staging=yes bash -x ./letsencrypt.sh request <DOMAIN>
++ /usr/bin/id -u
+ MYUID=0
+ '[' 0 '!=' 0 ']'
+ LEGO=/usr/local/bin/lego
+ DNS_SERVER=8.8.8.8
+ DNS6_SERVER=2001:4860:4860::8888
+ NEW_IP=1.1.1.1
+ NEW6_IP=2606:4700:4700::1111
+ DA_IPV6=false
+ TASK_QUEUE=/usr/local/directadmin/data/task.queue.cb
+ LEGO_DATA_PATH=/usr/local/directadmin/data/.lego
+ '[' 2 -lt 2 ']'
+ '[' 2 -lt 3 ']'
+ KEY_SIZE=ec256
+ ECC_USED=true
+ ECC=secp384r1
+ KEY_SIZE=
+ '[' '' = secp384r1 ']'
+ '[' '' = prime256v1 ']'
+ '[' '' = 4096 ']'
+ '[' '' = 2048 ']'
+ '[' '' = 8192 ']'
+ ECC=prime256v1
+ KEY_SIZE=ec256
+ ECC_USED=true
+ DA_BIN=/usr/local/directadmin/directadmin
+ '[' '!' -s /usr/local/directadmin/directadmin ']'
+ '[' request = present ']'
+ '[' request = cleanup ']'
+ /usr/local/directadmin/directadmin c
+ grep -m1 -q '^ipv6=1$'
+ CURL=/usr/local/bin/curl
+ '[' '!' -x /usr/local/bin/curl ']'
+ DIG=/usr/bin/dig
+ '[' '!' -x /usr/bin/dig ']'
+ '[' yes = yes ']'
+ API_URI=acme-staging-v02.api.letsencrypt.org
+ API=https://acme-staging-v02.api.letsencrypt.org
+ CHALLENGETYPE=http
+ GENERAL_TIMEOUT=40
+ CURL_OPTIONS='--connect-timeout 40 -k --silent'
++ uname
+ OS=Linux
+ OPENSSL=/usr/bin/openssl
++ date +%s
+ TIMESTAMP=1609757198
++ /usr/local/directadmin/directadmin c
++ grep '^letsencrypt='
++ cut -d= -f2
+ LETSENCRYPT_OPTION=1
++ /usr/local/directadmin/directadmin c
++ grep '^secure_access_group='
++ cut -d= -f2
+ ACCESS_GROUP_OPTION=access
+ FILE_CHOWN=diradmin:mail
+ FILE_CHMOD=640
+ '[' access '!=' '' ']'
+ FILE_CHOWN=diradmin:access
+ '[' '!' -x /usr/local/bin/lego ']'
+ DOCUMENT_ROOT=
+ WELLKNOWN_PATH=/var/www/html/.well-known/acme-challenge
+ '[' '!' -z '' ']'
+ APPEND_SERVER='-s https://acme-staging-v02.api.letsencrypt.org/directory'
++ hostname -f
+ SERVER_HOSTNAME=<HOSTNAME>
+ '[' -z <HOSTNAME> ']'
+ '[' '!' -s /usr/local/directadmin/data/users/admin/user.conf ']'
+ ADMIN_USERCONF=/usr/local/directadmin/data/users/admin/user.conf
+ '[' '!' -z /usr/local/directadmin/data/users/admin/user.conf ']'
+ '[' -s /usr/local/directadmin/data/users/admin/user.conf ']'
++ grep -m1 '^email=' /usr/local/directadmin/data/users/admin/user.conf
++ cut -d= -f2
++ cut -d, -f1
+ EMAIL=admin@<HOSTNAME>
+ '[' -z admin@<HOSTNAME> ']'
+ DOMAIN=<DOMAIN>
+ '[' '' '!=' yes ']'
+ FOUNDDOMAIN=0
++ echo <DOMAIN>
++ tr , ' '
+ for TDOMAIN in `echo "${DOMAIN}" | tr ',' ' '`
+ DOMAIN_NAME_FOUND=<DOMAIN>
++ echo <DOMAIN>
++ perl -p0 -e 's#\.#\\.#g'
+ DOMAIN_ESCAPED='<DOMAIN ESCAPED>'
