Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

File name too long when generating single certificate with multiple SANs #4811

Closed
hrdina28 opened this issue Sep 27, 2023 · 4 comments
Closed

File name too long when generating single certificate with multiple SANs #4811

hrdina28 opened this issue Sep 27, 2023 · 4 comments

Comments

@hrdina28
Copy link

Hello,

I am trying to generate one certificate with twenty aliases in in. But when I try to do so "File name too long" . It tries to create folder with all the alises in name.
Please is that even possible to create such certificate? I tried -w parameter but that is for something else.

Thank you

Best regards
@github-actions
Copy link

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.

@hrdina28
Copy link
Author

Debug:
[Wed Sep 27 11:55:43 CEST 2023] _selectServer try snames='zerossl.com,zerossl'
[Wed Sep 27 11:55:43 CEST 2023] _selectServer try snames='letsencrypt.org,letsencrypt'
[Wed Sep 27 11:55:43 CEST 2023] _selectServer match letsencrypt
[Wed Sep 27 11:55:43 CEST 2023] Selected server: https://acme-v02.api.letsencrypt.org/directory
[Wed Sep 27 11:55:43 CEST 2023] Lets find script dir.
[Wed Sep 27 11:55:43 CEST 2023] SCRIPT='/shared/acme/acme.sh'
[Wed Sep 27 11:55:43 CEST 2023] _script='/shared/acme/acme.sh'
[Wed Sep 27 11:55:43 CEST 2023] _script_home='/shared/acme'
[Wed Sep 27 11:55:43 CEST 2023] Using default home:/shared/acme/acme
[Wed Sep 27 11:55:43 CEST 2023] Using config home:/shared/acme/acme
[Wed Sep 27 11:55:43 CEST 2023] LE_WORKING_DIR='/shared/acme/acme'
https://github.com/acmesh-official/acme.sh
v3.0.7
[Wed Sep 27 11:55:43 CEST 2023] Using server: https://acme-v02.api.letsencrypt.org/directory
[Wed Sep 27 11:55:43 CEST 2023] Running cmd: issue
[Wed Sep 27 11:55:43 CEST 2023] _main_domain='test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2'
[Wed Sep 27 11:55:43 CEST 2023] _alt_domains='no'
[Wed Sep 27 11:55:43 CEST 2023] Using config home:/shared/acme/acme
[Wed Sep 27 11:55:43 CEST 2023] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Wed Sep 27 11:55:43 CEST 2023] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Wed Sep 27 11:55:43 CEST 2023] _ACME_SERVER_PATH='directory'
[Wed Sep 27 11:55:43 CEST 2023] DOMAIN_PATH='/shared/acme/acme/ test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 ': File name too long
[Wed Sep 27 11:55:43 CEST 2023] 'dns_nsupdate,/shared/acme/acme/api-test-JLO' does not contain 'dns'
[Wed Sep 27 11:55:43 CEST 2023] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Wed Sep 27 11:55:43 CEST 2023] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Wed Sep 27 11:55:43 CEST 2023] GET
[Wed Sep 27 11:55:43 CEST 2023] url='https://acme-v02.api.letsencrypt.org/directory'
[Wed Sep 27 11:55:43 CEST 2023] timeout=
[Wed Sep 27 11:55:43 CEST 2023] _CURL='curl --silent --dump-header /shared/acme/acme/http.header -L --trace-ascii /tmp/tmp.1BkaSGnSyF -g '
[Wed Sep 27 11:55:44 CEST 2023] ret='0'
[Wed Sep 27 11:55:44 CEST 2023] response='{
"5WkJcfBGnXc": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-01/renewalInfo/",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}'
[Wed Sep 27 11:55:44 CEST 2023] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Wed Sep 27 11:55:44 CEST 2023] ACME_NEW_AUTHZ
[Wed Sep 27 11:55:44 CEST 2023] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Wed Sep 27 11:55:44 CEST 2023] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Wed Sep 27 11:55:44 CEST 2023] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Wed Sep 27 11:55:44 CEST 2023] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf'
[Wed Sep 27 11:55:44 CEST 2023] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
touch: cannot touch '/shared/acme/acme/test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test..conf': File name too long
/shared/acme/acme.sh: line 2300: /shared/acme/acme/test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test..conf : File name too long
.
.
.
.
grep: /shared/acme/acme/test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test..conf: File name too long
[Wed Sep 27 11:55:44 CEST 2023] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Wed Sep 27 11:55:44 CEST 2023] _on_before_issue
[Wed Sep 27 11:55:44 CEST 2023] _chk_main_domain='test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2'
[Wed Sep 27 11:55:44 CEST 2023] _chk_alt_domains
[Wed Sep 27 11:55:44 CEST 2023] 'dns_nsupdate,/shared/acme/acme/api-test-JLO' does not contain 'no'
[Wed Sep 27 11:55:44 CEST 2023] Le_LocalAddress
[Wed Sep 27 11:55:44 CEST 2023] d='test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2'
[Wed Sep 27 11:55:44 CEST 2023] _currentRoot='dns_nsupdate'
[Wed Sep 27 11:55:44 CEST 2023] d
[Wed Sep 27 11:55:44 CEST 2023] 'dns_nsupdate,/shared/acme/acme/api-test-JLO' does not contain 'apache'
[Wed Sep 27 11:55:44 CEST 2023] _saved_account_key_hash='xxxx'
[Wed Sep 27 11:55:44 CEST 2023] _saved_account_key_hash is not changed, skip register account.
[Wed Sep 27 11:55:44 CEST 2023] config file is empty, can not read Le_Keylength
[Wed Sep 27 11:55:44 CEST 2023] Read key length:2048
[Wed Sep 27 11:55:44 CEST 2023] Creating domain key
[Wed Sep 27 11:55:44 CEST 2023] Using config home:/shared/acme/acme
[Wed Sep 27 11:55:44 CEST 2023] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Wed Sep 27 11:55:44 CEST 2023] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Wed Sep 27 11:55:44 CEST 2023] _ACME_SERVER_PATH='directory'
[Wed Sep 27 11:55:44 CEST 2023] _createkey for file:/shared/acme/acme/test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test..key
[Wed Sep 27 11:55:44 CEST 2023] Use length 2048
[Wed Sep 27 11:55:44 CEST 2023] _f_path='/shared/acme/acme/test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2 test1 test2.
[Wed Sep 27 11:55:44 CEST 2023] Can not create domain key
[Wed Sep 27 11:55:44 CEST 2023] Create domain key error.
[Wed Sep 27 11:55:44 CEST 2023] pid
[Wed Sep 27 11:55:44 CEST 2023] No need to restore nginx, skip.
[Wed Sep 27 11:55:44 CEST 2023] _clearupdns
[Wed Sep 27 11:55:44 CEST 2023] dns_entries
[Wed Sep 27 11:55:44 CEST 2023] skip dns.
[Wed Sep 27 11:55:44 CEST 2023] _on_issue_err
[Wed Sep 27 11:55:44 CEST 2023] Please check log file for more details: /shared/acme/acme/acme.sh.log
[Wed Sep 27 11:55:44 CEST 2023] _chk_vlist
[Wed Sep 27 11:55:44 CEST 2023] Diagnosis versions:
openssl:openssl
OpenSSL 1.0.2u-fips 20 Dec 2019
apache:
apache doesn't exist.
nginx:
nginx doesn't exist.
socat:
socat by Gerhard Rieger - see www.dest-unreach.org
socat version 1.7.2.3 on Dec 22 2022 11:58:15
running on Linux version #1 SMP Thu Dec 22 10:09:11 PST 2022, release 3.10.0-862.14.4.el7.x86_64, machine x86_64
features:
#define WITH_STDIO 1
#define WITH_FDNUM 1
#define WITH_FILE 1
#define WITH_CREAT 1
#define WITH_GOPEN 1
#define WITH_TERMIOS 1
#define WITH_PIPE 1
#define WITH_UNIX 1
#define WITH_ABSTRACT_UNIXSOCKET 1
#define WITH_IP4 1
#define WITH_IP6 1
#define WITH_RAWIP 1
#define WITH_GENERICSOCKET 1
#define WITH_INTERFACE 1
#define WITH_TCP 1
#define WITH_UDP 1
#define WITH_SCTP 1
#define WITH_LISTEN 1
#define WITH_SOCKS4 1
#define WITH_SOCKS4A 1
#define WITH_PROXY 1
#define WITH_SYSTEM 1
#define WITH_EXEC 1
#define WITH_READLINE 1
#define WITH_TUN 1
#define WITH_PTY 1
#define WITH_OPENSSL 1
#undef WITH_FIPS
#define WITH_LIBWRAP 1
#define WITH_SYCLS 1
#define WITH_FILAN 1
#define WITH_RETRY 1
#define WITH_MSGLEVEL 0 /debug/

@JKHSDTV
Copy link

JKHSDTV commented Aug 15, 2024

This appears to be unfixed, making it impossible to use multi SANs over a certain length

@JKHSDTV
Copy link

JKHSDTV commented Sep 23, 2024
edited
Loading

As I posted above, I ran into this issue after it was supposedly fixed - or so I thought. What instead happened was that while using https://github.com/nginx-proxy/acme-companion I specified my multi domain SANs incorrectly: the standalone file needs a different syntax from regular variables; whereas regular variables list domains like VIRTUAL_HOST=yourdomain.tld,www.yourdomain.tld, the standalone file needs one to supply the hosts like LETSENCRYPT_web_HOST=('yourdomain.tld' 'www.yourdomain.tld') (specifically WITHOUT the commas), which is documented but which I missed.

I am leaving this comment because if one debugs my problems error message, this issue is what will come up in a search, even though the problem is not really related to acme.sh.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Neilpang @hrdina28 @JKHSDTV