Instalação nova com erros do Let’s Encrypt

wanghaisheng · Dezembro 26, 2019, 4:57am

succesfully enter app container, is this saying my domain restricted by Encrypt?

root@docker-s-1vcpu-2gb-sgp1-01-app:/shared/letsencrypt# ./acme.sh --issue -d bbs.antivte.com -k 4096 -w /var/www/discourse/public --debug 2
[Thu 26 Dec 2019 04:52:39 AM UTC] Lets find script dir.
[Thu 26 Dec 2019 04:52:39 AM UTC] _SCRIPT_='./acme.sh'
[Thu 26 Dec 2019 04:52:39 AM UTC] _script='/shared/letsencrypt/acme.sh'
[Thu 26 Dec 2019 04:52:39 AM UTC] _script_home='/shared/letsencrypt'
[Thu 26 Dec 2019 04:52:39 AM UTC] Using default home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:39 AM UTC] Using config home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:39 AM UTC] LE_WORKING_DIR='/root/.acme.sh'
https://github.com/Neilpang/acme.sh
v2.8.4
[Thu 26 Dec 2019 04:52:39 AM UTC] Running cmd: issue
[Thu 26 Dec 2019 04:52:39 AM UTC] _main_domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:39 AM UTC] _alt_domains='no'
[Thu 26 Dec 2019 04:52:39 AM UTC] Using config home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:39 AM UTC] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Thu 26 Dec 2019 04:52:39 AM UTC] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Thu 26 Dec 2019 04:52:39 AM UTC] DOMAIN_PATH='/root/.acme.sh/bbs.antivte.com'
[Thu 26 Dec 2019 04:52:39 AM UTC] '/var/www/discourse/public' does not contain 'dns'
[Thu 26 Dec 2019 04:52:39 AM UTC] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Thu 26 Dec 2019 04:52:39 AM UTC] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Thu 26 Dec 2019 04:52:39 AM UTC] GET
[Thu 26 Dec 2019 04:52:39 AM UTC] url='https://acme-v02.api.letsencrypt.org/directory'
[Thu 26 Dec 2019 04:52:39 AM UTC] timeout=
[Thu 26 Dec 2019 04:52:39 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.LOXvOHFIhy  -g '
[Thu 26 Dec 2019 04:52:40 AM UTC] ret='0'
[Thu 26 Dec 2019 04:52:40 AM UTC] response='{
  "FniD_4JroWM": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_NEW_AUTHZ
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Thu 26 Dec 2019 04:52:40 AM UTC] ACME_VERSION='2'
[Thu 26 Dec 2019 04:52:40 AM UTC] _on_before_issue
[Thu 26 Dec 2019 04:52:40 AM UTC] _chk_main_domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:40 AM UTC] _chk_alt_domains
[Thu 26 Dec 2019 04:52:40 AM UTC] '/var/www/discourse/public' does not contain 'no'
[Thu 26 Dec 2019 04:52:41 AM UTC] Le_LocalAddress
[Thu 26 Dec 2019 04:52:41 AM UTC] d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:41 AM UTC] Check for domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:41 AM UTC] _currentRoot='/var/www/discourse/public'
[Thu 26 Dec 2019 04:52:41 AM UTC] d
[Thu 26 Dec 2019 04:52:41 AM UTC] '/var/www/discourse/public' does not contain 'apache'
[Thu 26 Dec 2019 04:52:41 AM UTC] config file is empty, can not read CA_KEY_HASH
[Thu 26 Dec 2019 04:52:41 AM UTC] _saved_account_key_hash
[Thu 26 Dec 2019 04:52:41 AM UTC] Using config home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:41 AM UTC] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Thu 26 Dec 2019 04:52:41 AM UTC] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Thu 26 Dec 2019 04:52:41 AM UTC] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Thu 26 Dec 2019 04:52:41 AM UTC] Use default length 2048
[Thu 26 Dec 2019 04:52:41 AM UTC] length='2048'
[Thu 26 Dec 2019 04:52:41 AM UTC] Using config home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:41 AM UTC] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Thu 26 Dec 2019 04:52:41 AM UTC] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Thu 26 Dec 2019 04:52:41 AM UTC] _createkey for file:/root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:41 AM UTC] Use length 2048
[Thu 26 Dec 2019 04:52:41 AM UTC] Using RSA: 2048
[Thu 26 Dec 2019 04:52:41 AM UTC] Create account key ok.
[Thu 26 Dec 2019 04:52:41 AM UTC] RSA key
[Thu 26 Dec 2019 04:52:41 AM UTC] Registering account
[Thu 26 Dec 2019 04:52:41 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Thu 26 Dec 2019 04:52:41 AM UTC] payload='{"termsOfServiceAgreed": true}'
[Thu 26 Dec 2019 04:52:41 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:41 AM UTC] Get nonce with HEAD. ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Thu 26 Dec 2019 04:52:41 AM UTC] HEAD
[Thu 26 Dec 2019 04:52:41 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Thu 26 Dec 2019 04:52:41 AM UTC] body
[Thu 26 Dec 2019 04:52:41 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:41 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g  -I  '
[Thu 26 Dec 2019 04:52:42 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:42 AM UTC] _headers='HTTP/2 200 
server: nginx
date: Thu, 26 Dec 2019 04:52:42 GMT
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0001AxpV5dyHJWwOhObR8yiKO2ziG89-APmQJeBR7we6-w4
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:42 AM UTC] _CACHED_NONCE='0001AxpV5dyHJWwOhObR8yiKO2ziG89-APmQJeBR7we6-w4'
[Thu 26 Dec 2019 04:52:42 AM UTC] nonce='0001AxpV5dyHJWwOhObR8yiKO2ziG89-APmQJeBR7we6-w4'
[Thu 26 Dec 2019 04:52:42 AM UTC] POST
[Thu 26 Dec 2019 04:52:42 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Thu 26 Dec 2019 04:52:42 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMDAxQXhwVjVkeUhKV3dPaE9iUjh5aUtPMnppRzg5LUFQbVFKZUJSN3dlNi13NCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LWFjY3QiLCAiYWxnIjogIlJTMjU2IiwgImp3ayI6IHsiZSI6ICJBUUFCIiwgImt0eSI6ICJSU0EiLCAibiI6ICJ4M1hraWV0dnVNd0N5SS1iR0xmVkgyNkg3NmlOSnhSNm5Dc0JFWXJJTTZlZVNUdm1YZ2MzdlZhWU1lejNidGROTHkwWjM2V0FsYWx4X25FcUpGVnJ6cjd1U3BhM2hMS1pjaGF4My1Nd2pnMVdnNUVUbFJxWEE1WDdneEk1Ni1FMVhOUDdVMmktMmg2XzMxbnRvZld1VlZ4aGI1YzFXaDNYcDZJTkZvZXdsbWVwN01SNVAwWG1McnI4bFlWNjVYbzlOcy1pTy05R0JNRXhtOEh6cUVieGMxdTNUUGJGQUtjUzJ3MHpqWDE2X0w0V3lwejZha3pHLXNDZ0E4OUVLTW92eWxfd28tSUNiZnlxckZTaDRLU1BaVlhORTJfazVHN0hsTlVNVTZ0RUN4RHNrN05POUhkRGx1NXR2TmxJeFZEZ2N3R2w3NXJJeDJ1dG0wTm81V0RkeVEifX0", "payload": "eyJ0ZXJtc09mU2VydmljZUFncmVlZCI6IHRydWV9", "signature": "BkT6xyNOcbLShm1d2BLFCwopq7biySJLbbMWrylQ76da_1GPc030OgecWHdF1QWYDxC7PlHuL6JGAhSgssbgCti6cOw_tehil1oFGbNsq_AEe152eZKxeSNXIDCqIfShIj6JZzRIV3h8E-XpIRhn_z1t5M4FBp4jmQAxJG0cjq84YwruPqm6rQbRuU_JIhc2K61b6awcTyAAjmv9CKk1WLHe9TQoTHPRqZxQvLyTU0tOPqW19hHbBWSg_ZKTrtBOvIYh8PrHaZ0hN9NtY8UwxjOtpen5K5OAPFwvHurBceeftnEO-NSPC4K_gwagGIbfzBrAg-b56smVQocyF7quHQ"}'
[Thu 26 Dec 2019 04:52:42 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:42 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:42 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:43 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:43 AM UTC] responseHeaders='HTTP/2 201 
server: nginx
date: Thu, 26 Dec 2019 04:52:43 GMT
content-type: application/json
content-length: 527
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
link: <https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf>;rel="terms-of-service"
location: https://acme-v02.api.letsencrypt.org/acme/acct/74543816
replay-nonce: 0001hK3kXUp-A9i-YWF777bGt1i68imK6SGSbbeAh3s5raA
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:43 AM UTC] code='201'
[Thu 26 Dec 2019 04:52:43 AM UTC] original='{
  "key": {
    "kty": "RSA",
