~]# env DEBUG=1 cpcmd -d site6 letsencrypt:append '*.addondomain.com'
DEBUG : *.primarydomain.com already resolved by dns
DEBUG : addondomain.com already resolved by http
DEBUG : primarydomain.com already resolved by http
DEBUG : SSL challenge attempt: dns (*.addondomain.com)
DEBUG : _acme-challenge.addondomain.com pdns dirty
DEBUG : Setting DNS TXT record _acme-challenge.addondomain.com with value tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4
DEBUG : _acme-challenge.addondomain.com pdns dirty
DEBUG : _acme-challenge.addondomain.com pdns dirty
DEBUG : _acme-challenge.addondomain.com pdns dirty
DEBUG : _acme-challenge.addondomain.com pdns dirty
DEBUG : _acme-challenge.addondomain.com pdns dirty
DEBUG : _acme-challenge.addondomain.com pdns dirty
DEBUG : _acme-challenge.addondomain.com pdns dirty
DEBUG : _acme-challenge.addondomain.com pdns dirty
DEBUG : _acme-challenge.addondomain.com pdns dirty
DEBUG : _acme-challenge.addondomain.com pdns dirty
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 1/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 2/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 3/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 4/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 5/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 6/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 7/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 8/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 9/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 10/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 11/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 12/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 13/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 14/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 15/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 16/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 17/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 18/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 19/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 20/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 21/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 22/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 23/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 24/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 25/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 26/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 27/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 28/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 29/30
DEBUG : DNS record `_acme-challenge.addondomain.com' added asynchronously to ns1.myns.net - got `' want `tXTADy67sZROTwDf_7_kqcyYs_mrjq7B9kSLtGO5sc4' - wait 30/30
WARNING: Opcenter\Crypto\Letsencrypt\AcmeDispatcher::solve(): dns challenge failed: Challenge failed (response: {"type":"dns-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:dns","detail":"DNS problem: NXDOMAIN looking up TXT for _acme-challenge.addondomain.com - check that a DNS record exists for this domain","status":400},"url":"https:\/\/acme-v02.api.letsencrypt.org\/acme\/chall-v3\/268773936546\/B9yl2g","token":"SeElImV5XO5zwJ7yaZmp4Az4_bq3jAQ46L1c8XpTwA8","validated":"2023-09-28T13:06:40Z"}).
ERROR : Opcenter\Crypto\Letsencrypt\AcmeDispatcher::solve(): Failed to finalize certificate request: Certificate request failed (response: The order has not been validated)
0. Error_Reporter::add_error("Failed to finalize certificate request: %s", ["Certificate request failed (response: The order has not been validated)"])
[/usr/local/apnscp/lib/log_wrapper.php:62]
1. error("Failed to finalize certificate request: %s", "Certificate request failed (response: The order has not been validated)")
[/usr/local/apnscp/lib/Opcenter/Crypto/Letsencrypt/AcmeDispatcher.php:427]
2. Opcenter\Crypto\Letsencrypt\AcmeDispatcher->solve(AcmePhp\Core\Protocol\CertificateOrder)
