ght-acme.sh
ght-acme.sh copied to clipboard
Published
20 hours ago •
gheift
gheift
BUG# letsencrypt.sh register
Issue while registering account ike documented. Output:
register account
unhandled response while registering account
HTTP/1.1 100 Continue
Expires: Thu, 02 Jun 2016 14:36:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: application/problem+json
Content-Length: 98
Replay-Nonce: 7FWDn2F7tB393-7umusDLD0VObciMtO6FjUUL2Rk8zE
Expires: Thu, 02 Jun 2016 14:36:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 02 Jun 2016 14:36:12 GMT
Connection: close
{
"type": "urn:acme:error:malformed",
"detail": "Invalid JWK in JWS header",
"status": 400
}
I run thoose commands:
umask 0177
openssl genrsa -out account.key 4096
umask 0022
./letsencrypt.sh register -a account.key -e [email protected]
Any Ideas what could I change?
Thanks for your work an regards Christian
I cannot reproduce your error. Can you run
sh -x ./letsencrypt.sh register -a account.key -e [email protected]
and post the output?
I'm seeing the same on OS X. Here's sh -x output:
+ trap 'rm -f "$RESP_HEADER" "$RESP_BODY" "$LAST_NONCE" "$LAST_NONCE_FETCH" "$OPENSSL_CONFIG" "$OPENSSL_IN" "$OPENSSL_OUT" "$OPENSSL_ERR" "$TMP_SERVER_CSR"' 0 2 3 9 11 13 15
++ mktemp -t le.44270.resp-header.XXXXXX
+ RESP_HEADER=/var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.resp-header.XXXXXX.OmOk4syR
++ mktemp -t le.44270.resp-body.XXXXXX
+ RESP_BODY=/var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.resp-body.XXXXXX.YUXxsCue
++ mktemp -t le.44270.nonce.XXXXXX
+ LAST_NONCE=/var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.nonce.XXXXXX.MW9ii4hx
++ mktemp -t le.44270.nonce-fetch.XXXXXX
+ LAST_NONCE_FETCH=/var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.nonce-fetch.XXXXXX.dSwqK0A1
++ mktemp -t le.44270.openssl.cnf.XXXXXX
+ OPENSSL_CONFIG=/var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.openssl.cnf.XXXXXX.gGdwIX3s
++ mktemp -t le.44270.openssl.in.XXXXXX
+ OPENSSL_IN=/var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.openssl.in.XXXXXX.rUx3RjHe
++ mktemp -t le.44270.openssl.out.XXXXXX
+ OPENSSL_OUT=/var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.openssl.out.XXXXXX.KQ5DUzyW
++ mktemp -t le.44270.openssl.err.XXXXXX
+ OPENSSL_ERR=/var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.openssl.err.XXXXXX.5JeU6zi3
++ mktemp -t le.44270.server.csr.XXXXXX