    "n": "x3XkietvuMwCyI-bGLfVH26H76iNJxR6nCsBEYrIM6eeSTvmXgc3vVaYMez3btdNLy0Z36WAlalx_nEqJFVrzr7uSpa3hLKZchax3-Mwjg1Wg5ETlRqXA5X7gxI56-E1XNP7U2i-2h6_31ntofWuVVxhb5c1Wh3Xp6INFoewlmep7MR5P0XmLrr8lYV65Xo9Ns-iO-9GBMExm8HzqEbxc1u3TPbFAKcS2w0zjX16_L4Wypz6akzG-sCgA89EKMovyl_wo-ICbfyqrFSh4KSPZVXNE2_k5G7HlNUMU6tECxDsk7NO9HdDlu5tvNlIxVDgcwGl75rIx2utm0No5WDdyQ",
    "e": "AQAB"
  },
  "contact": [],
  "initialIp": "128.199.246.56",
  "createdAt": "2019-12-26T04:52:43.173478473Z",
  "status": "valid"
}'
[Thu 26 Dec 2019 04:52:43 AM UTC] response='{"key":{"kty":"RSA","n":"x3XkietvuMwCyI-bGLfVH26H76iNJxR6nCsBEYrIM6eeSTvmXgc3vVaYMez3btdNLy0Z36WAlalx_nEqJFVrzr7uSpa3hLKZchax3-Mwjg1Wg5ETlRqXA5X7gxI56-E1XNP7U2i-2h6_31ntofWuVVxhb5c1Wh3Xp6INFoewlmep7MR5P0XmLrr8lYV65Xo9Ns-iO-9GBMExm8HzqEbxc1u3TPbFAKcS2w0zjX16_L4Wypz6akzG-sCgA89EKMovyl_wo-ICbfyqrFSh4KSPZVXNE2_k5G7HlNUMU6tECxDsk7NO9HdDlu5tvNlIxVDgcwGl75rIx2utm0No5WDdyQ","e":"AQAB"},"contact":[],"initialIp":"128.199.246.56","createdAt":"2019-12-26T04:52:43.173478473Z","status":"valid"}'
[Thu 26 Dec 2019 04:52:43 AM UTC] Registered
[Thu 26 Dec 2019 04:52:43 AM UTC] responseHeaders='HTTP/2 201 
server: nginx
date: Thu, 26 Dec 2019 04:52:43 GMT
content-type: application/json
content-length: 527
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
link: <https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf>;rel="terms-of-service"
location: https://acme-v02.api.letsencrypt.org/acme/acct/74543816
replay-nonce: 0001hK3kXUp-A9i-YWF777bGt1i68imK6SGSbbeAh3s5raA
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:43 AM UTC] _accUri='https://acme-v02.api.letsencrypt.org/acme/acct/74543816'
[Thu 26 Dec 2019 04:52:43 AM UTC] Calc CA_KEY_HASH='5TMvDldeJtWEHra6Xqn3izEY40++QnSBx2M2BvFMWAw='
[Thu 26 Dec 2019 04:52:43 AM UTC] ACCOUNT_THUMBPRINT='QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M'
[Thu 26 Dec 2019 04:52:43 AM UTC] Read key length:
[Thu 26 Dec 2019 04:52:43 AM UTC] Creating domain key
[Thu 26 Dec 2019 04:52:43 AM UTC] Using config home:/root/.acme.sh
[Thu 26 Dec 2019 04:52:43 AM UTC] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Thu 26 Dec 2019 04:52:43 AM UTC] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Thu 26 Dec 2019 04:52:43 AM UTC] _createkey for file:/root/.acme.sh/bbs.antivte.com/bbs.antivte.com.key
[Thu 26 Dec 2019 04:52:43 AM UTC] Use length 4096
[Thu 26 Dec 2019 04:52:43 AM UTC] Using RSA: 4096
[Thu 26 Dec 2019 04:52:44 AM UTC] The domain key is here: /root/.acme.sh/bbs.antivte.com/bbs.antivte.com.key
[Thu 26 Dec 2019 04:52:44 AM UTC] _createcsr
[Thu 26 Dec 2019 04:52:44 AM UTC] domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] domainlist
[Thu 26 Dec 2019 04:52:44 AM UTC] csrkey='/root/.acme.sh/bbs.antivte.com/bbs.antivte.com.key'
[Thu 26 Dec 2019 04:52:44 AM UTC] csr='/root/.acme.sh/bbs.antivte.com/bbs.antivte.com.csr'
[Thu 26 Dec 2019 04:52:44 AM UTC] csrconf='/root/.acme.sh/bbs.antivte.com/bbs.antivte.com.csr.conf'
[Thu 26 Dec 2019 04:52:44 AM UTC] Single domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] _is_idn_d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] _idn_temp
[Thu 26 Dec 2019 04:52:44 AM UTC] _is_idn_d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] _idn_temp
[Thu 26 Dec 2019 04:52:44 AM UTC] _csr_cn='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] Getting domain auth token for each domain
[Thu 26 Dec 2019 04:52:44 AM UTC] _is_idn_d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:44 AM UTC] _idn_temp
[Thu 26 Dec 2019 04:52:44 AM UTC] d
[Thu 26 Dec 2019 04:52:44 AM UTC] _identifiers='{"type":"dns","value":"bbs.antivte.com"}'
[Thu 26 Dec 2019 04:52:44 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Thu 26 Dec 2019 04:52:44 AM UTC] payload='{"identifiers": [{"type":"dns","value":"bbs.antivte.com"}]}'
[Thu 26 Dec 2019 04:52:44 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:44 AM UTC] Use _CACHED_NONCE='0001hK3kXUp-A9i-YWF777bGt1i68imK6SGSbbeAh3s5raA'
[Thu 26 Dec 2019 04:52:44 AM UTC] nonce='0001hK3kXUp-A9i-YWF777bGt1i68imK6SGSbbeAh3s5raA'
[Thu 26 Dec 2019 04:52:44 AM UTC] POST
[Thu 26 Dec 2019 04:52:44 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Thu 26 Dec 2019 04:52:44 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMDAxaEsza1hVcC1BOWktWVdGNzc3Ykd0MWk2OGltSzZTR1NiYmVBaDNzNXJhQSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIiwgImFsZyI6ICJSUzI1NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC83NDU0MzgxNiJ9", "payload": "eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiJkbnMiLCJ2YWx1ZSI6ImJicy5hbnRpdnRlLmNvbSJ9XX0", "signature": "Nv53ZkpgvCfJI5_U8j1GicqOCR2kOgSTmmGi1NT0TieO9ObSCU0F_clTBSkm8jGQn8ulikfkvRReTcqU2pLYicgCs73wmAG597Ot5lZlGog50-yYeBeU9xGPwzBUqR9PH8pA3jAwbuKxwwuLq8cFooOFBKujIJwhPPgMXSOkc21BnRwPpxqUwH3bN6SlHqt_kgOegFzR_znUPkl3z2WJxFCXwxy6IH2h6WygblQUPC8T-jgO2YnoBB3LYJeQyOI2pHhhd3_puEbxN70lK-9asUzIKIGVO35IY3yP_XEI3iL8RDbFGnqyDdZBI-0rRyCeqMk6Sr1ia9p6fVPnqb8qgg"}'
[Thu 26 Dec 2019 04:52:44 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:44 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:44 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:45 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:45 AM UTC] responseHeaders='HTTP/2 201 
server: nginx
date: Thu, 26 Dec 2019 04:52:45 GMT
content-type: application/json
content-length: 345
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
location: https://acme-v02.api.letsencrypt.org/acme/order/74543816/1853681043
replay-nonce: 00022VVZj9eHRQusUFyIaI5oSPJqhryfDBQdR8OTdGCyplc
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:45 AM UTC] code='201'
[Thu 26 Dec 2019 04:52:45 AM UTC] original='{
  "status": "pending",
  "expires": "2020-01-02T04:52:45.777717689Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "bbs.antivte.com"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/74543816/1853681043"
}'
[Thu 26 Dec 2019 04:52:45 AM UTC] response='{"status":"pending","expires":"2020-01-02T04:52:45.777717689Z","identifiers":[{"type":"dns","value":"bbs.antivte.com"}],"authorizations":["https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397"],"finalize":"https://acme-v02.api.letsencrypt.org/acme/finalize/74543816/1853681043"}'
[Thu 26 Dec 2019 04:52:45 AM UTC] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/74543816/1853681043'
[Thu 26 Dec 2019 04:52:46 AM UTC] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/74543816/1853681043'
[Thu 26 Dec 2019 04:52:46 AM UTC] _authorizations_seg='https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397'
[Thu 26 Dec 2019 04:52:46 AM UTC] _authz_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397'
[Thu 26 Dec 2019 04:52:46 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397'
[Thu 26 Dec 2019 04:52:46 AM UTC] payload
[Thu 26 Dec 2019 04:52:46 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:46 AM UTC] Use _CACHED_NONCE='00022VVZj9eHRQusUFyIaI5oSPJqhryfDBQdR8OTdGCyplc'
[Thu 26 Dec 2019 04:52:46 AM UTC] nonce='00022VVZj9eHRQusUFyIaI5oSPJqhryfDBQdR8OTdGCyplc'
[Thu 26 Dec 2019 04:52:46 AM UTC] POST
[Thu 26 Dec 2019 04:52:46 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397'