[/usr/local/apnscp/lib/Opcenter/Crypto/Letsencrypt/AcmeDispatcher.php:175]
3. Opcenter\Crypto\Letsencrypt\AcmeDispatcher->issue(["addondomain.com", "primarydomain.com", "*.addondomain.com", "*.primarydomain.com"])
[/usr/local/apnscp/lib/Module/Support/Letsencrypt.php:260]
4. Module\Support\Letsencrypt->requestReal(["addondomain.com", "primarydomain.com", "*.addondomain.com", "*.primarydomain.com"], "site6", true)
[/usr/local/apnscp/lib/modules/letsencrypt.php:398]
5. Letsencrypt_Module->request(["addondomain.com", "primarydomain.com", "*.addondomain.com", "*.primarydomain.com"], true, true)
[/usr/local/apnscp/lib/modules/letsencrypt.php:516]
6. Letsencrypt_Module->append([*.addondomain.com:0])
[/usr/local/apnscp/lib/Module/Skeleton/Standard.php:145]
7. Module\Skeleton\Standard->_invoke("append", ["*.addondomain.com"])
[/usr/local/apnscp/lib/apnscpfunction.php:992]
8. apnscpFunctionInterceptor->call("letsencrypt_append", ["*.addondomain.com"])
[/usr/local/apnscp/lib/CLI/cmd.php:62]
9. CLI\__call("letsencrypt_append", ["*.addondomain.com"])
[/usr/local/apnscp/lib/CLI/cmd.php:581]
10. CLI\main()
[/usr/local/apnscp/bin/cmd:7]
ERROR : Letsencrypt_Module::request(): Opcenter\Crypto\Letsencrypt\AcmeDispatcher::solve(): dns challenge failed: Challenge failed (response: {"type":"dns-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:dns","detail":"DNS problem: NXDOMAIN looking up TXT for _acme-challenge.addondomain.com - check that a DNS record exists for this domain","status":400},"url":"https:\/\/acme-v02.api.letsencrypt.org\/acme\/chall-v3\/268773936546\/B9yl2g","token":"SeElImV5XO5zwJ7yaZmp4Az4_bq3jAQ46L1c8XpTwA8","validated":"2023-09-28T13:06:40Z"}).
0. Error_Reporter::add_error("Opcenter\Crypto\Letsencrypt\AcmeDispatcher::solve(): dns challenge failed: Challenge failed (response: {"type":"dns-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:dns","detail":"DNS problem: NXDOMAIN looking up TXT for _acme-challenge.addondomain.com - check that a DNS record exists for this domain","status":400},"url":"https:\/\/acme-v02.api.letsencrypt.org\/acme\/chall-v3\/268773936546\/B9yl2g","token":"SeElImV5XO5zwJ7yaZmp4Az4_bq3jAQ46L1c8XpTwA8","validated":"2023-09-28T13:06:40Z"...")
[/usr/local/apnscp/lib/Module/Support/Letsencrypt.php:271]
1. Module\Support\Letsencrypt->requestReal(["addondomain.com", "primarydomain.com", "*.addondomain.com", "*.primarydomain.com"], "site6", true)
[/usr/local/apnscp/lib/modules/letsencrypt.php:398]
2. Letsencrypt_Module->request(["addondomain.com", "primarydomain.com", "*.addondomain.com", "*.primarydomain.com"], true, true)
[/usr/local/apnscp/lib/modules/letsencrypt.php:516]
3. Letsencrypt_Module->append([*.addondomain.com:0])
[/usr/local/apnscp/lib/Module/Skeleton/Standard.php:145]
4. Module\Skeleton\Standard->_invoke("append", ["*.addondomain.com"])
[/usr/local/apnscp/lib/apnscpfunction.php:992]
5. apnscpFunctionInterceptor->call("letsencrypt_append", ["*.addondomain.com"])
[/usr/local/apnscp/lib/CLI/cmd.php:62]
6. CLI\__call("letsencrypt_append", ["*.addondomain.com"])
[/usr/local/apnscp/lib/CLI/cmd.php:581]
7. CLI\main()
[/usr/local/apnscp/bin/cmd:7]
ERROR : Letsencrypt_Module::request(): Opcenter\Crypto\Letsencrypt\AcmeDispatcher::solve(): Failed to finalize certificate request: Certificate request failed (response: The order has not been validated)
0. Error_Reporter::add_error("Opcenter\Crypto\Letsencrypt\AcmeDispatcher::solve(): Failed to finalize certificate request: Certificate request failed (response: The order has not been validated)")
[/usr/local/apnscp/lib/Module/Support/Letsencrypt.php:271]
1. Module\Support\Letsencrypt->requestReal(["addondomain.com", "primarydomain.com", "*.addondomain.com", "*.primarydomain.com"], "site6", true)
[/usr/local/apnscp/lib/modules/letsencrypt.php:398]
2. Letsencrypt_Module->request(["addondomain.com", "primarydomain.com", "*.addondomain.com", "*.primarydomain.com"], true, true)
