Menu
▾
▴
webadmin-list
|
From: Kimberly <kim...@gm...> - 2017-12-02 23:13:31
|
Any ideas on why the Let's Encrypt certificate request is failing?
Ubuntu 16.04.3 (Xenial)
Virtualmin 6.01-3/Webmin 1.860
Kernel 4.4.0-101
Nginx 1.12.2
MariaDB 10.1.29
Requesting a certificate forREDACTED from Let's Encrypt ..
.. request failed : Web-based validation failed : Failed to request certificate :Parsing account key...
Parsing CSR...
Registering account...
Already registered!
Verifying REDACTED...
Wrote file to /home/REDACTED/public_html/.well-known/acme-challenge/exfJVslKruBuaXrY1_hQnAayAAWo7vQ8sJf0t1rA71o, but couldn't download http://REDACTED/.well-known/acme-challenge/exfJVslKruBuaXrY1_hQnAayAAWo7vQ8sJf0t1rA71o
Traceback (most recent call last):
File "/usr/share/webmin/webmin/acme_tiny.py", line 235, in <module>
main(sys.argv[1:])
File "/usr/share/webmin/webmin/acme_tiny.py", line 231, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, args.dns_hook, args.cleanup_hook, log=LOGGER, CA=args.ca)
File "/usr/share/webmin/webmin/acme_tiny.py", line 184, in get_crt
domain, challenge_status))
ValueError: REDACTED challenge did not pass: {u'status': u'invalid', u'validationRecord': [{u'addressesResolved': [u'REDACTED'], u'url': u'https://REDACTED/.well-known/acme-challenge/exfJVslKruBuaXrY1_hQnAayAAWo7vQ8sJf0t1rA71o', u'hostname': u'REDACTED', u'addressesTried': [], u'addressUsed': u'REDACTED', u'port': u'443'}, {u'addressesResolved': [u'REDACTED'], u'url': u'http://REDACTED/.well-known/acme-challenge/exfJVslKruBuaXrY1_hQnAayAAWo7vQ8sJf0t1rA71o', u'hostname': u'REDACTED', u'addressesTried': [], u'addressUsed': u'REDACTED', u'port': u'80'}], u'keyAuthorization': u'exfJVslKruBuaXrY1_hQnAayAAWo7vQ8sJf0t1rA71o.83QlK5VKSOV2NLNaO1RvT7uR-pfnlNKPt-5HZinrs5Y', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/VF3KryHRKL5PpY016fxEmLZ5Q1WKwJ6GlJKc92pTXeg/2615538286', u'token': u'exfJVslKruBuaXrY1_hQnAayAAWo7vQ8sJf0t1rA71o', u'error': {u'status': 403, u'type': u'urn:acme:error:unauthorized', u'detail': u'Invalid response from http://REDACTED/.well-known/acme-challenge/exfJVslKruBuaXrY1_hQnAayAAWo7vQ8sJf0t1rA71o: "<!DOCTYPE html>\n<html>\n<head>\n<script>(function () { "'}, u'type': u'http-01'}
DNS-based validation failed : Failed to request certificate :Parsing account key...
Parsing CSR...
Registering account...
Already registered!
Verifying REDACTED...
Undefined subroutine &main::get_bind_zone_for_domain called at /usr/share/webmin/webmin/letsencrypt-dns.pl line 21.
Traceback (most recent call last):
File "/usr/share/webmin/webmin/acme_tiny.py", line 235, in <module>
main(sys.argv[1:])
File "/usr/share/webmin/webmin/acme_tiny.py", line 231, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, args.dns_hook, args.cleanup_hook, log=LOGGER, CA=args.ca)
File "/usr/share/webmin/webmin/acme_tiny.py", line 184, in get_crt
domain, challenge_status))
ValueError: REDACTED challenge did not pass: {u'status': u'invalid', u'keyAuthorization': u'FsOUVt8L4TWb1k3Z7GgXYkGNpRXtbO_NaguSW6l-pgI.83QlK5VKSOV2NLNaO1RvT7uR-pfnlNKPt-5HZinrs5Y', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/Kh9XWI2cBDF3bbdgSzkS9aBHS4TP40IgbIEmHfAPRQk/2615538548', u'token': u'FsOUVt8L4TWb1k3Z7GgXYkGNpRXtbO_NaguSW6l-pgI', u'error': {u'status': 400, u'type': u'urn:acme:error:connection', u'detail': u'DNS problem: NXDOMAIN looking up TXT for _acme-challenge.REDACTED'}, u'type': u'dns-01'}
|
|
From: Jamie C. <jca...@we...> - 2017-12-04 01:54:06
|
Someone else reported this error as well, however I've been unable to re-produce
it or determine why it could happen! I do have some theories and have made changes
to be included in Webmin 1.870 that should address is though.
On 02/Dec/2017 15:13 Kimberly <kim...@gm...> wrote ..
> Any ideas on why the Let's Encrypt certificate request is failing?
>
>
> Ubuntu 16.04.3 (Xenial)
> Virtualmin 6.01-3/Webmin 1.860
> Kernel 4.4.0-101
> Nginx 1.12.2
> MariaDB 10.1.29
>
> Requesting a certificate forREDACTED from Let's Encrypt ..
> .. request failed : Web-based validation failed : Failed to request certificate
> :Parsing account key...
> Parsing CSR...
> Registering account...
> Already registered!
> Verifying REDACTED...
> Wrote file to /home/REDACTED/public_html/.well-known/acme-challenge/exfJVslKruBuaXrY1_hQnAayAAWo7vQ8sJf0t1rA71o,
> but couldn't download http://REDACTED/.well-known/acme-challenge/exfJVslKruBuaXrY1_hQnAayAAWo7vQ8sJf0t1rA71o
> Traceback (most recent call last):
> File "/usr/share/webmin/webmin/acme_tiny.py", line 235, in <module>
> main(sys.argv[1:])
> File "/usr/share/webmin/webmin/acme_tiny.py", line 231, in main
> signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, args.dns_hook,
> args.cleanup_hook, log=LOGGER, CA=args.ca)
> File "/usr/share/webmin/webmin/acme_tiny.py", line 184, in get_crt
> domain, challenge_status))
> ValueError: REDACTED challenge did not pass: {u'status': u'invalid', u'validationRecord':
> [{u'addressesResolved': [u'REDACTED'], u'url': u'https://REDACTED/.well-known/acme-challenge/exfJVslKruBuaXrY1_hQnAayAAWo7vQ8sJf0t1rA71o',
> u'hostname': u'REDACTED', u'addressesTried': [], u'addressUsed': u'REDACTED', u'port':
> u'443'}, {u'addressesResolved': [u'REDACTED'], u'url': u'http://REDACTED/.well-known/acme-challenge/exfJVslKruBuaXrY1_hQnAayAAWo7vQ8sJf0t1rA71o',
> u'hostname': u'REDACTED', u'addressesTried': [], u'addressUsed': u'REDACTED', u'port':
> u'80'}], u'keyAuthorization': u'exfJVslKruBuaXrY1_hQnAayAAWo7vQ8sJf0t1rA71o.83QlK5VKSOV2NLNaO1RvT7uR-pfnlNKPt-5HZinrs5Y',
> u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/VF3KryHRKL5PpY016fxEmLZ5Q1WKwJ6GlJKc92pTXeg/2615538286',
> u'token': u'exfJVslKruBuaXrY1_hQnAayAAWo7vQ8sJf0t1rA71o', u'error': {u'status':
> 403, u'type': u'urn:acme:error:unauthorized', u'detail': u'Invalid response from
> http://REDACTED/.well-known/acme-challe
> nge/exfJVslKruBuaXrY1_hQnAayAAWo7vQ8sJf0t1rA71o: "<!DOCTYPE html>\n<html>\n<head>\n<script>(function
> () {
> "'}, u'type': u'http-01'}
> DNS-based validation failed : Failed to request certificate :Parsing account key...
> Parsing CSR...
> Registering account...
> Already registered!
> Verifying REDACTED...
> Undefined subroutine &main::get_bind_zone_for_domain called at /usr/share/webmin/webmin/letsencrypt-dns.pl
> line 21.
