$ acme.sh --force --issue -d maindomain.eg -d *.maindomain.eg -w /home/<username>/public_html
[Sun Oct 9 05:04:28 MST 2022] Using CA: https://acme.zerossl.com/v2/DV90
[Sun Oct 9 05:04:28 MST 2022] Create account key ok.
[Sun Oct 9 05:04:28 MST 2022] No EAB credentials found for ZeroSSL, let's get one
[Sun Oct 9 05:04:28 MST 2022] acme.sh is using ZeroSSL as default CA now.
[Sun Oct 9 05:04:28 MST 2022] Please update your account with an email address first.
[Sun Oct 9 05:04:28 MST 2022] acme.sh --register-account -m my@example.com
OK, fair enough - it wants an email and tells you how to feed it. However...
$ acme.sh --register-account -m <postbox>@maindomain.eg
[Sun Oct 9 05:04:53 MST 2022] No EAB credentials found for ZeroSSL, let's get one
Usage: _hmac hashalg secret [outputhex]
[Sun Oct 9 05:04:54 MST 2022] Registering account: https://acme.zerossl.com/v2/DV90
[Sun Oct 9 05:04:58 MST 2022] Register account Error: {"type":"urn:ietf:params:acme:error:malformed","status":400,"detail":"[External Account Binding] The JWS Signature MUST be present"}
Aha! That's because acme.sh changed to ZeroSSL in 2021 (after this article was written). To revert to Let's Encrypt, run this before running the --issue request:
Hm. Next hurdle is the script tries to chown things and gets it wrong: it should just leave well enough alone (i.e. owner read/write access is there, so why change anything). I think I'll have to patch something for this.
(This is because GoDaddy site root directory group ownership is nobody and the user running the site is not in that group.)
Had the exact same problem, and got side-tracked by a link output by acme.sh redirecting me to ZeroSSL with non-working recommendation. With your acme.sh --set-default-ca ... command above, it works nicely.
Like @sylver9, this does not work for me:
OK, fair enough - it wants an email and tells you how to feed it. However...
From which point progress is not possible.
Aha! That's because acme.sh changed to ZeroSSL in 2021 (after this article was written). To revert to Let's Encrypt, run this before running the
--issuerequest:Hm. Next hurdle is the script tries to
chownthings and gets it wrong: it should just leave well enough alone (i.e. owner read/write access is there, so why change anything). I think I'll have to patch something for this.(This is because GoDaddy site root directory group ownership is
nobodyand the user running the site is not in that group.)Had the exact same problem, and got side-tracked by a link output by
acme.shredirecting me to ZeroSSL with non-working recommendation. With youracme.sh --set-default-ca ...command above, it works nicely.--set-default-ca --server letsencrypt
add to try