[Thu 26 Dec 2019 04:52:46 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMDAyMlZWWmo5ZUhSUXVzVUZ5SWFJNW9TUEpxaHJ5ZkRCUWRSOE9UZEdDeXBsYyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMTkzNDA2ODM5NyIsICJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzQ1NDM4MTYifQ", "payload": "", "signature": "hgHFxU5Si0acgUuXbZqmGS46O8A9-mv57wNqs_99exOWOTQlv61yFTrYm18LGSALvdB5GUMnxMh0e0djS4eew02DgcBPdHTkkaJADD90N0-UhiT8Ze1eHFg1BG6bR-Ylwy9NJWf6x2Oz0U9hWk5qxUnqNRR6uuzLgCNE4wJP7XPWHAzuWfbOQhNaW9bai2-qKEI1ofhnOumcPgxj0ne8t8ALZezjDjTSQ4xJbMWEZnNv8GuthE9_iI9FfGZ8NX0Q0QsLngO_qwRdGYjNli-0sOwIUgNuQlrbugJlcAJr9uSOofuIExKCHm2CQ14Nc8OdzXKVq5gzm0EeqcGRN_M0ig"}'
[Thu 26 Dec 2019 04:52:46 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:46 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:46 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:47 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:47 AM UTC] responseHeaders='HTTP/2 200 
server: nginx
date: Thu, 26 Dec 2019 04:52:46 GMT
content-type: application/json
content-length: 793
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0001wsQPuTFIYRuN7O_cE5bkCzOOC2kqwiYWurj2g4K2YxQ
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:47 AM UTC] code='200'
[Thu 26 Dec 2019 04:52:47 AM UTC] original='{
  "identifier": {
    "type": "dns",
    "value": "bbs.antivte.com"
  },
  "status": "pending",
  "expires": "2020-01-02T04:52:45Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw",
      "token": "IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw",
      "token": "IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw",
      "token": "IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"
    }
  ]
}'
[Thu 26 Dec 2019 04:52:47 AM UTC] response='{"identifier":{"type":"dns","value":"bbs.antivte.com"},"status":"pending","expires":"2020-01-02T04:52:45Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}]}'
[Thu 26 Dec 2019 04:52:47 AM UTC] response='{"identifier":{"type":"dns","value":"bbs.antivte.com"},"status":"pending","expires":"2020-01-02T04:52:45Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}]}'
[Thu 26 Dec 2019 04:52:47 AM UTC] _d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] _authorizations_map='bbs.antivte.com,{"identifier":{"type":"dns","value":"bbs.antivte.com"},"status":"pending","expires":"2020-01-02T04:52:45Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}]}
'
[Thu 26 Dec 2019 04:52:47 AM UTC] d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] Getting webroot for domain='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] _w='/var/www/discourse/public'
[Thu 26 Dec 2019 04:52:47 AM UTC] _currentRoot='/var/www/discourse/public'
[Thu 26 Dec 2019 04:52:47 AM UTC] _is_idn_d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] _idn_temp
[Thu 26 Dec 2019 04:52:47 AM UTC] _candindates='bbs.antivte.com,{"identifier":{"type":"dns","value":"bbs.antivte.com"},"status":"pending","expires":"2020-01-02T04:52:45Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}]}'
[Thu 26 Dec 2019 04:52:47 AM UTC] response='{"identifier":{"type":"dns","value":"bbs.antivte.com"},"status":"pending","expires":"2020-01-02T04:52:45Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/gXLsCw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/-lKEXw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}]}'
[Thu 26 Dec 2019 04:52:47 AM UTC] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"'
[Thu 26 Dec 2019 04:52:47 AM UTC] token='IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M'
[Thu 26 Dec 2019 04:52:47 AM UTC] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:47 AM UTC] keyauthorization='IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M'
[Thu 26 Dec 2019 04:52:47 AM UTC] dvlist='bbs.antivte.com#IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M#https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw#http-01#/var/www/discourse/public'
[Thu 26 Dec 2019 04:52:47 AM UTC] d
[Thu 26 Dec 2019 04:52:47 AM UTC] vlist='bbs.antivte.com#IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M#https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw#http-01#/var/www/discourse/public,'
[Thu 26 Dec 2019 04:52:47 AM UTC] d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] ok, let's start to verify
[Thu 26 Dec 2019 04:52:47 AM UTC] Verifying: bbs.antivte.com
[Thu 26 Dec 2019 04:52:47 AM UTC] d='bbs.antivte.com'
[Thu 26 Dec 2019 04:52:47 AM UTC] keyauthorization='IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M'
[Thu 26 Dec 2019 04:52:47 AM UTC] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:47 AM UTC] _currentRoot='/var/www/discourse/public'
[Thu 26 Dec 2019 04:52:47 AM UTC] wellknown_path='/var/www/discourse/public/.well-known/acme-challenge'
[Thu 26 Dec 2019 04:52:47 AM UTC] writing token:IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M to /var/www/discourse/public/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M
[Thu 26 Dec 2019 04:52:47 AM UTC] Changing owner/group of .well-known to discourse:discourse
[Thu 26 Dec 2019 04:52:47 AM UTC] Trigger domain validation.
[Thu 26 Dec 2019 04:52:47 AM UTC] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:47 AM UTC] _t_key_authz='IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M'
[Thu 26 Dec 2019 04:52:47 AM UTC] _t_vtype='http-01'
[Thu 26 Dec 2019 04:52:47 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:47 AM UTC] payload='{}'
[Thu 26 Dec 2019 04:52:47 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:47 AM UTC] Use _CACHED_NONCE='0001wsQPuTFIYRuN7O_cE5bkCzOOC2kqwiYWurj2g4K2YxQ'
[Thu 26 Dec 2019 04:52:47 AM UTC] nonce='0001wsQPuTFIYRuN7O_cE5bkCzOOC2kqwiYWurj2g4K2YxQ'
[Thu 26 Dec 2019 04:52:47 AM UTC] POST
[Thu 26 Dec 2019 04:52:47 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:47 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMDAxd3NRUHVURklZUnVON09fY0U1YmtDek9PQzJrcXdpWVd1cmoyZzRLMll4USIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMTkzNDA2ODM5Ny9MU2hSSHciLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0Lzc0NTQzODE2In0", "payload": "e30", "signature": "iLhXlf3XDE6RqQuDbAfA4MYTXONqCXxgI8SeGwhBNn1BW0dz4EhYoG-GrE5SrXiNuwflkbLEmvDEMZSTgeuqDM3MIMaE-qw2fF2XrZVCf1madkWlKlwi8BYwiz-7ebFWatv8bAHsDSA_l-XC5eT1c4M3-sRsy6RyqPUxzUhvHzwUa4ePDJf0nmvpDq_iQB6mBf-VaqNUtqdhHIpb-Pz7qDDxIhxMcfDVuxKOjX3mf1KvggGSJbVBTffaBGc58vtuXBXAPNlpXbEPXMQBJcYjRJX_cwCRgYakRj1pBj39uVqHK096Qc30N9ALS18gHj5iTYqsWZzRlnYg5zYPO137zA"}'
[Thu 26 Dec 2019 04:52:47 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:47 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:47 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:48 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:48 AM UTC] responseHeaders='HTTP/2 200 
server: nginx
date: Thu, 26 Dec 2019 04:52:48 GMT
content-type: application/json
content-length: 185
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
link: <https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397>;rel="up"
location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw
replay-nonce: 0101orbWi92uCZTOWbj0--xl238zJ_lVCupwfti7W9-2Qzc
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:48 AM UTC] code='200'
[Thu 26 Dec 2019 04:52:48 AM UTC] original='{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw",
