From: "Massimo S." <ecs-isp@2rosenthals.com>
Received: from [192.168.100.201] (HELO mail.2rosenthals.com)
  by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10)
  with ESMTP id 11320717 for ecs-isp@2rosenthals.com; Wed, 04 Dec 2024 12:21:56 -0500
Received: from secmgr-va.2rosenthals.com ([50.73.8.217]:45519 helo=mail2.2rosenthals.com)
	by mail.2rosenthals.com with esmtps  (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.97.1)
	(envelope-from <ml@ecomstation.it>)
	id 1tIt4T-000000006D8-0BIg
	for ecs-isp@2rosenthals.com;
	Wed, 04 Dec 2024 12:21:53 -0500
Received: from mail2.quasarbbs.net ([80.86.52.115]:10002)
	by mail2.2rosenthals.com with esmtp (Exim 4.97.1)
	(envelope-from <ml@ecomstation.it>)
	id 1tIt4Q-0000000080v-0AES
	for ecs-isp@2rosenthals.com;
	Wed, 04 Dec 2024 12:21:51 -0500
X-SASI-Hits: BODYTEXTP_SIZE_3000_LESS 0.000000, BODY_SIZE_1500_1599 0.000000,
	BODY_SIZE_2000_LESS 0.000000, BODY_SIZE_5000_LESS 0.000000,
	BODY_SIZE_7000_LESS 0.000000, CTE_7BIT 0.000000, HTML_00_01 0.050000,
	HTML_00_10 0.050000, IN_REP_TO 0.000000, LEGITIMATE_SIGNS 0.000000,
	MSGID_SAMEAS_FROM_HEX_844412 0.100000, MSG_THREAD 0.000000,
	NO_URI_HTTPS 0.000000, REFERENCES 0.000000, REPLYTO_SAMEAS_FROM 0.000000,
	SENDER_NO_AUTH 0.000000, SINGLE_URI_IN_BODY 0.000000, SUSP_DH_NEG 0.000000,
	TO_IN_SUBJECT 0.500000, URI_WITH_PATH_ONLY 0.000000, USER_AGENT 0.000000,
	__ANY_URI 0.000000, __BODY_NO_MAILTO 0.000000,
	__BOUNCE_CHALLENGE_SUBJ 0.000000, __BOUNCE_NDR_SUBJ_EXEMPT 0.000000,
	__CP_URI_IN_BODY 0.000000, __CT 0.000000, __CTE 0.000000,
	__CT_TEXT_PLAIN 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000,
	__DQ_NEG_IP 0.000000, __FORWARDED_MSG 0.000000,
	__FROM_DOMAIN_NOT_IN_BODY 0.000000, __FROM_NAME_NOT_IN_ADDR 0.000000,
	__FROM_NAME_NOT_IN_BODY 0.000000, __FUR_HEADER 0.000000, __HAS_FROM 0.000000,
	__HAS_MSGID 0.000000, __HAS_REFERENCES 0.000000, __HAS_REPLYTO 0.000000,
	__HEADER_ORDER_FROM 0.000000, __INVOICE_MULTILINGUAL 0.000000,
	__IN_REP_TO 0.000000, __MAIL_CHAIN 0.000000, __MIME_BOUND_CHARSET 0.000000,
	__MIME_TEXT_ONLY 0.000000, __MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000,
	__MIME_VERSION 0.000000, __MOZILLA_USER_AGENT 0.000000,
	__MSGID_HEX_844412 0.000000, __NO_HTML_TAG_RAW 0.000000,
	__PHISH_SPEAR_SUBJ_ALERT 0.000000, __REFERENCES 0.000000,
	__REPLYTO_SAMEAS_FROM_ACC 0.000000, __REPLYTO_SAMEAS_FROM_ADDY 0.000000,
	__REPLYTO_SAMEAS_FROM_DOMAIN 0.000000, __SANE_MSGID 0.000000,
	__SCAN_D_NEG 0.000000, __SCAN_D_NEG2 0.000000, __SCAN_D_NEG_HEUR 0.000000,
	__SCAN_D_NEG_HEUR2 0.000000, __SINGLE_URI_TEXT 0.000000,
	__SUBJ_ALPHA_END 0.000000, __SUBJ_ALPHA_NEGATE 0.000000,
	__SUBJ_REPLY 0.000000, __TO_IN_SUBJECT 0.000000, __TO_MALFORMED_2 0.000000,
	__TO_NAME 0.000000, __TO_NAME_DIFF_FROM_ACC 0.000000,
	__TO_REAL_NAMES 0.000000, __URI_HAS_HYPHEN_USC 0.000000,
	__URI_IN_BODY 0.000000, __URI_MAILTO 0.000000, __URI_NOT_IMG 0.000000,
	__URI_NS 0.000000, __URI_WITH_PATH 0.000000, __USER_AGENT 0.000000,
	__WEBINAR_PHRASE 0.000000
X-SASI-Probability: 10%
X-SASI-RCODE: 200
X-SASI-Version: Antispam-Engine: 5.1.4, AntispamData: 2024.12.4.163646
