[GH-ISSUE #1042] [Bug] 部署阿里云OSS时提示需要验证域名所有权 #708

New issue

Closed

opened 2026-03-03 01:05:23 +03:00 by kerem · 2 comments

kerem commented

2026-03-03 01:05:23 +03:00

Owner

Originally created by @nkguo on GitHub (Nov 14, 2025).
Original GitHub issue: https://github.com/certimate-go/certimate/issues/1042

软件版本 / Release Version

v0.4.4

缺陷描述 / Description

证书申请已成功、域名已成功绑定到阿里云OSS存储桶并验证了域名所有权，并且用户AccessKey设置的是所有权限，但是发布到阿里云OSS时提示需要验证域名所有权：

failed to execute sdk request 'oss.PutCname': operation error PutCname: Error returned by Service. Http Status Code: 403. Error Code: NeedVerifyDomainOwnership. Request Id: 6916EAF134D7B3313685FEE3. Message: Please verify domain ownership by CreateCnameToken and try again.. EC: 0018-00000115. Timestamp: 2025-11-14 08:40:17 +0000 UTC. Request Endpoint: POST https://public-nick.oss-cn-beijing.aliyuncs.com/?cname&comp=add.

复现步骤 / Steps to reproduce

自动部署到阿里云OSS

日志 / Logs

#I3ATtdEQDR0KtuXZLQ5Y2 开始
[2025-11-14 16:40:16]
the workflow is starting
#pJAyYgbiSY5TB0OE7Qtn4 申请
[2025-11-14 16:40:16]
ready to request certificate ...
[2025-11-14 16:40:16]
skip this application, because the last issued certificate #hvlbh6jl1njzu3k expires in 89 day(s), next renewal will be in 30 day(s)
#UqbK0PVMXPs8F3-hG-uCe 部署
[2025-11-14 16:40:16]
ready to deploy certificate ...
[2025-11-14 16:40:17]
sdk request 'oss.PutCname'
[2025-11-14 16:40:17]
could not deploy certificate
[2025-11-14 16:40:17]
failed to execute sdk request 'oss.PutCname': operation error PutCname: Error returned by Service. Http Status Code: 403. Error Code: NeedVerifyDomainOwnership. Request Id: 6916EAF134D7B3313685FEE3. Message: Please verify domain ownership by CreateCnameToken and try again.. EC: 0018-00000115. Timestamp: 2025-11-14 08:40:17 +0000 UTC. Request Endpoint: POST https://public-nick.oss-cn-beijing.aliyuncs.com/?cname&comp=add.

其他 / Miscellaneous

No response

贡献 / Contribution

我乐意为此贡献 PR！ / I am interested in contributing a PR for this!

Originally created by @nkguo on GitHub (Nov 14, 2025). Original GitHub issue: https://github.com/certimate-go/certimate/issues/1042 ### 软件版本 / Release Version v0.4.4 ### 缺陷描述 / Description 证书申请已成功、域名已成功绑定到阿里云OSS存储桶并验证了域名所有权，并且用户AccessKey设置的是所有权限，但是发布到阿里云OSS时提示需要验证域名所有权： `failed to execute sdk request 'oss.PutCname': operation error PutCname: Error returned by Service. Http Status Code: 403. Error Code: NeedVerifyDomainOwnership. Request Id: 6916EAF134D7B3313685FEE3. Message: Please verify domain ownership by CreateCnameToken and try again.. EC: 0018-00000115. Timestamp: 2025-11-14 08:40:17 +0000 UTC. Request Endpoint: POST https://public-nick.oss-cn-beijing.aliyuncs.com/?cname&comp=add.` <img width="2081" height="227" alt="Image" src="https://github.com/user-attachments/assets/360e24f2-03eb-45f7-93d8-e2db9c4315ca" /> ### 复现步骤 / Steps to reproduce 1. 自动部署到阿里云OSS ### 日志 / Logs <details> ```console #I3ATtdEQDR0KtuXZLQ5Y2 开始 [2025-11-14 16:40:16] the workflow is starting #pJAyYgbiSY5TB0OE7Qtn4 申请 [2025-11-14 16:40:16] ready to request certificate ... [2025-11-14 16:40:16] skip this application, because the last issued certificate #hvlbh6jl1njzu3k expires in 89 day(s), next renewal will be in 30 day(s) #UqbK0PVMXPs8F3-hG-uCe 部署 [2025-11-14 16:40:16] ready to deploy certificate ... [2025-11-14 16:40:17] sdk request 'oss.PutCname' [2025-11-14 16:40:17] could not deploy certificate [2025-11-14 16:40:17] failed to execute sdk request 'oss.PutCname': operation error PutCname: Error returned by Service. Http Status Code: 403. Error Code: NeedVerifyDomainOwnership. Request Id: 6916EAF134D7B3313685FEE3. Message: Please verify domain ownership by CreateCnameToken and try again.. EC: 0018-00000115. Timestamp: 2025-11-14 08:40:17 +0000 UTC. Request Endpoint: POST https://public-nick.oss-cn-beijing.aliyuncs.com/?cname&comp=add. ``` </details> ### 其他 / Miscellaneous _No response_ ### 贡献 / Contribution - [ ] 我乐意为此贡献 PR！ / I am interested in contributing a PR for this!

kerem

2026-03-03 01:05:23 +03:00

closed this issue
added the
bug

declined
labels

kerem commented

2026-03-03 01:05:24 +03:00

Author

Owner

@fudiwei commented on GitHub (Nov 14, 2025):

建议咨询阿里云技术支持，如何判定所有权并不受 Certimate 控制。

可以参照此链接 https://help.aliyun.com/zh/openapi/query-logs 找到接口的调用日志发给客服。

@fudiwei commented on GitHub (Nov 14, 2025): 建议咨询阿里云技术支持，如何判定所有权并不受 Certimate 控制。可以参照此链接 https://help.aliyun.com/zh/openapi/query-logs 找到接口的调用日志发给客服。

kerem commented

2026-03-03 01:05:25 +03:00

Author

Owner

@nkguo commented on GitHub (Nov 18, 2025):

Update: 部署域名设置的不对导致的该错误，已正常运行。 Thanks！

@nkguo commented on GitHub (Nov 18, 2025): Update: 部署域名设置的不对导致的该错误，已正常运行。 Thanks！

kerem referenced this issue

2026-03-03 01:07:35 +03:00

[PR #935] [MERGED] v0.4 workflow enhance #1078