+ grep -m1 -q '^<DOMAIN ESCAPED>:' /etc/virtual/domainowners
++ grep -m1 '^<DOMAIN ESCAPED>:' /etc/virtual/domainowners
++ cut '-d ' -f2
+ USER=<USER>
+ HOSTNAME=0
+ FOUNDDOMAIN=1
+ break
+ '[' 1 -eq 0 ']'
+ CSR_CF_FILE=
+ '[' '' '!=' '' ']'
+ DA_USERDIR=/usr/local/directadmin/data/users/<USER>
+ DA_CONFDIR=/usr/local/directadmin/conf
+ HOSTNAME_DIR=/var/www/html
+ '[' '!' -d /usr/local/directadmin/data/users/<USER> ']'
+ '[' '!' -d /usr/local/directadmin/conf ']'
+ '[' 0 -eq 0 ']'
+ DNSPROVIDER_FALLBACK=/usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.dnsprovider
+ '[' -s /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.dnsprovider ']'
+ KEY=/usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.key
+ CERT=/usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cert
+ CACERT=/usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cacert
+ '[' '' '!=' '' ']'
+ /usr/local/directadmin/directadmin c
+ grep -m1 -q '^letsencrypt=2$'
+ DOMAIN_DIR=/var/www/html
+ WELLKNOWN_PATH=/var/www/html/.well-known/acme-challenge
+ '[' -s /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cert ']'
+ '[' request = renew ']'
+ '[' request = request ']'
+ echo <DOMAIN>
+ grep -m1 -q ,
+ '[' -s '' ']'
+ '[' -s /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cert ']'
+ /usr/bin/openssl x509 -text -noout -in /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cert
+ grep -m1 -q 'Subject Alternative Name:'
++ /usr/bin/openssl x509 -text -noout -in /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cert
++ grep -m1 'Subject Alternative Name:' -A1
++ perl -p0 -e 's|DNS:||g'
++ grep DNS:
++ tr -d ' '
+ DOMAIN=<DOMAIN>,ftp.<DOMAIN>,mail.<DOMAIN>,pop.<DOMAIN>,smtp.<DOMAIN>,www.<DOMAIN>
+ '[' '!' -e /var/www/html ']'
+ echo <DOMAIN>,ftp.<DOMAIN>,mail.<DOMAIN>,pop.<DOMAIN>,smtp.<DOMAIN>,www.<DOMAIN>
+ grep -m1 -q ,
++ echo <DOMAIN>,ftp.<DOMAIN>,mail.<DOMAIN>,pop.<DOMAIN>,smtp.<DOMAIN>,www.<DOMAIN>
++ perl -p0 -e 's/,/ -d /g'
+ DOMAINS='<DOMAIN> -d ftp.<DOMAIN> -d mail.<DOMAIN> -d pop.<DOMAIN> -d smtp.<DOMAIN> -d www.<DOMAIN>'
+ DOMAIN_FLAG='-d <DOMAIN> -d ftp.<DOMAIN> -d mail.<DOMAIN> -d pop.<DOMAIN> -d smtp.<DOMAIN> -d www.<DOMAIN>'
++ echo <DOMAIN>,ftp.<DOMAIN>,mail.<DOMAIN>,pop.<DOMAIN>,smtp.<DOMAIN>,www.<DOMAIN>
++ cut -d, -f1
+ FIRST_DOMAIN=<DOMAIN>
+ CHALLENGETYPE=http
+ '[' -s /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.dnsprovider ']'
+ '[' '!' -z '' ']'
+ echo '-d <DOMAIN> -d ftp.<DOMAIN> -d mail.<DOMAIN> -d pop.<DOMAIN> -d smtp.<DOMAIN> -d www.<DOMAIN>'
+ grep -m1 -q '*\.'
