Syno/Cloudflare Renewal Issue #4938
Comments
|
Please upgrade to the latest code and try again first. Maybe it's already fixed. |
|
acme v3.0.5 |
|
change to letsencrypt can solve this problem, maybe zerossl not support secondary wildcard domain now |
|
Maybe Zerossl has removed REST access for free certificates .... |
|
Thanks folks, I'll check out some of these and report back. |
|
No, it's not REST. |
|
Hi folks - ended up "manually updating" acme to 3.0.8 (i.e. moving my old acme.sh folder to a different name and installing from scratch) then re-issuing a new cert for dsm. This has created a new issue, which I'll raise, where acme.sh now defaults to creating an ecc certificate, which isn't supported by dsm. I can't see in the docs where to NOT issue ecc, but will raise another issue for this. |
|
thank you! |
Recently (within the last six weeks) I've been having failures running my automated renewal script in Synology/CloudFlare. Nothing has changed in the last couple months apart from updating my CF_TOKEN (which I've updated in account.conf)
I've double-checked my CF_TOKEN is correct, I've googled the response (assuming its from zeroSSL) but found nothing. Does anyone have any additional thoughts, please?
debug 2 below:
Tue Jan 2 20:19:09 GMT 2024] d='syno.farmerbean.dev'
[Tue Jan 2 20:19:09 GMT 2024] Getting webroot for domain='syno.farmerbean.dev'
[Tue Jan 2 20:19:09 GMT 2024] _w='dns_cf'
[Tue Jan 2 20:19:09 GMT 2024] _currentRoot='dns_cf'
[Tue Jan 2 20:19:09 GMT 2024] _is_idn_d='syno.farmerbean.dev'
[Tue Jan 2 20:19:09 GMT 2024] _idn_temp
[Tue Jan 2 20:19:09 GMT 2024] _candidates='syno.farmerbean.dev,{"identifier":{"type":"dns","value":"syno.farmerbean.dev"},"status":"invalid","expires":"2024-01-22T05:01:21Z","challenges":[{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/0NwG6nr1Zmfnbnf9TVRutw","status":"invalid","error":{},"token":"9gOyJEcBafCSyrnrz6FTnf2Tyz35CjdqV11ufGPGhWI"}]}'
[Tue Jan 2 20:19:09 GMT 2024] response='{"identifier":{"type":"dns","value":"syno.farmerbean.dev"},"status":"invalid","expires":"2024-01-22T05:01:21Z","challenges":[{"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/0NwG6nr1Zmfnbnf9TVRutw","status":"invalid","error":{},"token":"9gOyJEcBafCSyrnrz6FTnf2Tyz35CjdqV11ufGPGhWI"}]}'
[Tue Jan 2 20:19:09 GMT 2024] entry='"type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/0NwG6nr1Zmfnbnf9TVRutw","status":"invalid","error":{'
[Tue Jan 2 20:19:09 GMT 2024] token
[Tue Jan 2 20:19:09 GMT 2024] Error, can not get domain token "type":"dns-01","url":"https://acme.zerossl.com/v2/DV90/chall/0NwG6nr1Zmfnbnf9TVRutw","status":"invalid","error":{
[Tue Jan 2 20:19:09 GMT 2024] pid
The text was updated successfully, but these errors were encountered: