discourse-Installation, um stattdessen die Staging-Umgebung zu verwenden.

Mit „Testen

danb35 · 26. Dezember 2019 um 13:27

…und was genau ist das „CA-Problem"? Ich verstehe nicht, warum in dieser Diskussion über Ratenlimits gesprochen wird; nichts in deinem Beitrag deutet auf ein Ratenlimit-Problem hin, und auch der Transparenzbericht von Google für deine Domain zeigt nichts, was ein Problem verursachen sollte – du hast vier identische Zertifikate für diesen Namen vom 6. Dezember, aber (1) das Limit beträgt fünf identische Zertifikate, nicht vier; und (2) dieses Limit gilt pro Woche, und es ist nun fast drei Wochen her, seit diese Zertifikate ausgestellt wurden.

Was lässt dich das denken? Denn ich habe in den von dir geposteten Logausgaben nichts gesehen, was darauf hindeuten würde; diese Ausgabe zeigt eine fehlgeschlagene Validierung, weil dein Server den korrekten Validierungstoken nicht bereitgestellt hat.

wanghaisheng · 26. Dezember 2019 um 13:48

hier

root@docker-s-1vcpu-2gb-sgp1-01:/var/discourse# docker logs app
run-parts: Ausführung von /etc/runit/1.d/00-ensure-links
run-parts: Ausführung von /etc/runit/1.d/00-fix-var-logs
run-parts: Ausführung von /etc/runit/1.d/anacron
run-parts: Ausführung von /etc/runit/1.d/cleanup-pids
Bereinigung veralteter PID-Dateien
run-parts: Ausführung von /etc/runit/1.d/copy-env
run-parts: Ausführung von /etc/runit/1.d/letsencrypt
[Thu 26 Dec 2019 09:28:22 AM UTC] Einzigartige Domain='bbs.antivte.com'
[Thu 26 Dec 2019 09:28:22 AM UTC] Abrufen des Authentifizierungstokens für jede Domain
[Thu 26 Dec 2019 09:28:24 AM UTC] Fehler beim Erstellen einer neuen Bestellung. Le_OrderFinalize nicht gefunden. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Fehler beim Erstellen einer neuen Bestellung :: Zu viele fehlgeschlagene Autorisierungen in letzter Zeit: siehe https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}
[Thu 26 Dec 2019 09:28:24 AM UTC] Bitte überprüfen Sie die Protokolldatei für weitere Details: /shared/letsencrypt/acme.sh.log
Fehler beim Laden der Datei ca.cer
[Thu 26 Dec 2019 09:28:25 AM UTC] Einzigartige Domain='bbs.antivte.com'
[Thu 26 Dec 2019 09:28:25 AM UTC] Abrufen des Authentifizierungstokens für jede Domain
[Thu 26 Dec 2019 09:28:27 AM UTC] Fehler beim Erstellen einer neuen Bestellung. Le_OrderFinalize nicht gefunden. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Fehler beim Erstellen einer neuen Bestellung :: Zu viele fehlgeschlagene Autorisierungen in letzter Zeit: siehe https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}
[Thu 26 Dec 2019 09:28:27 AM UTC] Bitte überprüfen Sie die Protokolldatei für weitere Details: /shared/letsencrypt/acme.sh.log
[Thu 26 Dec 2019 09:28:28 AM UTC] Installation des Schlüssels nach:/shared/ssl/bbs.antivte.com.key
[Thu 26 Dec 2019 09:28:28 AM UTC] Installation der vollständigen Kette nach:/shared/ssl/bbs.antivte.com.cer
cat: /shared/letsencrypt/bbs.antivte.com/fullchain.cer: Datei oder Verzeichnis nicht gefunden
[Thu 26 Dec 2019 09:28:29 AM UTC] Einzigartige Domain='bbs.antivte.com'
[Thu 26 Dec 2019 09:28:29 AM UTC] Abrufen des Authentifizierungstokens für jede Domain
[Thu 26 Dec 2019 09:28:31 AM UTC] Fehler beim Erstellen einer neuen Bestellung. Le_OrderFinalize nicht gefunden. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Fehler beim Erstellen einer neuen Bestellung :: Zu viele fehlgeschlagene Autorisierungen in letzter Zeit: siehe https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}
[Thu 26 Dec 2019 09:28:31 AM UTC] Bitte überprüfen Sie die Protokolldatei für weitere Details: /shared/letsencrypt/acme.sh.log
Fehler beim Laden der Datei ca.cer
[Thu 26 Dec 2019 09:28:32 AM UTC] Einzigartige Domain='bbs.antivte.com'
[Thu 26 Dec 2019 09:28:33 AM UTC] Abrufen des Authentifizierungstokens für jede Domain
[Thu 26 Dec 2019 09:28:35 AM UTC] Fehler beim Erstellen einer neuen Bestellung. Le_OrderFinalize nicht gefunden. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Fehler beim Erstellen einer neuen Bestellung :: Zu viele fehlgeschlagene Autorisierungen in letzter Zeit: siehe https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}
[Thu 26 Dec 2019 09:28:35 AM UTC] Bitte überprüfen Sie die Protokolldatei für weitere Details: /shared/letsencrypt/acme.sh.log
[Thu 26 Dec 2019 09:28:35 AM UTC] Installation des Schlüssels nach:/shared/ssl/bbs.antivte.com_ecc.key
[Thu 26 Dec 2019 09:28:35 AM UTC] Installation der vollständigen Kette nach:/shared/ssl/bbs.antivte.com_ecc.cer
cat: /shared/letsencrypt/bbs.antivte.com_ecc/fullchain.cer: Datei oder Verzeichnis nicht gefunden
Fehler beim Laden der Datei ca.cer
Fehler beim Laden der Datei ca.cer
runsvdir gestartet, PID ist 2031
ok: run: redis: (pid 2045) 0s
chgrp: ungültige Gruppe: 'syslog'
ok: run: postgres: (pid 2039) 0s
nginx: [emerg] kann Zertifikat "/shared/ssl/bbs.antivte.com.cer" nicht laden: PEM_read_bio_X509_AUX() fehlgeschlagen (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
rsyslogd: imklog: Kann Kernel-Log (/proc/kmsg) nicht öffnen: Vorgang nicht erlaubt.
rsyslogd: Aktivierung des Moduls imklog fehlgeschlagen [v8.1901.0 versuchen Sie https://www.rsyslog.com/e/2145 ]
supervisor pid: 2040 unicorn pid: 2066
nginx: [emerg] kann Zertifikat "/shared/ssl/bbs.antivte.com.cer" nicht laden: PEM_read_bio_X509_AUX() fehlgeschlagen (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: [emerg] kann Zertifikat "/shared/ssl/bbs.antivte.com.cer" nicht laden: PEM_read_bio_X509_AUX() fehlgeschlagen (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: [emerg] kann Zertifikat "/shared/ssl/bbs.antivte.com.cer" nicht laden: PEM_read_bio_X509_AUX() fehlgeschlagen (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: [emerg] kann Zertifikat "/shared/ssl/bbs.antivte.com.cer" nicht laden: PEM_read_bio_X509_AUX() fehlgeschlagen (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: [emerg] kann Zertifikat "/shared/ssl/bbs.antivte.com.cer" nicht laden: PEM_read_bio_X509_AUX() fehlgeschlagen (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: [emerg] kann Zertifikat "/shared/ssl/bbs.antivte.com.cer" nicht laden: PEM_read_bio_X509_AUX() fehlgeschlagen (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)