  "token": "IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"
}'
[Thu 26 Dec 2019 04:52:48 AM UTC] response='{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M"}'
[Thu 26 Dec 2019 04:52:48 AM UTC] trigger validation code: 200
[Thu 26 Dec 2019 04:52:48 AM UTC] sleep 2 secs to verify
[Thu 26 Dec 2019 04:52:50 AM UTC] checking
[Thu 26 Dec 2019 04:52:50 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:50 AM UTC] payload
[Thu 26 Dec 2019 04:52:50 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:50 AM UTC] Use _CACHED_NONCE='0101orbWi92uCZTOWbj0--xl238zJ_lVCupwfti7W9-2Qzc'
[Thu 26 Dec 2019 04:52:50 AM UTC] nonce='0101orbWi92uCZTOWbj0--xl238zJ_lVCupwfti7W9-2Qzc'
[Thu 26 Dec 2019 04:52:50 AM UTC] POST
[Thu 26 Dec 2019 04:52:50 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:50 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMTAxb3JiV2k5MnVDWlRPV2JqMC0teGwyMzh6Sl9sVkN1cHdmdGk3VzktMlF6YyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMTkzNDA2ODM5Ny9MU2hSSHciLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0Lzc0NTQzODE2In0", "payload": "", "signature": "G4UzMSDRVQvvXplTdXTKGwD8DSExTv6nxDOKE4xhLVvSM5pRr-uJqivsuL6iPQu-Efru4QdgtJ31kg4CVZ_R8aSk-JJRfC31fCYdrBkpFS-_G5BUosoV0CEyH2-IPo1c2TaNviV7QA8nRE3EwBQmI2oWegT5jav5mU4XvdYxjl32ihPHkg06jIggzhnrJJfU2wtHQjUahR6C3mEgcJD4EVci10Df5Vvk4MUWh5YiwvYeyBf4VbOGHHos1nQpin2EKBKgdvcnEfr3HrNLnrL_NVGTOz5I6EmZ2alizEKGEOfMZXip_aII8YZ_AjM_pH8bdEUwBdY6xFN5z53pFrjUZw"}'
[Thu 26 Dec 2019 04:52:50 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:50 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:50 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:51 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:51 AM UTC] responseHeaders='HTTP/2 200 
server: nginx
date: Thu, 26 Dec 2019 04:52:51 GMT
content-type: application/json
content-length: 1446
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
link: <https://acme-v02.api.letsencrypt.org/acme/authz-v3/1934068397>;rel="up"
location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw
replay-nonce: 0102DQYrXDXyqbQCHTjIWnquZuDokct_c1V7AOj2-L9rskQ
x-frame-options: DENY
strict-transport-security: max-age=604800
'
[Thu 26 Dec 2019 04:52:51 AM UTC] code='200'
[Thu 26 Dec 2019 04:52:51 AM UTC] original='{
  "type": "http-01",
  "status": "invalid",
  "error": {
    "type": "urn:ietf:params:acme:error:unauthorized",
    "detail": "Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: \"\u003c!DOCTYPE html\u003e\\n\u003c!--[if lt IE 7]\u003e \u003chtml class=\\\"no-js ie6 oldie\\\" lang=\\\"en-US\\\"\u003e \u003c![endif]--\u003e\\n\u003c!--[if IE 7]\u003e    \u003chtml class=\\\"no-js \"",
    "status": 403
  },
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw",
  "token": "IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M",
  "validationRecord": [
    {
      "url": "http://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M",
      "hostname": "bbs.antivte.com",
      "port": "80",
      "addressesResolved": [
        "104.27.177.113",
        "104.27.176.113",
        "2606:4700:30::681b:b071",
        "2606:4700:30::681b:b171"
      ],
      "addressUsed": "2606:4700:30::681b:b071"
    },
    {
      "url": "https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M",
      "hostname": "bbs.antivte.com",
      "port": "443",
      "addressesResolved": [
        "104.27.177.113",
        "104.27.176.113",
        "2606:4700:30::681b:b071",
        "2606:4700:30::681b:b171"
      ],
      "addressUsed": "2606:4700:30::681b:b071"
    }
  ]
}'
[Thu 26 Dec 2019 04:52:51 AM UTC] response='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: \"\u003c!DOCTYPE html\u003e\\n\u003c!--[if lt IE 7]\u003e \u003chtml class=\\\"no-js ie6 oldie\\\" lang=\\\"en-US\\\"\u003e \u003c![endif]--\u003e\\n\u003c!--[if IE 7]\u003e    \u003chtml class=\\\"no-js \"","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","validationRecord":[{"url":"http://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"80","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"},{"url":"https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"443","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"}]}'
[Thu 26 Dec 2019 04:52:51 AM UTC] original='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: \"\u003c!DOCTYPE html\u003e\\n\u003c!--[if lt IE 7]\u003e \u003chtml class=\\\"no-js ie6 oldie\\\" lang=\\\"en-US\\\"\u003e \u003c![endif]--\u003e\\n\u003c!--[if IE 7]\u003e    \u003chtml class=\\\"no-js \"","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","validationRecord":[{"url":"http://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"80","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"},{"url":"https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"443","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"}]}'
[Thu 26 Dec 2019 04:52:51 AM UTC] response='{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: \"\u003c!DOCTYPE html\u003e\\n\u003c!--[if lt IE 7]\u003e \u003chtml class=\\\"no-js ie6 oldie\\\" lang=\\\"en-US\\\"\u003e \u003c![endif]--\u003e\\n\u003c!--[if IE 7]\u003e    \u003chtml class=\\\"no-js \"","status": 403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw","token":"IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","validationRecord":[{"url":"http://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"80","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"},{"url":"https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M","hostname":"bbs.antivte.com","port":"443","addressesResolved":["104.27.177.113","104.27.176.113","2606:4700:30::681b:b071","2606:4700:30::681b:b171"],"addressUsed":"2606:4700:30::681b:b071"}]}'
[Thu 26 Dec 2019 04:52:51 AM UTC] error='"error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: '
[Thu 26 Dec 2019 04:52:51 AM UTC] errordetail='Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: '
[Thu 26 Dec 2019 04:52:51 AM UTC] bbs.antivte.com:Verify error:Invalid response from https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: 
[Thu 26 Dec 2019 04:52:51 AM UTC] Debug: get token url.
[Thu 26 Dec 2019 04:52:51 AM UTC] GET
[Thu 26 Dec 2019 04:52:51 AM UTC] url='http://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M'
[Thu 26 Dec 2019 04:52:51 AM UTC] timeout=1
[Thu 26 Dec 2019 04:52:51 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:51 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g  --connect-timeout 1'
<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->
<!--[if IE 7]>    <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->
<!--[if IE 8]>    <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]-->
<head>
<meta http-equiv="refresh" content="0">
<title>bbs.antivte.com | 521: Web server is down</title>
<meta charset="UTF-8" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" />
<meta name="robots" content="noindex, nofollow" />
<meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1" />
<script src="/cdn-cgi/apps/head/eW0hx6oSIsT-EkFq6T0G23tSHbI.js"></script><link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" type="text/css" media="screen,projection" />
<!--[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" type="text/css" media="screen,projection" /><![endif]-->
