Instalación nueva con errores de Let's Encrypt

wanghaisheng · 26 Diciembre, 2019 04:57

succesfully enter app container, is this saying my domain restricted by Encrypt?

root@docker-s-1vcpu-2gb-sgp1-01-app:/shared/letsencrypt# ./acme.sh --issue -d bbs.antivte.com -k 4096 -w /var/www/discourse/public --debug 2
[Thu 26 Dec 2019 04:52:39 AM UTC] Lets find script dir.
[Thu 26 Dec 2019 04:52:39 AM UTC] _SCRIPT_='./acme.sh'
[Thu 26 Dec 2019 04:52:39 AM UTC] _script='/shared/letsencrypt/acme.sh'
[Thu 26 Dec 2019 04:52:39 AM UTC] _script_home='/shared/letsencrypt'
[Thu 26 Dec 2019 04:52:39 AM UTC] Using default home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:39 AM UTC] Using config home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:39 AM UTC] LE_WORKING_DIR='/root/.acme.sh'
https://github.com/Neilpang/acme.sh
v2.8.4
[Thu 26 Dec 2019 04:52:39 AM UTC] Running cmd: issue
[Thu 26 Dec 2019 04:52:39 AM UTC] _main_domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:39 AM UTC] _alt_domains='no'
[Thu 26 Dec 2019 04:52:39 AM UTC] Using config home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:39 AM UTC] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Thu 26 Dec 2019 04:52:39 AM UTC] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Thu 26 Dec 2019 04:52:39 AM UTC] DOMAIN_PATH='/root/.acme.sh/bbs.antivte.com'
[Thu 26 Dec 2019 04:52:39 AM UTC] '/var/www/discourse/public' does not contain 'dns'
[Thu 26 Dec 2019 04:52:39 AM UTC] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Thu 26 Dec 2019 04:52:39 AM UTC] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Thu 26 Dec 2019 04:52:39 AM UTC] GET
[Thu 26 Dec 2019 04:52:39 AM UTC] url='https://acme-v02.api.letsencrypt.org/directory'
[Thu 26 Dec 2019 04:52:39 AM UTC] timeout=
[Thu 26 Dec 2019 04:52:39 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.LOXvOHFIhy  -g '
[Thu 26 Dec 2019 04:52:40 AM UTC] ret='0'
[Thu 26 Dec 2019 04:52:40 AM UTC] response='{
  "FniD_4JroWM": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_NEW_AUTHZ
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_VERSION='2'
[Thu 26 Dec 2019 04:52:40 AM UTC] _on_before_issue
[Thu 26 Dec 2019 04:52:40 AM UTC] _chk_main_domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:40 AM UTC] _chk_alt_domains
[Thu 26 Dec 2019 04:52:40 AM UTC] '/var/www/discourse/public' does not contain 'no'
[Thu 26 Dec 2019 04:52:41 AM UTC] Le_LocalAddress
[Thu 26 Dec 2019 04:52:41 AM UTC] d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:41 AM UTC] Check for domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:41 AM UTC] _currentRoot='/var/www/discourse/public'
[Thu 26 Dec 2019 04:52:41 AM UTC] d
[Thu 26 Dec 2019 04:52:41 AM UTC] '/var/www/discourse/public' does not contain 'apache'
[Thu 26 Dec 2019 04:52:41 AM UTC] config file is empty, can not read CA_KEY_HASH
[Thu 26 Dec 2019 04:52:41 AM UTC] _saved_account_key_hash
[Thu 26 Dec 2019 04:52:41 AM UTC] Using config home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:41 AM UTC] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Thu 26 Dec 2019 04:52:41 AM UTC] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Thu 26 Dec 2019 04:52:41 AM UTC] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Thu 26 Dec 2019 04:52:41 AM UTC] Use default length 2048
[Thu 26 Dec 2019 04:52:41 AM UTC] length='2048'
[Thu 26 Dec 2019 04:52:41 AM UTC] Using config home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:41 AM UTC] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Thu 26 Dec 2019 04:52:41 AM UTC] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Thu 26 Dec 2019 04:52:41 AM UTC] _createkey for file:/root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:41 AM UTC] Use length 2048
[Thu 26 Dec 2019 04:52:41 AM UTC] Using RSA: 2048
[Thu 26 Dec 2019 04:52:41 AM UTC] Create account key ok.
[Thu 26 Dec 2019 04:52:41 AM UTC] RSA key
[Thu 26 Dec 2019 04:52:41 AM UTC] Registering account
[Thu 26 Dec 2019 04:52:41 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Thu 26 Dec 2019 04:52:41 AM UTC] payload='{"termsOfServiceAgreed": true}'
[Thu 26 Dec 2019 04:52:41 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:41 AM UTC] Get nonce with HEAD. ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Thu 26 Dec 2019 04:52:41 AM UTC] HEAD
[Thu 26 Dec 2019 04:52:41 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Thu 26 Dec 2019 04:52:41 AM UTC] body
[Thu 26 Dec 2019 04:52:41 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:41 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g  -I  '
[Thu 26 Dec 2019 04:52:42 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:42 AM UTC] _headers='HTTP/2 200 
server: nginx
date: Thu, 26 Dec 2019 04:52:42 GMT
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0001AxpV5dyHJWwOhObR8yiKO2ziG89-APmQJeBR7we6-w4
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:42 AM UTC] _CACHED_NONCE='0001AxpV5dyHJWwOhObR8yiKO2ziG89-APmQJeBR7we6-w4'
[Thu 26 Dec 2019 04:52:42 AM UTC] nonce='0001AxpV5dyHJWwOhObR8yiKO2ziG89-APmQJeBR7we6-w4'
[Thu 26 Dec 2019 04:52:42 AM UTC] POST
[Thu 26 Dec 2019 04:52:42 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Thu 26 Dec 2019 04:52:42 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMDAxQXhwVjVkeUhKV3dPaE9iUjh5aUtPMnppRzg5LUFQbVFKZUJSN3dlNi13NCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LWFjY3QiLCAiYWxnIjogIlJTMjU2IiwgImp3ayI6IHsiZSI6ICJBUUFCIiwgImt0eSI6ICJSU0EiLCAibiI6ICJ4M1hraWV0dnVNd0N5SS1iR0xmVkgyNkg3NmlOSnhSNm5Dc0JFWXJJTTZlZVNUdm1YZ2MzdlZhWU1lejNidGROTHkwWjM2V0FsYWx4X25FcUpGVnJ6cjd1U3BhM2hMS1pjaGF4My1Nd2pnMVdnNUVUbFJxWEE1WDdneEk1Ni1FMVhOUDdVMmktMmg2XzMxbnRvZld1VlZ4aGI1YzFXaDNYcDZJTkZvZXdsbWVwN01SNVAwWG1McnI4bFlWNjVYbzlOcy1pTy05R0JNRXhtOEh6cUVieGMxdTNUUGJGQUtjUzJ3MHpqWDE2X0w0V3lwejZha3pHLXNDZ0E4OUVLTW92eWxfd28tSUNiZnlxckZTaDRLU1BaVlhORTJfazVHN0hsTlVNVTZ0RUN4RHNrN05POUhkRGx1NXR2TmxJeFZEZ2N3R2w3NXJJeDJ1dG0wTm81V0RkeVEifX0", "payload": "eyJ0ZXJtc09mU2VydmljZUFncmVlZCI6IHRydWV9", "signature": "BkT6xyNOcbLShm1d2BLFCwopq7biySJLbbMWrylQ76da_1GPc030OgecWHdF1QWYDxC7PlHuL6JGAhSgssbgCti6cOw_tehil1oFGbNsq_AEe152eZKxeSNXIDCqIfShIj6JZzRIV3h8E-XpIRhn_z1t5M4FBp4jmQAxJG0cjq84YwruPqm6rQbRuU_JIhc2K61b6awcTyAAjmv9CKk1WLHe9TQoTHPRqZxQvLyTU0tOPqW19hHbBWSg_ZKTrtBOvIYh8PrHaZ0hN9NtY8UwxjOtpen5K5OAPFwvHurBceeftnEO-NSPC4K_gwagGIbfzBrAg-b56smVQocyF7quHQ"}'
[Thu 26 Dec 2019 04:52:42 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:42 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:42 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:43 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:43 AM UTC] responseHeaders='HTTP/2 201 
server: nginx
date: Thu, 26 Dec 2019 04:52:43 GMT
content-type: application/json
content-length: 527
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
link: <https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf>;rel="terms-of-service"
location: https://acme-v02.api.letsencrypt.org/acme/acct/74543816
replay-nonce: 0001hK3kXUp-A9i-YWF777bGt1i68imK6SGSbbeAh3s5raA
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:43 AM UTC] code='201'
[Thu 26 Dec 2019 04:52:43 AM UTC] original='{
  "key": {
    "kty": "RSA",
    "n": "x3XkietvuMwCyI-bGLfVH26H76iNJxR6nCsBEYrIM6eeSTvmXgc3vVaYMez3btdNLy0Z36WAlalx_nEqJFVrzr7uSpa3hLKZchax3-Mwjg1Wg5ETlRqXA5X7gxI56-E1XNP7U2i-2h6_31ntofWuVVxhb5c1Wh3Xp6INFoewlmep7MR5P0XmLrr8lYV65Xo9Ns-iO-9GBMExm8HzqEbxc1u3TPbFAKcS2w0zjX16_L4Wypz6akzG-sCgA89EKMovyl_wo-ICbfyqrFSh4KSPZVXNE2_k5G7HlNUMU6tECxDsk7NO9HdDlu5tvNlIxVDgcwGl75rIx2utm0No5WDdyQ",
    "e": "AQAB"
  },
  "contact": [],
  "initialIp": "128.199.246.56",
  "createdAt": "2019-12-26T04:52:43.173478473Z",
  "status": "valid"
}'
[Thu 26 Dec 2019 04:52:43 AM UTC] response='{"key":{"kty":"RSA","n":"x3XkietvuMwCyI-bGLfVH26H76iNJxR6nCsBEYrIM6eeSTvmXgc3vVaYMez3btdNLy0Z36WAlalx_nEqJFVrzr7uSpa3hLKZchax3-Mwjg1Wg5ETlRqXA5X7gxI56-E1XNP7U2i-2h6_31ntofWuVVxhb5c1Wh3Xp6INFoewlmep7MR5P0XmLrr8lYV65Xo9Ns-iO-9GBMExm8HzqEbxc1u3TPbFAKcS2w0zjX16_L4Wypz6akzG-sCgA89EKMovyl_wo-ICbfyqrFSh4KSPZVXNE2_k5G7HlNUMU6tECxDsk7NO9HdDlu5tvNlIxVDgcwGl75rIx2utm0No5WDdyQ","e":"AQAB"},"contact":[],"initialIp":"128.199.246.56","createdAt":"2019-12-26T04:52:43.173478473Z","status":"valid"}'
[Thu 26 Dec 2019 04:52:43 AM UTC] Registered
[Thu 26 Dec 2019 04:52:43 AM UTC] responseHeaders='HTTP/2 201 
server: nginx
date: Thu, 26 Dec 2019 04:52:43 GMT
content-type: application/json
content-length: 527
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
link: <https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf>;rel="terms-of-service"
location: https://acme-v02.api.letsencrypt.org/acme/acct/74543816
replay-nonce: 0001hK3kXUp-A9i-YWF777bGt1i68imK6SGSbbeAh3s5raA
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:43 AM UTC] _accUri='https://acme-v02.api.letsencrypt.org/acme/acct/74543816'
[Thu 26 Dec 2019 04:52:43 AM UTC] Calc CA_KEY_HASH='5TMvDldeJtWEHra6Xqn3izEY40++QnSBx2M2BvFMWAw='
[Thu 26 Dec 2019 04:52:43 AM UTC] ACCOUNT_THUMBPRINT='QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M'
[Thu 26 Dec 2019 04:52:43 AM UTC] Read key length:
[Thu 26 Dec 2019 04:52:43 AM UTC] Creating domain key
[Thu 26 Dec 2019 04:52:43 AM UTC] Using config home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:43 AM UTC] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Thu 26 Dec 2019 04:52:43 AM UTC] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Thu 26 Dec 2019 04:52:43 AM UTC] _createkey for file:/root/.acme.sh/bbs.antivte.com/bbs.antivte.com.key
[Thu 26 Dec 2019 04:52:43 AM UTC] Use length 4096
[Thu 26 Dec 2019 04:52:43 AM UTC] Using RSA: 4096
[Thu 26 Dec 2019 04:52:44 AM UTC] The domain key is here: /root/.acme.sh/bbs.antivte.com/bbs.antivte.com.key
[Thu 26 Dec 2019 04:52:44 AM UTC] _createcsr
[Thu 26 Dec 2019 04:52:44 AM UTC] domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] domainlist
[Thu 26 Dec 2019 04:52:44 AM UTC] csrkey='/root/.acme.sh/bbs.antivte.com/bbs.antivte.com.key'
[Thu 26 Dec 2019 04:52:44 AM UTC] csr='/root/.acme.sh/bbs.antivte.com/bbs.antivte.com.csr'
[Thu 26 Dec 2019 04:52:44 AM UTC] csrconf='/root/.acme.sh/bbs.antivte.com/bbs.antivte.com.csr.conf'
[Thu 26 Dec 2019 04:52:44 AM UTC] Single domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] _is_idn_d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] _idn_temp
[Thu 26 Dec 2019 04:52:44 AM UTC] _is_idn_d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] _idn_temp
[Thu 26 Dec 2019 04:52:44 AM UTC] _csr_cn='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] Getting domain auth token for each domain
[Thu 26 Dec 2019 04:52:44 AM UTC] _is_idn_d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] _idn_temp
[Thu 26 Dec 2019 04:52:44 AM UTC] d
[Thu 26 Dec 2019 04:52:44 AM UTC] _identifiers='{"type":"dns","value":"bbs.antivte.com"}'
[Thu 26 Dec 2019 04:52:44 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Thu 26 Dec 2019 04:52:44 AM UTC] payload='{"identifiers": [{"type":"dns","value":"bbs.antivte.com"}]}'
[Thu 26 Dec 2019 04:52:44 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:44 AM UTC] Use _CACHED_NONCE='0001hK3kXUp-A9i-YWF777bGt1i68imK6SGSbbeAh3s5raA'
[Thu 26 Dec 2019 04:52:44 AM UTC] nonce='0001hK3kXUp-A9i-YWF777bGt1i68imK6SGSbbeAh3s5raA'
[Thu 26 Dec 2019 04:52:44 AM UTC] POST
[Thu 26 Dec 2019 04:52:44 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Thu 26 Dec 2019 04:52:44 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMDAxaEsza1hVcC1BOWktWVdGNzc3Ykd0MWk2OGltSzZTR1NiYmVBaDNzNXJhQSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC83NDU0MzgxNiJ9", "payload": "eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6ImJicy5hbnRpdnRlLmNvbSJ9XX0", "signature": "Nv53ZkpgvCfJI5_U8j1GicqOCR2kOgSTmmGi1NT0TieO9ObSCU0F_clTBSkm8jGQn8ulikfkvRReTcqU2pLYicgCs73wmAG597Ot5lZlGog50-yYeBeU9xGPwzBUqR9PH8pA3jAwbuKxwwuLq8cFooOFBKujIJwhPPgMXSOkc21BnRwPpxqUwH3bN6SlHqt_kgOegFzR_znUPkl3z2WJxFCXwxy6IH2h6WygblQUPC8T-jgO2YnoBB3LYJeQyOI2pHhhd3_puEbxN70lK-9asUzIKIGVO35IY3yP_XEI3iL8RDbFGnqyDdZBI-0rRyCeqMk6Sr1ia9p6fVPnqb8qgg"}'
[Thu 26 Dec 2019 04:52:44 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:44 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:44 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:45 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:45 AM UTC] responseHeaders='HTTP/2 201 
server: nginx
date: Thu, 26 Dec 2019 04:52:45 GMT
content-type: application/json
content-length: 345
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
location: https://acme-v02.api.letsencrypt.org/acme/order/74543816/1853681043
replay-nonce: 00022VVZj9eHRQusUFyIaI5oSPJqhryfDBQdR8OTdGCyplc
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:45 AM UTC] code='201'
[Thu 26 Dec 2019 04:52:45 AM UTC] original='{
  "status": "pending",
  "expires": "2020-01-02T04:52:45.777717689Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "bbs.antivte.com"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/74543816/1853681043"
}'
[Thu 26 Dec 2019 04:52:45 AM UTC] response='{"status":"pending","expires":"2020-01-02T04:52:45.777717689Z","identifiers":[{"type":"dns","value":"bbs.antivte.com"}],"authorizations":["https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397"],"finalize":"https://acme-v02.api.letsencrypt.org/acme/finalize/74543816/1853681043"}'
[Thu 26 Dec 2019 04:52:45 AM UTC] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/74543816/1853681043'
[Thu 26 Dec 2019 04:52:46 AM UTC] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/74543816/1853681043'
[Thu 26 Dec 2019 04:52:46 AM UTC] _authorizations_seg='https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397'
[Thu 26 Dec 2019 04:52:46 AM UTC] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397'
[Thu 26 Dec 2019 04:52:46 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397'
[Thu 26 Dec 2019 04:52:46 AM UTC] payload
[Thu 26 Dec 2019 04:52:46 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:46 AM UTC] Use _CACHED_NONCE='00022VVZj9eHRQusUFyIaI5oSPJqhryfDBQdR8OTdGCyplc'
[Thu 26 Dec 2019 04:52:46 AM UTC] nonce='00022VVZj9eHRQusUFyIaI5oSPJqhryfDBQdR8OTdGCyplc'
[Thu 26 Dec 2019 04:52:46 AM UTC] POST