danb35 · 26. Dezember 2019 um 13:54

OK, dies ist das Kontingent für fehlgeschlagene Autorisierungen, das fünf Fehler pro Hostname, pro Konto und pro Stunde beträgt. Da der von dir gepostete Log-Ausschnitt fast vier Stunden alt ist, wurde es bereits zurückgesetzt. Das Problem liegt darin, warum die Validierungen fehlschlagen. Hier ist der relevante Teil des Logs, das du in deinem ursprünglichen Beitrag gepostet hast:

[Thu 26 Dez 2019 04:52:51 UTC] original='{
  "type": "http-01",
  "status": "invalid",
  "error": {
    "type": "urn:ietf:params:acme:error:unauthorized",
    "detail": "Ungültige Antwort von https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: \"\u003c!DOCTYPE html\u003e\\n\u003c!--[if lt IE 7]\u003e \u003chtml class=\\\"no-js ie6 oldie\\\" lang=\\\"en-US\\\"\u003e \u003c![endif]--\u003e\\n\u003c!--[if IE 7]\u003e    \u003chtml class=\\\"no-js \"",
    "status": 403
  },

Dein Server (oder Cloudflare) gibt für die Validierungsanfrage einen 403-Status zurück. Ich schlage zunächst vor, Cloudflare für diese Domain zu deaktivieren und es erneut zu versuchen.

Die Kontingentgrenzen können verwirrend sein, aber sie sind hier gut dokumentiert:

wanghaisheng · 26. Dezember 2019 um 17:03

Was meinst du mit deaktivieren? Soll ich einen anderen DNS-Manager verwenden?

danb35 · 26. Dezember 2019 um 17:20

Genau das, was ich gesagt habe – deaktiviere alles “Cloudflare”-Zeug. Auf der DNS-Seite sollte die Wolke grau und nicht orange sein. Es gibt keinen Grund, die DNS-Hosts zu ändern.

wanghaisheng · 26. Dezember 2019 um 17:26

aber ohne DNS-Einstellungen könnte die Domain auf meinen Server mit dem Discourse-Container verweisen

danb35 · 26. Dezember 2019 um 17:28

Ja, genau dorthin sollte es zeigen.

wanghaisheng · 26. Dezember 2019 um 17:30

Wie auch immer, ich brauche ein weiteres DNS-Management wie DNSPod.

danb35 · 26. Dezember 2019 um 17:54

Ist das eine Frage oder eine Aussage? Falls es eine Frage ist: Nein, du brauchst keinen anderen DNS-Host, sicher nicht aus irgendeinem Grund, der mit Discourse zu tun hat.

wanghaisheng · 26. Dezember 2019 um 18:02

FYI: Ich habe festgestellt, dass ich den Server über DigitalOcean ansprechen kann.

Thema		Antworten	Aufrufe
Let's Encrypt renewal errors Self-hosting	11	1905	22. Februar 2020
No connection accepted on http / https after fresh installation on Ubuntu 22.04 LTS Self-hosting	5	2402	16. Dezember 2022
Problems with INSTALL-cloud.md directions Self-hosting	50	6432	8. Juni 2024
Let's encrypt auto renewal and ipv6 Support	6	1008	1. Juli 2020
Seeking help for discourse installation Self-hosting	20	1649	15. März 2023

Neuinstallation mit Let’s Encrypt-Fehlern

Verwandte Themen