<style type="text/css">body{margin:0;padding:0}</style>
</head>
<body>
<div id="cf-wrapper">
<div id="cf-error-details" class="cf-error-details-wrapper">
<div class="cf-wrapper cf-error-overview">
<h1>
<span class="cf-error-type">Error</span>
<span class="cf-error-code">521</span>
<small class="heading-ray-id">Ray ID: 54b072a03614ddd3 &bull; 2019-12-26 04:52:51 UTC</small>
</h1>
<h2 class="cf-subheadline">Web server is down</h2>
</div>
<div class="cf-section cf-highlight cf-status-display">
<div class="cf-wrapper">
<div class="cf-columns cols-3">
<div id="cf-browser-status" class="cf-column cf-status-item cf-browser-status ">
<div class="cf-icon-error-container">
<i class="cf-icon cf-icon-browser"></i>
<i class="cf-icon-status cf-icon-ok"></i>
</div>
<span class="cf-status-desc">You</span>
<h3 class="cf-status-name">Browser</h3>
<span class="cf-status-label">Working</span>
</div>
<div id="cf-cloudflare-status" class="cf-column cf-status-item cf-cloudflare-status ">
<div class="cf-icon-error-container">
<i class="cf-icon cf-icon-cloud"></i>
<i class="cf-icon-status cf-icon-ok"></i>
</div>
<span class="cf-status-desc">Singapore</span>
<h3 class="cf-status-name">Cloudflare</h3>
<span class="cf-status-label">Working</span>
</div>
<div id="cf-host-status" class="cf-column cf-status-item cf-host-status cf-error-source">
<div class="cf-icon-error-container">
<i class="cf-icon cf-icon-server"></i>
<i class="cf-icon-status cf-icon-error"></i>
</div>
<span class="cf-status-desc">bbs.antivte.com</span>
<h3 class="cf-status-name">Host</h3>
<span class="cf-status-label">Error</span>
</div>
</div>
</div>
</div>
<div class="cf-section cf-wrapper">
<div class="cf-columns two">
<div class="cf-column">
<h2>What happened?</h2>
<p>The web server is not returning a connection. As a result, the web page is not displaying.</p>
</div>
<div class="cf-column">
<h2>What can I do?</h2>
<h5>If you are a visitor of this website:</h5>
<p>Please try again in a few minutes.</p>
<h5>If you are the owner of this website:</h5>
<p><span>Contact your hosting provider letting them know your web server is not responding.</span> <a href="https://support.cloudflare.com/hc/en-us/articles/200171916-Error-521">Additional troubleshooting information</a>.</p>
</div>
</div>
</div>
<div class="cf-error-footer cf-wrapper">
<p>
<span class="cf-footer-item">Cloudflare Ray ID: <strong>54b072a03614ddd3</strong></span>
<span class="cf-footer-separator">&bull;</span>
<span class="cf-footer-item"><span>Your IP</span>: 128.199.246.56</span>
<span class="cf-footer-separator">&bull;</span>
<span class="cf-footer-item"><span>Performance &amp; security by</span> <a href="https://www.cloudflare.com/5xx-error-landing?utm_source=error_footer" id="brand_link" target="_blank">Cloudflare</a></span>
</p>
</div>
</div>
</div>
</body>
</html>
[Thu 26 Dec 2019 04:52:51 AM UTC] ret='0'
[Thu 26 Dec 2019 04:52:51 AM UTC] Debugging, skip removing: /var/www/discourse/public/.well-known
[Thu 26 Dec 2019 04:52:51 AM UTC] pid
[Thu 26 Dec 2019 04:52:51 AM UTC] No need to restore nginx, skip.
[Thu 26 Dec 2019 04:52:51 AM UTC] _clearupdns
[Thu 26 Dec 2019 04:52:51 AM UTC] dns_entries
[Thu 26 Dec 2019 04:52:51 AM UTC] skip dns.
[Thu 26 Dec 2019 04:52:51 AM UTC] _on_issue_err
[Thu 26 Dec 2019 04:52:51 AM UTC] Please add '--debug' or '--log' to check more details.
[Thu 26 Dec 2019 04:52:51 AM UTC] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
[Thu 26 Dec 2019 04:52:51 AM UTC] _chk_vlist='bbs.antivte.com#IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M#https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw#http-01#/var/www/discourse/public,'
[Thu 26 Dec 2019 04:52:51 AM UTC] start to deactivate authz
[Thu 26 Dec 2019 04:52:51 AM UTC] Trigger domain validation.
[Thu 26 Dec 2019 04:52:52 AM UTC] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:52 AM UTC] _t_key_authz='IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M.QzZDTO50oWOyXvU_zdMh7jx3NMWWZdgpZ5bWAEKhS5M'
[Thu 26 Dec 2019 04:52:52 AM UTC] _t_vtype
[Thu 26 Dec 2019 04:52:52 AM UTC] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:52 AM UTC] payload='{}'
[Thu 26 Dec 2019 04:52:52 AM UTC] Use cached jwk for file: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key
[Thu 26 Dec 2019 04:52:52 AM UTC] Use _CACHED_NONCE='0102DQYrXDXyqbQCHTjIWnquZuDokct_c1V7AOj2-L9rskQ'
[Thu 26 Dec 2019 04:52:52 AM UTC] nonce='0102DQYrXDXyqbQCHTjIWnquZuDokct_c1V7AOj2-L9rskQ'
[Thu 26 Dec 2019 04:52:52 AM UTC] POST
[Thu 26 Dec 2019 04:52:52 AM UTC] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/1934068397/LShRHw'
[Thu 26 Dec 2019 04:52:52 AM UTC] body='{"protected": "eyJub25jZSI6ICIwMTAyRFFZclhEWHlxYlFDSFRqSVducXVadURva2N0X2MxVjdBT2oyLUw5cnNrUSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMTkzNDA2ODM5Ny9MU2hSSHciLCAiYWxnIjogIlJTMjU2IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0Lzc0NTQzODE2In0", "payload": "e30", "signature": "igOVATkPfSpNRp5SMfIJ6V7X-a5h2M2S3l-spWXoM7K5m6sznoXsHerqL_PhcD22hYxGdkflu3QYaYCVd7D0jOcrbWX4w8KyeKFyVRQboJHj5_z0aeaPrXOFzoFuofgKTMU5UcisjFWvN5TbKrR-FGSP2gcLOA1XDuzuiWH791Zyw-i0cJp8oLuIglHuhwpS6dLezYkq8wFAfXKyO961BKsZ3o2ioG_vay6jQVEfnjxI72Hbsd5KJdkG_bQ84rRCdbGYoDh38Q-YAIZlDhm10iCrEARAltgnr0JICl4lrlKJA7ONYlloG6tJIrpgpl30NdmNiAROYlFYyqNK2QTp_Q"}'
[Thu 26 Dec 2019 04:52:52 AM UTC] _postContentType='application/jose+json'
[Thu 26 Dec 2019 04:52:52 AM UTC] Http already initialized.
[Thu 26 Dec 2019 04:52:52 AM UTC] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  --trace-ascii /tmp/tmp.ZISJb4pUto  -g '
[Thu 26 Dec 2019 04:52:53 AM UTC] _ret='0'
[Thu 26 Dec 2019 04:52:53 AM UTC] responseHeaders='HTTP/2 400 
server: nginx
date: Thu, 26 Dec 2019 04:52:52 GMT
content-type: application/problem+json
content-length: 144
boulder-requester: 74543816
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0001uzKVPUnkkwsWQ1sqfu1khlNSQEYHgiKCGy_Lb2VeS20
'
[Thu 26 Dec 2019 04:52:53 AM UTC] code='400'
[Thu 26 Dec 2019 04:52:53 AM UTC] original='{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Unable to update challenge :: authorization must be pending",
  "status": 400
}'
[Thu 26 Dec 2019 04:52:53 AM UTC] response='{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Unable to update challenge :: authorization must be pending",
  "status": 400
}'
[Thu 26 Dec 2019 04:52:53 AM UTC] Diagnosis versions: 
openssl:openssl
OpenSSL 1.1.1d  10 Sep 2019
apache:
apache doesn't exists.
nginx:
nginx version: nginx/1.17.4
built by gcc 8.3.0 (Debian 8.3.0-6) 
built with OpenSSL 1.1.1d  10 Sep 2019
TLS SNI support enabled
configure arguments: --with-cc-opt='-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -Wno-deprecated-declarations' --with-ld-opt='-Wl,-Bsymbolic-functions -fPIE -pie -Wl,-z,relro -Wl,-z,now' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-ipv6 --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_addition_module --with-http_dav_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_v2_module --with-http_sub_module --with-stream --with-stream_ssl_module --with-mail --with-mail_ssl_module --with-threads --add-module=/tmp/ngx_brotli
socat:
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
