acme.sh icon indicating copy to clipboard operation
acme.sh copied to clipboard
verified publisher icon acmesh-official

ACME Error add txt for domain

Open jasonbohan opened this issue 9 months ago • 7 comments

Loading ACME account details Placing ACME order Order URL: https://acme-v02.api.letsencrypt.org/acme/order/2259718345/362125699506

Getting authorization details from 'https://acme-v02.api.letsencrypt.org/acme/authz/2259718345/487639047236' The validation for yun.iteait.com is pending! [Mon Mar 10 21:10:54 CST 2025] Error add txt for domain:_acme-challenge.yun.iteait.com TASK ERROR: command 'setpriv --reuid nobody --regid nogroup --clear-groups --reset-env -- /bin/bash /usr/share/proxmox-acme/proxmox-acme setup ali yun.iteait.com' failed: exit code 1

find the logs: Mar 10 21:33:51 huian pvedaemon[106637]: root@pam starting task UPID:huian:000D08EF:014D8EF7:67CEEA3F:acmenewcert::root@pam: Mar 10 21:33:59 huian pvedaemon[854255]: command 'setpriv --reuid nobody --regid nogroup --clear-groups --reset-env -- /bin/bash /usr/share/proxmox-acme/proxmox-acme setup ali yun.iteait.com' failed: exit code 1 Mar 10 21:33:59 huian pvedaemon[106637]: root@pam end task UPID:huian:000D08EF:014D8EF7:67CEEA3F:acmenewcert::root@pam: command 'setpriv --reuid nobody --regid nogroup --clear-groups --reset-env -- /bin/bash /usr/share/proxmox-acme/proxmox-acme setup ali yun.iteait.com' failed: exit code 1

I use the dnsapi_ali, and I can confirmed the ali_key and ali_secret was correct. On annother PVE,the dnsapi_ali was running correct.

Like this: Feb 26 02:53:29 pve pveupdate[3328086]: Loading ACME account details Feb 26 02:53:29 pve pveupdate[3328086]: Placing ACME order Feb 26 02:53:33 pve pveupdate[3328086]: Order URL: https://acme-v02.api.letsencrypt.org/acme/order/1697758457/357955434525 Feb 26 02:53:33 pve pveupdate[3328086]: Getting authorization details from 'https://acme-v02.api.letsencrypt.org/acme/authz/1697758457/481408892105' Feb 26 02:53:35 pve pveupdate[3328086]: The validation for 9168.cloud is pending! Feb 26 02:53:37 pve pveupdate[3328086]: Add TXT record: _acme-challenge.9168.cloud Feb 26 02:53:37 pve pveupdate[3328086]: Sleeping 30 seconds to wait for TXT record propagation Feb 26 02:54:07 pve pveupdate[3328086]: Triggering validation Feb 26 02:54:08 pve pveupdate[3328086]: Sleeping for 5 seconds Feb 26 02:54:15 pve pveupdate[3328086]: Status is 'valid', domain '9168.cloud' OK! Feb 26 02:54:22 pve pveupdate[3328086]: Remove TXT record: _acme-challenge.9168.cloud Feb 26 02:54:22 pve pveupdate[3328086]: All domains validated! Feb 26 02:54:22 pve pveupdate[3328086]: Creating CSR Feb 26 02:54:25 pve pveupdate[3328086]: Checking order status Feb 26 02:54:26 pve pveupdate[3328086]: Order is ready, finalizing order Feb 26 02:54:35 pve pveupdate[3328086]: valid! Feb 26 02:54:35 pve pveupdate[3328086]: Downloading certificate Feb 26 02:54:37 pve pveupdate[3328086]: Setting pveproxy certificate and key Feb 26 02:54:37 pve pveupdate[3328086]: Restarting pveproxy

jasonbohan avatar Mar 14 '25 08:03 jasonbohan

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.

github-actions[bot] avatar Mar 14 '25 08:03 github-actions[bot]

me too!

I reverted /usr/share/proxmox-acme/dnsapi/dns_ali.sh to 6b7b5caf54ea0b45508e158db3748d00f48672f2

zqq90 avatar Apr 20 '25 04:04 zqq90

Same here, it was fine after the rollback.

AlliotTech avatar May 06 '25 14:05 AlliotTech

Same problem here. Reverting /usr/share/proxmox-acme/dnsapi/dns_ali.sh solved it for me.

WXZhao7 avatar May 13 '25 07:05 WXZhao7

Same kind of problem but with gandi_livedns

jlecordier avatar Jul 17 '25 19:07 jlecordier

solved by adding DuckDNS_Token=token, without adding quotes

haithamkhalifa avatar Aug 03 '25 00:08 haithamkhalifa

Same kind of problem but with gandi_livedns

Solved by removing quotes as well

jlecordier avatar Aug 18 '25 09:08 jlecordier