| | 
| Fra: | "Massimo S." <ecs-isp@2rosenthals.com> | Full Headers Undecoded message
 |  
| Emne: | Re: [eCS-ISP] (uacme) certificate renew issue |  
| Dato: | Mon, 2 Dec 2024 23:05:41 +0100 |  
| Til: | eCS ISP Mailing List <ecs-isp@2rosenthals.com> |  | 
|---|
 Hi again,
 
 i'm finding another issue (both with uacme 1.0.19 and 1.2.4):
 
 2024/12/02-22:54:09 hook_domain_it started at 2024/12/02-22:54:09
 2024/12/02-22:54:09 method is begin
 2024/12/02-22:54:09 type is http-01
 2024/12/02-22:54:09 ident is www.domain.it
 2024/12/02-22:54:09 token is AzWBUMZKzvC-hsE2sxxOLGT072xue6K4G1_uNzTdiVA
 2024/12/02-22:54:09 auth is AzWBUMZKzvC-hsE2sxxOLGT072xue6K4G1_uNzTdiVA.zyhanFlpd0tloojCJrdfZjZwx4LbkQHuYa75ndsa-Qs http-01
 2024/12/02-22:54:09 Creating X:\apache\htdocs\domain\.well-known\acme-challenge\AzWBUMZKzvC-hsE2sxxOLGT072xue6K4G1_uNzTdiVA 2024/12/02-22:54:20
 2024/12/02-22:54:20 hook_domain_it started at 2024/12/02-22:54:20
 2024/12/02-22:54:20 method is failed
 2024/12/02-22:54:20 type is http-01
 2024/12/02-22:54:20 ident is www.domain.it
 2024/12/02-22:54:20 token is AzWBUMZKzvC-hsE2sxxOLGT072xue6K4G1_uNzTdiVA
 2024/12/02-22:54:20 auth is AzWBUMZKzvC-hsE2sxxOLGT072xue6K4G1_uNzTdiVA.zyhanFlpd0tloojCJrdfZjZwx4LbkQHuYa75ndsa-Qs 2024/12/02-22:54:20 DoFailed deleting X:\apache\htdocs\domain\.well-known\acme-challenge\AzWBUMZKzvC-hsE2sxxOLGT072xue6K4G1_uNzTdiVA
 
 in this case i see a very strange thing:
 first method is begin and type http-01 ok
 after i see method is failed and type is http-01
 
 what does it mean method is failed?
 
 (paths are OK, i've checked, i've edited the output here in the email and changed paths and domain name)
 
 this is the error output:
 
 uacme_124: polling challenge status at https://acme-v02.api.letsencrypt.org/acme/chall/68817448/438971891387/nEt-XQ uacme_124: polling challenge status at https://acme-v02.api.letsencrypt.org/acme/chall/68817448/438971891387/nEt-XQ uacme_124: challenge https://acme-v02.api.letsencrypt.org/acme/chall/68817448/438971891387/nEt-XQ failed with status invalid                                    uacme_124: the server reported the following error: {                                                                                   "type": "urn:ietf:params:acme:error:unauthorized",
 "detail": "1.2.3.4: Invalid response from http://www.domain.it/.well-known/acme-challenge/9yu9kfMC1Bn6KX1aCtyK9ih9aofPYAVtVCJCp0FXJ9U: 404",
 "status": 403
 }                                                                               uacme_124: running hook_domain_it.cmd failed http-01 www.domain.it 9yu9kfMC1Bn6KX1aCtyK9ih9aofPYAVtVCJCp0FXJ9U 9yu9kfMC1Bn6KX1aCtyK9ih9aofPYAVtVCJCp0FXJ9U.zyhanFlpd0tloojCJrdfZjZwx4LbkQHuYa75ndsa-Qs uacme_124: failed to authorize order at https://acme-v02.api.letsencrypt.org/acme/order/68817448/329182799707
 
 
 massimo
 
 
 
 
 Il 02/12/2024 20:59, Massimo S. ha scritto:
 
 Hi Steven,=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 should be possible to add the detection of this situation (here below) in the hook rexx script?
 