Usage:
socat [options] <bi-address> <bi-address>
   options:
      -V     print version and feature information to stdout, and exit
      -h|-?  print a help text describing command line options and addresses
      -hh    like -h, plus a list of all common address option names
      -hhh   like -hh, plus a list of all available address option names
      -d     increase verbosity (use up to 4 times; 2 are recommended)
      -D     analyze file descriptors before loop
      -ly[facility]  log to syslog, using facility (default is daemon)
      -lf<logfile>   log to file
      -ls            log to stderr (default if no other log)
      -lm[facility]  mixed log mode (stderr during initialization, then syslog)
      -lp<progname>  set the program name used for logging
      -lu            use microseconds for logging timestamps
      -lh            add hostname to log messages
      -v     verbose data traffic, text
      -x     verbose data traffic, hexadecimal
      -b<size_t>     set data buffer size (8192)
      -s     sloppy (continue on error)
      -t<timeout>    wait seconds before closing second channel
      -T<timeout>    total inactivity timeout in seconds
      -u     unidirectional mode (left to right)
      -U     unidirectional mode (right to left)
      -g     do not check option groups
      -L <lockfile>  try to obtain lock, or fail
      -W <lockfile>  try to obtain lock, or wait
      -4     prefer IPv4 if version is not explicitly specified
      -6     prefer IPv6 if version is not explicitly specified
   bi-address:
      pipe[,<opts>]	groups=FD,FIFO
      <single-address>!!<single-address>
      <single-address>
   single-address:
      <address-head>[,<opts>]
   address-head:
      abstract-client:<filename>	groups=FD,SOCKET,RETRY,UNIX
      abstract-connect:<filename>	groups=FD,SOCKET,RETRY,UNIX
      abstract-listen:<filename>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,UNIX
      abstract-recv:<filename>	groups=FD,SOCKET,RETRY,UNIX
      abstract-recvfrom:<filename>	groups=FD,SOCKET,CHILD,RETRY,UNIX
      abstract-sendto:<filename>	groups=FD,SOCKET,RETRY,UNIX
      create:<filename>	groups=FD,REG,NAMED
      exec:<command-line>	groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
      fd:<num>	groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      gopen:<filename>	groups=FD,FIFO,CHR,BLK,REG,SOCKET,NAMED,OPEN,TERMIOS,UNIX
      interface:<interface>	groups=FD,SOCKET
      ip-datagram:<host>:<protocol>	groups=FD,SOCKET,RANGE,IP4,IP6
      ip-recv:<protocol>	groups=FD,SOCKET,RANGE,IP4,IP6
      ip-recvfrom:<protocol>	groups=FD,SOCKET,CHILD,RANGE,IP4,IP6
      ip-sendto:<host>:<protocol>	groups=FD,SOCKET,IP4,IP6
      ip4-datagram:<host>:<protocol>	groups=FD,SOCKET,RANGE,IP4
      ip4-recv:<protocol>	groups=FD,SOCKET,RANGE,IP4
      ip4-recvfrom:<protocol>	groups=FD,SOCKET,CHILD,RANGE,IP4
      ip4-sendto:<host>:<protocol>	groups=FD,SOCKET,IP4
      ip6-datagram:<host>:<protocol>	groups=FD,SOCKET,RANGE,IP6
      ip6-recv:<protocol>	groups=FD,SOCKET,RANGE,IP6
      ip6-recvfrom:<protocol>	groups=FD,SOCKET,CHILD,RANGE,IP6
      ip6-sendto:<host>:<protocol>	groups=FD,SOCKET,IP6
      open:<filename>	groups=FD,FIFO,CHR,BLK,REG,NAMED,OPEN,TERMIOS
      openssl:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,OPENSSL
      openssl-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP,OPENSSL
      pipe:<filename>	groups=FD,FIFO,NAMED,OPEN
      proxy:<proxy-server>:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,HTTP
      pty	groups=FD,NAMED,TERMIOS,PTY
      sctp-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,SCTP
      sctp-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,SCTP
      sctp4-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,SCTP
      sctp4-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,SCTP
      sctp6-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP6,SCTP
      sctp6-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,SCTP
      socket-connect:<domain>:<protocol>:<remote-address>	groups=FD,SOCKET,CHILD,RETRY
      socket-datagram:<domain>:<type>:<protocol>:<remote-address>	groups=FD,SOCKET,RANGE
      socket-listen:<domain>:<protocol>:<local-address>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE
      socket-recv:<domain>:<type>:<protocol>:<local-address>	groups=FD,SOCKET,RANGE
      socket-recvfrom:<domain>:<type>:<protocol>:<local-address>	groups=FD,SOCKET,CHILD,RANGE
      socket-sendto:<domain>:<type>:<protocol>:<remote-address>	groups=FD,SOCKET
      socks4:<socks-server>:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
      socks4a:<socks-server>:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP,SOCKS4
      stderr	groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      stdin	groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      stdio	groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      stdout	groups=FD,FIFO,CHR,BLK,REG,SOCKET,TERMIOS,UNIX,IP4,IP6,UDP,TCP,SCTP
      system:<shell-command>	groups=FD,FIFO,SOCKET,EXEC,FORK,TERMIOS,PTY,PARENT,UNIX
      tcp-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,IP6,TCP
      tcp-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,IP6,TCP
      tcp4-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP4,TCP
      tcp4-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP4,TCP
      tcp6-connect:<host>:<port>	groups=FD,SOCKET,CHILD,RETRY,IP6,TCP
      tcp6-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RETRY,RANGE,IP6,TCP
      tun[:<ip-addr>/<bits>]	groups=FD,CHR,NAMED,OPEN,INTERFACE
      udp-connect:<host>:<port>	groups=FD,SOCKET,IP4,IP6,UDP
      udp-datagram:<host>:<port>	groups=FD,SOCKET,RANGE,IP4,IP6,UDP
      udp-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,IP6,UDP
      udp-recv:<port>	groups=FD,SOCKET,RANGE,IP4,IP6,UDP
      udp-recvfrom:<port>	groups=FD,SOCKET,CHILD,RANGE,IP4,IP6,UDP
      udp-sendto:<host>:<port>	groups=FD,SOCKET,IP4,IP6,UDP
      udp4-connect:<host>:<port>	groups=FD,SOCKET,IP4,UDP
      udp4-datagram:<remote-address>:<port>	groups=FD,SOCKET,RANGE,IP4,UDP
      udp4-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP4,UDP
      udp4-recv:<port>	groups=FD,SOCKET,RANGE,IP4,UDP
      udp4-recvfrom:<host>:<port>	groups=FD,SOCKET,CHILD,RANGE,IP4,UDP
      udp4-sendto:<host>:<port>	groups=FD,SOCKET,IP4,UDP
      udp6-connect:<host>:<port>	groups=FD,SOCKET,IP6,UDP
      udp6-datagram:<host>:<port>	groups=FD,SOCKET,RANGE,IP6,UDP
      udp6-listen:<port>	groups=FD,SOCKET,LISTEN,CHILD,RANGE,IP6,UDP
      udp6-recv:<port>	groups=FD,SOCKET,RANGE,IP6,UDP
      udp6-recvfrom:<port>	groups=FD,SOCKET,CHILD,RANGE,IP6,UDP
      udp6-sendto:<host>:<port>	groups=FD,SOCKET,IP6,UDP
      unix-client:<filename>	groups=FD,SOCKET,NAMED,RETRY,UNIX
      unix-connect:<filename>	groups=FD,SOCKET,NAMED,RETRY,UNIX
      unix-listen:<filename>	groups=FD,SOCKET,NAMED,LISTEN,CHILD,RETRY,UNIX
      unix-recv:<filename>	groups=FD,SOCKET,NAMED,RETRY,UNIX
      unix-recvfrom:<filename>	groups=FD,SOCKET,NAMED,CHILD,RETRY,UNIX
      unix-sendto:<filename>	groups=FD,SOCKET,NAMED,RETRY,UNIX
root@docker-s-1vcpu-2gb-sgp1-01-app:/shared/letsencrypt#

