icramc
Reputation: 248
Request to issue SSL certificate with acme.sh times out
I am running an nginx web server on Debian 8 on DigitalOcean. I generated a SSL certificate with certbot several years ago. Recently, the certificate had expired and cannot be renewed due to discontinued support for ACME-v1. I cannot update certbot to latest version on Debian 8 to use ACME-v2 and I cannot upgrade Debian to 9 or 10 at the moment.
All this is to say that I chose to use acme.sh client to issue and install a new certificate as it is supported for my current environment.
The issue is when I try the below command to issue the certificate, I get multiple "Processing" lines and then the request times out. When use the --debug flag I get a bit more details as shown below but still cannot tell what is timing out and why. Any help in understanding and resolving this issue is much appreciated.
# acme.sh --issue --nginx -d domain.com -d www.domain.com
[Mon Jul 26 23:23:09 UTC 2021] Using CA: https://acme.zerossl.com/v2/DV90
[Mon Jul 26 23:23:09 UTC 2021] Multi domain='DNS:domain.com,DNS:www.domain.com'
[Mon Jul 26 23:23:09 UTC 2021] Getting domain auth token for each domain
[Mon Jul 26 23:23:11 UTC 2021] Getting webroot for domain='domain.com'
[Mon Jul 26 23:23:11 UTC 2021] Getting webroot for domain='www.domain.com'
[Mon Jul 26 23:23:11 UTC 2021] Verifying: domain.com
[Mon Jul 26 23:23:11 UTC 2021] Nginx mode for domain:domain.com
[Mon Jul 26 23:23:11 UTC 2021] Found conf file: /etc/nginx/sites-enabled/domain.com
[Mon Jul 26 23:23:11 UTC 2021] Backup /etc/nginx/sites-enabled/domain.com to /root/.acme.sh/domain.com/backup/domain.com.nginx.conf
[Mon Jul 26 23:23:11 UTC 2021] Check the nginx conf before setting up.
[Mon Jul 26 23:23:11 UTC 2021] OK, Set up nginx config file
[Mon Jul 26 23:23:11 UTC 2021] nginx conf is done, let's check it again.
[Mon Jul 26 23:23:11 UTC 2021] Reload nginx
[Mon Jul 26 23:23:16 UTC 2021] Processing
[Mon Jul 26 23:23:19 UTC 2021] Processing
[Mon Jul 26 23:23:22 UTC 2021] Processing
[Mon Jul 26 23:23:24 UTC 2021] Processing
[Mon Jul 26 23:23:27 UTC 2021] Processing
[Mon Jul 26 23:23:30 UTC 2021] Processing
[Mon Jul 26 23:23:32 UTC 2021] Processing
[Mon Jul 26 23:23:35 UTC 2021] Processing
[Mon Jul 26 23:23:37 UTC 2021] Processing
[Mon Jul 26 23:23:40 UTC 2021] Processing
[Mon Jul 26 23:23:42 UTC 2021] Processing
[Mon Jul 26 23:23:45 UTC 2021] Processing
[Mon Jul 26 23:23:48 UTC 2021] Processing
[Mon Jul 26 23:23:50 UTC 2021] Processing
[Mon Jul 26 23:23:53 UTC 2021] Processing
[Mon Jul 26 23:23:56 UTC 2021] Processing
[Mon Jul 26 23:23:58 UTC 2021] Processing
[Mon Jul 26 23:24:01 UTC 2021] Processing
[Mon Jul 26 23:24:04 UTC 2021] Processing
[Mon Jul 26 23:24:07 UTC 2021] Processing
[Mon Jul 26 23:24:09 UTC 2021] Processing
[Mon Jul 26 23:24:12 UTC 2021] Processing
[Mon Jul 26 23:24:14 UTC 2021] Processing
[Mon Jul 26 23:24:17 UTC 2021] Processing
[Mon Jul 26 23:24:20 UTC 2021] Processing
[Mon Jul 26 23:24:22 UTC 2021] Processing
[Mon Jul 26 23:24:25 UTC 2021] Processing
[Mon Jul 26 23:24:27 UTC 2021] Processing
[Mon Jul 26 23:24:30 UTC 2021] Processing
[Mon Jul 26 23:24:30 UTC 2021] domain.com:Timeout
[Mon Jul 26 23:24:30 UTC 2021] Restoring from /root/.acme.sh/domain.com/backup/domain.com.nginx.conf to /etc/nginx/sites-enabled/domain.com
[Mon Jul 26 23:24:30 UTC 2021] Reload nginx
[Mon Jul 26 23:24:30 UTC 2021] Please add '--debug' or '--log' to check more details.
[Mon Jul 26 23:24:30 UTC 2021] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
"Processing" lines from the --debug version
[Mon Jul 26 22:54:30 UTC 2021] Processing
[Mon Jul 26 22:54:30 UTC 2021] sleep 2 secs to verify
[Mon Jul 26 22:54:32 UTC 2021] checking
[Mon Jul 26 22:54:32 UTC 2021] url='https://acme.zerossl.com/v2/DV90/chall/3ueaYuL2TLgvqk2DPubxxx'
[Mon Jul 26 22:54:32 UTC 2021] payload
[Mon Jul 26 22:54:32 UTC 2021] POST
[Mon Jul 26 22:54:32 UTC 2021] _post_url='https://acme.zerossl.com/v2/DV90/chall/3ueaYuL2TLgvqk2DPubxxx'
[Mon Jul 26 22:54:32 UTC 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '
[Mon Jul 26 22:54:33 UTC 2021] _ret='0'
[Mon Jul 26 22:54:33 UTC 2021] code='200'
Upvotes: 2
Views: 1845
Answers (0)
Related Questions
- issue with certbot to generate a ssl certificate
- Using certbot to apply Let's Encrypt Certificate: Failed authorization procedure
- certbot cannot verify domain and connection refused
- Certbot acme challenge
- Unable to use acme.sh with tls-alpn-01 to renew or issue a certificate
- Certbot not creating .well-known/acme-challenges file
- Apache HTTPS Certbot LetsEncrypt issue
- Certbot /.well-known/acme-challenge
- Certbot having problems finding my ACME challenge on nodejs web application
- letsencrypt certbot timeout error