[Thu 26 Dec 2019 04:52:46 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397'
[Thu 26 Dec 2019 04:52:46 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMDAyMlZWWmo5ZUhSUXVzVUZ5SWFJNW9TUEpxaHJ5ZkRCUWRSOE9UZEdDeXBsYyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMTkzNDA2ODM5NyIsICJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzQ1NDM4MTYifQ", "payload": "", "signature": "hgHFxU5Si0acgUuXbZqmGS46O8A9-mv57wNqs_99exOWOTQlv61yFTrYm18LGSALvdB5GUMnxMh0e0djS4eew02DgcBPdHTkkaJADD90N0-UhiT8Ze1eHFg1BG6bR-Ylwy9NJWf6x2Oz0U9hWk5qxUnqNRR6uuzLgCNE4wJP7XPWHAzuWfbOQhNaW9bai2-qKEI1ofhnOumcPgxj0ne8t8ALZezjDjTSQ4xJbMWEZnNv8GuthE9_iI9FfGZ8NX0Q0QsLngO_qwRdGYjNli-0sOwIUgNuQlrbugJlcAJr9uSOofuIExKCHm2CQ14Nc8OdzXKVq5gzm0EeqcGRN_M0ig"}'
[Thu 26 Dec 2019 04:52:46 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:46 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:46 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:47 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:47 AM UTC] responseHeaders='HTTP/2 200 
server: nginx
date: Thu, 26 Dec 2019 04:52:46 GMT
content-type: application/json
content-length: 793
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0001wsQPuTFIYRuN7O_cE5bkCzOOC2kqwiYWurj2g4K2YxQ
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:47 AM UTC] code='200'
[Thu 26 Dec 2019 04:52:47 AM UTC] original='{
  "identifier": {
    "type": "dns",
    "value": "bbs.antivte.com"
  },
  "status": "pending",
  "expires": "2020-01-02T04:52:45Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw",
      "token": "IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw",
      "token": "IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw",
      "token": "IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"
    }
  ]
}'
[Thu 26 Dec 2019 04:52:47 AM UTC] response='{"identifier":{"type":"dns","value":"bbs.antivte.com"},"status":"pending","expires":"2020-01-02T04:52:45Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}]}'
[Thu 26 Dec 2019 04:52:47 AM UTC] response='{"identifier":{"type":"dns","value":"bbs.antivte.com"},"status":"pending","expires":"2020-01-02T04:52:45Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}]}'
[Thu 26 Dec 2019 04:52:47 AM UTC] _d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] _authorizations_map='bbs.antivte.com,{"identifier":{"type":"dns","value":"bbs.antivte.com"},"status":"pending","expires":"2020-01-02T04:52:45Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}]}
'
[Thu 26 Dec 2019 04:52:47 AM UTC] d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] Getting webroot for domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] _w='/var/www/discourse/public'
[Thu 26 Dec 2019 04:52:47 AM UTC] _currentRoot='/var/www/discourse/public'
[Thu 26 Dec 2019 04:52:47 AM UTC] _is_idn_d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] _idn_temp
[Thu 26 Dec 2019 04:52:47 AM UTC] _candindates='bbs.antivte.com,{"identifier":{"type":"dns","value":"bbs.antivte.com"},"status":"pending","expires":"2020-01-02T04:52:45Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}]}'
[Thu 26 Dec 2019 04:52:47 AM UTC] response='{"identifier":{"type":"dns","value":"bbs.antivte.com"},"status":"pending","expires":"2020-01-02T04:52:45Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}]}'
[Thu 26 Dec 2019 04:52:47 AM UTC] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"'
[Thu 26 Dec 2019 04:52:47 AM UTC] token='IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M'
[Thu 26 Dec 2019 04:52:47 AM UTC] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:47 AM UTC] keyauthorization='IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M'
[Thu 26 Dec 2019 04:52:47 AM UTC] dvlist='bbs.antivte.com#IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M#https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw#http-01#/var/www/discourse/public'
[Thu 26 Dec 2019 04:52:47 AM UTC] d
[Thu 26 Dec 2019 04:52:47 AM UTC] vlist='bbs.antivte.com#IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M#https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw#http-01#/var/www/discourse/public,'
[Thu 26 Dec 2019 04:52:47 AM UTC] d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] ok, let's start to verify
[Thu 26 Dec 2019 04:52:47 AM UTC] Verifying: bbs.antivte.com
[Thu 26 Dec 2019 04:52:47 AM UTC] d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] keyauthorization='IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M'
[Thu 26 Dec 2019 04:52:47 AM UTC] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:47 AM UTC] _currentRoot='/var/www/discourse/public'
[Thu 26 Dec 2019 04:52:47 AM UTC] wellknown_path='/var/www/discourse/public/.well-known/acme-challenge'
[Thu 26 Dec 2019 04:52:47 AM UTC] writing token:IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M to /var/www/discourse/public/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M
[Thu 26 Dec 2019 04:52:47 AM UTC] Changing owner/group of .well-known to discourse:discourse
[Thu 26 Dec 2019 04:52:47 AM UTC] Trigger domain validation.
[Thu 26 Dec 2019 04:52:47 AM UTC] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:47 AM UTC] _t_key_authz='IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M'
[Thu 26 Dec 2019 04:52:47 AM UTC] _t_vtype='http-01'
[Thu 26 Dec 2019 04:52:47 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:47 AM UTC] payload='{}'
[Thu 26 Dec 2019 04:52:47 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:47 AM UTC] Use _CACHED_NONCE='0001wsQPuTFIYRuN7O_cE5bkCzOOC2kqwiYWurj2g4K2YxQ'
[Thu 26 Dec 2019 04:52:47 AM UTC] nonce='0001wsQPuTFIYRuN7O_cE5bkCzOOC2kqwiYWurj2g4K2YxQ'
[Thu 26 Dec 2019 04:52:47 AM UTC] POST
[Thu 26 Dec 2019 04:52:47 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:47 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMDAxd3NRUHVURklZUnVON09fY0U1YmtDek9PQzJrcXdpWVd1cmoyZzRLMll4USIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMTkzNDA2ODM5Ny9MU2hSSHciLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0Lzc0NTQzODE2In0", "payload": "e30", "signature": "iLhXlf3XDE6RqQuDbAfA4MYTXONqCXxgI8SeGwhBNn1BW0dz4EhYoG-GrE5SrXiNuwflkbLEmvDEMZSTgeuqDM3MIMaE-qw2fF2XrZVCf1madkWlKlwi8BYwiz-7ebFWatv8bAHsDSA_l-XC5eT1c4M3-sRsy6RyqPUxzUhvHzwUa4ePDJf0nmvpDq_iQB6mBf-VaqNUtqdhHIpb-Pz7qDDxIhxMcfDVuxKOjX3mf1KvggGSJbVBTffaBGc58vtuXBXAPNlpXbEPXMQBJcYjRJX_cwCRgYakRj1pBj39uVqHK096Qc30N9ALS18gHj5iTYqsWZzRlnYg5zYPO137zA"}'
[Thu 26 Dec 2019 04:52:47 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:47 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:47 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:48 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:48 AM UTC] responseHeaders='HTTP/2 200 
server: nginx
date: Thu, 26 Dec 2019 04:52:48 GMT
content-type: application/json
content-length: 185
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
link: <https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397>;rel="up"
location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw
replay-nonce: 0101orbWi92uCZTOWbj0--xl238zJ_lVCupwfti7W9-2Qzc
