Re: acme-client new cert error

2018-05-27 Thread justina colmena
On May 27, 2018 2:21:13 PM AKDT, Stuart Henderson wrote: >certbot used to just be called "letsencrypt" and was some kind of joint >EFF/letsencrypt development, hence the close relationship. That's fine. If certbot may be used with other CAs, and if letsencrypt is willing

Re: acme-client new cert error

2018-05-27 Thread Stuart Henderson
On 2018-05-27, Florian Obser wrote: > On Sat, May 26, 2018 at 09:14:35AM -0700, Scott Vanderbilt wrote: >> On 5/26/2018 4:54 AM, Stuart Henderson wrote: >> >> > aeneas.datagenic.com doesn't respond on port 80. (And if I can't >> > fetch it, letsencrypt's checkers are also

Re: acme-client new cert error

2018-05-27 Thread Stuart Henderson
On 2018-05-26, justina colmena wrote: > On Sat, 26 May 2018 09:14:35 -0700 > Scott Vanderbilt wrote: > >> On 5/26/2018 4:54 AM, Stuart Henderson wrote: >> >> > aeneas.datagenic.com doesn't respond on port 80. (And if I can't >> > fetch it, letsencrypt's

Re: acme-client new cert error

2018-05-27 Thread Florian Obser
On Sat, May 26, 2018 at 09:14:35AM -0700, Scott Vanderbilt wrote: > On 5/26/2018 4:54 AM, Stuart Henderson wrote: > > > aeneas.datagenic.com doesn't respond on port 80. (And if I can't > > fetch it, letsencrypt's checkers are also unlikely to be able to). > > > > Firewall issue? > > Oh, FFS. >

Re: acme-client new cert error

2018-05-26 Thread justina colmena
On Sat, 26 May 2018 09:14:35 -0700 Scott Vanderbilt wrote: > On 5/26/2018 4:54 AM, Stuart Henderson wrote: > > > aeneas.datagenic.com doesn't respond on port 80. (And if I can't > > fetch it, letsencrypt's checkers are also unlikely to be able to). > > > > Firewall issue?

Re: acme-client new cert error

2018-05-26 Thread Scott Vanderbilt
On 5/26/2018 4:54 AM, Stuart Henderson wrote: aeneas.datagenic.com doesn't respond on port 80. (And if I can't fetch it, letsencrypt's checkers are also unlikely to be able to). Firewall issue? Oh, FFS. Yes. A silly pf rule blocking incoming traffic from outside my LAN that I overlooked

Re: acme-client new cert error

2018-05-26 Thread Stuart Henderson
On 2018-05-25, Scott Vanderbilt wrote: > I'm having difficulty creating a new SSL cert for a virtual host I'm > just standing up for the first time. I get the following error on > successive attempts: > > urn:acme:error:unauthorized > Error creating new cert ::

Re: acme-client new cert error

2018-05-25 Thread Bryan Harris
Ah okay. In my different situation I did mv /etc/ssl/cert /tmp Then ran command again. I will try -D next time instead. V/r, Bryan > On May 25, 2018, at 5:51 PM, Scott Vanderbilt wrote: > >> On 5/25/2018 2:41 PM, Bryan Harris wrote: >> Did you already have a cert for

Re: acme-client new cert error

2018-05-25 Thread Scott Vanderbilt
On 5/25/2018 2:41 PM, Bryan Harris wrote: Did you already have a cert for datagenic.com but which didn’t include the new name? I think the -A argument only makes a new cert when old one doesn’t exist. Otherwise tries to use found cert and failed because old cert doesn’t have new name. At

Re: acme-client new cert error

2018-05-25 Thread Bryan Harris
Did you already have a cert for datagenic.com but which didn’t include the new name? I think the -A argument only makes a new cert when old one doesn’t exist. Otherwise tries to use found cert and failed because old cert doesn’t have new name. At least that’s my understanding. Or maybe I

Re: acme-client new cert error

2018-05-25 Thread Scott Vanderbilt
On 5/25/2018 2:20 PM, Fred wrote: On 05/25/18 21:10, Scott Vanderbilt wrote: I'm having difficulty creating a new SSL cert for a virtual host I'm just standing up for the first time. I get the following error on successive attempts: urn:acme:error:unauthorized Error creating new cert ::

Re: acme-client new cert error

2018-05-25 Thread Tim van der Molen
I have run into a problem that seems similar to yours. I'm still debugging it (or rather trying to find the time to do so), but I believe the problem is that acme-client does not correctly handle the "pending" status: it is handled as "valid". As a result, the challenge file is removed before the

Re: acme-client new cert error

2018-05-25 Thread Fred
On 05/25/18 21:10, Scott Vanderbilt wrote: I'm having difficulty creating a new SSL cert for a virtual host I'm just standing up for the first time. I get the following error on successive attempts: urn:acme:error:unauthorized Error creating new cert :: authorizations for these names not

acme-client new cert error

2018-05-25 Thread Scott Vanderbilt
I'm having difficulty creating a new SSL cert for a virtual host I'm just standing up for the first time. I get the following error on successive attempts: urn:acme:error:unauthorized Error creating new cert :: authorizations for these names not found or expired: aeneas.datagenic.com I've