Triggered _on_issue_err with "config file is empty, can not read CA_KEY_HASH" notice before

[wason-wly]

Steps to reproduce

My system: Ubuntu 22
Already update acme.sh with acme.sh --upgrade
But failed when issuing as:
acme.sh --issue -d www.hutdoo.info -w /home/web/webpage

Debug log

[Mon Apr 22 09:08:48 UTC 2024] _on_before_issue
[Mon Apr 22 09:08:48 UTC 2024] _chk_main_domain='www.hutdoo.info'
[Mon Apr 22 09:08:48 UTC 2024] _chk_alt_domains
[Mon Apr 22 09:08:48 UTC 2024] '/home/web/webpage' does not contain 'no'
[Mon Apr 22 09:08:48 UTC 2024] Le_LocalAddress
[Mon Apr 22 09:08:48 UTC 2024] d='www.hutdoo.info'
[Mon Apr 22 09:08:48 UTC 2024] Check for domain='www.hutdoo.info'
[Mon Apr 22 09:08:48 UTC 2024] _currentRoot='/home/web/webpage'
[Mon Apr 22 09:08:48 UTC 2024] d
[Mon Apr 22 09:08:48 UTC 2024] '/home/web/webpage' does not contain 'apache'
[Mon Apr 22 09:08:48 UTC 2024]_r_c_f='/root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/ca.conf'
[Mon Apr 22 09:08:48 UTC 2024]_sdkey='CA_KEY_HASH'
[Mon Apr 22 09:08:48 UTC 2024] config file is empty, can not read CA_KEY_HASH
[Mon Apr 22 09:08:48 UTC 2024] _saved_account_key_hash
[Mon Apr 22 09:08:48 UTC 2024] _initpath
[Mon Apr 22 09:08:48 UTC 2024] Using config home:/root/.acme.sh
[Mon Apr 22 09:08:48 UTC 2024] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Mon Apr 22 09:08:48 UTC 2024] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Mon Apr 22 09:08:48 UTC 2024] _ACME_SERVER_PATH='directory'
[Mon Apr 22 09:08:48 UTC 2024] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 22 09:08:48 UTC 2024] Only RSA or EC key is supported. keyfile=/root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
[Mon Apr 22 09:08:48 UTC 2024]
[Mon Apr 22 09:08:48 UTC 2024] _on_issue_err
[Mon Apr 22 09:08:48 UTC 2024] Please check log file for more details: /root/.acme.sh/acme.sh.log
[Mon Apr 22 09:08:48 UTC 2024] _chk_vlist

I checked:

---

The file /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/ca.conf doesn't exist. Only file account.key exist.

root@secure-laser-1:~/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory# ll
total 8
drwxr-xr-x 2 root root 4096 Apr 22 06:02 ./
drwxr-xr-x 3 root root 4096 Apr 21 05:06 ../
-rw------- 1 root root 0 Apr 21 05:06 account.key

[github-actions]

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.

[wason-wly]

log with --debug 2

[Mon Apr 22 09:27:54 UTC 2024] Lets find script dir.
[Mon Apr 22 09:27:54 UTC 2024] SCRIPT='/root/.acme.sh/acme.sh'
[Mon Apr 22 09:27:54 UTC 2024] _script='/root/.acme.sh/acme.sh'
[Mon Apr 22 09:27:54 UTC 2024] _script_home='/root/.acme.sh'
[Mon Apr 22 09:27:54 UTC 2024] Using config home:/root/.acme.sh
[Mon Apr 22 09:27:54 UTC 2024] LE_WORKING_DIR='/root/.acme.sh'
https://github.com/acmesh-official/acme.sh
v3.0.8
[Mon Apr 22 09:27:54 UTC 2024] Running cmd: issue
[Mon Apr 22 09:27:54 UTC 2024] _main_domain='www.hutdoo.info'
[Mon Apr 22 09:27:54 UTC 2024] _alt_domains='no'
[Mon Apr 22 09:27:54 UTC 2024] _initpath
[Mon Apr 22 09:27:54 UTC 2024] Using config home:/root/.acme.sh
[Mon Apr 22 09:27:54 UTC 2024] default_acme_server='https://acme-v02.api.letsencrypt.org/directory'
[Mon Apr 22 09:27:54 UTC 2024] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Mon Apr 22 09:27:54 UTC 2024] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Mon Apr 22 09:27:54 UTC 2024] _ACME_SERVER_PATH='directory'
[Mon Apr 22 09:27:54 UTC 2024] DOMAIN_PATH='/root/.acme.sh/www.hutdoo.info_ecc'
[Mon Apr 22 09:27:54 UTC 2024] '/home/web/webpage' does not contain 'dns'
[Mon Apr 22 09:27:54 UTC 2024] Le_NextRenewTime
[Mon Apr 22 09:27:54 UTC 2024] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 22 09:27:54 UTC 2024] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 22 09:27:54 UTC 2024] GET
[Mon Apr 22 09:27:54 UTC 2024] url='https://acme-v02.api.letsencrypt.org/directory'
[Mon Apr 22 09:27:54 UTC 2024] timeout=
[Mon Apr 22 09:27:54 UTC 2024] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.yfZR3cUV5m -g '
[Mon Apr 22 09:27:55 UTC 2024] ret='0'
[Mon Apr 22 09:27:55 UTC 2024] response='{
"GLDgSrfLm6U": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-02/renewalInfo/",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}'
[Mon Apr 22 09:27:55 UTC 2024] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Mon Apr 22 09:27:55 UTC 2024] ACME_NEW_AUTHZ
[Mon Apr 22 09:27:55 UTC 2024] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Mon Apr 22 09:27:55 UTC 2024] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Mon Apr 22 09:27:55 UTC 2024] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Mon Apr 22 09:27:55 UTC 2024] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf'
[Mon Apr 22 09:27:55 UTC 2024] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Mon Apr 22 09:27:55 UTC 2024] Using CA: https://acme-v02.api.letsencrypt.org/directory