> Traceback (most recent call last):
> File "/usr/share/webmin/webmin/acme_tiny.py", line 235, in <module>
> main(sys.argv[1:])
> File "/usr/share/webmin/webmin/acme_tiny.py", line 231, in main
> signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, args.dns_hook,
> args.cleanup_hook, log=LOGGER, CA=args.ca)
> File "/usr/share/webmin/webmin/acme_tiny.py", line 184, in get_crt
> domain, challenge_status))
> ValueError: REDACTED challenge did not pass: {u'status': u'invalid', u'keyAuthorization':
> u'FsOUVt8L4TWb1k3Z7GgXYkGNpRXtbO_NaguSW6l-pgI.83QlK5VKSOV2NLNaO1RvT7uR-pfnlNKPt-5HZinrs5Y',
> u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/Kh9XWI2cBDF3bbdgSzkS9aBHS4TP40IgbIEmHfAPRQk/2615538548',
> u'token': u'FsOUVt8L4TWb1k3Z7GgXYkGNpRXtbO_NaguSW6l-pgI', u'error': {u'status':
> 400, u'type': u'urn:acme:error:connection', u'detail': u'DNS problem: NXDOMAIN
> looking up TXT for _acme-challenge.REDACTED'}, u'type': u'dns-01'}
>
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> -
> Forwarded by the Webmin mailing list at web...@li...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-list
|
|
From: Dave O. <da...@sy...> - 2017-12-04 20:32:17
|
See if you have lots and lots of entries in the ".well-known/acme-challenge"
folder. I had one of these, probably 200 entries in there, killed the
entire tree (.well-known/ and below) and it fixed it.
> -----Original Message-----
> From: Jamie Cameron [mailto:jca...@we...]
> Sent: Sunday, December 03, 2017 5:36 PM
> To: Webmin users list
> Subject: Re: [webmin-l] Let's Encrypt Failure
>
> Someone else reported this error as well, however I've been unable to
> re-produce it or determine why it could happen! I do have some theories
> and have made changes to be included in Webmin 1.870 that should
> address is though.
>
> On 02/Dec/2017 15:13 Kimberly <kim...@gm...> wrote ..
> > Any ideas on why the Let's Encrypt certificate request is failing?
> >
> >
> > Ubuntu 16.04.3 (Xenial)
> > Virtualmin 6.01-3/Webmin 1.860
> > Kernel 4.4.0-101
> > Nginx 1.12.2
> > MariaDB 10.1.29
> >
> > Requesting a certificate forREDACTED from Let's Encrypt ..
> > .. request failed : Web-based validation failed : Failed to request
> > certificate :Parsing account key...
> > Parsing CSR...
> > Registering account...
> > Already registered!
> > Verifying REDACTED...
> > Wrote file to
> > /home/REDACTED/public_html/.well-known/acme-
> challenge/exfJVslKruBuaXrY
> > 1_hQnAayAAWo7vQ8sJf0t1rA71o, but couldn't download
> > http://REDACTED/.well-known/acme-
> challenge/exfJVslKruBuaXrY1_hQnAayAAW
> > o7vQ8sJf0t1rA71o
> > Traceback (most recent call last):
> > File "/usr/share/webmin/webmin/acme_tiny.py", line 235, in
> <module>
> > main(sys.argv[1:])
> > File "/usr/share/webmin/webmin/acme_tiny.py", line 231, in main
> > signed_crt = get_crt(args.account_key, args.csr, args.acme_dir,
> > args.dns_hook, args.cleanup_hook, log=LOGGER, CA=args.ca)
> > File "/usr/share/webmin/webmin/acme_tiny.py", line 184, in get_crt
> > domain, challenge_status))
> > ValueError: REDACTED challenge did not pass: {u'status': u'invalid',
> u'validationRecord':
> > [{u'addressesResolved': [u'REDACTED'], u'url':
> > u'https://REDACTED/.well-known/acme-
> challenge/exfJVslKruBuaXrY1_hQnAay
> > AAWo7vQ8sJf0t1rA71o',
> > u'hostname': u'REDACTED', u'addressesTried': [], u'addressUsed':
> u'REDACTED', u'port':
> > u'443'}, {u'addressesResolved': [u'REDACTED'], u'url':
> > u'http://REDACTED/.well-known/acme-
> challenge/exfJVslKruBuaXrY1_hQnAayA
> > AWo7vQ8sJf0t1rA71o',
> > u'hostname': u'REDACTED', u'addressesTried': [], u'addressUsed':
> u'REDACTED', u'port':
> > u'80'}], u'keyAuthorization':
> >
> u'exfJVslKruBuaXrY1_hQnAayAAWo7vQ8sJf0t1rA71o.83QlK5VKSOV2NLNaO1RvT7uR
> > -pfnlNKPt-5HZinrs5Y',
> > u'uri':
> > u'https://acme-
> v01.api.letsencrypt.org/acme/challenge/VF3KryHRKL5PpY01
> > 6fxEmLZ5Q1WKwJ6GlJKc92pTXeg/2615538286',
> > u'token': u'exfJVslKruBuaXrY1_hQnAayAAWo7vQ8sJf0t1rA71o', u'error':
> {u'status':
> > 403, u'type': u'urn:acme:error:unauthorized', u'detail': u'Invalid
> > response from http://REDACTED/.well-known/acme-challe
> > nge/exfJVslKruBuaXrY1_hQnAayAAWo7vQ8sJf0t1rA71o: "<!DOCTYPE
> html>\n<html>\n<head>\n<script>(function
> > () {
> > "'}, u'type': u'http-01'}
> > DNS-based validation failed : Failed to request certificate :Parsing
> account key...
