List ecs-isp@2rosenthals.com Arkiverade meddelande #1035 föregående meddelande nästa meddelande Tillbaks till lista

Från: "Massimo S." <ecs-isp@2rosenthals.com> Meddelandehuvud
Oavkodat meddelande
Ämne: Re: [eCS-ISP] (uacme) certificate renew issue
Datum: Mon, 2 Dec 2024 23:05:41 +0100
Till: eCS ISP Mailing List <ecs-isp@2rosenthals.com>

Hi again,

i'm finding another issue (both with uacme 1.0.19 and 1.2.4):

2024/12/02-22:54:09 hook_domain_it started at 2024/12/02-22:54:09
2024/12/02-22:54:09 method is begin
2024/12/02-22:54:09 type is http-01
2024/12/02-22:54:09 ident is www.domain.it
2024/12/02-22:54:09 token is AzWBUMZKzvC-hsE2sxxOLGT072xue6K4G1_uNzTdiVA
2024/12/02-22:54:09 auth is AzWBUMZKzvC-hsE2sxxOLGT072xue6K4G1_uNzTdiVA.zyhanFlpd0tloojCJrdfZjZwx4LbkQHuYa75ndsa-Qs http-01
2024/12/02-22:54:09 Creating X:\apache\htdocs\domain\.well-known\acme-challenge\AzWBUMZKzvC-hsE2sxxOLGT072xue6K4G1_uNzTdiVA 2024/12/02-22:54:20
2024/12/02-22:54:20 hook_domain_it started at 2024/12/02-22:54:20
2024/12/02-22:54:20 method is failed
2024/12/02-22:54:20 type is http-01
2024/12/02-22:54:20 ident is www.domain.it
2024/12/02-22:54:20 token is AzWBUMZKzvC-hsE2sxxOLGT072xue6K4G1_uNzTdiVA
2024/12/02-22:54:20 auth is AzWBUMZKzvC-hsE2sxxOLGT072xue6K4G1_uNzTdiVA.zyhanFlpd0tloojCJrdfZjZwx4LbkQHuYa75ndsa-Qs 2024/12/02-22:54:20 DoFailed deleting X:\apache\htdocs\domain\.well-known\acme-challenge\AzWBUMZKzvC-hsE2sxxOLGT072xue6K4G1_uNzTdiVA

in this case i see a very strange thing:
first method is begin and type http-01 ok
after i see method is failed and type is http-01

what does it mean method is failed?

(paths are OK, i've checked, i've edited the output here in the email and changed paths and domain name)

this is the error output:

uacme_124: polling challenge status at https://acme-v02.api.letsencrypt.org/acme/chall/68817448/438971891387/nEt-XQ uacme_124: polling challenge status at https://acme-v02.api.letsencrypt.org/acme/chall/68817448/438971891387/nEt-XQ uacme_124: challenge https://acme-v02.api.letsencrypt.org/acme/chall/68817448/438971891387/nEt-XQ failed with status invalid                                    uacme_124: the server reported the following error: {                                                                                   "type": "urn:ietf:params:acme:error:unauthorized",
"detail": "1.2.3.4: Invalid response from http://www.domain.it/.well-known/acme-challenge/9yu9kfMC1Bn6KX1aCtyK9ih9aofPYAVtVCJCp0FXJ9U: 404",
"status": 403
}                                                                               uacme_124: running hook_domain_it.cmd failed http-01 www.domain.it 9yu9kfMC1Bn6KX1aCtyK9ih9aofPYAVtVCJCp0FXJ9U 9yu9kfMC1Bn6KX1aCtyK9ih9aofPYAVtVCJCp0FXJ9U.zyhanFlpd0tloojCJrdfZjZwx4LbkQHuYa75ndsa-Qs uacme_124: failed to authorize order at https://acme-v02.api.letsencrypt.org/acme/order/68817448/329182799707


massimo




Il 02/12/2024 20:59, Massimo S. ha scritto:
Hi Steven,

should be possible to add the detection of this situation (here below) in the hook rexx script?