[/usr/local/apnscp/lib/modules/letsencrypt.php:516]
3. Letsencrypt_Module->append([*.addondomain.com:0])
[/usr/local/apnscp/lib/Module/Skeleton/Standard.php:145]
4. Module\Skeleton\Standard->_invoke("append", ["*.addondomain.com"])
[/usr/local/apnscp/lib/apnscpfunction.php:992]
5. apnscpFunctionInterceptor->call("letsencrypt_append", ["*.addondomain.com"])
[/usr/local/apnscp/lib/CLI/cmd.php:62]
6. CLI\__call("letsencrypt_append", ["*.addondomain.com"])
[/usr/local/apnscp/lib/CLI/cmd.php:581]
7. CLI\main()
[/usr/local/apnscp/bin/cmd:7]
----------------------------------------
MESSAGE SUMMARY
Reporter level: ERROR
ERROR: Letsencrypt_Module::request(): Opcenter\Crypto\Letsencrypt\AcmeDispatcher::solve(): dns challenge failed: Challenge failed (response: {"type":"dns-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:dns","detail":"DNS problem: NXDOMAIN looking up TXT for _acme-challenge.addondomain.com - check that a DNS record exists for this domain","status":400},"url":"https:\/\/acme-v02.api.letsencrypt.org\/acme\/chall-v3\/268773936546\/B9yl2g","token":"SeElImV5XO5zwJ7yaZmp4Az4_bq3jAQ46L1c8XpTwA8","validated":"2023-09-28T13:06:40Z"}).
ERROR: Letsencrypt_Module::request(): Opcenter\Crypto\Letsencrypt\AcmeDispatcher::solve(): Failed to finalize certificate request: Certificate request failed (response: The order has not been validated)
----------------------------------------
Unbound:
Query results for TXT addondomain.com
Response:
;; opcode: QUERY, status: NOERROR, id: 48867
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version 0; flags: do; udp: 512
;; QUESTION SECTION:
;addondomain.com. IN TXT
;; ANSWER SECTION:
addondomain.com. 0 IN TXT "v=spf1 a mx include:relay.mailchannels.net ?all"
----- Unbound logs -----
Sep 28 13:13:16 unbound[1516568:0] notice: init module 0: validator
Sep 28 13:13:16 unbound[1516568:0] notice: init module 1: iterator
Sep 28 13:13:16 unbound[1516568:0] info: start of service (unbound 1.16.3).
Sep 28 13:13:17 unbound[1516568:0] info: 127.0.0.1 addondomain.com. TXT IN
Sep 28 13:13:17 unbound[1516568:0] info: resolving addondomain.com. TXT IN
Sep 28 13:13:17 unbound[1516568:0] info: priming . IN NS
Sep 28 13:13:17 unbound[1516568:0] info: response for . NS IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <.> 192.58.128.30#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was ANSWER
Sep 28 13:13:17 unbound[1516568:0] info: priming successful for . NS IN
Sep 28 13:13:17 unbound[1516568:0] info: response for addondomain.com. TXT IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <.> 2001:500:9f::42#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was REFERRAL
Sep 28 13:13:17 unbound[1516568:0] info: response for addondomain.com. TXT IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <com.> 2001:501:b1f9::30#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was REFERRAL
Sep 28 13:13:17 unbound[1516568:0] info: resolving ns1.myns.net. AAAA IN
Sep 28 13:13:17 unbound[1516568:0] info: resolving ns2.myns.net. A IN
Sep 28 13:13:17 unbound[1516568:0] info: resolving ns2.myns.net. AAAA IN
Sep 28 13:13:17 unbound[1516568:0] info: resolving ns1.myns.net. A IN
Sep 28 13:13:17 unbound[1516568:0] info: response for ns2.myns.net. A IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <.> 2001:500:a8::e#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was REFERRAL
Sep 28 13:13:17 unbound[1516568:0] info: response for ns1.myns.net. AAAA IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <.> 2001:500:a8::e#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was REFERRAL
Sep 28 13:13:17 unbound[1516568:0] info: response for ns1.myns.net. A IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <.> 2001:dc3::35#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was REFERRAL