> > Parsing CSR...
> > Registering account...
> > Already registered!
> > Verifying REDACTED...
> > Undefined subroutine &main::get_bind_zone_for_domain called at
> > /usr/share/webmin/webmin/letsencrypt-dns.pl
> > line 21.
> > Traceback (most recent call last):
> > File "/usr/share/webmin/webmin/acme_tiny.py", line 235, in
> <module>
> > main(sys.argv[1:])
> > File "/usr/share/webmin/webmin/acme_tiny.py", line 231, in main
> > signed_crt = get_crt(args.account_key, args.csr, args.acme_dir,
> > args.dns_hook, args.cleanup_hook, log=LOGGER, CA=args.ca)
> > File "/usr/share/webmin/webmin/acme_tiny.py", line 184, in get_crt
> > domain, challenge_status))
> > ValueError: REDACTED challenge did not pass: {u'status': u'invalid',
> u'keyAuthorization':
> > u'FsOUVt8L4TWb1k3Z7GgXYkGNpRXtbO_NaguSW6l-
> pgI.83QlK5VKSOV2NLNaO1RvT7uR
> > -pfnlNKPt-5HZinrs5Y',
> > u'uri':
> > u'https://acme-
> v01.api.letsencrypt.org/acme/challenge/Kh9XWI2cBDF3bbdg
> > SzkS9aBHS4TP40IgbIEmHfAPRQk/2615538548',
> > u'token': u'FsOUVt8L4TWb1k3Z7GgXYkGNpRXtbO_NaguSW6l-pgI', u'error':
> {u'status':
> > 400, u'type': u'urn:acme:error:connection', u'detail': u'DNS problem:
> > NXDOMAIN looking up TXT for _acme-challenge.REDACTED'}, u'type':
> > u'dns-01'}
> >
> >
> >
> > ---------------------------------------------------------------------
> -
> > -------- Check out the vibrant tech community on one of the world's
> > most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> > -
> > Forwarded by the Webmin mailing list at
> > web...@li...
> > To remove yourself from this list, go to
> > http://lists.sourceforge.net/lists/listinfo/webadmin-list
>
> -----------------------------------------------------------------------
> -------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> -
> Forwarded by the Webmin mailing list at webadmin-
> li...@li...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-list
|
|
From: Kimberly <kim...@gm...> - 2017-12-10 17:33:42
|
Virtualmin update was applied. Got a different error message:
REDACTED challenge did not pass: Invalid response from
http://REDACTED/.well-known/acme-challenge/EVjlS8L5roqhi-fbd7xcub5fijCzKlIx1RZEO2nzt-w:
"<!DOCTYPE html>
<html>
<head>
<script>(function () { "
DNS-based validation failed : Failed to request certificate :
Undefined subroutine &main::get_bind_zone_for_domain called at
/usr/share/webmin/webmin/letsencrypt-dns.pl line 24.
REDACTED challenge did not pass: DNS problem: NXDOMAIN looking up TXT
for _acme-challenge.REDACTED
|
|
From: Jamie C. <jca...@we...> - 2017-12-12 03:53:56
|
On 10/Dec/2017 09:33 Kimberly <kim...@gm...> wrote ..
> Virtualmin update was applied. Got a different error message:
>
> REDACTED challenge did not pass: Invalid response from
> http://REDACTED/.well-known/acme-challenge/EVjlS8L5roqhi-fbd7xcub5fijCzKlIx1RZEO2nzt-w:
> "<!DOCTYPE html>
> <html>
> <head>
> <script>(function () { "
>
> DNS-based validation failed : Failed to request certificate :
>
> Undefined subroutine &main::get_bind_zone_for_domain called at
> /usr/share/webmin/webmin/letsencrypt-dns.pl line 24.
> REDACTED challenge did not pass: DNS problem: NXDOMAIN looking up TXT
> for _acme-challenge.REDACTED
Did you also install the 1.870 webmin update?
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X