+ TMP_SERVER_CSR=/var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.server.csr.XXXXXX.mfNQoEzz
+ CA=https://acme-staging.api.letsencrypt.org
+ CA=https://acme-v01.api.letsencrypt.org
+ PROTECTED=
+ PAYLOAD=
+ SIGNATURE=
+ ACCOUNT_KEY=
+ ACCOUNT_JWK=
+ REQ_JWKS=
+ ACCOUNT_THUMB=
+ SERVER_KEY=
+ SERVER_CSR=
+ SERVER_CERT=
+ ACCOUNT_EMAIL=
+ DOMAINS=
+ DOMAIN_DATA=
+ WEBDIR=
+ PUSH_TOKEN=
+ QUIET=
+ '[' 5 -gt 0 ']'
+ ACTION=register
+ shift
+ SHOW_THUMBPRINT=0
+ case "$ACTION" in
+ getopts :hqa:e:p name
+ case "$name" in
+ ACCOUNT_KEY=account.key
+ getopts :hqa:e:p name
+ case "$name" in
+ [email protected]
+ getopts :hqa:e:p name
+ shift 4
+ case "$ACTION" in
+ load_account_key
+ '[' -n account.key ']'
+ '[' -r account.key ']'
+ openssl rsa -in account.key -noout
+ handle_openssl_exit 0 'opening account key'
+ OPENSSL_EXIT=0
+ OPENSSL_ACTION='opening account key'
+ '[' 0 '!=' 0 ']'
++ key_get_exponent account.key
++ openssl pkey -inform perm -in account.key -noout -text_pub
++ handle_openssl_exit 0 'extracting account key exponent'
++ OPENSSL_EXIT=0
++ OPENSSL_ACTION='extracting account key exponent'
++ '[' 0 '!=' 0 ']'
++ sed -e '/Exponent: / ! d; s/Exponent: [0-9]*\s\+(\(\(0\)x\([0-9]\)\|0x\)\(\([0-9][0-9]\)*\))/\2\3\4/'
++ xxd -r -p
++ base64url
++ openssl base64
++ tr +/ -_
++ tr -d '\r\n='
++ key_get_modulus account.key
++ openssl rsa -in account.key -modulus -noout
++ handle_openssl_exit 0 'extracting account key modulus'
++ OPENSSL_EXIT=0
++ OPENSSL_ACTION='extracting account key modulus'
++ '[' 0 '!=' 0 ']'
++ sed -e 's/^Modulus=//'
++ xxd -r -p
++ base64url
++ openssl base64
++ tr +/ -_
++ tr -d '\r\n='
+ ACCOUNT_JWK='{"e":"","kty":"RSA","n":"wxKdTGijXqfPQIdLCQzjgEf9W3e0St2cdpufQBJdtsXE9xKu6O-KgFeqnOZbCRYE9g8bBgIBNP8qt7kL8zBEfZMiN8D8lyRoqpnq3d8ajDghgm9HMreVVuz-9QHzQ2P_g4qPJVKrhE5FYNZ31do9mOfQFm8ef5LSbf4629jL8mgpPSi6K0OFTZ-P_znMw7YVSx7Gzj2ScL4Y8TpHm5JIBwZWIX4Z4AL4DgE0i0I2nKGBzaX7pwKw7QZoeu4tFZHAFijyV41xQ9TS0ZtzNWuDEzbj46dcLsTf-D_2PXmUDuD8XfibMY4oqhIPxJBUC-OsK0eB5YdAll9o3g7Re1ONXplpDbye3xnnaM0rbROPafFYkcPUYdsbBxjACd4q1Mq1OhI44JtRTLR07_QjHTnuN7dccZsni5vtnqSVT2exB_D0Sb-N5HT0wf1jTwm0W6WUNXlwN2Sno-LK1qUyjhnP3Fc9EfOyK4-hZkl4vNJ7Y9XIyuUsgszrXAJyfjjbUovQAZkocJevPZoIphaGNvkg0xhiY4_n_EUUpbqwpJp9QtH5cm-0ekXUOxfsCYbHg_Htx7_xI6RvRug26UAo6ogNeSxsDL-VnsL-lcXdXeoNIbSyd_vNmXmAz5wwm88RueqQ2pICJIqk81B7wz1RtcfSYEmPvtponYuTjsbBiBt9RR8"}'