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:48 AM UTC] code='200'
[Thu 26 Dec 2019 04:52:48 AM UTC] original='{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw",
  "token": "IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"
}'
[Thu 26 Dec 2019 04:52:48 AM UTC] response='{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}'
[Thu 26 Dec 2019 04:52:48 AM UTC] trigger validation code: 200
[Thu 26 Dec 2019 04:52:48 AM UTC] sleep 2 secs to verify
[Thu 26 Dec 2019 04:52:50 AM UTC] checking
[Thu 26 Dec 2019 04:52:50 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:50 AM UTC] payload
[Thu 26 Dec 2019 04:52:50 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:50 AM UTC] Use _CACHED_NONCE='0101orbWi92uCZTOWbj0--xl238zJ_lVCupwfti7W9-2Qzc'
[Thu 26 Dec 2019 04:52:50 AM UTC] nonce='0101orbWi92uCZTOWbj0--xl238zJ_lVCupwfti7W9-2Qzc'
[Thu 26 Dec 2019 04:52:50 AM UTC] POST
[Thu 26 Dec 2019 04:52:50 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:50 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMTAxb3JiV2k5MnVDWlRPV2JqMC0teGwyMzh6Sl9sVkN1cHdmdGk3VzktMlF6YyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMTkzNDA2ODM5Ny9MU2hSSHciLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0Lzc0NTQzODE2In0", "payload": "", "signature": "G4UzMSDRVQvvXplTdXTKGwD8DSExTv6nxDOKE4xhLVvSM5pRr-uJqivsuL6iPQu-Efru4QdgtJ31kg4CVZ_R8aSk-JJRfC31fCYdrBkpFS-_G5BUosoV0CEyH2-IPo1c2TaNviV7QA8nRE3EwBQmI2oWegT5jav5mU4XvdYxjl32ihPHkg06jIggzhnrJJfU2wtHQjUahR6C3mEgcJD4EVci10Df5Vvk4MUWh5YiwvYeyBf4VbOGHHos1nQpin2EKBKgdvcnEfr3HrNLnrL_NVGTOz5I6EmZ2alizEKGEOfMZXip_aII8YZ_AjM_pH8bdEUwBdY6xFN5z53pFrjUZw"}'
[Thu 26 Dec 2019 04:52:50 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:50 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:50 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:51 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:51 AM UTC] responseHeaders='HTTP/2 200 
server: nginx
date: Thu, 26 Dec 2019 04:52:51 GMT
content-type: application/json
content-length: 1446
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
link: <https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397>;rel="up"
location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw
replay-nonce: 0102DQYrXDXyqbQCHTjIWnquZuDokct_c1V7AOj2-L9rskQ
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:51 AM UTC] code='200'
[Thu 26 Dec 2019 04:52:51 AM UTC] original='{
  "type": "http-01",
  "status": "invalid",
  "error": {
    "type": "urn:ietf:params:acme:error:unauthorized",
    "detail": "Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: \"\u003c!DOCTYPE html\u003e\\n\u003c!--[if lt IE 7]\u003e \u003chtml class=\\\"no-js ie6 oldie\\\" lang=\\\"en-US\\\"\u003e \u003c![endif]--\u003e\\n\u003c!--[if IE 7]\u003e    \u003chtml class=\\\"no-js \"",
    "status": 403
  },
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw",
  "token": "IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M",
  "validationRecord": [
    {
      "url": "http://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M",
      "hostname": "bbs.antivte.com",
      "port": "80",
      "addressesResolved": [
        "104.27.177.113",
        "104.27.176.113",
        "2606:4700:30::681b:b071",
        "2606:4700:30::681b:b171"
      ],
      "addressUsed": "2606:4700:30::681b:b071"
    },
    {
      "url": "https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M",
      "hostname": "bbs.antivte.com",
      "port": "443",
      "addressesResolved": [
        "104.27.177.113",
        "104.27.176.113",
        "2606:4700:30::681b:b071",
        "2606:4700:30::681b:b171"
      ],
      "addressUsed": "2606:4700:30::681b:b071"
    }
  ]
}'
[Thu 26 Dec 2019 04:52:51 AM UTC] response='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: \"\u003c!DOCTYPE html\u003e\\n\u003c!--[if lt IE 7]\u003e \u003chtml class=\\\"no-js ie6 oldie\\\" lang=\\\"en-US\\\"\u003e \u003c![endif]--\u003e\\n\u003c!--[if IE 7]\u003e    \u003chtml class=\\\"no-js \"","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","validationRecord":[{"url":"http://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"80","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"},{"url":"https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"443","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"}]}'
[Thu 26 Dec 2019 04:52:51 AM UTC] original='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: \"\u003c!DOCTYPE html\u003e\\n\u003c!--[if lt IE 7]\u003e \u003chtml class=\\\"no-js ie6 oldie\\\" lang=\\\"en-US\\\"\u003e \u003c![endif]--\u003e\\n\u003c!--[if IE 7]\u003e    \u003chtml class=\\\"no-js \"","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","validationRecord":[{"url":"http://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"80","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"},{"url":"https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"443","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"}]}'
[Thu 26 Dec 2019 04:52:51 AM UTC] response='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: \"\u003c!DOCTYPE html\u003e\\n\u003c!--[if lt IE 7]\u003e \u003chtml class=\\\"no-js ie6 oldie\\\" lang=\\\"en-US\\\"\u003e \u003c![endif]--\u003e\\n\u003c!--[if IE 7]\u003e    \u003chtml class=\\\"no-js \"","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","validationRecord":[{"url":"http://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"80","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"},{"url":"https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"443","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"}]}'
[Thu 26 Dec 2019 04:52:51 AM UTC] error='"error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: '
[Thu 26 Dec 2019 04:52:51 AM UTC] errordetail='Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: '
[Thu 26 Dec 2019 04:52:51 AM UTC] bbs.antivte.com:Verify error:Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: 
[Thu 26 Dec 2019 04:52:51 AM UTC] Debug: get token url.
[Thu 26 Dec 2019 04:52:51 AM UTC] GET
[Thu 26 Dec 2019 04:52:51 AM UTC] url='http://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M'
[Thu 26 Dec 2019 04:52:51 AM UTC] timeout=1
[Thu 26 Dec 2019 04:52:51 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:51 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g  --connect-timeout 1'
<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->
<!--[if IE 7]>    <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->
<!--[if IE 8]>    <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]-->
<head>
<meta http-equiv="refresh" content="0">
<title>bbs.antivte.com | 521: Web server is down</title>
<meta charset="UTF-8" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" />
<meta name="robots" content="noindex, nofollow" />
<meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1" />
<script src="/cdn-cgi/apps/head/eW0hx6oSIsT-EkFq6T0G23tSHbI.js"></script><link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" type="text/css" media="screen,projection" />