++ echo <DOMAIN>,ftp.<DOMAIN>,mail.<DOMAIN>,pop.<DOMAIN>,smtp.<DOMAIN>,www.<DOMAIN>
++ perl -p0 -e 's/,/ /g'
++ perl -p0 -e 's/^\*.//g'
+ for domain_name in `echo ${DOMAIN} | perl -p0 -e "s/,/ /g" | perl -p0 -e "s/^\*.//g"`
+ caa_check <DOMAIN>
+ CAA_OK=true
++ /usr/bin/dig @8.8.8.8 AAAA <DOMAIN> +short
++ grep -v '\.$'
++ tail -n1
+ IP_TO_RESOLV=
+ '[' 0 -eq 9 ']'
++ echo <DOMAIN>
++ awk -F. '{b=$NF;for(i=NF-1;i>0;i--){b=$i FS b;print b}}'
+ for i in `echo ${1} | awk -F'.' '{b=$NF;for(i=NF-1;i>0;i--){b=$i FS b;print b}}'`
+ /usr/bin/dig CAA <DOMAIN> @8.8.8.8 +short
+ grep -m1 -q -F -- issue
+ grep -m1 -q -F -- SERVFAIL
+ /usr/bin/dig CAA <DOMAIN> @8.8.8.8
+ true
+ '[' http = http ']'
+ challenge_check <DOMAIN>
+ '[' '!' -d /var/www/html/.well-known/acme-challenge ']'
+ touch /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ chmod 644 /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ chown webapps:webapps /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ CURL_RESOLV_OPTIONS=
++ /usr/bin/dig @8.8.8.8 AAAA <DOMAIN> +short
++ grep -v '\.$'
++ tail -n1
+ IP_TO_RESOLV=
+ '[' 0 -eq 9 ']'
+ grep -m1 -q :
+ echo ''
+ IP_TO_RESOLV=
+ '[' -z '' ']'
++ /usr/bin/dig @8.8.8.8 <DOMAIN> +short
++ tail -n1
+ IP_TO_RESOLV=<IP>
++ /usr/bin/dig <DOMAIN> +short
++ tail -n1
+ CURRENT_RESOLV=<IP>
+ '[' -z <IP> ']'
+ '[' -x /sbin/ping6 ']'
+ false
+ ping6 -q -c 1 -W 1 <DOMAIN>
++ /usr/bin/dig @8.8.8.8 <DOMAIN> +short
++ tail -n1
+ IP_TO_RESOLV=<IP>
++ /usr/bin/dig <DOMAIN> +short
++ tail -n1
+ CURRENT_RESOLV=<IP>
+ '[' '!' -z <IP> ']'
+ /usr/local/bin/curl --help
+ grep -m1 -q resolve
+ CURL_RESOLV_OPTIONS='--resolve <DOMAIN>:80:<IP> --resolve <DOMAIN>:443:<IP>'
+ /usr/local/bin/curl --connect-timeout 40 -k --silent --resolve <DOMAIN>:80:<IP> --resolve <DOMAIN>:443:<IP> -I -L -X GET http://<DOMAIN>/.well-known/acme-challenge/letsencrypt_1609757198
+ grep -m1 -q 'HTTP.*200'
+ '[' '' = silent ']'
+ rm -f /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ for domain_name in `echo ${DOMAIN} | perl -p0 -e "s/,/ /g" | perl -p0 -e "s/^\*.//g"`
+ caa_check ftp.<DOMAIN>
+ CAA_OK=true
++ /usr/bin/dig @8.8.8.8 AAAA ftp.<DOMAIN> +short
++ grep -v '\.$'
++ tail -n1
+ IP_TO_RESOLV=
+ '[' 0 -eq 9 ']'
++ echo ftp.<DOMAIN>
++ awk -F. '{b=$NF;for(i=NF-1;i>0;i--){b=$i FS b;print b}}'
+ for i in `echo ${1} | awk -F'.' '{b=$NF;for(i=NF-1;i>0;i--){b=$i FS b;print b}}'`
+ /usr/bin/dig CAA <DOMAIN> @8.8.8.8 +short
+ grep -m1 -q -F -- issue
+ /usr/bin/dig CAA <DOMAIN> @8.8.8.8
+ grep -m1 -q -F -- SERVFAIL
+ for i in `echo ${1} | awk -F'.' '{b=$NF;for(i=NF-1;i>0;i--){b=$i FS b;print b}}'`
+ grep -m1 -q -F -- issue
+ /usr/bin/dig CAA ftp.<DOMAIN> @8.8.8.8 +short
+ grep -m1 -q -F -- SERVFAIL
+ /usr/bin/dig CAA ftp.<DOMAIN> @8.8.8.8
+ true
+ '[' http = http ']'
+ challenge_check ftp.<DOMAIN>
+ '[' '!' -d /var/www/html/.well-known/acme-challenge ']'
+ touch /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ chmod 644 /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ chown webapps:webapps /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ CURL_RESOLV_OPTIONS=
++ /usr/bin/dig @8.8.8.8 AAAA ftp.<DOMAIN> +short
++ grep -v '\.$'
++ tail -n1
+ IP_TO_RESOLV=
+ '[' 0 -eq 9 ']'
+ echo ''
+ grep -m1 -q :
+ IP_TO_RESOLV=
+ '[' -z '' ']'
++ /usr/bin/dig @8.8.8.8 ftp.<DOMAIN> +short
++ tail -n1
+ IP_TO_RESOLV=<IP>
++ /usr/bin/dig ftp.<DOMAIN> +short
++ tail -n1
+ CURRENT_RESOLV=<IP>
+ '[' -z <IP> ']'
+ '[' -x /sbin/ping6 ']'
+ false
+ ping6 -q -c 1 -W 1 ftp.<DOMAIN>
++ /usr/bin/dig @8.8.8.8 ftp.<DOMAIN> +short
++ tail -n1
+ IP_TO_RESOLV=<IP>
++ /usr/bin/dig ftp.<DOMAIN> +short
++ tail -n1
+ CURRENT_RESOLV=<IP>
+ '[' '!' -z <IP> ']'
+ /usr/local/bin/curl --help
+ grep -m1 -q resolve
+ CURL_RESOLV_OPTIONS='--resolve ftp.<DOMAIN>:80:<IP> --resolve ftp.<DOMAIN>:443:<IP>'
+ /usr/local/bin/curl --connect-timeout 40 -k --silent --resolve ftp.<DOMAIN>:80:<IP> --resolve ftp.<DOMAIN>:443:<IP> -I -L -X GET http://ftp.<DOMAIN>/.well-known/acme-challenge/letsencrypt_1609757198
+ grep -m1 -q 'HTTP.*200'
+ '[' '' = silent ']'
+ rm -f /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ for domain_name in `echo ${DOMAIN} | perl -p0 -e "s/,/ /g" | perl -p0 -e "s/^\*.//g"`
+ caa_check mail.<DOMAIN>
+ CAA_OK=true
++ /usr/bin/dig @8.8.8.8 AAAA mail.<DOMAIN> +short
++ grep -v '\.$'
++ tail -n1
+ IP_TO_RESOLV=
+ '[' 0 -eq 9 ']'
++ echo mail.<DOMAIN>
++ awk -F. '{b=$NF;for(i=NF-1;i>0;i--){b=$i FS b;print b}}'
+ for i in `echo ${1} | awk -F'.' '{b=$NF;for(i=NF-1;i>0;i--){b=$i FS b;print b}}'`
+ /usr/bin/dig CAA <DOMAIN> @8.8.8.8 +short
+ grep -m1 -q -F -- issue
+ /usr/bin/dig CAA <DOMAIN> @8.8.8.8
+ grep -m1 -q -F -- SERVFAIL
+ for i in `echo ${1} | awk -F'.' '{b=$NF;for(i=NF-1;i>0;i--){b=$i FS b;print b}}'`
+ grep -m1 -q -F -- issue
+ /usr/bin/dig CAA mail.<DOMAIN> @8.8.8.8 +short
+ grep -m1 -q -F -- SERVFAIL
+ /usr/bin/dig CAA mail.<DOMAIN> @8.8.8.8
+ true
+ '[' http = http ']'
+ challenge_check mail.<DOMAIN>
+ '[' '!' -d /var/www/html/.well-known/acme-challenge ']'
+ touch /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ chmod 644 /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ chown webapps:webapps /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ CURL_RESOLV_OPTIONS=
++ /usr/bin/dig @8.8.8.8 AAAA mail.<DOMAIN> +short
++ grep -v '\.$'
++ tail -n1
+ IP_TO_RESOLV=
+ '[' 0 -eq 9 ']'
+ grep -m1 -q :
+ echo ''
+ IP_TO_RESOLV=
+ '[' -z '' ']'
++ /usr/bin/dig @8.8.8.8 mail.<DOMAIN> +short
++ tail -n1
+ IP_TO_RESOLV=<IP>
++ /usr/bin/dig mail.<DOMAIN> +short
++ tail -n1
+ CURRENT_RESOLV=<IP>
+ '[' -z <IP> ']'
+ '[' -x /sbin/ping6 ']'
+ false
+ ping6 -q -c 1 -W 1 mail.<DOMAIN>
++ /usr/bin/dig @8.8.8.8 mail.<DOMAIN> +short
++ tail -n1
+ IP_TO_RESOLV=<IP>
++ /usr/bin/dig mail.<DOMAIN> +short
++ tail -n1
+ CURRENT_RESOLV=<IP>
+ '[' '!' -z <IP> ']'
+ /usr/local/bin/curl --help
+ grep -m1 -q resolve
+ CURL_RESOLV_OPTIONS='--resolve mail.<DOMAIN>:80:<IP> --resolve mail.<DOMAIN>:443:<IP>'
+ /usr/local/bin/curl --connect-timeout 40 -k --silent --resolve mail.<DOMAIN>:80:<IP> --resolve mail.<DOMAIN>:443:<IP> -I -L -X GET http://mail.<DOMAIN>/.well-known/acme-challenge/letsencrypt_1609757198
+ grep -m1 -q 'HTTP.*200'
+ '[' '' = silent ']'
+ rm -f /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ for domain_name in `echo ${DOMAIN} | perl -p0 -e "s/,/ /g" | perl -p0 -e "s/^\*.//g"`
