Join Log in
Score:0
Anton Patsev avatar Server

How correctly generate certificate by project localtls?

in flag
Anton Patsev

How correctly generate certificate by project https://github.com/Corollarium/localtls ?

Run dnsserver.py

python3 dnsserver.py --domain yourdomain.net --soa-master=ns1.yourdomain.net [email protected] --ns-servers=ns1.yourdomain.net,ns2.yourdomain.net --log-level ERROR --http-port 80 --http-index /somewhere/index.html
12:12:47: starting DNS server on 10.128.0.20/ on port 53, upstream DNS server "1.1.1.1"
12:12:47: Starting httpd...
Saving debug log to /var/log/letsencrypt/letsencrypt.log
12:12:47: Cannot find wildcard certificate. Run certbotdns.py now and then restart this. Meanwhile HTTP will not work.

Run python3 certbotdns.py wildcard 10.128.0.20.yourdomain.net [email protected]

python3 certbotdns.py wildcard 10.128.0.20.yourdomain.net [email protected]
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for 10.128.0.20.yourdomain.net
Running manual-auth-hook command: python3 /root/localtls/certbotdns.py deploy
Output from manual-auth-hook command python3:
_acme-challenge.10.128.0.20.yourdomain.net

Waiting for verification...
Challenge failed for domain 10.128.0.20.yourdomain.net
dns-01 challenge for 10.128.0.20.yourdomain.net
Cleaning up challenges
Running manual-cleanup-hook command: python3 /root/localtls/certbotdns.py cleanup
Some challenges have failed.

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: 10.128.0.20.yourdomain.net
   Type:   dns
   Detail: DNS problem: NXDOMAIN looking up TXT for
   _acme-challenge.10.128.0.20.yourdomain.net - check that a DNS
   record exists for this domain
None
None

Run python3 certbotdns.py wildcard yourdomain.net [email protected]

python3 certbotdns.py wildcard yourdomain.net [email protected]
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for yourdomain.net
Running manual-auth-hook command: python3 /root/localtls/certbotdns.py deploy
Output from manual-auth-hook command python3:
_acme-challenge.yourdomain.net

Waiting for verification...
Challenge failed for domain yourdomain.net
dns-01 challenge for yourdomain.net
Cleaning up challenges
Running manual-cleanup-hook command: python3 /root/localtls/certbotdns.py cleanup
Some challenges have failed.

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: yourdomain.net
   Type:   dns
   Detail: DNS problem: NXDOMAIN looking up TXT for
   _acme-challenge.yourdomain.net - check that a DNS record exists for
   this domain
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
None
None