<!--[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" type="text/css" media="screen,projection" /><![endif]-->
<style type="text/css">body{margin:0;padding:0}</style>
</head>
<body>
<div id="cf-wrapper">
<div id="cf-error-details" class="cf-error-details-wrapper">
<div class="cf-wrapper cf-error-overview">
<h1>
<span class="cf-error-type">Error</span>
<span class="cf-error-code">521</span>
<small class="heading-ray-id">Ray ID: 54b072a03614ddd3 &bull; 2019-12-26 04:52:51 UTC</small>
</h1>
<h2 class="cf-subheadline">Web server is down</h2>
</div>
<div class="cf-section cf-highlight cf-status-display">
<div class="cf-wrapper">
<div class="cf-columns cols-3">
<div id="cf-browser-status" class="cf-column cf-status-item cf-browser-status ">
<div class="cf-icon-error-container">
<i class="cf-icon cf-icon-browser"></i>
<i class="cf-icon-status cf-icon-ok"></i>
</div>
<span class="cf-status-desc">You</span>
<h3 class="cf-status-name">Browser</h3>
<span class="cf-status-label">Working</span>
</div>
<div id="cf-cloudflare-status" class="cf-column cf-status-item cf-cloudflare-status ">
<div class="cf-icon-error-container">
<i class="cf-icon cf-icon-cloud"></i>
<i class="cf-icon-status cf-icon-ok"></i>
</div>
<span class="cf-status-desc">Singapore</span>
<h3 class="cf-status-name">Cloudflare</h3>
<span class="cf-status-label">Working</span>
</div>
<div id="cf-host-status" class="cf-column cf-status-item cf-host-status cf-error-source">
<div class="cf-icon-error-container">
<i class="cf-icon cf-icon-server"></i>
<i class="cf-icon-status cf-icon-error"></i>
</div>
<span class="cf-status-desc">bbs.antivte.com</span>
<h3 class="cf-status-name">Host</h3>
<span class="cf-status-label">Error</span>
</div>
</div>
</div>
</div>
<div class="cf-section cf-wrapper">
<div class="cf-columns two">
<div class="cf-column">
<h2>What happened?</h2>
<p>The web server is not returning a connection. As a result, the web page is not displaying.</p>
</div>
<div class="cf-column">
<h2>What can I do?</h2>
<h5>If you are a visitor of this website:</h5>
<p>Please try again in a few minutes.</p>
<h5>If you are the owner of this website:</h5>
<p><span>Contact your hosting provider letting them know your web server is not responding.</span> <a href="https://support.cloudflare.com/hc/en-us/articles/200171916-Error-521">Additional troubleshooting information</a>.</p>
</div>
</div>
</div>
<div class="cf-error-footer cf-wrapper">
<p>
<span class="cf-footer-item">Cloudflare Ray ID: <strong>54b072a03614ddd3</strong></span>
<span class="cf-footer-separator">&bull;</span>
<span class="cf-footer-item"><span>Your IP</span>: 128.199.246.56</span>
<span class="cf-footer-separator">&bull;</span>
<span class="cf-footer-item"><span>Performance &amp; security by</span> <a href="https://www.cloudflare.com/5xx-error-landing?utm_source=error_footer" id="brand_link" target="_blank">Cloudflare</a></span>
</p>
</div>
</div>
</div>
</body>
</html>
[Thu 26 Dec 2019 04:52:51 AM UTC] ret='0'
[Thu 26 Dec 2019 04:52:51 AM UTC] Debugging, skip removing: /var/www/discourse/public/.well-known
[Thu 26 Dec 2019 04:52:51 AM UTC] pid
[Thu 26 Dec 2019 04:52:51 AM UTC] No need to restore nginx, skip.
[Thu 26 Dec 2019 04:52:51 AM UTC] _clearupdns
[Thu 26 Dec 2019 04:52:51 AM UTC] dns_entries
[Thu 26 Dec 2019 04:52:51 AM UTC] skip dns.
[Thu 26 Dec 2019 04:52:51 AM UTC] _on_issue_err
[Thu 26 Dec 2019 04:52:51 AM UTC] Please add '--debug' or '--log' to check more details.
[Thu 26 Dec 2019 04:52:51 AM UTC] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
[Thu 26 Dec 2019 04:52:51 AM UTC] _chk_vlist='bbs.antivte.com#IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M#https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw#http-01#/var/www/discourse/public,'
[Thu 26 Dec 2019 04:52:51 AM UTC] start to deactivate authz
[Thu 26 Dec 2019 04:52:51 AM UTC] Trigger domain validation.
[Thu 26 Dec 2019 04:52:52 AM UTC] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:52 AM UTC] _t_key_authz='IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M'
[Thu 26 Dec 2019 04:52:52 AM UTC] _t_vtype
[Thu 26 Dec 2019 04:52:52 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:52 AM UTC] payload='{}'
[Thu 26 Dec 2019 04:52:52 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:52 AM UTC] Use _CACHED_NONCE='0102DQYrXDXyqbQCHTjIWnquZuDokct_c1V7AOj2-L9rskQ'
[Thu 26 Dec 2019 04:52:52 AM UTC] nonce='0102DQYrXDXyqbQCHTjIWnquZuDokct_c1V7AOj2-L9rskQ'
[Thu 26 Dec 2019 04:52:52 AM UTC] POST
[Thu 26 Dec 2019 04:52:52 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:52 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMTAyRFFZclhEWHlxYlFDSFRqSVducXVadURva2N0X2MxVjdBT2oyLUw5cnNrUSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMTkzNDA2ODM5Ny9MU2hSSHciLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0Lzc0NTQzODE2In0", "payload": "e30", "signature": "igOVATkPfSpNRp5SMfIJ6V7X-a5h2M2S3l-spWXoM7K5m6sznoXsHerqL_PhcD22hYxGdkflu3QYaYCVd7D0jOcrbWX4w8KyeKFyVRQboJHj5_z0aeaPrXOFzoFuofgKTMU5UcisjFWvN5TbKrR-FGSP2gcLOA1XDuzuiWH791Zyw-i0cJp8oLuIglHuhwpS6dLezYkq8wFAfXKyO961BKsZ3o2ioG_vay6jQVEfnjxI72Hbsd5KJdkG_bQ84rRCdbGYoDh38Q-YAIZlDhm10iCrEARAltgnr0JICl4lrlKJA7ONYlloG6tJIrpgpl30NdmNiAROYlFYyqNK2QTp_Q"}'
[Thu 26 Dec 2019 04:52:52 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:52 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:52 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:53 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:53 AM UTC] responseHeaders='HTTP/2 400 
server: nginx
date: Thu, 26 Dec 2019 04:52:52 GMT
content-type: application/problem+json
content-length: 144
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0001uzKVPUnkkwsWQ1sqfu1khlNSQEYHgiKCGy_Lb2VeS20
'
[Thu 26 Dec 2019 04:52:53 AM UTC] code='400'
[Thu 26 Dec 2019 04:52:53 AM UTC] original='{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Unable to update challenge :: authorization must be pending",
  "status": 400
}'
[Thu 26 Dec 2019 04:52:53 AM UTC] response='{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Unable to update challenge :: authorization must be pending",
  "status": 400
}'
[Thu 26 Dec 2019 04:52:53 AM UTC] Diagnosis versions: 
openssl:openssl
OpenSSL 1.1.1d  10 Sep 2019
apache:
apache doesn't exists.
nginx:
nginx version: nginx/1.17.4
built by gcc 8.3.0 (Debian 8.3.0-6) 
built with OpenSSL 1.1.1d  10 Sep 2019
TLS SNI support enabled
configure arguments: --with-cc-opt='-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -Wno-deprecated-declarations' --with-ld-opt='-Wl,-Bsymbolic-functions -fPIE -pie -Wl,-z,relro -Wl,-z,now' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_addition_module --with-http_dav_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_v2_module --with-http_sub_module --with-stream --with-stream_ssl_module --with-mail --with-mail_ssl_module --with-threads --add-module=/tmp/ngx_brotli
socat:
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
Usage:
socat [options] <bi-address> <bi-address>
   options:
      -V     print version and feature information to stdout, and exit