+ caa_check pop.<DOMAIN>
+ CAA_OK=true
++ /usr/bin/dig @8.8.8.8 AAAA pop.<DOMAIN> +short
++ grep -v '\.$'
++ tail -n1
+ IP_TO_RESOLV=
+ '[' 0 -eq 9 ']'
++ echo pop.<DOMAIN>
++ awk -F. '{b=$NF;for(i=NF-1;i>0;i--){b=$i FS b;print b}}'
+ for i in `echo ${1} | awk -F'.' '{b=$NF;for(i=NF-1;i>0;i--){b=$i FS b;print b}}'`
+ grep -m1 -q -F -- issue
+ /usr/bin/dig CAA <DOMAIN> @8.8.8.8 +short
+ grep -m1 -q -F -- SERVFAIL
+ /usr/bin/dig CAA <DOMAIN> @8.8.8.8
+ for i in `echo ${1} | awk -F'.' '{b=$NF;for(i=NF-1;i>0;i--){b=$i FS b;print b}}'`
+ grep -m1 -q -F -- issue
+ /usr/bin/dig CAA pop.<DOMAIN> @8.8.8.8 +short
+ grep -m1 -q -F -- SERVFAIL
+ /usr/bin/dig CAA pop.<DOMAIN> @8.8.8.8
+ true
+ '[' http = http ']'
+ challenge_check pop.<DOMAIN>
+ '[' '!' -d /var/www/html/.well-known/acme-challenge ']'
+ touch /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ chmod 644 /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ chown webapps:webapps /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ CURL_RESOLV_OPTIONS=
++ /usr/bin/dig @8.8.8.8 AAAA pop.<DOMAIN> +short
++ grep -v '\.$'
++ tail -n1
+ IP_TO_RESOLV=
+ '[' 0 -eq 9 ']'
+ grep -m1 -q :
+ echo ''
+ IP_TO_RESOLV=
+ '[' -z '' ']'
++ /usr/bin/dig @8.8.8.8 pop.<DOMAIN> +short
++ tail -n1
+ IP_TO_RESOLV=<IP>
++ /usr/bin/dig pop.<DOMAIN> +short
++ tail -n1
+ CURRENT_RESOLV=<IP>
+ '[' -z <IP> ']'
+ '[' -x /sbin/ping6 ']'
+ false
+ ping6 -q -c 1 -W 1 pop.<DOMAIN>
++ tail -n1
++ /usr/bin/dig @8.8.8.8 pop.<DOMAIN> +short
+ IP_TO_RESOLV=<IP>
++ /usr/bin/dig pop.<DOMAIN> +short
++ tail -n1
+ CURRENT_RESOLV=<IP>
+ '[' '!' -z <IP> ']'
+ grep -m1 -q resolve
+ /usr/local/bin/curl --help
+ CURL_RESOLV_OPTIONS='--resolve pop.<DOMAIN>:80:<IP> --resolve pop.<DOMAIN>:443:<IP>'
+ grep -m1 -q 'HTTP.*200'
+ /usr/local/bin/curl --connect-timeout 40 -k --silent --resolve pop.<DOMAIN>:80:<IP> --resolve pop.<DOMAIN>:443:<IP> -I -L -X GET http://pop.<DOMAIN>/.well-known/acme-challenge/letsencrypt_1609757198
+ '[' '' = silent ']'
+ rm -f /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ for domain_name in `echo ${DOMAIN} | perl -p0 -e "s/,/ /g" | perl -p0 -e "s/^\*.//g"`
+ caa_check smtp.<DOMAIN>
+ CAA_OK=true
++ /usr/bin/dig @8.8.8.8 AAAA smtp.<DOMAIN> +short
++ grep -v '\.$'
++ tail -n1
+ IP_TO_RESOLV=
+ '[' 0 -eq 9 ']'
++ echo smtp.<DOMAIN>
++ awk -F. '{b=$NF;for(i=NF-1;i>0;i--){b=$i FS b;print b}}'
+ for i in `echo ${1} | awk -F'.' '{b=$NF;for(i=NF-1;i>0;i--){b=$i FS b;print b}}'`
+ /usr/bin/dig CAA <DOMAIN> @8.8.8.8 +short
+ grep -m1 -q -F -- issue
+ grep -m1 -q -F -- SERVFAIL
+ /usr/bin/dig CAA <DOMAIN> @8.8.8.8
+ for i in `echo ${1} | awk -F'.' '{b=$NF;for(i=NF-1;i>0;i--){b=$i FS b;print b}}'`
+ grep -m1 -q -F -- issue
+ /usr/bin/dig CAA smtp.<DOMAIN> @8.8.8.8 +short
+ /usr/bin/dig CAA smtp.<DOMAIN> @8.8.8.8
+ grep -m1 -q -F -- SERVFAIL
+ true
+ '[' http = http ']'
+ challenge_check smtp.<DOMAIN>
+ '[' '!' -d /var/www/html/.well-known/acme-challenge ']'
+ touch /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ chmod 644 /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ chown webapps:webapps /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ CURL_RESOLV_OPTIONS=
