From: "Steven Levine" <ecs-isp@2rosenthals.com>
Received: from [192.168.100.201] (HELO mail.2rosenthals.com)
  by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10)
  with ESMTP id 11340263 for ecs-isp@2rosenthals.com; Wed, 11 Dec 2024 01:36:50 -0500
Received: from secmgr-va.randr ([192.168.200.201]:38446 helo=mail2.2rosenthals.com)
	by mail.2rosenthals.com with esmtp (Exim 4.97.1)
	(envelope-from <steve53@earthlink.net>)
	id 1tLGKu-000000004EF-0drz
	for ecs-isp@2rosenthals.com;
	Wed, 11 Dec 2024 01:36:40 -0500
Received: from mta-201b.earthlink-vadesecure.net ([51.81.229.181]:58763 helo=mta-201a.earthlink-vadesecure.net)
	by mail2.2rosenthals.com with esmtps  (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.97.1)
	(envelope-from <steve53@earthlink.net>)
	id 1tLGKo-000000007qV-0HYO
	for ecs-isp@2rosenthals.com;
	Wed, 11 Dec 2024 01:36:34 -0500
DKIM-Signature: v=1; a=rsa-sha256; bh=FJHozNOxO9SiRQ0emF8fk+/LErEEZGzOYCKwil
 /ns+k=; c=relaxed/relaxed; d=earthlink.net; h=from:reply-to:subject:
 date:to:cc:resent-date:resent-from:resent-to:resent-cc:in-reply-to:
 references:list-id:list-help:list-unsubscribe:list-unsubscribe-post:
 list-subscribe:list-post:list-owner:list-archive; q=dns/txt;
 s=dk12062016; t=1733898992; x=1734503792; b=epywze2Uwd43IpMZas8SfxIQm9N
 W673rZRFNevWP3p9Ce0gPP5eMTLH4nTHJPc9J1mBKY8zkRQvq+8loE2KdlkYwhEaOmmoSVP
 nrBCKKPLjr2Agmi8tBYrKSBlB7o4HR1Mj7R9mGfmuXWz3RZveVbWAo0U2B5xh0IKY09N/51
 mmkWKcNhtdSQUQwKFyPZLt8OBG8ZgwVnDDvbtAi/GJ+ruhgU2eNaUGxrkjctufO/s+AUNnp
 WRatyGIWvRU0ym6qBNeii2l8SeTj21SQCLeBu47UiJ54eOLEKU0TX8dpEZ03JFfFH+qz6fH
 8iYUbui5Uv1bDq4w5at7OBbMsLAeGOQ==
Received: from slamain ([172.56.178.196])
 by vsel2nmtao01p.internal.vadesecure.com with ngmta
 id a967e205-18100bf27f0b75a8; Wed, 11 Dec 2024 06:36:32 +0000
Message-ID: <67592d74.8.mr2ice.fgrirsq@earthlink.net>
Date: Tue, 10 Dec 2024 22:13:08 -0800
To: "eCS ISP Mailing List" <ecs-isp@2rosenthals.com>
In-Reply-To: <list-11332565@2rosenthals.com>
Subject: Re: [eCS-ISP] Getting started with Let's Encrypt
X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v3.00.11.24/60 

In <list-11332565@2rosenthals.com>, on 12/10/24
   at 02:33 PM, "Peter Moylan" <ecs-isp@2rosenthals.com> said:

Hi Peter,

>Now the symptoms have changed:
>{14}[c:\uacme] issue_pmoylan.org
>uacme -v -h uacme-hook.cmd issue pmoylan.org www.pmoylan.org 
>mail.pmoylan.org
>uacme.exe: version 1.2.4 starting on Tue, 10 Dec 2024 14:11:04 uacme.exe:
>loading key from /@unixroot/etc/ssl/uacme/private/key.pem uacme.exe:
>loading key from 
>/@unixroot/etc/ssl/uacme/private/pmoylan.org/key.pem

>uacme.exe: checking existence and expiration of 
>/@unixroot/etc/ssl/uacme/pmoylan
>.org/cert.pem
>uacme.exe: /@unixroot/etc/ssl/uacme/pmoylan.org/cert.pem does not exist
>uacme.exe: fetching directory at 
>https://acme-v02.api.letsencrypt.org/directory

And what happens next?  Do uacme.exe return to the command line or just
hang waiting for something to happen?

I don't have access to the full logs of a current certficate run, but
perhaps the following will help you know what to expect.

uacme.exe: version 1.2.4 starting on Tue, 22 Oct 2024 15:03:34  uacme.exe:
loading key from f:\MPTN\ETC\ssl\uacme/private/key.pem uacme.exe: loading
key from f:\MPTN\ETC\ssl\uacme/private/warpcave.com/key.pem uacme.exe:
checking existence and expiration of
f:\MPTN\ETC\ssl\uacme/warpcave.com/cert.pem

One this system, uacme is looking in f:\mptn\etc because the libc
pathrewriter is configured to /etc to %ETC.

uacme.exe: f:\MPTN\ETC\ssl\uacme/warpcave.com/cert.pem does not exist

Since the cert does not exist, uacme is going to attempt to create a new
certificate.

uacme.exe: fetching directory at
https://acme-staging-v02.api.letsencrypt.org/directory

So far we match.  Since I was testing at the time, I chose to using a
staging account.  It has no effect on the overall process flow.  However,
since I mentioned it, you probably should review

  https://letsencrypt.org/docs/staging-environment/

Basically since a staging account is for testing and failure are expected,
most of the Rate Limits are removed.

uacme.exe: retrieving account at
https://acme-staging-v02.api.letsencrypt.org/acme/new-acct

Based on what you posted, it appears you hung before uacme logged this
message.  Is this true.

The following log messages are typical.


uacme.exe: account location:
https://acme-staging-v02.api.letsencrypt.org/acme/acct/168253203
uacme.exe: creating new order for warpcave.com at
https://acme-staging-v02.api.letsencrypt.org/acme/new-order uacme.exe:
order URL:
https://acme-staging-v02.api.letsencrypt.org/acme/order/168253203/19918221883
uacme.exe: retrieving authorization at
https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/14546972603
uacme.exe: running uacme-hook.cmd begin dns-01 warpcave.com
w_Rn_eenmWzh_J6-7y67gje0AuMMVwTKR8kLsE1zmag
js-nPVQVZubIjZeC-AIEwSO12uE7768aft_B18dnWRg

And here is the hook logging away...

2024/10/22-15:03:35 
2024/10/22-15:03:35 uacme-hook started at 2024/10/22-15:03:35
2024/10/22-15:03:35 method is begin
2024/10/22-15:03:35 type is dns-01
2024/10/22-15:03:35 ident is warpcave.com
2024/10/22-15:03:35 token is w_Rn_eenmWzh_J6-7y67gje0AuMMVwTKR8kLsE1zmag
2024/10/22-15:03:35 auth is js-nPVQVZubIjZeC-AIEwSO12uE7768aft_B18dnWRg
2024/10/22-15:03:35 
2024/10/22-15:03:35 Running on slamain in test mode

Hope this helps,

Steven

-- 
----------------------------------------------------------------------
"Steven Levine" <steve53@earthlink.net>  Warp/DIY/BlueLion etc.
www.scoug.com www.arcanoae.com www.warpcave.com
----------------------------------------------------------------------