certbot with debug arg

1. 2022-10-12 07:54:07,430:DEBUG:certbot._internal.main:certbot version: 1.31.0
2. 2022-10-12 07:54:07,431:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
3. 2022-10-12 07:54:07,431:DEBUG:certbot._internal.main:Arguments: ['--non-interactive', '--renew-by-default', '--server', 'https://acme-v02.api.letsencrypt.org/directory', '-a', 'dns-duckdns', '--dns-duckdns-credentials', '/config/dns-conf/duckdns.ini', '--dns-duckdns-propagation-seconds', '60', '--rsa-key-size', '4096', '-m', 'email@email.com', '--no-eff-email', '--agree-tos', '-d', 'servraid.duckdns.org', '--debug-challenges']
4. 2022-10-12 07:54:07,431:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#certbot-dns-acmedns:dns-acmedns,PluginEntryPoint#certbot-dns-aliyun:dns-aliyun,PluginEntryPoint#certbot-dns-azure:dns-azure,PluginEntryPoint#certbot-dns-cpanel:cpanel,PluginEntryPoint#certbot-dns-desec:dns-desec,PluginEntryPoint#certbot-dns-directadmin:directadmin,PluginEntryPoint#certbot-dns-dnspod:dns-dnspod,PluginEntryPoint#certbot-dns-do:dns-do,PluginEntryPoint#certbot-dns-domeneshop:dns-domeneshop,PluginEntryPoint#certbot-dns-duckdns:dns-duckdns,PluginEntryPoint#certbot-dns-dynu:dns-dynu,PluginEntryPoint#certbot-dns-godaddy:dns-godaddy,PluginEntryPoint#certbot-dns-he:dns-he,PluginEntryPoint#certbot-dns-hetzner:dns-hetzner,PluginEntryPoint#certbot-dns-infomaniak:dns-infomaniak,PluginEntryPoint#certbot-dns-inwx:dns-inwx,PluginEntryPoint#certbot-dns-ionos:dns-ionos,PluginEntryPoint#certbot-dns-loopia:dns-loopia,PluginEntryPoint#certbot-dns-netcup:dns-netcup,PluginEntryPoint#certbot-dns-njalla:dns-njalla,PluginEntryPoint#certbot-dns-porkbun:dns-porkbun,PluginEntryPoint#certbot-dns-standalone:dns-standalone,PluginEntryPoint#certbot-dns-transip:dns-transip,PluginEntryPoint#certbot-dns-vultr:dns-vultr,PluginEntryPoint#certbot-plugin-gandi:dns,PluginEntryPoint#certbot-plugin-gandi:dns-gandi,PluginEntryPoint#certbot-route53:auth,PluginEntryPoint#cpanel,PluginEntryPoint#directadmin,PluginEntryPoint#dns,PluginEntryPoint#dns-acmedns,PluginEntryPoint#dns-aliyun,PluginEntryPoint#dns-azure,PluginEntryPoint#dns-cloudflare,PluginEntryPoint#dns-cloudxns,PluginEntryPoint#dns-desec,PluginEntryPoint#dns-digitalocean,PluginEntryPoint#dns-dnsimple,PluginEntryPoint#dns-dnsmadeeasy,PluginEntryPoint#dns-dnspod,PluginEntryPoint#dns-do,PluginEntryPoint#dns-domeneshop,PluginEntryPoint#dns-duckdns,PluginEntryPoint#dns-dynu,PluginEntryPoint#dns-gandi,PluginEntryPoint#dns-gehirn,PluginEntryPoint#dns-godaddy,PluginEntryPoint#dns-google,PluginEntryPoint#dns-he,PluginEntryPoint#dns-hetzner,PluginEntryPoint#dns-infomaniak,PluginEntryPoint#dns-inwx,PluginEntryPoint#dns-ionos,PluginEntryPoint#dns-linode,PluginEntryPoint#dns-loopia,PluginEntryPoint#dns-luadns,PluginEntryPoint#dns-netcup,PluginEntryPoint#dns-njalla,PluginEntryPoint#dns-nsone,PluginEntryPoint#dns-ovh,PluginEntryPoint#dns-porkbun,PluginEntryPoint#dns-rfc2136,PluginEntryPoint#dns-route53,PluginEntryPoint#dns-sakuracloud,PluginEntryPoint#dns-standalone,PluginEntryPoint#dns-transip,PluginEntryPoint#dns-vultr,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