cat /var/log/letsencrypt/letsencrypt.log

2021-07-15 12:17:18,809:DEBUG:certbot.main:certbot version: 0.40.0
2021-07-15 12:17:18,809:DEBUG:certbot.main:Arguments: ['--noninteractive', '--agree-tos', '--email', '[email protected]', '--manual', '--preferred-challenges=dns', '--manual-public-ip-logging-ok', '--manual-auth-hook', 'python3 /root/localtls/certbotdns.py deploy', '--manual-cleanup-hook', 'python3 /root/localtls/certbotdns.py cleanup', '-d', '*.10.128.0.20.yourdomain.net']
2021-07-15 12:17:18,809:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2021-07-15 12:17:18,815:DEBUG:certbot.log:Root logging level set at 20
2021-07-15 12:17:18,815:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2021-07-15 12:17:18,816:DEBUG:certbot.plugins.selection:Requested authenticator manual and installer None
2021-07-15 12:17:18,816:DEBUG:certbot.plugins.selection:Single candidate plugin: * manual
Description: Manual configuration or run your own shell scripts
Interfaces: IAuthenticator, IPlugin
Entry point: manual = certbot.plugins.manual:Authenticator
Initialized: <certbot.plugins.manual.Authenticator object at 0x7ff1b3515b80>
Prep: True
2021-07-15 12:17:18,817:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.manual.Authenticator object at 0x7ff1b3515b80> and installer None
2021-07-15 12:17:18,817:INFO:certbot.plugins.selection:Plugins selected: Authenticator manual, Installer None
2021-07-15 12:17:18,819:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/130687661', new_authzr_uri=None, terms_of_service=None), 6439102b194ec0e68f3614050ef16266, Meta(creation_dt=datetime.datetime(2021, 7, 15, 12, 8, 58, tzinfo=<UTC>), creation_host='localhost'))>
2021-07-15 12:17:18,819:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2021-07-15 12:17:18,820:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2021-07-15 12:17:19,454:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
2021-07-15 12:17:19,454:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 15 Jul 2021 12:17:19 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "7ze8_jIGrbk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2021-07-15 12:17:19,455:INFO:certbot.main:Obtaining a new certificate
2021-07-15 12:17:19,533:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0005_key-certbot.pem
2021-07-15 12:17:19,535:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0005_csr-certbot.pem
2021-07-15 12:17:19,536:DEBUG:acme.client:Requesting fresh nonce
2021-07-15 12:17:19,536:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2021-07-15 12:17:19,692:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2021-07-15 12:17:19,692:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 15 Jul 2021 12:17:19 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 01027bBVN5WDeZpizkLAGJ-TU5tZ4IdGMDmKlYxnPMjKZjA
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2021-07-15 12:17:19,692:DEBUG:acme.client:Storing nonce: 01027bBVN5WDeZpizkLAGJ-TU5tZ4IdGMDmKlYxnPMjKZjA
2021-07-15 12:17:19,693:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "*.10.128.0.20.yourdomain.net"\n    }\n  ]\n}'
2021-07-15 12:17:19,694:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTMwNjg3NjYxIiwgIm5vbmNlIjogIjAxMDI3YkJWTjVXRGVacGl6a0xBR0otVFU1dFo0SWRHTURtS2xZeG5QTWpLWmpBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