 I guess this is some sort of random outage or overload of LE services
 
 thanks
 
 massimo
 
 
 uacme: version 1.2.4 starting on Mon, 02 Dec 2024 20:43:22
 uacme: loading key from X:\mptn\etc\ssl\uacme/private/key.pem
 uacme: loading key from X:\mptn\etc\ssl\uacme/private/www.mydomain.it/key.pem
 uacme: X:\mptn\etc\ssl\uacme/private/www.mydomain.it/key.pem not found
 uacme: generating new 2048-bit RSA key
 uacme: key saved to X:\mptn\etc\ssl\uacme/private/www.mydomain.it/key.pem
 uacme: checking existence and expiration of X:\mptn\etc\ssl\uacme/www.mydomain.it/cert.pem
 uacme: X:\mptn\etc\ssl\uacme/www.mydomain.it/cert.pem does not exist
 uacme: fetching directory at https://acme-v02.api.letsencrypt.org/directory
 uacme: retrieving account at https://acme-v02.api.letsencrypt.org/acme/new-acct
 uacme: account location: https://acme-v02.api.letsencrypt.org/acme/acct/68817448
 uacme: creating new order for www.mydomain.it at https://acme-v02.api.letsencrypt.org/acme/new-order
 uacme: order URL: https://acme-v02.api.letsencrypt.org/acme/order/68817448/329152921187
 uacme: retrieving authorization at https://acme-v02.api.letsencrypt.org/acme/authz/68817448/438928803027
 uacme: running hook_mydomain_it.cmd begin dns-01 www.mydomain.it 1qGhfbfScoVq2-48EEuEpG-FF3J_QxMVYflCNO3DTIY X0naA52DHlnb53O0N2PJiKUhKvPucE4MaU_X0v2B_as
 uacme: challenge dns-01 declined
 uacme: running hook_mydomain_it.cmd begin http-01 www.mydomain.it 1qGhfbfScoVq2-48EEuEpG-FF3J_QxMVYflCNO3DTIY 1qGhfbfScoVq2-48EEuEpG-FF3J_QxMVYflCNO3DTIY.zyhanFlpd0tloojCJrdfZjZwx4LbkQHuYa75ndsa-Qs
 uacme: starting challenge at https://acme-v02.api.letsencrypt.org/acme/chall/68817448/438928803027/aa-2Iw
 uacme: polling challenge status at https://acme-v02.api.letsencrypt.org/acme/chall/68817448/438928803027/aa-2Iw
 uacme: polling challenge status at https://acme-v02.api.letsencrypt.org/acme/chall/68817448/438928803027/aa-2Iw
 uacme: polling challenge status at https://acme-v02.api.letsencrypt.org/acme/chall/68817448/438928803027/aa-2Iw
 uacme: polling challenge status at https://acme-v02.api.letsencrypt.org/acme/chall/68817448/438928803027/aa-2Iw
 uacme: running hook_mydomain_it.cmd done http-01 www.mydomain.it 1qGhfbfScoVq2-48EEuEpG-FF3J_QxMVYflCNO3DTIY 1qGhfbfScoVq2-48EEuEpG-FF3J_QxMVYflCNO3DTIY.zyhanFlpd0tloojCJrdfZjZwx4LbkQHuYa75ndsa-Qs
 uacme: polling order status at https://acme-v02.api.letsencrypt.org/acme/order/68817448/329152921187
 uacme: curl_post: POST https://acme-v02.api.letsencrypt.org/acme/order/68817448/329152921187 failed: SSL connect error
 uacme: curl_post: waiting 5 seconds before retrying
 uacme: failed to poll order status at https://acme-v02.api.letsencrypt.org/acme/order/68817448/329152921187
 uacme: the server reported the following error:
 {
 "type": "urn:ietf:params:acme:error:malformed",
 "detail": "Invalid Content-Type header on POST. Content-Type must be \"application/jose+json\"",
 "status": 415
 }
 
 
 
 |