5. 2022-10-12 07:54:07,458:DEBUG:certbot._internal.log:Root logging level set at 30
6. 2022-10-12 07:54:07,459:DEBUG:certbot._internal.plugins.selection:Requested authenticator dns-duckdns and installer None
7. 2022-10-12 07:54:07,463:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * dns-duckdns
8. Description: Obtain certificates using a DNS TXT record for DuckDNS domains
9. Interfaces: Authenticator, Plugin
10. Entry point: dns-duckdns = certbot_dns_duckdns.cert.client:Authenticator
11. Initialized: <certbot_dns_duckdns.cert.client.Authenticator object at 0x1511af8f9a30>
12. Prep: True
13. 2022-10-12 07:54:07,464:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_dns_duckdns.cert.client.Authenticator object at 0x1511af8f9a30> and installer None
14. 2022-10-12 07:54:07,464:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator dns-duckdns, Installer None
15. 2022-10-12 07:54:07,482:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/771871416', new_authzr_uri=None, terms_of_service=None), 89ed1fff77e372a59d33a5dc54db6ef2, Meta(creation_dt=datetime.datetime(2022, 10, 12, 2, 14, 32, tzinfo=<UTC>), creation_host='b8aaa3d0eb43', register_to_eff=None))>
16. 2022-10-12 07:54:07,482:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
17. 2022-10-12 07:54:07,694:DEBUG:acme.client:Received response:
18. HTTP 200
19. Server: nginx
20. Date: Wed, 12 Oct 2022 11:54:07 GMT
21. Content-Type: application/json
22. Content-Length: 659
23. Connection: keep-alive
24. Cache-Control: public, max-age=0, no-cache
25. X-Frame-Options: DENY
26. Strict-Transport-Security: max-age=604800
27.  
28. {
29. "ZRRBM_p7HoE": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
30. "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
31. "meta": {
32. "caaIdentities": [
33. "letsencrypt.org"
34. ],
35. "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
36. "website": "https://letsencrypt.org"
37. },
38. "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
39. "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
40. "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
41. "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
42. }
43. 2022-10-12 07:54:07,695:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for servraid.duckdns.org
44. 2022-10-12 07:54:08,423:DEBUG:certbot.crypto_util:Generating RSA key (4096 bits): /etc/letsencrypt/keys/0010_key-certbot.pem
45. 2022-10-12 07:54:08,430:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0023_csr-certbot.pem
46. 2022-10-12 07:54:08,431:DEBUG:acme.client:Requesting fresh nonce
47. 2022-10-12 07:54:08,431:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
48. 2022-10-12 07:54:08,504:DEBUG:acme.client:Received response:
49. HTTP 200
50. Server: nginx
51. Date: Wed, 12 Oct 2022 11:54:08 GMT
52. Connection: keep-alive
53. Cache-Control: public, max-age=0, no-cache
54. Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
55. Replay-Nonce: A5FEjzuc4tOmrae9L-y6kwxiRGtq3rHHXcIaECMAHUzcN7Q
56. X-Frame-Options: DENY
57. Strict-Transport-Security: max-age=604800
58.  
59.  
