webadmin-list

[webmin-l] Let's Encrypt Acme Challenge

[Kimberly <kim...@gm...>]

This is what I have figured out when trying to added the www.domain.tld 
to the Let's Encrypt certificate; it is not adding the 
_acme.challenge.www.domain.tld to the DNS records.  I am running DNS 
Bind server on Virtualmin.  It adds the _acme.challenge.domain.tld to 
the record.  The DNS does have an A record for www.domain.tld and it is 
pointing to the server's IP address.  What should I inspect here?

Re: [webmin-l] Let's Encrypt Acme Challenge

[Kimberly <kim...@gm...>]

I have spent a lot of time searching the net on this issue without any 
success.  It does seem strange to me that it can do the first, but not 
the second with www.  So tell me this, is the Let's Encrypt script for 
Virtualmin an in-house Virtualmin script or is it a script from Let's 
Encrypt?

On 5/26/2017 4:12 PM, Kimberly wrote:
> This is what I have figured out when trying to added the 
> www.domain.tld to the Let's Encrypt certificate; it is not adding the 
> _acme.challenge.www.domain.tld to the DNS records.  I am running DNS 
> Bind server on Virtualmin.  It adds the _acme.challenge.domain.tld to 
> the record.  The DNS does have an A record for www.domain.tld and it 
> is pointing to the server's IP address.  What should I inspect here?
>
>
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>
>
> -
> Forwarded by the Webmin mailing list at web...@li...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-list

Re: [webmin-l] Let's Encrypt Acme Challenge

[Jamie C. <jca...@we...>]

Does the error message ask for a domain called _acme.challenge or _acme-challenge?   

On 26/May/2017 13:12 Kimberly <kim...@gm...> wrote ..   

This is what I have figured out when trying to added the www.domain.tld to the Let's Encrypt certificate; it is not adding the _acme.challenge.www.domain.tld to the DNS records.  I am running DNS Bind server on Virtualmin.  It adds the _acme.challenge.domain.tld to the record.  The DNS does have an A record for www.domain.tld and it is pointing to the server's IP address.  What should I inspect here?    

Re: [webmin-l] Let's Encrypt Acme Challenge

[Pablo M. R. <in...@pa...>]

This is what I get:


An error occurred requesting a new certificate for pablorizzo.com,www.pablorizzo.com  from Let's Encrypt : <pre>Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for pablorizzo.com
dns-01 challenge forwww.pablorizzo.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure.www.pablorizzo.com  (dns-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Correct value not found for DNS challenge, pablorizzo.com (dns-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Correct value not found for DNS challenge
IMPORTANT NOTES:
  - The following errors were reported by the server:

    Domain:www.pablorizzo.com
    Type:   unauthorized
    Detail: Correct value not found for DNS challenge

    Domain: pablorizzo.com
    Type:   unauthorized
    Detail: Correct value not found for DNS challenge

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A record(s) for that domain
    contain(s) the right IP address.
</pre>




On 28/05/17 01:26, Jamie Cameron wrote:
>
> Does the error message ask for a domain called _acme.challenge or 
> _acme-challenge?
>
> On 26/May/2017 13:12 Kimberly <kim...@gm...> wrote ..
>
>> This is what I have figured out when trying to added the 
>> www.domain.tld to the Let's Encrypt certificate; it is not adding the 
>> _acme.challenge.www.domain.tld to the DNS records.  I am running DNS 
>> Bind server on Virtualmin.  It adds the _acme.challenge.domain.tld to 
>> the record.  The DNS does have an A record for www.domain.tld and it 
>> is pointing to the server's IP address.  What should I inspect here?
>>
>
>
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>
>
> -
> Forwarded by the Webmin mailing list at web...@li...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-list