Are these instructions still up to date? https://www.truenas.com/community/threads/howto-acme-dns-authenticator-shell-script-using-acmesh-project.107252/
I have problems with it and have tried to reinstall acme.sh several times now. Meanwhile I get an error message during the installation (curl https://get.acme.sh | sh -s email=my@example.com):
[Sun Feb 23 15:01:56 CET 2025] Extracting master.tar.gz
sh: 7099: ./acme.sh: Permission denied
How can I restart here?
Looks like a permissions issue, do you have permissions to run the file where it’s located?
Having said that, why do you need acme.sh? Is it because your DNS provider isn’t included in the base install or something else?
I use ionos as DNS provider. It is included in the acme.sh-API.
I created a certificate with acme.sh 3 months ago, but the update with cron does not work. At the moment it is invalid. So I tried this built-in procedure. As I understood it will renew the certificate from itself.
no, when I try to create a certificate it sticks here:
Is there a possibility to debug?
After a while I received this error message:
[EFAULT] Certificate request for final order failed: Authorization for identifier Identifier(typ=IdentifierType(dns), value=‘lang-w.de’) failed. Here are the challenges that were not fulfilled: Challenge Type: dns-01 Error information: - Type: urn:ietf:params:acme:error:dns - Details: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.lang-w.de - check that a DNS record exists for this domain Authorization for identifier Identifier(typ=IdentifierType(dns), value=‘lang-w.de’) failed. Here are the challenges that were not fulfilled: Challenge Type: dns-01 Error information: - Type: urn:ietf:params:acme:error:dns - Details: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.lang-w.de - check that a DNS record exists for this domain
Traceback (most recent call last):
File “/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol_/issue_cert.py”, line 101, in issue_certificate
return acme_client.poll_and_finalize(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/lib/python3/dist-packages/acme/client.py”, line 185, in poll_and_finalize
orderr = self.poll_authorizations(orderr, deadline)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/lib/python3/dist-packages/acme/client.py”, line 210, in poll_authorizations
raise errors.ValidationError(failed)
acme.errors.ValidationError
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File “/usr/lib/python3/dist-packages/middlewared/job.py”, line 509, in run
await self.future
File “/usr/lib/python3/dist-packages/middlewared/job.py”, line 554, in _run_body
rv = await self.method(*args)
^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/lib/python3/dist-packages/middlewared/service/crud_service.py”, line 261, in nf
rv = await func(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/lib/python3/dist-packages/middlewared/schema/processor.py”, line 49, in nf
res = await f(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/lib/python3/dist-packages/middlewared/schema/processor.py”, line 179, in nf
return await func(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/middlewared/plugins/crypto/certificates.py", line 331, in do_create
await self.middleware.call(f’certificate.{self.map_functions[create_type]}‘, job, data)
File “/usr/lib/python3/dist-packages/middlewared/main.py”, line 1629, in call
return await self.call(
^^^^^^^^^^^^^^^^^
File “/usr/lib/python3/dist-packages/middlewared/main.py”, line 1471, in call
return await self.run_in_executor(prepared_call.executor, methodobj, *prepared_call.args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/lib/python3/dist-packages/middlewared/main.py”, line 1364, in run_in_executor
return await loop.run_in_executor(pool, functools.partial(method, *args, **kwargs))
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/lib/python3.11/concurrent/futures/thread.py”, line 58, in run
result = self.fn(*self.args, **self.kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/lib/python3/dist-packages/middlewared/schema/processor.py”, line 183, in nf
return func(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/middlewared/plugins/crypto/certificates.py", line 382, in create_acme_certificate
final_order = self.middleware.call_sync(‘acme.issue_certificate’, job, 25, data, csr_data)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File “/usr/lib/python3/dist-packages/middlewared/main.py”, line 1665, in call_sync
return methodobj(*prepared_call.args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol/issue_cert.py", line 117, in issue_certificate
raise CallError(f’Certificate request for final order failed: {msg}’)
middlewared.service_exception.CallError: [EFAULT] Certificate request for final order failed:
Authorization for identifier Identifier(typ=IdentifierType(dns), value=‘lang-w.de’) failed.
Here are the challenges that were not fulfilled:
Challenge Type: dns-01
Error information:
- Type: urn:ietf:params:acme:error:dns
- Details: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.lang-w.de - check that a DNS record exists for this domain
Authorization for identifier Identifier(typ=IdentifierType(dns), value=‘lang-w.de’) failed.
Here are the challenges that were not fulfilled:
Challenge Type: dns-01
Error information:
- Type: urn:ietf:params:acme:error:dns
- Details: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.lang-w.de - check that a DNS record exists for this domain
OK, there seems to be an error in the DNS. But how to fix?
I use adguard, in adguard I have a rewrite rule defined for my truenas:
truenas22.lang-w.de. → 192.168.178.6 (I will use only in my private network). Do I need other DNS-entries? Where?
Mine failed for the same reason on Eel. My DNS is Porkbun. I downloaded the latest version of acme, and, it worked today (mine is renewed from Scale). In case it helps.