github
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh
1
0
Fork 0
Code Issues Releases Wiki Activity

cleaned up domain references

master
Kelton Temby 2018-12-20 12:02:21 -08:00
parent 070ab4c16c
commit 4020cd98bb
1 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
How-to-debug-acme.sh.md

@ -16,11 +16,13 @@ acme.sh --issue .......... --debug 2
### Common Root Cause of issue:
#### Port 80 is blocked
If your ISP blocks port 80, any webroot based authentication will fail
You can test this by running this command: curl -IkL -m20 http://<your domain> from OUTSIDE your local network.
You can test this by running this command from OUTSIDE your local network.
`curl -IkL -m20 http://[your domain]`
### Common Errors using DNS API:
#### Mistake 1: Clumsy fingers - newline in ~/.acme.sh/account.conf
If you type in the api key or private key and accidentally put in a newline or a typo, check and ensure the keys look right in ~/.acme.sh/account.conf
#### Mistake 1: Clumsy fingers - newline in `~/.acme.sh/account.conf`
If you type in the api key or private key and accidentally put in a newline or a typo, check and ensure the keys look right in `~/.acme.sh/account.conf`
#### I still see my old keys (when moving from letsencrypt bot to .acme.sh)
Needed step - point nginx configuration to new acme based keys
@ -29,13 +31,13 @@ You may need to comment out the previous keys from the letsencrypt bot, and poin
> `# RSA certificate`
>
> #ssl_certificate /etc/letsencrypt/live/<your domain>/fullchain.pem; # managed by Certbot
> #ssl_certificate /etc/letsencrypt/live/[your domain]/fullchain.pem; # managed by Certbot
>
> #ssl_certificate_key /etc/letsencrypt/live/<your domain>/privkey.pem; # managed by Certbot
> #ssl_certificate_key /etc/letsencrypt/live/[your domain]/privkey.pem; # managed by Certbot
>
> ssl_certificate <your home directory>/.acme.sh/<your domain>/fullchain.cer;
> ssl_certificate [your home directory]/.acme.sh/[your domain]/fullchain.cer;
>
> ssl_certificate_key <your home directory>/.acme.sh/<your domain>/<your domain>.key;
> ssl_certificate_key [your home directory]/.acme.sh/<your domain>/[your domain].key;
#### Do I need to include the webroot `-w <my webroot>` for DNS?
#### Do I need to include the webroot `-w [your webroot]` for DNS?
No! You'll end up back failing the port 80 access to your webroot folder if that was your issue.