[Mon Apr 22 09:27:55 UTC 2024] _on_before_issue
[Mon Apr 22 09:27:55 UTC 2024] _chk_main_domain='www.hutdoo.info'
[Mon Apr 22 09:27:55 UTC 2024] _chk_alt_domains
[Mon Apr 22 09:27:55 UTC 2024] '/home/web/webpage' does not contain 'no'
[Mon Apr 22 09:27:55 UTC 2024] Le_LocalAddress
[Mon Apr 22 09:27:55 UTC 2024] d='www.hutdoo.info'
[Mon Apr 22 09:27:55 UTC 2024] Check for domain='www.hutdoo.info'
[Mon Apr 22 09:27:55 UTC 2024] _currentRoot='/home/web/webpage'
[Mon Apr 22 09:27:55 UTC 2024] d
[Mon Apr 22 09:27:55 UTC 2024] '/home/web/webpage' does not contain 'apache'
[Mon Apr 22 09:27:55 UTC 2024] _r_c_f='/root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/ca.conf'
[Mon Apr 22 09:27:55 UTC 2024] _sdkey='CA_KEY_HASH'
[Mon Apr 22 09:27:55 UTC 2024] config file is empty, can not read CA_KEY_HASH
[Mon Apr 22 09:27:55 UTC 2024] _saved_account_key_hash
[Mon Apr 22 09:27:55 UTC 2024] _initpath
[Mon Apr 22 09:27:55 UTC 2024] Using config home:/root/.acme.sh
[Mon Apr 22 09:27:55 UTC 2024] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Mon Apr 22 09:27:55 UTC 2024] _ACME_SERVER_HOST='acme-v02.api.letsencrypt.org'
[Mon Apr 22 09:27:55 UTC 2024] _ACME_SERVER_PATH='directory'
[Mon Apr 22 09:27:55 UTC 2024] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Mon Apr 22 09:27:55 UTC 2024] Only RSA or EC key is supported. keyfile=/root/.acme.sh/ca/acme-v02.api.letsencrypt.org/directory/account.key
[Mon Apr 22 09:27:55 UTC 2024]
[Mon Apr 22 09:27:55 UTC 2024] _on_issue_err
[Mon Apr 22 09:27:55 UTC 2024] Please check log file for more details: /root/.acme.sh/acme.sh.log
[Mon Apr 22 09:27:55 UTC 2024] _chk_vlist
[Mon Apr 22 09:27:55 UTC 2024] socat doesn't exist.
[Mon Apr 22 09:27:55 UTC 2024] Diagnosis versions:
openssl:openssl
openssl: /lib/x86_64-linux-gnu/libcrypto.so.3: version `OPENSSL_3.0.9' not found (required by openssl)
apache:
apache doesn't exist.
nginx:
nginx version: nginx/1.18.0 (Ubuntu)
built with OpenSSL 3.0.2 15 Mar 2022
TLS SNI support enabled
configure arguments: --with-cc-opt='-g -O2 -ffile-prefix-map=/build/nginx-zctdR4/nginx-1.18.0=. -flto=auto -ffat-lto-objects -flto=auto -ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -flto=auto -ffat-lto-objects -flto=auto -Wl,-z,relro -Wl,-z,now -fPIC' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --modules-path=/usr/lib/nginx/modules --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-compat --with-debug --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_v2_module --with-http_dav_module --with-http_slice_module --with-threads --add-dynamic-module=/build/nginx-zctdR4/nginx-1.18.0/debian/modules/http-geoip2 --with-http_addition_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_sub_module
socat: