Hi Santeri,
Tried your code and still would not work for me. Cron is forcing the certificate to be issued but it will not deploy it.
Here is the certificate cron:
"/home/xorex/.acme.sh"/acme.sh --force --issue -d mbdnet.net -w ~/www --dns dns_gd
I am only forcing it to ensure it actually generates a new certificate while I am testing it. Here are the results:
[Fri Jun 15 00:00:03 MST 2018] Single domain='mbdnet.net'
[Fri Jun 15 00:00:03 MST 2018] Getting domain auth token for each domain
[Fri Jun 15 00:00:03 MST 2018] Getting webroot for domain='mbdnet.net'
[Fri Jun 15 00:00:03 MST 2018] Getting new-authz for domain='mbdnet.net'
[Fri Jun 15 00:00:05 MST 2018] The new-authz request is ok.
[Fri Jun 15 00:00:05 MST 2018] mbdnet.net is already verified, skip http-01.
[Fri Jun 15 00:00:05 MST 2018] Verify finished, start to sign.
[Fri Jun 15 00:00:09 MST 2018] Cert success.
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISBOqR1yM4638Ivj8Bmx6/BhOmMA0GCSqGSIb3DQEBCwUA
................................................................................................
Full cert data not included
................................................................................................
86XnhYY9Dj3pJ/UxnByvR40xUa89zYoZ7V9XMm7R3d0ZtNOOffDgbLC0hD4sUWfu
XEE=
-----END CERTIFICATE-----
[Fri Jun 15 00:00:09 MST 2018] Your cert is in /home/xorex/.acme.sh/mbdnet.net/mbdnet.net.cer
[Fri Jun 15 00:00:09 MST 2018] Your cert key is in /home/xorex/.acme.sh/mbdnet.net/mbdnet.net.key
[Fri Jun 15 00:00:10 MST 2018] The intermediate CA cert is in /home/xorex/.acme.sh/mbdnet.net/ca.cer
[Fri Jun 15 00:00:10 MST 2018] And the full chain certs is there: /home/xorex/.acme.sh/mbdnet.net/fullchain.cer
Here is the deploy cron:
"/home/xorex/.acme.sh"/acme.sh --deploy -d mbdnet.net --deploy-hook cpanel_uapi
And here are the results:
/home/xorex/.acme.sh/deploy/cpanel_uapi.sh: line 34: _cpanel_uapi_urlencode: command not found
/home/xorex/.acme.sh/deploy/cpanel_uapi.sh: line 35: _cpanel_uapi_urlencode: command not found
[Fri Jun 15 00:05:22 MST 2018] Error in deploying certificate:
[Fri Jun 15 00:05:22 MST 2018] ---
apiversion: 3
func: install_ssl
module: SSL
result:
data: ~
errors:
- No 'cert' argument specified.
messages: ~
metadata: {}
status: 0
[Fri Jun 15 00:05:22 MST 2018] Error deploy for domain:mbdnet.net
[Fri Jun 15 00:05:22 MST 2018] Deploy error.
Here is the cpanel_uapi.sh code which sits in the subdirectory of "deploy" beneath the directory ".acme.sh" which holds acme.sh. I have added myself as root and commented out your private function.
#!/bin/bash
# Here is the script to deploy the cert to your cpanel using the cpanel API.
# Uses command line uapi. --user option is needed only if run as root.
# Returns 0 when success.
# Written by Santeri Kannisto <
santeri.kannisto@webseodesigners.com>
# Public domain, 2017
export DEPLOY_CPANEL_USER=
xorex@mbdnet.net
######## Public functions #####################
#domain keyfile certfile cafile fullchain
cpanel_uapi_deploy() {
_cdomain="$1"
_ckey="$2"
_ccert="$3"
_cca="$4"
_cfullchain="$5"
_debug _cdomain "$_cdomain"
_debug _ckey "$_ckey"
_debug _ccert "$_ccert"
_debug _cca "$_cca"
_debug _cfullchain "$_cfullchain"
if ! _exists uapi; then
_err "The command uapi is not found."
return 1
fi
# read cert and key files and urlencode both
_certstr=$(cat "$_ccert")
_keystr=$(cat "$_ckey")
_cert=$(_cpanel_uapi_urlencode "$_certstr")
_key=$(_cpanel_uapi_urlencode "$_keystr")
_debug _cert "$_cert"
_debug _key "$_key"
if [ "$(id -u)" = 0 ]; then
if [ -z "$DEPLOY_CPANEL_USER" ]; then
_err "It seems that you are root, please define the target user name: export DEPLOY_CPANEL_USER=username"
return 1
fi
_savedomainconf DEPLOY_CPANEL_USER "$DEPLOY_CPANEL_USER"
_response=$(uapi --user="$DEPLOY_CPANEL_USER" SSL install_ssl domain="$_cdomain" cert="$_cert" key="$_key")
else
_response=$(uapi SSL install_ssl domain="$_cdomain" cert="$_cert" key="$_key")
fi
error_response="status: 0"
if test "${_response#*$error_response}" != "$_response"; then
_err "Error in deploying certificate:"
_err "$_response"
return 1
fi
_debug response "$_response"
_info "Certificate successfully deployed"
return 0
}
######## Private functions below #####################
#_cpanel_uapi_urlencode() {
# printf "%s" "$1" \
# | tr "\\r\\n" "\\a" \
# | sed -e 's/%/%25/g' -e 's/ /%20/g' -e 's/\!/%21/g' -e 's/"/%22/g' -e 's/#/%23/g' -e 's/\$/%24/g' -e 's/&/%26/g' -e 's/'\''/%27/g' -e 's/(/%28/g' -e 's/)/%29/g' -e 's/\*/%2A/g' -e 's/+/%2B/g' -e #'s/,/%2C/g' -e 's/\./%2E/g' -e 's/\//%2F/g' -e 's/:/%3A/g' -e 's/;/%3B/g' -e 's/</%3C/g' -e 's/=/%3D/g' -e 's/>/%3E/g' -e 's/?/%3F/g' -e 's/@/%40/g' -e 's/\[/%5B/g' -e 's/\\/%5C/g' -e 's/\]/%5D/g' -e #'s/\^/%5E/g' -e 's/_/%5F/g' -e 's/`/%60/g' -e 's/{/%7B/g' -e 's/|/%7C/g' -e 's/}/%7D/g' -e 's/~/%7E/g' -e 's/\a/%0A/g' --posix # convert newlines to audible bell so that that sed can handle the input #without using non-POSIX extensions and then urlencode characters
#}
It looks to me as if it is finding acme.sh but unable to find the cpanel_uapi.sh file for some reason? OR it is finding it but not finding the _cpanel_uapi_urlencode command?
When I ssh in to use the command in cron for deploy, it gives exactly the same result and output so I must have done something wrong!.
Hope you can help.
Geoff