++ /usr/bin/dig @8.8.8.8 AAAA smtp.<DOMAIN> +short
++ grep -v '\.$'
++ tail -n1
+ IP_TO_RESOLV=
+ '[' 0 -eq 9 ']'
+ echo ''
+ grep -m1 -q :
+ IP_TO_RESOLV=
+ '[' -z '' ']'
++ /usr/bin/dig @8.8.8.8 smtp.<DOMAIN> +short
++ tail -n1
+ IP_TO_RESOLV=<IP>
++ /usr/bin/dig smtp.<DOMAIN> +short
++ tail -n1
+ CURRENT_RESOLV=<IP>
+ '[' -z <IP> ']'
+ '[' -x /sbin/ping6 ']'
+ false
+ ping6 -q -c 1 -W 1 smtp.<DOMAIN>
++ /usr/bin/dig @8.8.8.8 smtp.<DOMAIN> +short
++ tail -n1
+ IP_TO_RESOLV=<IP>
++ /usr/bin/dig smtp.<DOMAIN> +short
++ tail -n1
+ CURRENT_RESOLV=<IP>
+ '[' '!' -z <IP> ']'
+ grep -m1 -q resolve
+ /usr/local/bin/curl --help
+ CURL_RESOLV_OPTIONS='--resolve smtp.<DOMAIN>:80:<IP> --resolve smtp.<DOMAIN>:443:<IP>'
+ grep -m1 -q 'HTTP.*200'
+ /usr/local/bin/curl --connect-timeout 40 -k --silent --resolve smtp.<DOMAIN>:80:<IP> --resolve smtp.<DOMAIN>:443:<IP> -I -L -X GET http://smtp.<DOMAIN>/.well-known/acme-challenge/letsencrypt_1609757198
+ '[' '' = silent ']'
+ rm -f /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ for domain_name in `echo ${DOMAIN} | perl -p0 -e "s/,/ /g" | perl -p0 -e "s/^\*.//g"`
+ caa_check www.<DOMAIN>
+ CAA_OK=true
++ /usr/bin/dig @8.8.8.8 AAAA www.<DOMAIN> +short
++ grep -v '\.$'
++ tail -n1
+ IP_TO_RESOLV=
+ '[' 0 -eq 9 ']'
++ echo www.<DOMAIN>
++ awk -F. '{b=$NF;for(i=NF-1;i>0;i--){b=$i FS b;print b}}'
+ for i in `echo ${1} | awk -F'.' '{b=$NF;for(i=NF-1;i>0;i--){b=$i FS b;print b}}'`
+ grep -m1 -q -F -- issue
+ /usr/bin/dig CAA <DOMAIN> @8.8.8.8 +short
+ /usr/bin/dig CAA <DOMAIN> @8.8.8.8
+ grep -m1 -q -F -- SERVFAIL
+ for i in `echo ${1} | awk -F'.' '{b=$NF;for(i=NF-1;i>0;i--){b=$i FS b;print b}}'`
+ grep -m1 -q -F -- issue
+ /usr/bin/dig CAA www.<DOMAIN> @8.8.8.8 +short
+ /usr/bin/dig CAA www.<DOMAIN> @8.8.8.8
+ grep -m1 -q -F -- SERVFAIL
+ true
+ '[' http = http ']'
+ challenge_check www.<DOMAIN>
+ '[' '!' -d /var/www/html/.well-known/acme-challenge ']'
+ touch /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ chmod 644 /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ chown webapps:webapps /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ CURL_RESOLV_OPTIONS=
++ /usr/bin/dig @8.8.8.8 AAAA www.<DOMAIN> +short
++ grep -v '\.$'
++ tail -n1
+ IP_TO_RESOLV=
+ '[' 0 -eq 9 ']'
+ grep -m1 -q :
+ echo ''
+ IP_TO_RESOLV=
+ '[' -z '' ']'
++ /usr/bin/dig @8.8.8.8 www.<DOMAIN> +short
++ tail -n1
+ IP_TO_RESOLV=<IP>
++ /usr/bin/dig www.<DOMAIN> +short
++ tail -n1
+ CURRENT_RESOLV=<IP>
+ '[' -z <IP> ']'
+ '[' -x /sbin/ping6 ']'
+ false
+ ping6 -q -c 1 -W 1 www.<DOMAIN>
++ /usr/bin/dig @8.8.8.8 www.<DOMAIN> +short
++ tail -n1
+ IP_TO_RESOLV=<IP>
++ /usr/bin/dig www.<DOMAIN> +short
++ tail -n1
+ CURRENT_RESOLV=<IP>
+ '[' '!' -z <IP> ']'
+ /usr/local/bin/curl --help
+ grep -m1 -q resolve
+ CURL_RESOLV_OPTIONS='--resolve www.<DOMAIN>:80:<IP> --resolve www.<DOMAIN>:443:<IP>'
+ /usr/local/bin/curl --connect-timeout 40 -k --silent --resolve www.<DOMAIN>:80:<IP> --resolve www.<DOMAIN>:443:<IP> -I -L -X GET http://www.<DOMAIN>/.well-known/acme-challenge/letsencrypt_1609757198
+ grep -m1 -q 'HTTP.*200'
+ '[' '' = silent ']'