Sep 28 13:13:17 unbound[1516568:0] info: response for ns2.myns.net. A IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <net.> 2001:503:a83e::2:30#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was REFERRAL
Sep 28 13:13:17 unbound[1516568:0] info: response for ns1.myns.net. A IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <net.> 192.12.94.30#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was REFERRAL
Sep 28 13:13:17 unbound[1516568:0] info: response for ns1.myns.net. AAAA IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <net.> 2001:500:d937::30#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was REFERRAL
Sep 28 13:13:17 unbound[1516568:0] info: response for ns2.myns.net. A IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <myns.net.> 104.238.162.256#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was ANSWER
Sep 28 13:13:17 unbound[1516568:0] info: response for ns1.myns.net. A IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <myns.net.> 104.238.162.256#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was ANSWER
Sep 28 13:13:17 unbound[1516568:0] info: response for ns1.myns.net. AAAA IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <myns.net.> 45.77.110.256#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was ANSWER
Sep 28 13:13:17 unbound[1516568:0] info: response for ns2.myns.net. AAAA IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <.> 2001:500:12::d0d#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was REFERRAL
Sep 28 13:13:17 unbound[1516568:0] info: response for addondomain.com. TXT IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <addondomain.com.> 45.77.110.256#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was ANSWER
Sep 28 13:13:17 unbound[1516568:0] info: prime trust anchor
Sep 28 13:13:17 unbound[1516568:0] info: generate keytag query _ta-4f66. NULL IN
Sep 28 13:13:17 unbound[1516568:0] info: resolving . DNSKEY IN
Sep 28 13:13:17 unbound[1516568:0] info: resolving _ta-4f66. NULL IN
Sep 28 13:13:17 unbound[1516568:0] info: response for ns1.myns.net. AAAA IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <myns.net.> 104.238.162.256#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was nodata ANSWER
Sep 28 13:13:17 unbound[1516568:0] info: response for _ta-4f66. NULL IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <.> 198.41.0.4#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was NXDOMAIN ANSWER
Sep 28 13:13:17 unbound[1516568:0] info: response for . DNSKEY IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <.> 2001:503:c27::2:30#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was ANSWER
Sep 28 13:13:17 unbound[1516568:0] info: validate keys with anchor(DS): sec_status_secure
Sep 28 13:13:17 unbound[1516568:0] info: Successfully primed trust anchor . DNSKEY IN
Sep 28 13:13:17 unbound[1516568:0] info: validated DS com. DS IN
Sep 28 13:13:17 unbound[1516568:0] info: resolving com. DNSKEY IN
Sep 28 13:13:17 unbound[1516568:0] info: response for ns2.myns.net. AAAA IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <net.> 192.54.112.30#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was REFERRAL
Sep 28 13:13:17 unbound[1516568:0] info: resolving ns1.myns.net. AAAA IN
Sep 28 13:13:17 unbound[1516568:0] info: response for com. DNSKEY IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <com.> 2001:503:eea3::30#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was ANSWER
Sep 28 13:13:17 unbound[1516568:0] info: validated DNSKEY com. DNSKEY IN
Sep 28 13:13:17 unbound[1516568:0] info: resolving addondomain.com. DS IN
Sep 28 13:13:17 unbound[1516568:0] info: response for addondomain.com. DS IN
Sep 28 13:13:17 unbound[1516568:0] info: reply from <com.> 192.35.51.30#53
Sep 28 13:13:17 unbound[1516568:0] info: query response was nodata ANSWER
Sep 28 13:13:17 unbound[1516568:0] info: NSEC3s for the referral proved no DS.
Sep 28 13:13:17 unbound[1516568:0] info: Verified that unsigned response is INSECURE```