60. 2022-10-12 07:54:08,504:DEBUG:acme.client:Storing nonce: A5FEjzuc4tOmrae9L-y6kwxiRGtq3rHHXcIaECMAHUzcN7Q
61. 2022-10-12 07:54:08,504:DEBUG:acme.client:JWS payload:
62. b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "servraid.duckdns.org"\n }\n ]\n}'
63. 2022-10-12 07:54:08,509:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
64. {
65. "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzcxODcxNDE2IiwgIm5vbmNlIjogIkE1RkVqenVjNHRPbXJhZTlMLXk2a3d4aVJHdHEzckhIWGNJYUVDTUFIVXpjTjdRIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
66. "signature": "JdntGMwSc-KSfTvFpUa95GnV5Wn1Fvrv5q93lT9WYHL5HDApYyOhbK0jVEWfyQiB0B2uHSpGVp1L_JgDzFnMY5ru1HPjG3M7tMXuBqd4MhoL0I5vaFehtr4--uuFpShgCmVxuw8HcH5Gm7l9t6RF7ggFNkS8OWaR2dgtHvkMWag9ANMGNi2KcgtbN6tJOOi1E0UJoGvegJgdD5Y5zEnUBpJQdXwv6m_VWefVzp47bKfCx29cJLxqi54vjokPJxLD6qP1qnBlfS6fEq-4D-otO6bxEHadxn_wN3YO7epezJuIVNee7UUYlWxCttLUY3jwy07leRa_KzJ0Ws0dgYKt1kclR_hW3jTxfJKD_JxpIPqF444j7fKrGMPFiRy7Ogn1kceUBA5xHKIrbqRHnbalFG_CFb2Pd3beJ7inxH2jH05ii69oPOyR1zcv-EyyqjyDdpWnDqIosS5mKp0Jm_anyfdjE_3JfPmRsSizWqPlLIO7BSIKjTnVSDGuRsOFhd9WgQ2Z6rEkllnZBfe72G8Oyd_0cCzD4mCYqmc0rYxy3tmnz19FEgbEisDUHrphALL9z7GNF1ZVrmKX5ijI336pyU40aBNvbHe77hFh3q-vrDQCXDvmSOTzS6BqFUB9-uXyxf4w3ChaX4Fh9ezu5WYY-715jRuffgPMyqEUF91fn9Y",
67. "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInNlcnZyYWlkLmR1Y2tkbnMub3JnIgogICAgfQogIF0KfQ"
68. }
69. 2022-10-12 07:54:08,599:DEBUG:acme.client:Received response:
70. HTTP 201
71. Server: nginx
72. Date: Wed, 12 Oct 2022 11:54:08 GMT
73. Content-Type: application/json
74. Content-Length: 345
75. Connection: keep-alive
76. Boulder-Requester: 771871416
77. Cache-Control: public, max-age=0, no-cache
78. Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
79. Location: https://acme-v02.api.letsencrypt.org/acme/order/771871416/133873370246
80. Replay-Nonce: C400fT0hTlvY9CM3ob8vMi0bT31rLKKoYWseLdJIeg8R9Mw
81. X-Frame-Options: DENY
82. Strict-Transport-Security: max-age=604800
83.  