      -h|-?  print a help text describing command line options and addresses
      -hh    like -h, plus a list of all common address option names
      -hhh   like -hh, plus a list of all available address option names
      -d     increase verbosity (use up to 4 times; 2 are recommended)
      -D     analyze file descriptors before loop
      -ly[facility]  log to syslog, using facility (default is daemon)
      -lf<logfile>   log to file
      -ls            log to stderr (default if no other log)
      -lm[facility]  mixed log mode (stderr during initialization, then syslog)
      -lp<progname>  set the program name used for logging
      -lu            use microseconds for logging timestamps
      -lh            add hostname to log messages
      -v     verbose data traffic, text
      -x     verbose data traffic, hexadecimal
      -b<size_t>     set data buffer size (8192)
      -s     sloppy (continue on error)
      -t<timeout>    wait seconds before closing second channel
      -T<timeout>    total inactivity timeout in seconds
      -u     unidirectional mode (left to right)
      -U     unidirectional mode (right to left)
      -g     do not check option groups
      -L <lockfile>  try to obtain lock, or fail
      -W <lockfile>  try to obtain lock, or wait
      -4     prefer IPv4 if version is not explicitly specified
      -6     prefer IPv6 if version is not explicitly specified
   bi-address:
      pipe[,<opts>]	groups=FD,FIFO
      <single-address>!!<single-address>
      <single-address>
   single-address:
      <address-head>[,<opts>]
   address-head:
      abstract-client:<filename>	groups=FD,SOCKET,RETRY,UNIX
      abstract-connect:<filename>	groups=FD,SOCKET,RETRY,UNIX
      abstract-listen:<filename>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,UNIX
      abstract-recv:<filename>	groups=FD,SOCKET,RETRY,UNIX
      abstract-recvfrom:<filename>	groups=FD,SOCKET,CHILD,RETRY,UNIX
      abstract-sendto:<filename>	groups=FD,SOCKET,RETRY,UNIX
      create:<filename>	groups=FD,REG,NAMED
      exec:<command-line>	groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
      fd:<num>	groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      gopen:<filename>	groups=FD,FIFO,CHR,BLK,REG,SOCKET,NAMED,OPEN,TERMIOS,UNIX
      interface:<interface>	groups=FD,SOCKET
      ip-datagram:<host>:<protocol>	groups=FD,SOCKET,RANGE,IP4,IP6
      ip-recv:<protocol>	groups=FD,SOCKET,RANGE,IP4,IP6
      ip-recvfrom:<protocol>	groups=FD,SOCKET,CHILD,RANGE,IP4,IP6
      ip-sendto:<host>:<protocol>	groups=FD,SOCKET,IP4,IP6
      ip4-datagram:<host>:<protocol>	groups=FD,SOCKET,RANGE,IP4
      ip4-recv:<protocol>	groups=FD,SOCKET,RANGE,IP4
      ip4-recvfrom:<protocol>	groups=FD,SOCKET,CHILD,RANGE,IP4
      ip4-sendto:<host>:<protocol>	groups=FD,SOCKET,IP4
      ip6-datagram:<host>:<protocol>	groups=FD,SOCKET,RANGE,IP6
      ip6-recv:<protocol>	groups=FD,SOCKET,RANGE,IP6
      ip6-recvfrom:<protocol>	groups=FD,SOCKET,CHILD,RANGE,IP6
      ip6-sendto:<host>:<protocol>	groups=FD,SOCKET,IP6
      open:<filename>	groups=FD,FIFO,CHR,BLK,REG,NAMED,OPEN,TERMIOS
      openssl:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,OPENSSL
      openssl-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP,OPENSSL
      pipe:<filename>	groups=FD,FIFO,NAMED,OPEN
      proxy:<proxy-server>:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,HTTP
      pty	groups=FD,NAMED,TERMIOS,PTY
      sctp-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,SCTP
      sctp-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,SCTP
      sctp4-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,SCTP
      sctp4-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,SCTP
      sctp6-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP6,SCTP
      sctp6-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,SCTP
      socket-connect:<domain>:<protocol>:<remote-address>	groups=FD,SOCKET,CHILD,RETRY
      socket-datagram:<domain>:<type>:<protocol>:<remote-address>	groups=FD,SOCKET,RANGE
      socket-listen:<domain>:<protocol>:<local-address>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE
      socket-recv:<domain>:<type>:<protocol>:<local-address>	groups=FD,SOCKET,RANGE
      socket-recvfrom:<domain>:<type>:<protocol>:<local-address>	groups=FD,SOCKET,CHILD,RANGE
      socket-sendto:<domain>:<type>:<protocol>:<remote-address>	groups=FD,SOCKET
      socks4:<socks-server>:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
      socks4a:<socks-server>:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
      stderr	groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      stdin	groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      stdio	groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      stdout	groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      system:<shell-command>	groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
      tcp-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP
      tcp-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP
      tcp4-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,TCP
      tcp4-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,TCP
      tcp6-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP6,TCP
      tcp6-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,TCP
      tun[:<ip-addr>/<bits>]	groups=FD,CHR,NAMED,OPEN,INTERFACE
      udp-connect:<host>:<port>	groups=FD,SOCKET,IP4,IP6,UDP
      udp-datagram:<host>:<port>	groups=FD,SOCKET,RANGE,IP4,IP6,UDP
      udp-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,IP6,UDP
      udp-recv:<port>	groups=FD,SOCKET,RANGE,IP4,IP6,UDP
      udp-recvfrom:<port>	groups=FD,SOCKET,CHILD,RANGE,IP4,IP6,UDP
      udp-sendto:<host>:<port>	groups=FD,SOCKET,IP4,IP6,UDP
      udp4-connect:<host>:<port>	groups=FD,SOCKET,IP4,UDP
      udp4-datagram:<remote-address>:<port>	groups=FD,SOCKET,RANGE,IP4,UDP
      udp4-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,UDP
      udp4-recv:<port>	groups=FD,SOCKET,RANGE,IP4,UDP
      udp4-recvfrom:<host>:<port>	groups=FD,SOCKET,CHILD,RANGE,IP4,UDP
      udp4-sendto:<host>:<port>	groups=FD,SOCKET,IP4,UDP
      udp6-connect:<host>:<port>	groups=FD,SOCKET,IP6,UDP
      udp6-datagram:<host>:<port>	groups=FD,SOCKET,RANGE,IP6,UDP
      udp6-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP6,UDP
      udp6-recv:<port>	groups=FD,SOCKET,RANGE,IP6,UDP
      udp6-recvfrom:<port>	groups=FD,SOCKET,CHILD,RANGE,IP6,UDP
      udp6-sendto:<host>:<port>	groups=FD,SOCKET,IP6,UDP
      unix-client:<filename>	groups=FD,SOCKET,NAMED,RETRY,UNIX
      unix-connect:<filename>	groups=FD,SOCKET,NAMED,RETRY,UNIX
      unix-listen:<filename>	groups=FD,SOCKET,NAMED,LISTEN,CHILD,RETRY,UNIX
      unix-recv:<filename>	groups=FD,SOCKET,NAMED,RETRY,UNIX
      unix-recvfrom:<filename>	groups=FD,SOCKET,NAMED,CHILD,RETRY,UNIX
      unix-sendto:<filename>	groups=FD,SOCKET,NAMED,RETRY,UNIX
root@docker-s-1vcpu-2gb-sgp1-01-app:/shared/letsencrypt#