+ rm -f /var/www/html/.well-known/acme-challenge/letsencrypt_1609757198
+ '[' request = request_full ']'
+ '[' request = request_single ']'
+ '[' request = request ']'
+ /usr/local/bin/lego --path /usr/local/directadmin/data/.lego --dns.resolvers 8.8.8.8 --accept-tos -s https://acme-staging-v02.api.letsencrypt.org/directory -m admin@<HOSTNAME> --http --http.webroot /var/www/html -d <DOMAIN> -d ftp.<DOMAIN> -d mail.<DOMAIN> -d pop.<DOMAIN> -d smtp.<DOMAIN> -d www.<DOMAIN> --key-type ec256 run --no-bundle
2021/01/04 11:46:39 No key found for account admin@<HOSTNAME>. Generating a P256 key.
2021/01/04 11:46:39 Saved key to /usr/local/directadmin/data/.lego/accounts/acme-staging-v02.api.letsencrypt.org/admin@<HOSTNAME>/keys/admin@<HOSTNAME>.key
2021/01/04 11:46:40 [INFO] acme: Registering account for admin@<HOSTNAME>
!!!! HEADS UP !!!!
Your account credentials have been saved in your Let's Encrypt
configuration directory at "/usr/local/directadmin/data/.lego/accounts".
You should make a secure backup of this folder now. This
configuration directory will also contain certificates and
private keys obtained from Let's Encrypt so making regular
backups of this folder is ideal.
2021/01/04 11:46:40 [INFO] [<DOMAIN>, ftp.<DOMAIN>, mail.<DOMAIN>, pop.<DOMAIN>, smtp.<DOMAIN>, www.<DOMAIN>] acme: Obtaining SAN certificate
2021/01/04 11:46:41 [INFO] [<DOMAIN>] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/184482226
2021/01/04 11:46:41 [INFO] [ftp.<DOMAIN>] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/184482227
2021/01/04 11:46:41 [INFO] [mail.<DOMAIN>] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/184482228
2021/01/04 11:46:41 [INFO] [pop.<DOMAIN>] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/184482229
2021/01/04 11:46:41 [INFO] [smtp.<DOMAIN>] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/184482230
2021/01/04 11:46:41 [INFO] [www.<DOMAIN>] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/184482231
2021/01/04 11:46:41 [INFO] [<DOMAIN>] acme: Could not find solver for: tls-alpn-01
2021/01/04 11:46:41 [INFO] [<DOMAIN>] acme: use http-01 solver
2021/01/04 11:46:41 [INFO] [pop.<DOMAIN>] acme: Could not find solver for: tls-alpn-01
2021/01/04 11:46:41 [INFO] [pop.<DOMAIN>] acme: use http-01 solver
2021/01/04 11:46:41 [INFO] [ftp.<DOMAIN>] acme: Could not find solver for: tls-alpn-01
2021/01/04 11:46:41 [INFO] [ftp.<DOMAIN>] acme: use http-01 solver
2021/01/04 11:46:41 [INFO] [mail.<DOMAIN>] acme: Could not find solver for: tls-alpn-01
2021/01/04 11:46:41 [INFO] [mail.<DOMAIN>] acme: use http-01 solver
2021/01/04 11:46:41 [INFO] [smtp.<DOMAIN>] acme: Could not find solver for: tls-alpn-01
2021/01/04 11:46:41 [INFO] [smtp.<DOMAIN>] acme: use http-01 solver
2021/01/04 11:46:41 [INFO] [www.<DOMAIN>] acme: Could not find solver for: tls-alpn-01
2021/01/04 11:46:41 [INFO] [www.<DOMAIN>] acme: use http-01 solver
2021/01/04 11:46:41 [INFO] [<DOMAIN>] acme: Trying to solve HTTP-01
2021/01/04 11:46:46 [INFO] [<DOMAIN>] The server validated our request
2021/01/04 11:46:46 [INFO] [pop.<DOMAIN>] acme: Trying to solve HTTP-01
2021/01/04 11:46:51 [INFO] [pop.<DOMAIN>] The server validated our request