84. {
85. "status": "pending",
86. "expires": "2022-10-19T02:14:33Z",
87. "identifiers": [
88. {
89. "type": "dns",
90. "value": "servraid.duckdns.org"
91. }
92. ],
93. "authorizations": [
94. "https://acme-v02.api.letsencrypt.org/acme/authz-v3/163558915676"
95. ],
96. "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/771871416/133873370246"
97. }
98. 2022-10-12 07:54:08,600:DEBUG:acme.client:Storing nonce: C400fT0hTlvY9CM3ob8vMi0bT31rLKKoYWseLdJIeg8R9Mw
99. 2022-10-12 07:54:08,600:DEBUG:acme.client:JWS payload:
100. b''
101. 2022-10-12 07:54:08,604:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/163558915676:
102. {
103. "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzcxODcxNDE2IiwgIm5vbmNlIjogIkM0MDBmVDBoVGx2WTlDTTNvYjh2TWkwYlQzMXJMS0tvWVdzZUxkSkllZzhSOU13IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNjM1NTg5MTU2NzYifQ",
104. "signature": "nisFiIn7i-_g1ql4gVANhjsq6CQeGzJcmu33ckWym0fvZEP9x05Bb8pbpgU2OQwE-bsS0j_jOENin9OWU62CvmK23F5tksVlMVA1eHxwk4nFkCRXwLxhWhVTh2h6p88KoJ_YEvxnW3SO8DIU2hF1ZbiRuAG7jKGT3bRxuSST-MRv_wDfpfjSXej8VIrIBADNAzdQ7sMxygkgkFuogJs8QKOv5PdiJggx4pFXLm-GvJ3q3bK55Xeo64Ji9GGJg0OTD_dJNxii96CenaMEIgvU61tCilCmgrKhfDw6Gjs20P3MrD8K74f3RDwjhiVKmyrSFNwyAJeBWKxQKelsRw3DTickdvag5hVMOSngSmwOwlvSh_AsjIDpLxyMXQay2nfGwj7b2u71TNQdMUhTUEXJQ8EFGJJ7jdYhSZg0xjkInzRPb74y5EVaYB0_7vrnqZgpXXF0XTna8uwuXrpVbantHeeUGKzqhkt7pvlfbqADPN1myCxiQYVoLgBfpmvO7YHKcnyByfL0NXKPBEm5HSQJjHKVA2opVp9s1275izpkyFR9-T5pcsgUsa5oZaeE5ZrYAGQofi0i4c8fLimJv2_QPt1Aq8zyK7i5JgkQDPfo8OMYQu3Y_jdMYHMXP3z7UtmvLgH6rl_AwamFi1FvDL0qFeplgHaJjGjkGljkzcPg1m8",
105. "payload": ""
106. }
107. 2022-10-12 07:54:08,678:DEBUG:acme.client:Received response:
108. HTTP 200
109. Server: nginx
110. Date: Wed, 12 Oct 2022 11:54:08 GMT
111. Content-Type: application/json
112. Content-Length: 804
113. Connection: keep-alive
114. Boulder-Requester: 771871416
115. Cache-Control: public, max-age=0, no-cache
116. Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
117. Replay-Nonce: C4008zCUEG42i4Oewyd7hXUfAIrp65uhRJvSVagxLiR2_HY
118. X-Frame-Options: DENY
119. Strict-Transport-Security: max-age=604800
120.  
121. {
122. "identifier": {
123. "type": "dns",
124. "value": "servraid.duckdns.org"
125. },
126. "status": "pending",
127. "expires": "2022-10-19T02:14:33Z",
128. "challenges": [
129. {
130. "type": "http-01",
131. "status": "pending",
132. "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/163558915676/90ePyg",
133. "token": "####"
134. },
135. {
136. "type": "dns-01",
137. "status": "pending",
138. "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/163558915676/DsJi0g",
139. "token": "####"
140. },
141. {
142. "type": "tls-alpn-01",
143. "status": "pending",
144. "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/163558915676/n_fJCA",
145. "token": "####"
146. }
147. ]
148. }
149. 2022-10-12 07:54:08,678:DEBUG:acme.client:Storing nonce: C4008zCUEG42i4Oewyd7hXUfAIrp65uhRJvSVagxLiR2_HY
150. 2022-10-12 07:54:08,679:INFO:certbot._internal.auth_handler:Performing the following challenges:
151. 2022-10-12 07:54:08,679:INFO:certbot._internal.auth_handler:dns-01 challenge for servraid.duckdns.org
152. 2022-10-12 07:54:08,679:WARNING:certbot.plugins.dns_common:Unsafe permissions on credentials configuration file: /config/dns-conf/duckdns.ini
153. 2022-10-12 07:54:08,680:WARNING:certbot.plugins.dns_common:Unsafe permissions on credentials configuration file: /config/dns-conf/duckdns.ini
154. 2022-10-12 07:54:08,685:DEBUG:certbot._internal.error_handler:Encountered exception:
155. Traceback (most recent call last):
156. File "/usr/lib/python3.9/site-packages/certbot_dns_duckdns/cert/client.py", line 82, in _perform
157. txt_values = custom_resolver.resolve(duckdns_domain, "TXT")
158. File "/usr/lib/python3.9/site-packages/dns/resolver.py", line 1090, in resolve
159. (answer, done) = resolution.query_result(response, None)
160. File "/usr/lib/python3.9/site-packages/dns/resolver.py", line 696, in query_result
161. raise NoAnswer(response=answer.response)
162. dns.resolver.NoAnswer: The DNS response does not contain an answer to the question: servraid.duckdns.org. IN TXT
163.  
