I've successfully configured SME 10 to obtain a let's encrypt certificate, as per the wiki instructions. Yesterday (and today) I've got failure reports during attempts to renew the certificate (redacted, can PM the exact message):
# INFO: Using main config file /etc/dehydrated/config
Processing myhost.mydomain
+ Checking domain name(s) of existing cert... unchanged.
+ Checking expire date of existing cert...
+ Valid till Feb 22 09:35:15 2022 GMT (Less than 30 days). Renewing!
+ Signing domains...
+ Generating private key...
+ Generating signing request...
+ Requesting new certificate order from CA...
+ Received 1 authorizations URLs from the CA
+ Handling authorization for myhost.mydomain
+ 1 pending challenge(s)
+ Deploying challenge tokens...
+ Responding to challenge for myhost.mydomain authorization...
+ Cleaning challenge tokens...
+ Challenge validation has failed
ERROR: Challenge is invalid! (returned: invalid) (result: ["type"] "http-01"
["status"] "invalid"
["error","type"] "urn:ietf:params:acme:error:unauthorized"
["error","detail"] "Invalid response from http://myhost.mydomain/.well-known/acme-challenge/y2C3vJWm4-sTlcFOJgu4ZYJ-oNGvhBx6vMUUHL3jabM [my.ip.add.ress]: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e403 Forbidden\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eForbidden\u003c/h1\u003e\\n\u003cp\""
["error","status"] 403
["error"] {"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from http://myhost.mydomain/.well-known/acme-challenge/y2C3vJWm4-sTlcFOJgu4ZYJ-oNGvhBx6vMUUHL3jabM [my.ip.add.ress]: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e403 Forbidden\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eForbidden\u003c/h1\u003e\\n\u003cp\"","status":403}
["url"] "https://acme-v02.api.letsencrypt.org/acme/chall-v3/71559634970/xNPwug"
["token"] "y2C3vJWm4-sTlcFOJgu4ZYJ-oNGvhBx6vMUUHL3jabM"
["validationRecord",0,"url"] "http://myhost.mydomain/.well-known/acme-challenge/y2C3vJWm4-sTlcFOJgu4ZYJ-oNGvhBx6vMUUHL3jabM"
["validationRecord",0,"hostname"] "myhost.mydomain"
["validationRecord",0,"port"] "80"
["validationRecord",0,"addressesResolved",0] "my.ip.add.ress"
["validationRecord",0,"addressesResolved"] ["my.ip.add.ress"]
["validationRecord",0,"addressUsed"] "my.ip.add.ress"
["validationRecord",0] {"url":"http://myhost.mydomain/.well-known/acme-challenge/y2C3vJWm4-sTlcFOJgu4ZYJ-oNGvhBx6vMUUHL3jabM","hostname":"myhost.mydomain","port":"80","addressesResolved":["my.ip.add.ress"],"addressUsed":"my.ip.add.ress"}
["validationRecord"] [{"url":"http://myhost.mydomain/.well-known/acme-challenge/y2C3vJWm4-sTlcFOJgu4ZYJ-oNGvhBx6vMUUHL3jabM","hostname":"myhost.mydomain","port":"80","addressesResolved":["my.ip.add.ress"],"addressUsed":"my.ip.add.ress"}]
["validated"] "2022-01-24T22:22:38Z")
Any idea on how to proceed from here?
2 Replies
2245 Views