I guess this is some sort of random outage or overload of LE services

thanks

massimo


uacme: version 1.2.4 starting on Mon, 02 Dec 2024 20:43:22
uacme: loading key from X:\mptn\etc\ssl\uacme/private/key.pem
uacme: loading key from X:\mptn\etc\ssl\uacme/private/www.mydomain.it/key.pem
uacme: X:\mptn\etc\ssl\uacme/private/www.mydomain.it/key.pem not found
uacme: generating new 2048-bit RSA key
uacme: key saved to X:\mptn\etc\ssl\uacme/private/www.mydomain.it/key.pem
uacme: checking existence and expiration of X:\mptn\etc\ssl\uacme/www.mydomain.it/cert.pem
uacme: X:\mptn\etc\ssl\uacme/www.mydomain.it/cert.pem does not exist
uacme: fetching directory at https://acme-v02.api.letsencrypt.org/directory
uacme: retrieving account at https://acme-v02.api.letsencrypt.org/acme/new-acct
uacme: account location: https://acme-v02.api.letsencrypt.org/acme/acct/68817448
uacme: creating new order for www.mydomain.it at https://acme-v02.api.letsencrypt.org/acme/new-order
uacme: order URL: https://acme-v02.api.letsencrypt.org/acme/order/68817448/329152921187
uacme: retrieving authorization at https://acme-v02.api.letsencrypt.org/acme/authz/68817448/438928803027
uacme: running hook_mydomain_it.cmd begin dns-01 www.mydomain.it 1qGhfbfScoVq2-48EEuEpG-FF3J_QxMVYflCNO3DTIY X0naA52DHlnb53O0N2PJiKUhKvPucE4MaU_X0v2B_as
uacme: challenge dns-01 declined
uacme: running hook_mydomain_it.cmd begin http-01 www.mydomain.it 1qGhfbfScoVq2-48EEuEpG-FF3J_QxMVYflCNO3DTIY 1qGhfbfScoVq2-48EEuEpG-FF3J_QxMVYflCNO3DTIY.zyhanFlpd0tloojCJrdfZjZwx4LbkQHuYa75ndsa-Qs
uacme: starting challenge at https://acme-v02.api.letsencrypt.org/acme/chall/68817448/438928803027/aa-2Iw
uacme: polling challenge status at https://acme-v02.api.letsencrypt.org/acme/chall/68817448/438928803027/aa-2Iw
uacme: polling challenge status at https://acme-v02.api.letsencrypt.org/acme/chall/68817448/438928803027/aa-2Iw
uacme: polling challenge status at https://acme-v02.api.letsencrypt.org/acme/chall/68817448/438928803027/aa-2Iw
uacme: polling challenge status at https://acme-v02.api.letsencrypt.org/acme/chall/68817448/438928803027/aa-2Iw
uacme: running hook_mydomain_it.cmd done http-01 www.mydomain.it 1qGhfbfScoVq2-48EEuEpG-FF3J_QxMVYflCNO3DTIY 1qGhfbfScoVq2-48EEuEpG-FF3J_QxMVYflCNO3DTIY.zyhanFlpd0tloojCJrdfZjZwx4LbkQHuYa75ndsa-Qs
uacme: polling order status at https://acme-v02.api.letsencrypt.org/acme/order/68817448/329152921187
uacme: curl_post: POST https://acme-v02.api.letsencrypt.org/acme/order/68817448/329152921187 failed: SSL connect error
uacme: curl_post: waiting 5 seconds before retrying
uacme: failed to poll order status at https://acme-v02.api.letsencrypt.org/acme/order/68817448/329152921187
uacme: the server reported the following error:
{
     "type": "urn:ietf:params:acme:error:malformed",
     "detail": "Invalid Content-Type header on POST. Content-Type must be \"application/jose+json\"",
     "status": 415
}
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Prenumerera: Sändning, Uppsamling, Index.
Stoppa prenumeration
Meddelande till ListMaster