  "signature": "FeiGKN-j-X_VZYeTxGKRgZyyuhJfP2zeopROjQszKwtkkodu6M2aaTu_sEnssp-28Ad0Y94p9YyoSbqFoA45y4McRf-KE-7DEeetshZhJq63K2al-unfyF0zcKAxqcgvHAtLv28SjHRmCzFimV91FD-93OzksmbOXksKlijmNFhWPgK_4gI6F7SZ4u23AfMzRC4Z2UFa679hngQwIYIZ9kJz1jPXCuLm53YuGMQwQHZDW-0nlo9K2YTT2FK29wzM0Sm4qH9IC8Fz7mIXb8GEJ91U_s-BEh1t321Rt1vNbzb9lxysBdo2EmYhcXR7ENT42UC3j1tKQH_f3FEhDppRrQ",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIiouMTAuMTI4LjAuMjAueW91cmRvbWFpbi5uZXQiCiAgICB9CiAgXQp9"
}
2021-07-15 12:17:20,036:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 351
2021-07-15 12:17:20,036:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Thu, 15 Jul 2021 12:17:19 GMT
Content-Type: application/json
Content-Length: 351
Connection: keep-alive
Boulder-Requester: 130687661
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/130687661/11093878505
Replay-Nonce: 0102PVAWzO6fdI-avHs2w8h5kpLwy-ry33EvAURV0ec6fK8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "pending",
  "expires": "2021-07-22T12:17:19Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "*.10.128.0.20.yourdomain.net"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/14836301534"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/130687661/11093878505"
}
2021-07-15 12:17:20,038:DEBUG:acme.client:Storing nonce: 0102PVAWzO6fdI-avHs2w8h5kpLwy-ry33EvAURV0ec6fK8
2021-07-15 12:17:20,038:DEBUG:acme.client:JWS payload:
b''
2021-07-15 12:17:20,040:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/14836301534:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTMwNjg3NjYxIiwgIm5vbmNlIjogIjAxMDJQVkFXek82ZmRJLWF2SHMydzhoNWtwTHd5LXJ5MzNFdkFVUlYwZWM2Zks4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDgzNjMwMTUzNCJ9",
  "signature": "GwMw8_KAmv3p6m9YnxHGA4vyEQA_s1UZgj_4Uhis-wpazLPsmt3FBYc8WagPNKvcRWbym8HuHokA6tZ-1zGBdeIj7Rugkp-rANfXlHnv27uXmFc9aKyK8pmp_dm-d3hB5Br6VElSOW4w2CftjQFB7GviuMZa-_F0TrBkZsdKcYeA7k3Ux03RhPw30YEAsY9W-h0yk_RTz6ljPGdHnJGMuGJK5sXU3fiQ8LfcEpHtb6p3lnuq3ZpmJt3xZr-izLRwLUu-EtHmbs3fiBzCPPnh9PRxSa12-MI9sCkJxWsHlBhPInhPFq3ZhGK08IVze1rlR0kIr7ks9TRVhByJi-Q7DQ",
  "payload": ""
}
2021-07-15 12:17:20,240:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/14836301534 HTTP/1.1" 200 399
2021-07-15 12:17:20,240:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 15 Jul 2021 12:17:20 GMT
Content-Type: application/json
Content-Length: 399
Connection: keep-alive
Boulder-Requester: 130687661
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0102-r9ZGsiYTbA2bP5UIEnrArG7hPo2SyQGK2g0QCxqk3w
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "10.128.0.20.yourdomain.net"
  },
  "status": "pending",
  "expires": "2021-07-22T12:17:19Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/14836301534/Ug2DDw",
      "token": "jRFstmrLmjBUh1LbjHp7WSlieWmC_5FXVQleY6o1nW4"
    }
  ],
  "wildcard": true
}
2021-07-15 12:17:20,241:DEBUG:acme.client:Storing nonce: 0102-r9ZGsiYTbA2bP5UIEnrArG7hPo2SyQGK2g0QCxqk3w
2021-07-15 12:17:20,241:INFO:certbot.auth_handler:Performing the following challenges:
2021-07-15 12:17:20,241:INFO:certbot.auth_handler:dns-01 challenge for 10.128.0.20.yourdomain.net
2021-07-15 12:17:20,242:INFO:certbot.hooks:Running manual-auth-hook command: python3 /root/localtls/certbotdns.py deploy
2021-07-15 12:17:20,286:INFO:certbot.hooks:Output from manual-auth-hook command python3:
_acme-challenge.10.128.0.20.yourdomain.net