itsbhanusharma · 26 Diciembre, 2019 06:43

La razón más común para este problema es que tu dominio no apunta a la dirección IP de tu servidor. ¿Has confirmado que tu subdominio tiene un registro A que apunta a la dirección IP del servidor?

wanghaisheng · 26 Diciembre, 2019 06:50

Parece que realmente voy a llegar al límite de cifrado. Y sí tengo un registro A, esto es algo que conozco, y también existe la configuración de dominio antiguo para mi instalación exitosa anterior. No cambié el dominio.
No importa, cambié el dominio y ahora funciona.

wanghaisheng · 26 Diciembre, 2019 06:51

¿Has intentado recuperar desde una copia de seguridad? Yo obtuve este error: no se puede cargar /categories.json

itsbhanusharma · 26 Diciembre, 2019 07:03

Eso podría ser un problema diferente. Vi otro post donde se quejaban de no poder cargar las categorías. Puedes buscar en el foro temas relevantes al respecto.

En cuanto a Let’s Encrypt, solo permiten entre 5 y 7 certificados por semana para el mismo (sub)dominio, y es muy fácil superar ese límite en un entorno de pruebas.

JimPas · 26 Diciembre, 2019 07:51

Acabo de verificar, aproximadamente una hora después (07:45 UTC), y tu sitio está fuera de línea. No hay conexión. Aparece un error “521: El servidor web está caído”. Cuando escribí bbs.antivte.com, fui redirigido a bloodclot.antivte.com. Probablemente haya un error de redirección, un error de DNS, o quizás hayas creado un certificado solo para un dominio y no para el subdominio www.
Probablemente te convenga más ir a community.LetsEncrypt.org y pedirles que ejecuten su prueba en tu dominio. Usando el comando que utilizaste, debería mostrarse dónde está el problema. Veo que estás usando Cloudfair. Ellos pueden darte instrucciones específicas para configurar con Cloudfair y el cliente de CA que estés usando, Certbot, Apache, etc.
Hagas lo que hagas, nunca debes eliminar ningún certificado. Eso es algo que siempre desaconsejan.

El entorno de pruebas de Let’s Encrypt no tiene límite, ya que no genera un certificado real. Ese es todo el propósito del parámetro de prueba… pero debes incluir el interruptor de prueba en tu comando, o el cliente pensará que estás intentando obtener un nuevo certificado o renovar. Una cosa… si llegas a alcanzar el límite de 5 intentos fallidos, eso solo dura 1 hora. Después de 1 hora puedes volver a probar.

wanghaisheng · 26 Diciembre, 2019 08:56

Información que quiero que sepas:

He estado administrando este dominio de BBS durante un mes. En estos dos últimos días, lo eliminé manualmente e intenté instalar uno nuevo. Me he quedado atascado con este problema de CA durante un tiempo. Acabo de rendirme con el dominio antiguo del BBS. Quizás en unos días intente de nuevo.

En el momento en que hiciste la prueba, estaba ejecutando una nueva instancia para Bloodclot y redirigiendo el BBS original a través de Cloudflare hacia Bloodclot.

wanghaisheng · 26 Diciembre, 2019 09:20

Hice un intento rápido, pero todavía sin suerte en bbs.antivte.com. El mismo problema de CA.

itsbhanusharma · 26 Diciembre, 2019 10:56

Hola @JimPas, solo para aclarar, discourse-setup (o cualquier otro método de instalación compatible de Discourse) tiene Let’s Encrypt en modo Producción, no en modo Staging. Los límites se aplican en Producción y no en Staging. No hay un interruptor en la instalación de Discourse para usar el entorno de Staging en lugar del de Producción.

Lo que quise decir con pruebas es que un usuario pruebe realmente discourse-docker destruyendo y reinstalando su servidor varias veces por semana, y no el uso de Let’s Encrypt en Staging, que en este caso es irrelevante.

danb35 · 26 Diciembre, 2019 13:27

…y ¿qué es exactamente el “problema de CA”? No entiendo por qué la discusión aquí habla de límites de tasa; nada en lo que has publicado indica un problema de límite de tasa, y el informe de transparencia de Google para tu dominio tampoco indica nada que deba causar un problema: tienes cuatro certificados idénticos emitidos para este nombre el 6 de diciembre, pero (1) el límite es de cinco certificados idénticos, no cuatro; y (2) ese límite es por semana, y ahora han pasado casi tres semanas desde que se emitieron esos certificados.

¿Qué te hace pensar eso? Porque no vi nada en la salida del registro que publicaste que sugiera esto en absoluto; esa salida muestra una validación fallida porque tu servidor no proporcionó el token de validación correcto.

