ICT: Diary
D: 28 W: 05
| < | February 2018 | > | ||||
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | ||||
| 4 | 5 | 6 | 7 | 8 | 9 | 10 |
| 11 | 12 | 13 | 14 | 15 | 16 | 17 |
| 18 | 19 | 20 | 21 | 22 | 23 | 24 |
| 25 | 26 | 27 | 28 | |||
[ < ]
Tuesday, 13 February 2018 [ >
]
letsencrypt
Was having trouble with acme-client on 6.2 the fix turned out to be updating the agreement url to https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf and removing the /etc/acme/letsencrypt-privkey.pem
In addition I had not set the root domain to point to the new server so I ended up with the following error:
acme-client: transfer buffer: [{ "type": "http-01", "status": "invalid", "error": { "type": "urn:acme:error:unknownHost", "detail": "No valid IP addresses found for titans-bmx.co.uk", "status": 400 }, "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/jxbZc4MfO-fOVUjlDV1OEUZouRiJqr3CoAWQ2RqDYY8/3450134442", "token": "YFJUMHB9Q0X93LBsDIUDkdFurE-mpRidp4HmpqNnUYM", "keyAuthorization": "YFJUMHB9Q0X93LBsDIUDkdFurE-mpRidp4HmpqNnUYM.S-dCygdMTfgh1PZe2R8SmVopSYr_fb5DbV0JQ88eIwg", "validationRecord": [ { "url": "http://titans-bmx.co.uk/.well-known/acme-challenge/YFJUMHB9Q0X93LBsDIUDkdFurE-mpRidp4HmpqNnUYM", "hostname": "titans-bmx.co.uk", "port": "80" } ] }] (689 bytes)
acme-client: bad exit: netproc(10763): 1 acme-client: transfer buffer: [{ "type": "http-01", "status": "invalid", "error": { "type": "urn:acme:error:unauthorized", "detail": "Invalid response from http://www.titans-bmx.co.uk/.well-known/acme-challenge/SYXgZWHQWDqKfp-qNGJ5nrCl5KXc4Rg80KyLxPSpWbI: \"\u003chtml\u003e\r\n\u003chead\u003e\u003ctitle\u003e404 Not Found\u003c/title\u003e\u003c/head\u003e\r\n\u003cbody bgcolor=\"white\"\u003e\r\n\u003ccenter\u003e\u003ch1\u003e404 Not Found\u003c/h1\u003e\u003c/center\u003e\r\n\u003chr\u003e\u003ccenter\u003e\"", "status": 403 }, "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/sRsle5msTWmYYQxSMbTlnc4juxH7EXb4WMKRg2LemP4/3450241532", "token": "SYXgZWHQWDqKfp-qNGJ5nrCl5KXc4Rg80KyLxPSpWbI", "keyAuthorization": "SYXgZWHQWDqKfp-qNGJ5nrCl5KXc4Rg80KyLxPSpWbI.S-dCygdMTfgh1PZe2R8SmVopSYr_fb5DbV0JQ88eIwg", "validationRecord": [ { "url": "http://www.titans-bmx.co.uk/.well-known/acme-challenge/SYXgZWHQWDqKfp-qNGJ5nrCl5KXc4Rg80KyLxPSpWbI", "hostname": "www.titans-bmx.co.uk", "port": "80", "addres
sesResolved": [ "46.235.226.153" ], "addressUsed": "46.235.226.153" } ] }] (1136 bytes)
acme-client: bad exit: netproc(13586): 1and then success:
acme-client: https://acme-v01.api.letsencrypt.org/acme/new-cert: certificate
acme-client: http://cert.int-x3.letsencrypt.org/: full chain
acme-client: cert.int-x3.letsencrypt.org: DNS: 2.22.146.89
acme-client: /etc/ssl/titans.crt: created
acme-client: /etc/ssl/titans.fullchain.pem: createdThis will definately need to be automated…
$Id: dates.htm,v 1
$Id: diary,v 1.38 2025/01/01 22:43:54 fred Exp $