2021-07-15 12:17:20,287:INFO:certbot.auth_handler:Waiting for verification...
2021-07-15 12:17:20,288:DEBUG:acme.client:JWS payload:
b'{\n  "resource": "challenge",\n  "type": "dns-01"\n}'
2021-07-15 12:17:20,289:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/14836301534/Ug2DDw:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTMwNjg3NjYxIiwgIm5vbmNlIjogIjAxMDItcjlaR3NpWVRiQTJiUDVVSUVuckFyRzdoUG8yU3lRR0syZzBRQ3hxazN3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8xNDgzNjMwMTUzNC9VZzJERHcifQ",
  "signature": "AqvdAXbEiLJPnm5x6_g_gRNT2I1UgngtmEnUf_YRZ9F873ODh00ZVo6CdXPs3rpBTlaiOMSmAk1ph6qY1bR1EqGXZcrY4t5Bd8PPgqWIA9Bg5Vq3EYGUyhzTqlbxu0UJ48RMTQ1JFmzuv2PDo9W47P-pr33ZrWE5tr9t2TMtMtY41OuqSUNASHWzcfAgSbvwQESgTFj9LZ5r8Quzj4Jpa7yEZtkDPsWBBHL4q8TaQ-yDAlXqtglbQh7-R-Pa_yr3GmdnlTvwVdUbUZC1E4H4jw5lWldmGfdQwuoUmnkq308NreZlDGXAwPfOwXaVNBTP6xgOM4pwMPvyPyjGbwFmXQ",
  "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImRucy0wMSIKfQ"
}
2021-07-15 12:17:20,498:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/14836301534/Ug2DDw HTTP/1.1" 200 185
2021-07-15 12:17:20,499:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 15 Jul 2021 12:17:20 GMT
Content-Type: application/json
Content-Length: 185
Connection: keep-alive
Boulder-Requester: 130687661
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/14836301534>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/14836301534/Ug2DDw
Replay-Nonce: 0102COQryNwPHH-FuEIUaF9WNVvgWFFILwC3G6xAx6oyzec
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "dns-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/14836301534/Ug2DDw",
  "token": "jRFstmrLmjBUh1LbjHp7WSlieWmC_5FXVQleY6o1nW4"
}
2021-07-15 12:17:20,499:DEBUG:acme.client:Storing nonce: 0102COQryNwPHH-FuEIUaF9WNVvgWFFILwC3G6xAx6oyzec
2021-07-15 12:17:21,501:DEBUG:acme.client:JWS payload:
b''
2021-07-15 12:17:21,502:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/14836301534:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTMwNjg3NjYxIiwgIm5vbmNlIjogIjAxMDJDT1FyeU53UEhILUZ1RUlVYUY5V05WdmdXRkZJTHdDM0c2eEF4Nm95emVjIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDgzNjMwMTUzNCJ9",
  "signature": "IYFePWKtNBCj_POrkZ3PPnSb3E-re1BipC2nRmSZzKRHHDIBJX--DOMQRtYE62rb_SxKwOcIKUWvX3qWN05kEmYiXjWEk5XH0oj6ZQhtJUB7wol6_V0moHQ-mMdfkMr_WJom4NrUQj_k8KGNW4nif7eSIeRtt8M4DlyRjd13u-23xf1JMjb-fgvNepMqbxVSWqZL3VbXvBjgqHstluoZDSxfnOwi1EdG3cE7hPZwQKUGmVyWdRMd7HzlnXdWs5CKcOQ-nz_C3hXtcOo2LGmQIYlWFQk--EgEw6GfnPtBWhZuYfFX5REz5EKLrw3qcfT6u2R8mAcKqRLzwQQL3NzgEg",
  "payload": ""
}
2021-07-15 12:17:21,708:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/14836301534 HTTP/1.1" 200 694
2021-07-15 12:17:21,708:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 15 Jul 2021 12:17:21 GMT
Content-Type: application/json
Content-Length: 694
Connection: keep-alive
Boulder-Requester: 130687661
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0102GGYr1RrT1oew0rcdfZ4reh2WLHiFRr5XWJKy19x2iDk
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "10.128.0.20.yourdomain.net"
  },
  "status": "invalid",
  "expires": "2021-07-22T12:17:19Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:dns",
        "detail": "DNS problem: NXDOMAIN looking up TXT for _acme-challenge.10.128.0.20.yourdomain.net - check that a DNS record exists for this domain",
        "status": 400
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/14836301534/Ug2DDw",
      "token": "jRFstmrLmjBUh1LbjHp7WSlieWmC_5FXVQleY6o1nW4",
      "validated": "2021-07-15T12:17:20Z"
    }
  ],
  "wildcard": true
}
2021-07-15 12:17:21,709:DEBUG:acme.client:Storing nonce: 0102GGYr1RrT1oew0rcdfZ4reh2WLHiFRr5XWJKy19x2iDk
2021-07-15 12:17:21,709:WARNING:certbot.auth_handler:Challenge failed for domain 10.128.0.20.yourdomain.net
2021-07-15 12:17:21,709:INFO:certbot.auth_handler:dns-01 challenge for 10.128.0.20.yourdomain.net
2021-07-15 12:17:21,709:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:

Domain: 10.128.0.20.yourdomain.net
Type:   dns
Detail: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.10.128.0.20.yourdomain.net - check that a DNS record exists for this domain
2021-07-15 12:17:21,710:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 91, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 180, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

2021-07-15 12:17:21,710:DEBUG:certbot.error_handler:Calling registered functions
2021-07-15 12:17:21,710:INFO:certbot.auth_handler:Cleaning up challenges
2021-07-15 12:17:21,710:INFO:certbot.hooks:Running manual-cleanup-hook command: python3 /root/localtls/certbotdns.py cleanup
2021-07-15 12:17:21,753:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/certbot", line 11, in <module>
    load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')()
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main
    return config.func(config, plugins)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1265, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 121, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  File "/usr/lib/python3/dist-packages/certbot/client.py", line 417, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
  File "/usr/lib/python3/dist-packages/certbot/client.py", line 348, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/usr/lib/python3/dist-packages/certbot/client.py", line 396, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 91, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 180, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
66
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.