Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

泛域名证书部署七牛云失败 {"code":612,"error":"no such domain"} #5324

Open
lssdo12 opened this issue Oct 12, 2024 · 1 comment
Open

Comments

@lssdo12
Copy link

lssdo12 commented Oct 12, 2024

Steps to reproduce
我有2个七牛云的 CDN 域名 qiniu.example.com,qiniu2.example.com 使用以下几种命令生成的泛域名证书都部署失败(可以上传,无法部署)

acme.sh --issue --dns dns_dp -d example.com -d *.example.com
acme.sh --issue --dns dns_dp -d *.example.com -d example.com

尝试过的变量有:

export QINIU_CDN_DOMAIN=".example.com"
export QINIU_CDN_DOMAIN=".qiniu.example.com"
export QINIU_CDN_DOMAIN=".qiniu2.example.com"
export QINIU_CDN_DOMAIN=".qiniu.example.com .qiniu2.example.com"

尝试过的部署命令

acme.sh --deploy -d example.com --deploy-hook qiniu
acme.sh --deploy -d *.example.com --deploy-hook qiniu

报错信息:

[Sat Oct 12 15:33:21 CST 2024] Error in updating domain .qiniu.example.com httpsconf:
[Sat Oct 12 15:33:21 CST 2024] {"code":612,"error":"no such domain"}
[Sat Oct 12 15:33:21 CST 2024] Error deploying for domain: example.com
[Sat Oct 12 15:33:21 CST 2024] Error encountered while deploying.

奇怪的是指定变量是export QINIU_CDN_DOMAIN=".qiniu2.example.com"时,报错信息仍然为Error in updating domain .qiniu.example.com httpsconf

只有非泛域名证书可以成功部署


Debug log

当变量为 export QINIU_CDN_DOMAIN=".qiniu.example.com" 的时候,使用 acme.sh --deploy -d example.com --deploy-hook qiniu --debug 2 命令时的输出内容如下:

~/.acme.sh # acme.sh --deploy -d example.com --deploy-hook qiniu --debug 2
[Sat Oct 12 15:33:21 CST 2024] Let's find the script directory.
[Sat Oct 12 15:33:21 CST 2024] SCRIPT='/root/.acme.sh/acme.sh'
[Sat Oct 12 15:33:21 CST 2024] _script='/root/.acme.sh/acme.sh'
[Sat Oct 12 15:33:21 CST 2024] _script_home='/root/.acme.sh'
[Sat Oct 12 15:33:21 CST 2024] Using default home: /root/.acme.sh
[Sat Oct 12 15:33:21 CST 2024] Using config home: /root/.acme.sh
[Sat Oct 12 15:33:21 CST 2024] LE_WORKING_DIR='/root/.acme.sh'
https://github.com/acmesh-official/acme.sh
v3.1.0
[Sat Oct 12 15:33:21 CST 2024] Running cmd: deploy
[Sat Oct 12 15:33:21 CST 2024] Using config home: /root/.acme.sh
[Sat Oct 12 15:33:21 CST 2024] default_acme_server
[Sat Oct 12 15:33:21 CST 2024] ACME_DIRECTORY='https://acme.zerossl.com/v2/DV90'
[Sat Oct 12 15:33:21 CST 2024] _ACME_SERVER_HOST='acme.zerossl.com'
[Sat Oct 12 15:33:21 CST 2024] _ACME_SERVER_PATH='v2/DV90'
[Sat Oct 12 15:33:21 CST 2024] The domain 'example.com' seems to already have an ECC cert, let's use it.
[Sat Oct 12 15:33:21 CST 2024] DOMAIN_PATH='/root/.acme.sh/example.com_ecc'
[Sat Oct 12 15:33:21 CST 2024] DOMAIN_CONF='/root/.acme.sh/example.com_ecc/example.com.conf'
[Sat Oct 12 15:33:21 CST 2024] _deployApi='/root/.acme.sh/deploy/qiniu.sh'
[Sat Oct 12 15:33:21 CST 2024] _cdomain='example.com'
[Sat Oct 12 15:33:21 CST 2024] _ckey='/root/.acme.sh/example.com_ecc/example.com.key'
[Sat Oct 12 15:33:21 CST 2024] _ccert='/root/.acme.sh/example.com_ecc/example.com.cer'
[Sat Oct 12 15:33:21 CST 2024] _cca='/root/.acme.sh/example.com_ecc/ca.cer'
[Sat Oct 12 15:33:21 CST 2024] _cfullchain='/root/.acme.sh/example.com_ecc/fullchain.cer'
[Sat Oct 12 15:33:21 CST 2024] sslcert_access_token='VPA4Kq4LL3-6bO7ELb8RFErRwjUwPx7vdnN0pJks:V9bCVWNyK0VLumrYwz9o7VWVufc='
[Sat Oct 12 15:33:21 CST 2024] POST
[Sat Oct 12 15:33:21 CST 2024] _post_url='https://api.qiniu.com/sslcert'
[Sat Oct 12 15:33:21 CST 2024] body='{"name":"example.com","common_name":".qiniu.example.com .qiniu2.example.com","ca":"-----BEGIN CERTIFICATE-----\nMIID/\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\n\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\n***\n**\n**\n**\n-----END CERTIFICATE-----\n","pri":"-----BEGIN EC PRIVATE KEY-----\n*************\n-----END EC PRIVATE KEY-----\n"}'
[Sat Oct 12 15:33:21 CST 2024] _postContentType='application/json'
[Sat Oct 12 15:33:21 CST 2024] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.CLgiHn -g '
[Sat Oct 12 15:33:21 CST 2024] _ret='0'
[Sat Oct 12 15:33:21 CST 2024] sslcert_response='{"code":200,"error":"","certID":"670a264109bd35461fdacfa5"}'
[Sat Oct 12 15:33:21 CST 2024] Certificate successfully uploaded, updating domain example.com
[Sat Oct 12 15:33:21 CST 2024] certId='"670a264109bd35461fdacfa5"'
[Sat Oct 12 15:33:21 CST 2024] update_access_token='VPA4Kq4LL3-6bO7ELb8RFErRwjUwPx7vdnN0pJks:R-9q6LELC7iKsHIPqY_K1gii9ks='
[Sat Oct 12 15:33:21 CST 2024] PUT
[Sat Oct 12 15:33:21 CST 2024] _post_url='https://api.qiniu.com/domain/.qiniu.example.com/httpsconf'
[Sat Oct 12 15:33:21 CST 2024] body='{"certid":"670a264109bd35461fdacfa5","forceHttps":false}'
[Sat Oct 12 15:33:21 CST 2024] _postContentType='application/json'
[Sat Oct 12 15:33:21 CST 2024] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.jpkFDD -g '
[Sat Oct 12 15:33:21 CST 2024] _ret='0'
[Sat Oct 12 15:33:21 CST 2024] Error in updating domain .qiniu.example.com httpsconf:
[Sat Oct 12 15:33:21 CST 2024] {"code":612,"error":"no such domain"}
[Sat Oct 12 15:33:21 CST 2024] Error deploying for domain: example.com
[Sat Oct 12 15:33:21 CST 2024] Error encountered while deploying.

acme.sh  --issue .....   --debug 2
Copy link

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant