It seems the current code doesn't allow for removing the email address
from the contact field. This fixes that. This only removes the email
address if an explicit empty email address is specified on the command
line or in the account.conf file. If it is left unspecified on the
command line it still just uses whatever was configured in the
account.conf.
This fixes the parsing of the authorization segment in the response of
an order. Without this fix the start of the array is not found
correctly and therefore the finalize URL is part of the authorization
segment. Changing the regex to *\[[^\[]*\] fix this. Seems to be a typo
which has not been recognized so far. This can be only recognized if
the response is in a single line.
This fixes the parsing of the authorization segment in the response of
an order. Without this fix the start of the array is not found
correctly and therefore the finalize URL is part of the authorization
segment. Changing the regex to *\[[^\[]*\] fix this. Seems to be a typo
which has not been recognized so far. This can be only recognized if
the response is in a single line.
When running --updateaccount, the ca/<ca>/account.json file isn't
updated with the new response showing the updated account details.
This can be a bit confusing if you add an email to the account but
then you're not sure if it actually applied looking at this file.
Write out the new response on successful account updates.
This adds quotes to the last eval in _getdeployconf which is reponsible
for loading and exporting saved environment variables back into the
acme.sh process. This caused some errors if used with the docker
deploy-hook and the example nginx "service nginx force-reload" command
as it contains spaces.
If a domain was already verified by http-01 method, when we try to issue a cert for them same domain with dns-01 method, we just get only one challenge object of type http-01 with "valid" status, from the authz-v3 url. So, we report error that we are not able the validate the domain, because of that we don't find dns-01 challenge.
This behavior is not the same as before. I believe it was changed by the letsencrypt CA.
In _send_signed_request and _check_dns_entries, return 1 when the
timeout (or number of retries) has been exhausted. This allows
the calling function to correctly handle the error.
In _debug_bash_helper use eval as we are seeing issues with busybox
systems having issues with array access. Even though they aren't
actually running the code they appear to be parsing it and failing.
Also older versions of busybox have a bug with eval and double quotes,
so make sure to use single quotes when using eval.
Resolves: #2579
As we can see, 1.1.1.1 is not routed or routed to an Intranet devices due to historical reason. Change 1.1.1.1 to 1.0.0.1 will have a better compatibility. I found this problem on my Tencent Cloud server.
Please remove the phrase `No news is good news.` as it suggests to decide to go on with a bad operational habit.
Why I am stating this is because that `no news` also could mean that:
- your `cron` daemon stopped working,
- your MTA has issues (in case or mail notifications of course),
- anything in between the host running `acme.sh` and your client went wrong.
(... and probably you will not notice in time if `acme.sh` would otherwise send an error notification (if it runs anyway))
If you expect a daily mail (using `--notify-level 3`) you can always be sure that `acme.sh` has ran successfully before. You can also tick the `acme.sh` checkbox in the daily operational report of your enterprise. ;)