List ecs-isp@2rosenthals.com Arkiverade meddelande #1041 föregående meddelande nästa meddelande Tillbaks till lista

Från: "Massimo S." <ecs-isp@2rosenthals.com> Meddelandehuvud
Oavkodat meddelande
Ämne: Re: [eCS-ISP] (uacme) certificate renew issue
Datum: Wed, 4 Dec 2024 18:21:46 +0100
Till: eCS ISP Mailing List <ecs-isp@2rosenthals.com>



Il 03/12/2024 06:00, Steven Levine ha scritto:
In <list-11290943@2rosenthals.com>, on 12/02/24
    at 11:05 PM, "Massimo S." <ecs-isp@2rosenthals.com> said:

Hi,


in this case i see a very strange thing:
first method is begin and type http-01 ok
after i see method is failed and type is http-01

what does it mean method is failed?

I recommend you review the uacme docs again and look closely the the hook
script parameters.  The three methods are begin, done and failed.  I don't
really like term method.  The method is really an action request.

begin requests the hook to create write the token file.

fail tells the hook that the cert update failed and that the hook script
should do whatever clean up makes sense.

done tells the hook that the crt update was successful and that the hook
script should do whatever clean up makes sense.

Steven

hi,

yes, interesting, but why only this domain is failing?
i didn't change anything, 2 months ago the certificate got renewed without problems
i don't understand

{
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "1.2.3.4: Invalid response from http://www.mydomain.it/.well-known/acme-challenge/pLTPh5BwkH6reeUtEnlynzNgrL8gYSctv1d3-D3eyiM: 404",
"status": 403
}

of course it's not an issue on port 80 or some FW rule closing something
i've also tried without firewall

i've also restarted the web server to avoid performance issues
i've check the paths tenths of times
i've cheked the DNS, the bind zone
i don't find anything wrong

i'm very concerned

massimo
Prenumerera: Sändning, Uppsamling, Index.
Stoppa prenumeration
Meddelande till ListMaster