X-SASI-Hits: BODYTEXTP_SIZE_3000_LESS 0.000000, BODY_SIZE_1500_1599 0.000000,
	BODY_SIZE_2000_LESS 0.000000, BODY_SIZE_5000_LESS 0.000000,
	BODY_SIZE_7000_LESS 0.000000, CTE_7BIT 0.000000, HTML_00_01 0.050000,
	HTML_00_10 0.050000, IN_REP_TO 0.000000, LEGITIMATE_SIGNS 0.000000,
	MSGID_SAMEAS_FROM_HEX_844412 0.100000, MSG_THREAD 0.000000,
	NO_URI_HTTPS 0.000000, REFERENCES 0.000000, REPLYTO_SAMEAS_FROM 0.000000,
	SINGLE_URI_IN_BODY 0.000000, SUSP_DH_NEG 0.000000, TO_IN_SUBJECT 0.500000,
	URI_WITH_PATH_ONLY 0.000000, USER_AGENT 0.000000, __ANY_URI 0.000000,
	__AUTH_RES_PASS 0.000000, __BODY_NO_MAILTO 0.000000,
	__BOUNCE_CHALLENGE_SUBJ 0.000000, __BOUNCE_NDR_SUBJ_EXEMPT 0.000000,
	__CP_URI_IN_BODY 0.000000, __CT 0.000000, __CTE 0.000000,
	__CT_TEXT_PLAIN 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000,
	__DQ_NEG_IP 0.000000, __FORWARDED_MSG 0.000000,
	__FROM_DOMAIN_NOT_IN_BODY 0.000000, __FROM_NAME_NOT_IN_ADDR 0.000000,
	__FROM_NAME_NOT_IN_BODY 0.000000, __FUR_HEADER 0.000000, __HAS_FROM 0.000000,
	__HAS_MSGID 0.000000, __HAS_REFERENCES 0.000000, __HAS_REPLYTO 0.000000,
	__HEADER_ORDER_FROM 0.000000, __INVOICE_MULTILINGUAL 0.000000,
	__IN_REP_TO 0.000000, __MAIL_CHAIN 0.000000, __MIME_BOUND_CHARSET 0.000000,
	__MIME_TEXT_ONLY 0.000000, __MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000,
	__MIME_VERSION 0.000000, __MOZILLA_USER_AGENT 0.000000,
	__MSGID_HEX_844412 0.000000, __NO_HTML_TAG_RAW 0.000000,
	__PHISH_SPEAR_SUBJ_ALERT 0.000000, __REFERENCES 0.000000,
	__REPLYTO_SAMEAS_FROM_ACC 0.000000, __REPLYTO_SAMEAS_FROM_ADDY 0.000000,
	__REPLYTO_SAMEAS_FROM_DOMAIN 0.000000, __SANE_MSGID 0.000000,
	__SCAN_D_NEG 0.000000, __SCAN_D_NEG2 0.000000, __SCAN_D_NEG_HEUR 0.000000,
	__SCAN_D_NEG_HEUR2 0.000000, __SINGLE_URI_TEXT 0.000000,
	__SUBJ_ALPHA_END 0.000000, __SUBJ_ALPHA_NEGATE 0.000000,
	__SUBJ_REPLY 0.000000, __TO_IN_SUBJECT 0.000000, __TO_MALFORMED_2 0.000000,
	__TO_NAME 0.000000, __TO_NAME_DIFF_FROM_ACC 0.000000,
	__TO_REAL_NAMES 0.000000, __URI_HAS_HYPHEN_USC 0.000000,
	__URI_IN_BODY 0.000000, __URI_MAILTO 0.000000, __URI_NOT_IMG 0.000000,
	__URI_NS 0.000000, __URI_WITH_PATH 0.000000, __USER_AGENT 0.000000,
	__WEBINAR_PHRASE 0.000000
X-SASI-Probability: 10%
X-SASI-RCODE: 200
X-SASI-Version: Antispam-Engine: 5.1.4, AntispamData: 2024.12.4.165746
Received: from [192.168.10.199] (dtp [192.168.10.199]) by srv2 (Weasel v2.9-0001
 ) for <ecs-isp@2rosenthals.com>; Wed, 04 Dec 2024 18:21:50 -0000
Reply-To: ml@ecomstation.it
Subject: Re: [eCS-ISP] (uacme) certificate renew issue
To: eCS ISP Mailing List <ecs-isp@2rosenthals.com>
References: <list-11291264@2rosenthals.com>
Organization: Massimo S.
Message-ID: <034ab414-649a-3a2a-2839-628ebfa8af33@ecomstation.it>
Date: Wed, 4 Dec 2024 18:21:46 +0100
User-Agent: Mozilla/5.0 (OS/2; U; Warp 4.5; it-IT; rv:1.7.13) Gecko/20060424
 Thunderbird/1.0.8 Mnenhy/0.7.4.0
MIME-Version: 1.0
In-Reply-To: <list-11291264@2rosenthals.com>
Content-Type: text/plain; charset=iso-8859-15; format=flowed
Content-Language: it-IT
Content-Transfer-Encoding: 7bit



