From 4020cd98bb2aed87c6f039a6c1358aa1faac87bd Mon Sep 17 00:00:00 2001 From: Kelton Temby Date: Thu, 20 Dec 2018 12:02:21 -0800 Subject: [PATCH] cleaned up domain references --- How-to-debug-acme.sh.md | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/How-to-debug-acme.sh.md b/How-to-debug-acme.sh.md index 9f49a71..52797a9 100644 --- a/How-to-debug-acme.sh.md +++ b/How-to-debug-acme.sh.md @@ -16,11 +16,13 @@ acme.sh --issue .......... --debug 2 ### Common Root Cause of issue: #### Port 80 is blocked If your ISP blocks port 80, any webroot based authentication will fail -You can test this by running this command: curl -IkL -m20 http:// from OUTSIDE your local network. +You can test this by running this command from OUTSIDE your local network. + +`curl -IkL -m20 http://[your domain]` ### Common Errors using DNS API: -#### Mistake 1: Clumsy fingers - newline in ~/.acme.sh/account.conf -If you type in the api key or private key and accidentally put in a newline or a typo, check and ensure the keys look right in ~/.acme.sh/account.conf +#### Mistake 1: Clumsy fingers - newline in `~/.acme.sh/account.conf` +If you type in the api key or private key and accidentally put in a newline or a typo, check and ensure the keys look right in `~/.acme.sh/account.conf` #### I still see my old keys (when moving from letsencrypt bot to .acme.sh) Needed step - point nginx configuration to new acme based keys @@ -29,13 +31,13 @@ You may need to comment out the previous keys from the letsencrypt bot, and poin > `# RSA certificate` > -> #ssl_certificate /etc/letsencrypt/live//fullchain.pem; # managed by Certbot +> #ssl_certificate /etc/letsencrypt/live/[your domain]/fullchain.pem; # managed by Certbot > -> #ssl_certificate_key /etc/letsencrypt/live//privkey.pem; # managed by Certbot +> #ssl_certificate_key /etc/letsencrypt/live/[your domain]/privkey.pem; # managed by Certbot > -> ssl_certificate /.acme.sh//fullchain.cer; +> ssl_certificate [your home directory]/.acme.sh/[your domain]/fullchain.cer; > -> ssl_certificate_key /.acme.sh//.key; +> ssl_certificate_key [your home directory]/.acme.sh//[your domain].key; -#### Do I need to include the webroot `-w ` for DNS? +#### Do I need to include the webroot `-w [your webroot]` for DNS? No! You'll end up back failing the port 80 access to your webroot folder if that was your issue. \ No newline at end of file