+ REQ_JWKS='{"alg":"RS256","jwk":{"e":"","kty":"RSA","n":"wxKdTGijXqfPQIdLCQzjgEf9W3e0St2cdpufQBJdtsXE9xKu6O-KgFeqnOZbCRYE9g8bBgIBNP8qt7kL8zBEfZMiN8D8lyRoqpnq3d8ajDghgm9HMreVVuz-9QHzQ2P_g4qPJVKrhE5FYNZ31do9mOfQFm8ef5LSbf4629jL8mgpPSi6K0OFTZ-P_znMw7YVSx7Gzj2ScL4Y8TpHm5JIBwZWIX4Z4AL4DgE0i0I2nKGBzaX7pwKw7QZoeu4tFZHAFijyV41xQ9TS0ZtzNWuDEzbj46dcLsTf-D_2PXmUDuD8XfibMY4oqhIPxJBUC-OsK0eB5YdAll9o3g7Re1ONXplpDbye3xnnaM0rbROPafFYkcPUYdsbBxjACd4q1Mq1OhI44JtRTLR07_QjHTnuN7dccZsni5vtnqSVT2exB_D0Sb-N5HT0wf1jTwm0W6WUNXlwN2Sno-LK1qUyjhnP3Fc9EfOyK4-hZkl4vNJ7Y9XIyuUsgszrXAJyfjjbUovQAZkocJevPZoIphaGNvkg0xhiY4_n_EUUpbqwpJp9QtH5cm-0ekXUOxfsCYbHg_Htx7_xI6RvRug26UAo6ogNeSxsDL-VnsL-lcXdXeoNIbSyd_vNmXmAz5wwm88RueqQ2pICJIqk81B7wz1RtcfSYEmPvtponYuTjsbBiBt9RR8"}}'
++ echo '{"e":"","kty":"RSA","n":"wxKdTGijXqfPQIdLCQzjgEf9W3e0St2cdpufQBJdtsXE9xKu6O-KgFeqnOZbCRYE9g8bBgIBNP8qt7kL8zBEfZMiN8D8lyRoqpnq3d8ajDghgm9HMreVVuz-9QHzQ2P_g4qPJVKrhE5FYNZ31do9mOfQFm8ef5LSbf4629jL8mgpPSi6K0OFTZ-P_znMw7YVSx7Gzj2ScL4Y8TpHm5JIBwZWIX4Z4AL4DgE0i0I2nKGBzaX7pwKw7QZoeu4tFZHAFijyV41xQ9TS0ZtzNWuDEzbj46dcLsTf-D_2PXmUDuD8XfibMY4oqhIPxJBUC-OsK0eB5YdAll9o3g7Re1ONXplpDbye3xnnaM0rbROPafFYkcPUYdsbBxjACd4q1Mq1OhI44JtRTLR07_QjHTnuN7dccZsni5vtnqSVT2exB_D0Sb-N5HT0wf1jTwm0W6WUNXlwN2Sno-LK1qUyjhnP3Fc9EfOyK4-hZkl4vNJ7Y9XIyuUsgszrXAJyfjjbUovQAZkocJevPZoIphaGNvkg0xhiY4_n_EUUpbqwpJp9QtH5cm-0ekXUOxfsCYbHg_Htx7_xI6RvRug26UAo6ogNeSxsDL-VnsL-lcXdXeoNIbSyd_vNmXmAz5wwm88RueqQ2pICJIqk81B7wz1RtcfSYEmPvtponYuTjsbBiBt9RR8"}'
++ tr -d '\r\n'
++ openssl dgst -sha256 -binary
++ base64url
++ openssl base64
++ tr +/ -_
++ tr -d '\r\n='
+ ACCOUNT_THUMB=n90NpYuKZpl5aG9g7vdCLcSSNxz67UWbzLLEk_tkKVA
+ '[' -z [email protected] ']'
+ register_account_key
+ log 'register account'
+ '[' -z '' ']'
+ echo 'register account'
register account
+ NEW_REG='{"resource":"new-reg","contact":["mailto:[email protected]"],"agreement":"https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf"}'
+ send_req https://acme-v01.api.letsencrypt.org/acme/new-reg '{"resource":"new-reg","contact":["mailto:[email protected]"],"agreement":"https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf"}'
+ URI=https://acme-v01.api.letsencrypt.org/acme/new-reg
+ gen_protected
++ cat /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.nonce.XXXXXX.MW9ii4hx
+ NONCE=
+ '[' -z '' ']'
+ curl -D /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.nonce-fetch.XXXXXX.dSwqK0A1 -o /dev/null -s https://acme-v01.api.letsencrypt.org/directory
+ handle_curl_exit 0 https://acme-v01.api.letsencrypt.org/directory
+ CURL_EXIT=0
+ CURL_URI=https://acme-v01.api.letsencrypt.org/directory
+ '[' 0 '!=' 0 ']'
+ sed -e '/Replay-Nonce: / ! d; s/^Replay-Nonce: //' /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.nonce-fetch.XXXXXX.dSwqK0A1
+ tr -d '\r\n'
++ cat /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.nonce.XXXXXX.MW9ii4hx
+ NONCE=PZEAl5-fLaXLQMdEJNXJOrpqTt0zxXNBGi2EW8JUNBc
+ '[' -n PZEAl5-fLaXLQMdEJNXJOrpqTt0zxXNBGi2EW8JUNBc ']'
++ echo '{"nonce":"PZEAl5-fLaXLQMdEJNXJOrpqTt0zxXNBGi2EW8JUNBc"}'
++ tr -d '\n\r'
++ base64url
++ openssl base64
++ tr +/ -_
++ tr -d '\r\n='
+ PROTECTED=eyJub25jZSI6IlBaRUFsNS1mTGFYTFFNZEVKTlhKT3JwcVR0MHp4WE5CR2kyRVc4SlVOQmMifQ
+ echo
+ tr -d '\n\r'
++ echo '{"resource":"new-reg","contact":["mailto:[email protected]"],"agreement":"https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf"}'
++ base64url
++ openssl base64
++ tr +/ -_
++ tr -d '\r\n='
+ PAYLOAD=eyJyZXNvdXJjZSI6Im5ldy1yZWciLCJjb250YWN0IjpbIm1haWx0bzp3ZWJtYXN0ZXJAZXhhbXBsZS5vcmciXSwiYWdyZWVtZW50IjoiaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvZG9jdW1lbnRzL0xFLVNBLXYxLjAuMS1KdWx5LTI3LTIwMTUucGRmIn0K
+ gen_signature
+ printf %s eyJub25jZSI6IlBaRUFsNS1mTGFYTFFNZEVKTlhKT3JwcVR0MHp4WE5CR2kyRVc4SlVOQmMifQ.eyJyZXNvdXJjZSI6Im5ldy1yZWciLCJjb250YWN0IjpbIm1haWx0bzp3ZWJtYXN0ZXJAZXhhbXBsZS5vcmciXSwiYWdyZWVtZW50IjoiaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvZG9jdW1lbnRzL0xFLVNBLXYxLjAuMS1KdWx5LTI3LTIwMTUucGRmIn0K
+ openssl dgst -sha256 -binary -sign account.key
+ handle_openssl_exit 0 'signing request'
+ OPENSSL_EXIT=0
+ OPENSSL_ACTION='signing request'
+ '[' 0 '!=' 0 ']'
++ base64url
++ openssl base64
++ tr +/ -_
++ tr -d '\r\n='
+ SIGNATURE=wt_mpf6mDNVIfWg2bH0B5Zf2i_M3YSsy3lUzmuWEQtKOX5BjRb-z63Q517ixR6bmzMet5NbPGYL82zBO8Q3n2wd3N_bARJYi_pXuAfq46mKjy-GSywhKsKkj4zV7egkH6fdEiPgTkkweBIU4ugtpbDLcLWiTmO_JPzGCc_A34AnI7SPpmtBhY_IVsDFtU3QwBSQgfg_7yzF2FnxpcQYy1FOVevglwcqCErime1goSC1tDeKqeRh_aPBusD7rQ_wiYHqCVHcsFoKFUymm_IbLuvgf-RCXeNfkirfUSmFClLO_4AQQypYnU6HDSzDArE0FUsDpggJ6RKljUKdA7clvA11TLRG_PESdH2U9FY3NXsCOA5nRpx-QPf3o9koOy62GDJg4FlmlMJwWR1bDjvL-beIFxAPYtnNR--UH8PU1ADl6X3JLwTE3A6JI6XqLXhliOO9EtWrSK6aA7-QfoyEs6bjKeXbxfLNVco8-yV5TOZ8ZOxqnxC9Z7ncx_w1mf0DGUvOf-jqcdU3mU8JSf42KQ4lWt-TprDh0j7vvEbFujpKvwEMpy-2aYEmMbhAU4uGk4Pl96xT_sWho6_G-8jtqbbiipYS-sCkftnBCo52y8iV81UYKvwipLzK4bKay7iARAgWX22G32qJ-7xOGJoRF2aMTFzaHtlLRV6X92GLcySQ
+ DATA='{"header":{"alg":"RS256","jwk":{"e":"","kty":"RSA","n":"wxKdTGijXqfPQIdLCQzjgEf9W3e0St2cdpufQBJdtsXE9xKu6O-KgFeqnOZbCRYE9g8bBgIBNP8qt7kL8zBEfZMiN8D8lyRoqpnq3d8ajDghgm9HMreVVuz-9QHzQ2P_g4qPJVKrhE5FYNZ31do9mOfQFm8ef5LSbf4629jL8mgpPSi6K0OFTZ-P_znMw7YVSx7Gzj2ScL4Y8TpHm5JIBwZWIX4Z4AL4DgE0i0I2nKGBzaX7pwKw7QZoeu4tFZHAFijyV41xQ9TS0ZtzNWuDEzbj46dcLsTf-D_2PXmUDuD8XfibMY4oqhIPxJBUC-OsK0eB5YdAll9o3g7Re1ONXplpDbye3xnnaM0rbROPafFYkcPUYdsbBxjACd4q1Mq1OhI44JtRTLR07_QjHTnuN7dccZsni5vtnqSVT2exB_D0Sb-N5HT0wf1jTwm0W6WUNXlwN2Sno-LK1qUyjhnP3Fc9EfOyK4-hZkl4vNJ7Y9XIyuUsgszrXAJyfjjbUovQAZkocJevPZoIphaGNvkg0xhiY4_n_EUUpbqwpJp9QtH5cm-0ekXUOxfsCYbHg_Htx7_xI6RvRug26UAo6ogNeSxsDL-VnsL-lcXdXeoNIbSyd_vNmXmAz5wwm88RueqQ2pICJIqk81B7wz1RtcfSYEmPvtponYuTjsbBiBt9RR8"}},"protected":"eyJub25jZSI6IlBaRUFsNS1mTGFYTFFNZEVKTlhKT3JwcVR0MHp4WE5CR2kyRVc4SlVOQmMifQ","payload":"eyJyZXNvdXJjZSI6Im5ldy1yZWciLCJjb250YWN0IjpbIm1haWx0bzp3ZWJtYXN0ZXJAZXhhbXBsZS5vcmciXSwiYWdyZWVtZW50IjoiaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvZG9jdW1lbnRzL0xFLVNBLXYxLjAuMS1KdWx5LTI3LTIwMTUucGRmIn0K","signature":"wt_mpf6mDNVIfWg2bH0B5Zf2i_M3YSsy3lUzmuWEQtKOX5BjRb-z63Q517ixR6bmzMet5NbPGYL82zBO8Q3n2wd3N_bARJYi_pXuAfq46mKjy-GSywhKsKkj4zV7egkH6fdEiPgTkkweBIU4ugtpbDLcLWiTmO_JPzGCc_A34AnI7SPpmtBhY_IVsDFtU3QwBSQgfg_7yzF2FnxpcQYy1FOVevglwcqCErime1goSC1tDeKqeRh_aPBusD7rQ_wiYHqCVHcsFoKFUymm_IbLuvgf-RCXeNfkirfUSmFClLO_4AQQypYnU6HDSzDArE0FUsDpggJ6RKljUKdA7clvA11TLRG_PESdH2U9FY3NXsCOA5nRpx-QPf3o9koOy62GDJg4FlmlMJwWR1bDjvL-beIFxAPYtnNR--UH8PU1ADl6X3JLwTE3A6JI6XqLXhliOO9EtWrSK6aA7-QfoyEs6bjKeXbxfLNVco8-yV5TOZ8ZOxqnxC9Z7ncx_w1mf0DGUvOf-jqcdU3mU8JSf42KQ4lWt-TprDh0j7vvEbFujpKvwEMpy-2aYEmMbhAU4uGk4Pl96xT_sWho6_G-8jtqbbiipYS-sCkftnBCo52y8iV81UYKvwipLzK4bKay7iARAgWX22G32qJ-7xOGJoRF2aMTFzaHtlLRV6X92GLcySQ"}'
+ curl -s -d '{"header":{"alg":"RS256","jwk":{"e":"","kty":"RSA","n":"wxKdTGijXqfPQIdLCQzjgEf9W3e0St2cdpufQBJdtsXE9xKu6O-KgFeqnOZbCRYE9g8bBgIBNP8qt7kL8zBEfZMiN8D8lyRoqpnq3d8ajDghgm9HMreVVuz-9QHzQ2P_g4qPJVKrhE5FYNZ31do9mOfQFm8ef5LSbf4629jL8mgpPSi6K0OFTZ-P_znMw7YVSx7Gzj2ScL4Y8TpHm5JIBwZWIX4Z4AL4DgE0i0I2nKGBzaX7pwKw7QZoeu4tFZHAFijyV41xQ9TS0ZtzNWuDEzbj46dcLsTf-D_2PXmUDuD8XfibMY4oqhIPxJBUC-OsK0eB5YdAll9o3g7Re1ONXplpDbye3xnnaM0rbROPafFYkcPUYdsbBxjACd4q1Mq1OhI44JtRTLR07_QjHTnuN7dccZsni5vtnqSVT2exB_D0Sb-N5HT0wf1jTwm0W6WUNXlwN2Sno-LK1qUyjhnP3Fc9EfOyK4-hZkl4vNJ7Y9XIyuUsgszrXAJyfjjbUovQAZkocJevPZoIphaGNvkg0xhiY4_n_EUUpbqwpJp9QtH5cm-0ekXUOxfsCYbHg_Htx7_xI6RvRug26UAo6ogNeSxsDL-VnsL-lcXdXeoNIbSyd_vNmXmAz5wwm88RueqQ2pICJIqk81B7wz1RtcfSYEmPvtponYuTjsbBiBt9RR8"}},"protected":"eyJub25jZSI6IlBaRUFsNS1mTGFYTFFNZEVKTlhKT3JwcVR0MHp4WE5CR2kyRVc4SlVOQmMifQ","payload":"eyJyZXNvdXJjZSI6Im5ldy1yZWciLCJjb250YWN0IjpbIm1haWx0bzp3ZWJtYXN0ZXJAZXhhbXBsZS5vcmciXSwiYWdyZWVtZW50IjoiaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvZG9jdW1lbnRzL0xFLVNBLXYxLjAuMS1KdWx5LTI3LTIwMTUucGRmIn0K","signature":"wt_mpf6mDNVIfWg2bH0B5Zf2i_M3YSsy3lUzmuWEQtKOX5BjRb-z63Q517ixR6bmzMet5NbPGYL82zBO8Q3n2wd3N_bARJYi_pXuAfq46mKjy-GSywhKsKkj4zV7egkH6fdEiPgTkkweBIU4ugtpbDLcLWiTmO_JPzGCc_A34AnI7SPpmtBhY_IVsDFtU3QwBSQgfg_7yzF2FnxpcQYy1FOVevglwcqCErime1goSC1tDeKqeRh_aPBusD7rQ_wiYHqCVHcsFoKFUymm_IbLuvgf-RCXeNfkirfUSmFClLO_4AQQypYnU6HDSzDArE0FUsDpggJ6RKljUKdA7clvA11TLRG_PESdH2U9FY3NXsCOA5nRpx-QPf3o9koOy62GDJg4FlmlMJwWR1bDjvL-beIFxAPYtnNR--UH8PU1ADl6X3JLwTE3A6JI6XqLXhliOO9EtWrSK6aA7-QfoyEs6bjKeXbxfLNVco8-yV5TOZ8ZOxqnxC9Z7ncx_w1mf0DGUvOf-jqcdU3mU8JSf42KQ4lWt-TprDh0j7vvEbFujpKvwEMpy-2aYEmMbhAU4uGk4Pl96xT_sWho6_G-8jtqbbiipYS-sCkftnBCo52y8iV81UYKvwipLzK4bKay7iARAgWX22G32qJ-7xOGJoRF2aMTFzaHtlLRV6X92GLcySQ"}' -D /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.resp-header.XXXXXX.OmOk4syR -o /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.resp-body.XXXXXX.YUXxsCue https://acme-v01.api.letsencrypt.org/acme/new-reg
+ handle_curl_exit 0 https://acme-v01.api.letsencrypt.org/acme/new-reg
+ CURL_EXIT=0
+ CURL_URI=https://acme-v01.api.letsencrypt.org/acme/new-reg
+ '[' 0 '!=' 0 ']'
+ sed -e '/Replay-Nonce: / ! d; s/^Replay-Nonce: //' /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.resp-header.XXXXXX.OmOk4syR
+ tr -d '\r\n'
+ check_http_status 201
+ fgrep -q 'HTTP/1.1 201 ' /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.resp-header.XXXXXX.OmOk4syR
+ check_http_status 409
+ fgrep -q 'HTTP/1.1 409 ' /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.resp-header.XXXXXX.OmOk4syR
+ unhandled_response 'registering account'
+ echo 'unhandled response while registering account'
unhandled response while registering account
+ echo
+ cat /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.resp-header.XXXXXX.OmOk4syR /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.resp-body.XXXXXX.YUXxsCue
HTTP/1.1 100 Continue
Expires: Wed, 06 Jul 2016 03:37:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: application/problem+json
Content-Length: 98
Boulder-Request-Id: OzloiUNVDAYSJTjSryf3c5ibLTS4iifgyQdvh9ti-mI
Replay-Nonce: AUpQbYIfKEf9LwfnjMuJF7vH1bM-LnmhtlgvtPU_8ks
Expires: Wed, 06 Jul 2016 03:37:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 06 Jul 2016 03:37:07 GMT
Connection: close
{
"type": "urn:acme:error:malformed",
"detail": "Invalid JWK in JWS header",
"status": 400
}+ echo
+ exit 1
+ rm -f /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.resp-header.XXXXXX.OmOk4syR /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.resp-body.XXXXXX.YUXxsCue /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.nonce.XXXXXX.MW9ii4hx /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.nonce-fetch.XXXXXX.dSwqK0A1 /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.openssl.cnf.XXXXXX.gGdwIX3s /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.openssl.in.XXXXXX.rUx3RjHe /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.openssl.out.XXXXXX.KQ5DUzyW /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.openssl.err.XXXXXX.5JeU6zi3 /var/folders/8j/hbwx08fx1kngcgnfzd_0v4ln261glm/T/le.44270.server.csr.XXXXXX.mfNQoEzz
The problem is with the extraction of the exponent from the key. (see: "e":"" ). Could you give the output of the following command on your OS X system please?
openssl pkey -inform perm -in account.key -noout -text_pub | grep -i Exponent
$ openssl pkey -inform perm -in account.key -noout -text_pub | grep -i Exponent
openssl:Error: 'pkey' is an invalid command.
...
$ openssl version
OpenSSL 0.9.8zh 14 Jan 2016
Looks like I could install a more recent openssl from homebrew which would probably fix this. Don't really have time to dig now myself, but happy to try things you tell me to :)
Thanks for the feedback. Would you try my version please? It supposed to work with your older version of openssl as well. Please let us know how it goes.
I'm getting:
{
"type": "urn:acme:error:malformed",
"detail": "Provided agreement URL [https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf] does not match current agreement URL [https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf]",
"status": 400
}
I'm getting the same error. My exponent output is: Exponent: 65537 (0x10001)
I'm running on Ubuntu 12.04 server.
Ok, I did this change (https://github.com/gheift/letsencrypt.sh/pull/27/files/f3b571f312b4c29b3dde77f1cb5231aa4edbb518) and seems it works. Thanks