Il 03/12/2024 06:00, Steven Levine ha scritto:
> In <list-11290943@2rosenthals.com>, on 12/02/24
>     at 11:05 PM, "Massimo S." <ecs-isp@2rosenthals.com> said:
> 
> Hi,
> 
> 
>> in this case i see a very strange thing:
>> first method is begin and type http-01 ok
>> after i see method is failed and type is http-01
> 
>> what does it mean method is failed?
> 
> I recommend you review the uacme docs again and look closely the the hook
> script parameters.  The three methods are begin, done and failed.  I don't
> really like term method.  The method is really an action request.
> 
> begin requests the hook to create write the token file.
> 
> fail tells the hook that the cert update failed and that the hook script
> should do whatever clean up makes sense.
> 
> done tells the hook that the crt update was successful and that the hook
> script should do whatever clean up makes sense.
> 
> Steven

hi,

yes, interesting, but why only this domain is failing?
i didn't change anything, 2 months ago the certificate got renewed without problems
i don't understand

{
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "1.2.3.4: Invalid response from 
http://www.mydomain.it/.well-known/acme-challenge/pLTPh5BwkH6reeUtEnlynzNgrL8gYSctv1d3-D3eyiM: 404",
"status": 403
}

of course it's not an issue on port 80 or some FW rule closing something
i've also tried without firewall

i've also restarted the web server to avoid performance issues
i've check the paths tenths of times
i've cheked the DNS, the bind zone
i don't find anything wrong

i'm very concerned

massimo