164. During handling of the above exception, another exception occurred:
165.  
166. Traceback (most recent call last):
167. File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 86, in handle_authorizations
168. resps = self.auth.perform(achalls)
169. File "/usr/lib/python3.9/site-packages/certbot/plugins/dns_common.py", line 76, in perform
170. self._perform(domain, validation_domain_name, validation)
171. File "/usr/lib/python3.9/site-packages/certbot_dns_duckdns/cert/client.py", line 84, in _perform
172. raise errors.PluginError(e)
173. certbot.errors.PluginError: The DNS response does not contain an answer to the question: servraid.duckdns.org. IN TXT
174.  
175. 2022-10-12 07:54:08,685:DEBUG:certbot._internal.error_handler:Calling registered functions
176. 2022-10-12 07:54:08,685:INFO:certbot._internal.auth_handler:Cleaning up challenges
177. 2022-10-12 07:54:08,960:DEBUG:certbot._internal.log:Exiting abnormally:
178. Traceback (most recent call last):
179. File "/usr/lib/python3.9/site-packages/certbot_dns_duckdns/cert/client.py", line 82, in _perform
180. txt_values = custom_resolver.resolve(duckdns_domain, "TXT")
181. File "/usr/lib/python3.9/site-packages/dns/resolver.py", line 1090, in resolve
182. (answer, done) = resolution.query_result(response, None)
183. File "/usr/lib/python3.9/site-packages/dns/resolver.py", line 696, in query_result
184. raise NoAnswer(response=answer.response)
185. dns.resolver.NoAnswer: The DNS response does not contain an answer to the question: servraid.duckdns.org. IN TXT
186.  
187. During handling of the above exception, another exception occurred:
188.  
189. Traceback (most recent call last):
190. File "/usr/bin/certbot", line 8, in <module>
191. sys.exit(main())
192. File "/usr/lib/python3.9/site-packages/certbot/main.py", line 19, in main
193. return internal_main.main(cli_args)
194. File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1744, in main
195. return config.func(config, plugins)
196. File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1591, in certonly
197. lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
198. File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 141, in _get_and_save_cert
199. lineage = le_client.obtain_and_enroll_certificate(domains, certname)
200. File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 530, in obtain_and_enroll_certificate
201. cert, chain, key, _ = self.obtain_certificate(domains)
202. File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 442, in obtain_certificate
203. orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
204. File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 510, in _get_order_and_authorizations
205. authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
206. File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 86, in handle_authorizations
207. resps = self.auth.perform(achalls)
208. File "/usr/lib/python3.9/site-packages/certbot/plugins/dns_common.py", line 76, in perform
209. self._perform(domain, validation_domain_name, validation)
210. File "/usr/lib/python3.9/site-packages/certbot_dns_duckdns/cert/client.py", line 84, in _perform
211. raise errors.PluginError(e)
212. certbot.errors.PluginError: The DNS response does not contain an answer to the question: servraid.duckdns.org. IN TXT
213. 2022-10-12 07:54:08,961:ERROR:certbot._internal.log:The DNS response does not contain an answer to the question: servraid.duckdns.org. IN TXT