itsbhanusharma · Dezembro 26, 2019, 6:43am

O motivo mais comum para esse problema é que seu domínio não está apontando para o endereço IP do seu servidor. Você confirmou que seu subdomínio possui um registro A apontando para o endereço IP do servidor?

wanghaisheng · Dezembro 26, 2019, 6:50am

Parece que realmente atingi o limite de criptografia. E eu tenho um registro A, isso é algo que já conheço, e as configurações do domínio antigo ainda existem para minha instalação anterior bem-sucedida. Eu não alterei o domínio. De qualquer forma, mudei o domínio e agora está funcionando.

wanghaisheng · Dezembro 26, 2019, 6:51am

Você já tentou recuperar do backup? Eu tive isso: não é possível carregar /categories.json

itsbhanusharma · Dezembro 26, 2019, 7:03am

Isso pode ser um problema diferente. Vi outro post reclamando da incapacidade de carregar categorias. Você pode pesquisar no fórum por tópicos relevantes sobre isso.

Sobre o Let’s Encrypt, eles permitem apenas 5 a 7 certificados para o mesmo (sub)domínio por semana, e é muito fácil ultrapassar esse limite em um ambiente de teste.

JimPas · Dezembro 26, 2019, 7:51am

Acabei de verificar cerca de 1 hora depois (07:45 UTC) e seu site está offline. Não há conexão. Aparece um erro “521: Web server is down”. Quando digitei bbs.antivte.com, fui redirecionado para bloodclot.antivte.com. Provavelmente há um erro de redirecionamento, um erro de DNS, ou você pode ter criado um certificado apenas para um domínio e não para o subdomínio www.
Seria melhor ir até community.LetsEncrypt.org e pedir para eles executarem o teste no seu domínio. Usando o comando que você utilizou, deve mostrar onde está o problema. Vejo que você está usando o Cloudflare. Eles podem fornecer instruções específicas para configuração com o Cloudflare e com o cliente de CA que você está usando, seja Certbot, Apache, etc.
Independentemente do que fizer, nunca exclua certificados. Isso é um “não-não” que eles insistem constantemente.

O ambiente de teste do Let’s Encrypt não tem limite, pois não gera um certificado real. Esse é todo o propósito do parâmetro de teste… mas você precisa incluir a opção de teste no seu comando, caso contrário o cliente acha que você está tentando obter um novo certificado ou renovar uma renovação. Uma coisa: se você atingir o limite de 5 tentativas falhas, isso dura apenas 1 hora. Após 1 hora, você pode testar novamente.

wanghaisheng · Dezembro 26, 2019, 8:56am

informação que gostaria que você soubesse

Há um mês que estou operando este domínio de BBS. Nestes dois últimos dias, excluí manualmente e tentei instalar um novo. Fiquei preso a esse problema de CA por um tempo. Acabei desistindo do domínio antigo do BBS. Talvez daqui a alguns dias eu tente novamente.

No momento em que você testou, eu estava executando uma nova instância para o bloodclot e redirecionando o BBS original através do Cloudflare para o bloodclot.

wanghaisheng · Dezembro 26, 2019, 9:20am

Fiz uma tentativa rápida, mas ainda sem sucesso em bbs.antivte.com. Mesmo problema com o certificado CA.

itsbhanusharma · Dezembro 26, 2019, 10:56am

Olá @JimPas, apenas para esclarecer: o discourse-setup (ou qualquer outro método de instalação suportado do Discourse) utiliza o Let’s Encrypt no modo de Produção, não no modo de Estágio. Limites se aplicam ao modo de Produção, mas não ao de Estágio. Não há uma opção na instalação do Discourse para usar o ambiente de Estágio em vez do de Produção.

O que quis dizer com “testar” é um usuário realmente testando o discourse-docker destruindo e reinstalando seu servidor várias vezes por semana, e não o uso do Let’s Encrypt em modo de Estágio, que é algo irrelevante aqui.

danb35 · Dezembro 26, 2019, 1:27pm

…e o que exatamente é o “problema de CA”? Não entendo por que a discussão aqui está falando sobre limites de taxa; nada no que você postou indica um problema de limite de taxa, e o relatório de transparência do Google para seu domínio também não indica nada que deva causar um problema — você tem quatro certificados idênticos emitidos para este nome em 6 de dezembro, mas (1) o limite é de cinco certificados idênticos, não quatro; e (2) esse limite é por semana, e já se passaram quase três semanas desde que esses certificados foram emitidos.

