github
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh
1
0
Fork 0
Code Issues Releases Wiki Activity

cleaned up domain references

master
Kelton Temby 2018-12-20 12:02:21 -08:00
parent 070ab4c16c
commit 4020cd98bb
1 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
How-to-debug-acme.sh.md

@ -16,11 +16,13 @@ acme.sh --issue .......... --debug 2
### Common Root Cause of issue: ### Common Root Cause of issue:
#### Port 80 is blocked #### Port 80 is blocked
If your ISP blocks port 80, any webroot based authentication will fail If your ISP blocks port 80, any webroot based authentication will fail
You can test this by running this command: curl -IkL -m20 http://<your domain> from OUTSIDE your local network. You can test this by running this command from OUTSIDE your local network.
`curl -IkL -m20 http://[your domain]`
### Common Errors using DNS API: ### Common Errors using DNS API:
#### Mistake 1: Clumsy fingers - newline in ~/.acme.sh/account.conf #### Mistake 1: Clumsy fingers - newline in `~/.acme.sh/account.conf`
If you type in the api key or private key and accidentally put in a newline or a typo, check and ensure the keys look right in ~/.acme.sh/account.conf If you type in the api key or private key and accidentally put in a newline or a typo, check and ensure the keys look right in `~/.acme.sh/account.conf`
#### I still see my old keys (when moving from letsencrypt bot to .acme.sh) #### I still see my old keys (when moving from letsencrypt bot to .acme.sh)
Needed step - point nginx configuration to new acme based keys Needed step - point nginx configuration to new acme based keys
@ -29,13 +31,13 @@ You may need to comment out the previous keys from the letsencrypt bot, and poin
> `# RSA certificate` > `# RSA certificate`
> >
> #ssl_certificate /etc/letsencrypt/live/<your domain>/fullchain.pem; # managed by Certbot > #ssl_certificate /etc/letsencrypt/live/[your domain]/fullchain.pem; # managed by Certbot
> >
> #ssl_certificate_key /etc/letsencrypt/live/<your domain>/privkey.pem; # managed by Certbot > #ssl_certificate_key /etc/letsencrypt/live/[your domain]/privkey.pem; # managed by Certbot
> >
> ssl_certificate <your home directory>/.acme.sh/<your domain>/fullchain.cer; > ssl_certificate [your home directory]/.acme.sh/[your domain]/fullchain.cer;
> >
> ssl_certificate_key <your home directory>/.acme.sh/<your domain>/<your domain>.key; > ssl_certificate_key [your home directory]/.acme.sh/<your domain>/[your domain].key;
#### Do I need to include the webroot `-w <my webroot>` for DNS? #### Do I need to include the webroot `-w [your webroot]` for DNS?
No! You'll end up back failing the port 80 access to your webroot folder if that was your issue. No! You'll end up back failing the port 80 access to your webroot folder if that was your issue.