Mailing List ecs-isp@2rosenthals.com Archived Message #926

Fra: "Paul Smedley" <ecs-isp@2rosenthals.com> Full Headers
Undecoded message
Emne: Re: [eCS-ISP] HTTPS-Misery
Dato: Tue, 08 Oct 2024 05:51:37 +1030
Til: eCS ISP Mailing List <ecs-isp@2rosenthals.com>

Is there any reason we can't just use uacme.sh ? We have multiple shells built for os/2.


On 8 October 2024 12:40:15 am ACDT, "Massimo S." <ecs-isp@2rosenthals.com> wrote:
the point is this:

"Yes, as I said, somewhere in the recent past Let's Encrypt randomises the order of the challenges in the autz. So you've got ⅓ chance of getting http-01 as the first one.

Your script needs to check which challenge is being processed by it and only respond if it's the http-01 challenge, just like how the sh script does it. I know you can't use it directly, but you should use the sh script as an example how the workflow needs to be."

so we need a script that understand if LE is serving an HTTP-01 challenge or not
if not just exit and retry

but i've asked also to Nicola Dilieto a solution for this issue.

https://github.com/ndilieto/uacme/issues/88

or with have to make as script (eg. rexx) that do something like this

https://github.com/ndilieto/uacme/blob/master/uacme.sh


massimo


Il 07/10/2024 11:53, Massimo S. ha scritto:
Hi Dan,

i'm facing a strange issue these days with LE.

If you are interested follow this topic:

https://community.letsencrypt.org/t/renew-of-certificates-fails-randomly-in-the-last-month/227025

massimo

Il 12/08/2024 21:54, Dan Napier, MS, CIH, CAC ha scritto:
Here is where I am now?

uacme.exe: challenge https://acme-v02.api.letsencrypt.org/acme/chall-v3/38943333
6946/-1Wx1w failed with status invalid
uacme.exe: the server reported the following error:
{
     "type": "urn:ietf:params:acme:error:dns",
     "detail": "DNS problem: NXDOMAIN looking up TXT for _acme-challenge.ns1.dnac
ih.com - check that a DNS record exists for this domain",
     "status": 400
}
uacme.exe: failed to authorize order at https://acme-v02.api.letsencrypt.org/acm
e/order/1887586636/295703974986

Any Idea what the DNS txt line should look like?
In the correct place of course--Context is everything ain't it!

_acme-challenge     TXT = "WTF goe Here?"

Looking as some of the discussion changes bi monthly?


--
Certified Industrial Hygienist
Certified Asbestos Consultant

Dan Napier, MS, CIH, CAC
92-0614 8/24/24
2520 Artesia Boulevard
Redondo Beach, CA 90278-3210
310-644-1924 x 103
CSLB 773462
This message is sent to you because you are subscribed to
   the mailing list <ecs-isp@2rosenthals.com>.
To unsubscribe, E-mail to: <ecs-isp-off@2rosenthals.com>
To switch to the DIGEST mode, E-mail to <ecs-isp-digest@2rosenthals.com>
To switch to the INDEX mode, E-mail to <ecs-isp-index@2rosenthals.com>
Send administrative queries to  <ecs-isp-request@2rosenthals.com>
To subscribe (new addresses), E-mail to: <ecs-isp-on@2rosenthals.com> and reply to the confirmation email.
Web archives are publicly available at: http://lists.2rosenthals.com

This list is hosted by Rosenthal & Rosenthal, LLC
P.O. Box 281, Deer Park, NY 11729-0281. Non-
electronic communications related to content
contained in these messages should be directed
to the above address. (CAN-SPAM Act of 2003)

This message is sent to you because you are subscribed to
 the mailing list <ecs-isp@2rosenthals.com>.
To unsubscribe, E-mail to: <ecs-isp-off@2rosenthals.com>
To switch to the DIGEST mode, E-mail to <ecs-isp-digest@2rosenthals.com>
To switch to the INDEX mode, E-mail to <ecs-isp-index@2rosenthals.com>
Send administrative queries to  <ecs-isp-request@2rosenthals.com>
To subscribe (new addresses), E-mail to: <ecs-isp-on@2rosenthals.com> and reply to the confirmation email.
Web archives are publicly available at: http://lists.2rosenthals.com

This list is hosted by Rosenthal & Rosenthal, LLC
P.O. Box 281, Deer Park, NY 11729-0281. Non-
electronic communications related to content
contained in these messages should be directed
to the above address. (CAN-SPAM Act of 2003)

This message is sent to you because you are subscribed to
the mailing list <ecs-isp@2rosenthals.com>.
To unsubscribe, E-mail to: <ecs-isp-off@2rosenthals.com>
To switch to the DIGEST mode, E-mail to <ecs-isp-digest@2rosenthals.com>
To switch to the INDEX mode, E-mail to <ecs-isp-index@2rosenthals.com>
Send administrative queries to <ecs-isp-request@2rosenthals.com>
To subscribe (new addresses), E-mail to: <ecs-isp-on@2rosenthals.com> and reply to the confirmation email.
Web archives are publicly available at: http://lists.2rosenthals.com

This list is hosted by Rosenthal & Rosenthal, LLC
P.O. Box 281, Deer Park, NY 11729-0281. Non-
electronic communications related to content
contained in these messages should be directed
to the above address. (CAN-SPAM Act of 2003)

Abboner: Feed, Digest, Index.
Stopp abbonement
E-post til ListMaster