O que te faz pensar isso? Porque não vi nada na saída do log que você postou que sugira isso de forma alguma; essa saída mostra uma validação falha porque seu servidor não forneceu o token de validação correto.

wanghaisheng · Dezembro 26, 2019, 1:48pm

aqui

root@docker-s-1vcpu-2gb-sgp1-01:/var/discourse# docker logs app
run-parts: executando /etc/runit/1.d/00-ensure-links
run-parts: executando /etc/runit/1.d/00-fix-var-logs
run-parts: executando /etc/runit/1.d/anacron
run-parts: executando /etc/runit/1.d/cleanup-pids
Limpeza de arquivos PID obsoletos
run-parts: executando /etc/runit/1.d/copy-env
run-parts: executando /etc/runit/1.d/letsencrypt
[Qui 26 Dez 2019 09:28:22 AM UTC] Domínio único='bbs.antivte.com'
[Qui 26 Dez 2019 09:28:22 AM UTC] Obtendo token de autenticação de domínio para cada domínio
[Qui 26 Dez 2019 09:28:24 AM UTC] Erro ao criar novo pedido. Le_OrderFinalize não encontrado. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Erro ao criar novo pedido :: muitas autorizações falhadas recentemente: veja https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}
[Qui 26 Dez 2019 09:28:24 AM UTC] Verifique o arquivo de log para mais detalhes: /shared/letsencrypt/acme.sh.log
Erro ao carregar o arquivo ca.cer
[Qui 26 Dez 2019 09:28:25 AM UTC] Domínio único='bbs.antivte.com'
[Qui 26 Dez 2019 09:28:25 AM UTC] Obtendo token de autenticação de domínio para cada domínio
[Qui 26 Dez 2019 09:28:27 AM UTC] Erro ao criar novo pedido. Le_OrderFinalize não encontrado. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Erro ao criar novo pedido :: muitas autorizações falhadas recentemente: veja https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}
[Qui 26 Dez 2019 09:28:27 AM UTC] Verifique o arquivo de log para mais detalhes: /shared/letsencrypt/acme.sh.log
[Qui 26 Dez 2019 09:28:28 AM UTC] Instalando chave em:/shared/ssl/bbs.antivte.com.key
[Qui 26 Dez 2019 09:28:28 AM UTC] Instalando cadeia completa em:/shared/ssl/bbs.antivte.com.cer
cat: /shared/letsencrypt/bbs.antivte.com/fullchain.cer: Arquivo ou diretório não encontrado
[Qui 26 Dez 2019 09:28:29 AM UTC] Domínio único='bbs.antivte.com'
[Qui 26 Dez 2019 09:28:29 AM UTC] Obtendo token de autenticação de domínio para cada domínio
[Qui 26 Dez 2019 09:28:31 AM UTC] Erro ao criar novo pedido. Le_OrderFinalize não encontrado. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Erro ao criar novo pedido :: muitas autorizações falhadas recentemente: veja https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}
[Qui 26 Dez 2019 09:28:31 AM UTC] Verifique o arquivo de log para mais detalhes: /shared/letsencrypt/acme.sh.log
Erro ao carregar o arquivo ca.cer
[Qui 26 Dez 2019 09:28:32 AM UTC] Domínio único='bbs.antivte.com'
[Qui 26 Dez 2019 09:28:33 AM UTC] Obtendo token de autenticação de domínio para cada domínio
[Qui 26 Dez 2019 09:28:35 AM UTC] Erro ao criar novo pedido. Le_OrderFinalize não encontrado. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Erro ao criar novo pedido :: muitas autorizações falhadas recentemente: veja https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}
[Qui 26 Dez 2019 09:28:35 AM UTC] Verifique o arquivo de log para mais detalhes: /shared/letsencrypt/acme.sh.log
[Qui 26 Dez 2019 09:28:35 AM UTC] Instalando chave em:/shared/ssl/bbs.antivte.com_ecc.key
[Qui 26 Dez 2019 09:28:35 AM UTC] Instalando cadeia completa em:/shared/ssl/bbs.antivte.com_ecc.cer
cat: /shared/letsencrypt/bbs.antivte.com_ecc/fullchain.cer: Arquivo ou diretório não encontrado
Erro ao carregar o arquivo ca.cer
Erro ao carregar o arquivo ca.cer
runsvdir iniciado, PID é 2031
ok: run: redis: (pid 2045) 0s
chgrp: grupo inválido: 'syslog'
ok: run: postgres: (pid 2039) 0s
nginx: [emerg] não foi possível carregar certificado "/shared/ssl/bbs.antivte.com.cer": PEM_read_bio_X509_AUX() falhou (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
rsyslogd: imklog: não foi possível abrir log do kernel (/proc/kmsg): Operação não permitida.
rsyslogd: falha na ativação do módulo imklog [v8.1901.0 tente https://www.rsyslog.com/e/2145 ]
supervisor pid: 2040 unicorn pid: 2066
nginx: [emerg] não foi possível carregar certificado "/shared/ssl/bbs.antivte.com.cer": PEM_read_bio_X509_AUX() falhou (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: [emerg] não foi possível carregar certificado "/shared/ssl/bbs.antivte.com.cer": PEM_read_bio_X509_AUX() falhou (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: [emerg] não foi possível carregar certificado "/shared/ssl/bbs.antivte.com.cer": PEM_read_bio_X509_AUX() falhou (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: [emerg] não foi possível carregar certificado "/shared/ssl/bbs.antivte.com.cer": PEM_read_bio_X509_AUX() falhou (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: [emerg] não foi possível carregar certificado "/shared/ssl/bbs.antivte.com.cer": PEM_read_bio_X509_AUX() falhou (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: [emerg] não foi possível carregar certificado "/shared/ssl/bbs.antivte.com.cer": PEM_read_bio_X509_AUX() falhou (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)

danb35 · Dezembro 26, 2019, 1:54pm

OK, este é o limite de taxa para autorizações falhadas, que é de cinco falhas por nome de host, por conta, por hora. Como o trecho do log que você postou tem quase quatro horas, ele já foi redefinido. O problema é por que as validações estão falhando, e aqui está a parte relevante do log que você postou no seu OP:

[Qui 26 Dez 2019 04:52:51 UTC] original='{
  "type": "http-01",
  "status": "invalid",
  "error": {
    "type": "urn:ietf:params:acme:error:unauthorized",
    "detail": "Resposta inválida de https://bbs.antivte.com/.well-known/acme-challenge/IwOr1RVa3fenfKBxQH6Kq7x2zh8T4zWgyfImWOWzJ-M [2606:4700:30::681b:b071]: \"\u003c!DOCTYPE html\u003e\\n\u003c!--[if lt IE 7]\u003e \u003chtml class=\\\"no-js ie6 oldie\\\" lang=\\\"en-US\\\"\u003e \u003c![endif]--\u003e\\n\u003c!--[if IE 7]\u003e    \u003chtml class=\\\"no-js \"",
    "status": 403
  },

Seu servidor (ou o Cloudflare) está retornando 403 para a solicitação de validação. Sugiro primeiro desativar o Cloudflare para este domínio e tentar novamente.

Os limites de taxa podem ser confusos, mas estão bem documentados aqui:

wanghaisheng · Dezembro 26, 2019, 5:03pm

O que você quer dizer com desativar? Devo usar outro gerenciador de DNS?

danb35 · Dezembro 26, 2019, 5:20pm

Exatamente o que eu disse: desative tudo relacionado ao “Cloudflare”. Na página de DNS, a nuvem deve estar cinza, não laranja. Não há motivo para mudar os servidores DNS.

wanghaisheng · Dezembro 26, 2019, 5:26pm

mas sem a configuração de DNS, o domínio pode apontar para meu servidor executando o container do Discourse

danb35 · Dezembro 26, 2019, 5:28pm

Sim, é exatamente para onde ele deve apontar.

wanghaisheng · Dezembro 26, 2019, 5:30pm

de qualquer forma, preciso de outro serviço de gerenciamento de DNS como o DNSPod.

danb35 · Dezembro 26, 2019, 5:54pm

Isso é uma pergunta ou uma afirmação? Se for uma pergunta, não, não há motivo para você precisar de um servidor DNS diferente, certamente não por qualquer motivo relacionado ao Discourse.

wanghaisheng · Dezembro 26, 2019, 6:02pm

FYI, descobri que posso apontar para o servidor através do DigitalOcean.

Tópico		Respostas	Visualizações
Let's Encrypt renewal errors Self-hosting	11	1904	22 de Fevereiro de 2020
No connection accepted on http / https after fresh installation on Ubuntu 22.04 LTS Self-hosting	5	2402	16 de Dezembro de 2022
Problems with INSTALL-cloud.md directions Self-hosting	50	6421	8 de Junho de 2024
Let's encrypt auto renewal and ipv6 Support	6	1007	1 de Julho de 2020
Seeking help for discourse installation Self-hosting	20	1649	15 de Março de 2023

Instalação nova com erros do Let’s Encrypt

Tópicos relacionados