wanghaisheng · 26 Diciembre, 2019 13:48

aquí

root@docker-s-1vcpu-2gb-sgp1-01:/var/discourse# docker logs app
run-parts: ejecutando /etc/runit/1.d/00-ensure-links
run-parts: ejecutando /etc/runit/1.d/00-fix-var-logs
run-parts: ejecutando /etc/runit/1.d/anacron
run-parts: ejecutando /etc/runit/1.d/cleanup-pids
Limpia archivos PID obsoletos
run-parts: ejecutando /etc/runit/1.d/copy-env
run-parts: ejecutando /etc/runit/1.d/letsencrypt
[Thu 26 Dec 2019 09:28:22 AM UTC] Dominio único='bbs.antivte.com'
[Thu 26 Dec 2019 09:28:22 AM UTC] Obteniendo token de autenticación de dominio para cada dominio
[Thu 26 Dec 2019 09:28:24 AM UTC] Error al crear nuevo pedido. Le_OrderFinalize no encontrado. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Error al crear nuevo pedido :: demasiadas autorizaciones fallidas recientemente: ver https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}
[Thu 26 Dec 2019 09:28:24 AM UTC] Consulte el archivo de registro para más detalles: /shared/letsencrypt/acme.sh.log
Error al cargar el archivo ca.cer
[Thu 26 Dec 2019 09:28:25 AM UTC] Dominio único='bbs.antivte.com'
[Thu 26 Dec 2019 09:28:25 AM UTC] Obteniendo token de autenticación de dominio para cada dominio
[Thu 26 Dec 2019 09:28:27 AM UTC] Error al crear nuevo pedido. Le_OrderFinalize no encontrado. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Error al crear nuevo pedido :: demasiadas autorizaciones fallidas recientemente: ver https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}
[Thu 26 Dec 2019 09:28:27 AM UTC] Consulte el archivo de registro para más detalles: /shared/letsencrypt/acme.sh.log
[Thu 26 Dec 2019 09:28:28 AM UTC] Instalando clave en:/shared/ssl/bbs.antivte.com.key
[Thu 26 Dec 2019 09:28:28 AM UTC] Instalando cadena completa en:/shared/ssl/bbs.antivte.com.cer
cat: /shared/letsencrypt/bbs.antivte.com/fullchain.cer: No existe el archivo o el directorio
[Thu 26 Dec 2019 09:28:29 AM UTC] Dominio único='bbs.antivte.com'
[Thu 26 Dec 2019 09:28:29 AM UTC] Obteniendo token de autenticación de dominio para cada dominio
[Thu 26 Dec 2019 09:28:31 AM UTC] Error al crear nuevo pedido. Le_OrderFinalize no encontrado. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Error al crear nuevo pedido :: demasiadas autorizaciones fallidas recientemente: ver https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}
[Thu 26 Dec 2019 09:28:31 AM UTC] Consulte el archivo de registro para más detalles: /shared/letsencrypt/acme.sh.log
Error al cargar el archivo ca.cer
[Thu 26 Dec 2019 09:28:32 AM UTC] Dominio único='bbs.antivte.com'
[Thu 26 Dec 2019 09:28:33 AM UTC] Obteniendo token de autenticación de dominio para cada dominio
[Thu 26 Dec 2019 09:28:35 AM UTC] Error al crear nuevo pedido. Le_OrderFinalize no encontrado. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Error al crear nuevo pedido :: demasiadas autorizaciones fallidas recientemente: ver https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}
[Thu 26 Dec 2019 09:28:35 AM UTC] Consulte el archivo de registro para más detalles: /shared/letsencrypt/acme.sh.log
[Thu 26 Dec 2019 09:28:35 AM UTC] Instalando clave en:/shared/ssl/bbs.antivte.com_ecc.key
[Thu 26 Dec 2019 09:28:35 AM UTC] Instalando cadena completa en:/shared/ssl/bbs.antivte.com_ecc.cer
cat: /shared/letsencrypt/bbs.antivte.com_ecc/fullchain.cer: No existe el archivo o el directorio
Error al cargar el archivo ca.cer
Error al cargar el archivo ca.cer
runsvdir iniciado, PID es 2031
ok: run: redis: (pid 2045) 0s
chgrp: grupo inválido: 'syslog'
ok: run: postgres: (pid 2039) 0s
nginx: [emerg] no se puede cargar el certificado "/shared/ssl/bbs.antivte.com.cer": PEM_read_bio_X509_AUX() falló (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
rsyslogd: imklog: no se puede abrir el registro del kernel (/proc/kmsg): Operación no permitida.
rsyslogd: activación del módulo imklog fallida [v8.1901.0 ver https://www.rsyslog.com/e/2145 ]
pid de supervisor: 2040 pid de unicorn: 2066
nginx: [emerg] no se puede cargar el certificado "/shared/ssl/bbs.antivte.com.cer": PEM_read_bio_X509_AUX() falló (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: [emerg] no se puede cargar el certificado "/shared/ssl/bbs.antivte.com.cer": PEM_read_bio_X509_AUX() falló (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: [emerg] no se puede cargar el certificado "/shared/ssl/bbs.antivte.com.cer": PEM_read_bio_X509_AUX() falló (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: [emerg] no se puede cargar el certificado "/shared/ssl/bbs.antivte.com.cer": PEM_read_bio_X509_AUX() falló (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: [emerg] no se puede cargar el certificado "/shared/ssl/bbs.antivte.com.cer": PEM_read_bio_X509_AUX() falló (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: [emerg] no se puede cargar el certificado "/shared/ssl/bbs.antivte.com.cer": PEM_read_bio_X509_AUX() falló (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)

danb35 · 26 Diciembre, 2019 13:54

OK, este es el límite de tasa para autorizaciones fallidas, que es de cinco fallos por nombre de host, por cuenta, por hora. Dado que el fragmento de registro que publicaste tiene casi cuatro horas, ya se ha restablecido. El problema es por qué las validaciones están fallando, y aquí está la parte relevante del registro que publicaste en tu publicación original:

[Thu 26 Dec 2019 04:52:51 AM UTC] original='{
  "type": "http-01",
  "status": "invalid",
  "error": {
    "type": "urn:ietf:params:acme:error:unauthorized",
    "detail": "Respuesta no válida de https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: \"\u003c!DOCTYPE html\u003e\\n\u003c!--[if lt IE 7]\u003e \u003chtml class=\\\"no-js ie6 oldie\\\" lang=\\\"en-US\\\"\u003e \u003c![endif]--\u003e\\n\u003c!--[if IE 7]\u003e    \u003chtml class=\\\"no-js \"",
    "status": 403
  },

Tu servidor (o Cloudflare) está devolviendo 403 para la solicitud de validación. Primero te sugiero deshabilitar Cloudflare para este dominio y volver a intentarlo.

Los límites de tasa pueden ser confusos, pero están bien documentados aquí:

wanghaisheng · 26 Diciembre, 2019 17:03

¿Qué quieres decir con desactivar? ¿Debería usar otro gestor de DNS?

danb35 · 26 Diciembre, 2019 17:20

Exactamente lo que dije: desactiva todo lo relacionado con “Cloudflare”. En la página de DNS, la nube debe estar gris, no naranja. No hay ninguna razón para cambiar los servidores DNS.

wanghaisheng · 26 Diciembre, 2019 17:26

pero sin la configuración de DNS, el dominio podría apuntar a mi servidor con el contenedor de Discourse en ejecución

danb35 · 26 Diciembre, 2019 17:28

Sí, exactamente ahí es donde debería apuntar.

wanghaisheng · 26 Diciembre, 2019 17:30

De todos modos, necesito otra gestión de DNS como DNSPod.

danb35 · 26 Diciembre, 2019 17:54

¿Es eso una pregunta o una afirmación? Si es una pregunta, no, no hay ninguna razón por la que necesites un proveedor de DNS diferente, y ciertamente no por ninguna razón relacionada con Discourse.

wanghaisheng · 26 Diciembre, 2019 18:02

FYI, he descubierto que puedo apuntar al servidor a través de DigitalOcean.

Tema		Respuestas	Vistas
Let's Encrypt renewal errors Self-hosting	11	1905	22 Febrero 2020
No connection accepted on http / https after fresh installation on Ubuntu 22.04 LTS Self-hosting	5	2402	16 Diciembre 2022
Problems with INSTALL-cloud.md directions Self-hosting	50	6422	8 Junio 2024
Let's encrypt auto renewal and ipv6 Support	6	1008	1 Julio 2020
Seeking help for discourse installation Self-hosting	20	1649	15 Marzo 2023

Instalación nueva con errores de Let's Encrypt

Temas relacionados