2021/01/04 11:46:51 [INFO] [ftp.<DOMAIN>] acme: Trying to solve HTTP-01
2021/01/04 11:46:55 [INFO] [ftp.<DOMAIN>] The server validated our request
2021/01/04 11:46:55 [INFO] [mail.<DOMAIN>] acme: Trying to solve HTTP-01
2021/01/04 11:47:00 [INFO] [mail.<DOMAIN>] The server validated our request
2021/01/04 11:47:00 [INFO] [smtp.<DOMAIN>] acme: Trying to solve HTTP-01
2021/01/04 11:47:06 [INFO] [smtp.<DOMAIN>] The server validated our request
2021/01/04 11:47:06 [INFO] [www.<DOMAIN>] acme: Trying to solve HTTP-01
2021/01/04 11:47:10 [INFO] [www.<DOMAIN>] The server validated our request
2021/01/04 11:47:10 [INFO] [<DOMAIN>, ftp.<DOMAIN>, mail.<DOMAIN>, pop.<DOMAIN>, smtp.<DOMAIN>, www.<DOMAIN>] acme: Validations succeeded; requesting certificates
2021/01/04 11:47:11 [INFO] [<DOMAIN>] Server responded with a certificate.
+ '[' 0 -eq 0 ']'
+ '[' '' '!=' yes ']'
++ echo <DOMAIN>
++ tr '*' _
+ CERT_DOMAIN_FILE=<DOMAIN>
+ LEGO_CERT_PATH=/usr/local/directadmin/data/.lego/certificates/<DOMAIN>.crt
+ LEGO_KEY_PATH=/usr/local/directadmin/data/.lego/certificates/<DOMAIN>.key
++ echo /usr/local/directadmin/data/.lego/certificates/<DOMAIN>.crt
++ perl -p0 -e 's|\.crt$|.issuer.crt|g'
+ LEGO_ISSUER_CERT_PATH=/usr/local/directadmin/data/.lego/certificates/<DOMAIN>.issuer.crt
+ '[' -s /usr/local/directadmin/data/.lego/certificates/<DOMAIN>.crt ']'
+ '[' -s /usr/local/directadmin/data/.lego/certificates/<DOMAIN>.key ']'
++ grep -c 'BEGIN CERTIFICATE' /usr/local/directadmin/data/.lego/certificates/<DOMAIN>.crt
+ '[' 2 -eq 1 ']'
+ /usr/bin/openssl x509 -in /usr/local/directadmin/data/.lego/certificates/<DOMAIN>.crt -out /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cert
+ cp -pf /usr/local/directadmin/data/.lego/certificates/<DOMAIN>.key /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.key
+ '[' -s /usr/local/directadmin/data/.lego/certificates/<DOMAIN>.issuer.crt ']'
+ cp -pf /usr/local/directadmin/data/.lego/certificates/<DOMAIN>.issuer.crt /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cacert
+ cat /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cert /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cacert
+ date +%s
+ chown diradmin:access /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.key /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cert /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cert.combined /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cacert /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cert.creation_time
+ chmod 640 /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.key /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cert /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cert.combined /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cacert /usr/local/directadmin/data/users/<USER>/domains/<DOMAIN>.cert.creation_time
+ echo 'Certificate for <DOMAIN>,ftp.<DOMAIN>,mail.<DOMAIN>,pop.<DOMAIN>,smtp.<DOMAIN>,www.<DOMAIN> has been created successfully!'
Certificate for <DOMAIN>,ftp.<DOMAIN>,mail.<DOMAIN>,pop.<DOMAIN>,smtp.<DOMAIN>,www.<DOMAIN> has been created successfully!
+ '[' '' '!=' yes ']'
+ '[' 0 -eq 1 ']'