https://bugs.contribs.org/show_bug.cgi?id=10399
--- Comment #3 from Stefan Schulz <[email protected]> ---
Manually invoked:
# dehydrated -c -x
# INFO: Using main config file /etc/dehydrated/config
Processing xxx.de with alternative names: mail.xxx.de foo.xxx.de www.xxx.de
+ Checking domain name(s) of existing cert... changed!
+ Domain name(s) are not matching!
+ Names in old certificate: ftp.xxx.de xxx.de mail.xxx.de proxy.xxx.de
foo.xxx.de wpad.xxx.de www.xxx.de
+ Configured names: xxx.de mail.xxx.de foo.xxx.de www.xxx.de
+ Forcing renew.
+ Checking expire date of existing cert...
+ Valid till Aug 18 20:19:00 2017 GMT (Less than 30 days). Renewing!
+ Signing domains...
+ Generating private key...
+ Generating signing request...
+ Requesting challenge for xxx.de...
+ Requesting challenge for mail.xxx.de...
+ Requesting challenge for foo.xxx.de...
+ Requesting challenge for www.xxx.de...
+ Already validated!
+ Responding to challenge for xxx.de...
+ Responding to challenge for mail.xxx.de...
+ Responding to challenge for foo.xxx.de...
ERROR: Challenge is invalid! (returned: invalid) (result: {
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:acme:error:connection",
"detail": "Fetching
http://foo.xxx.de/.well-known/acme-challenge/O49B8yINUz89f_BdzyHah695gd9EgcaV0aUboWUQj6k:
Timeout",
"status": 400
},
"uri":
"https://acme-v01.api.letsencrypt.org/acme/challenge/QCbW6LtHUcYTbpnJWl12XOpoq7w4i3phGM4DTEy6T5g/1633491815";,
"token": "O49B8yINUz89f_BdzyHah695gd9EgcaV0aUboWUQj6k",
"keyAuthorization":
"O49B8yINUz89f_BdzyHah695gd9EgcaV0aUboWUQj6k.Q75J23x0B47nDAzopN2iNxgLP3mp2AAxQInqGa-CXNA",
"validationRecord": [
{
"url":
"http://foo.xxx.de/.well-known/acme-challenge/O49B8yINUz89f_BdzyHah695gd9EgcaV0aUboWUQj6k";,
"hostname": "foo.xxx.de",
"port": "80",
"addressesResolved": [
"87.140.117.154",
"2003:a:127f:959a::"
],
"addressUsed": "2003:a:127f:959a::",
"addressesTried": []
}
]
})
Additional information:
# less domains.txt
xxx.de mail.xxx.de foo.xxx.de www.xxx.de
# less config
PARAM_ACCEPT_TERMS="yes"
#!/bin/bash
WELLKNOWN="/home/e-smith/files/ibays/Primary/html/.well-known/acme-challenge"
CA="https://acme-v01.api.letsencrypt.org/directory";
BASEDIR="/etc/dehydrated"
[email protected]
HOOK="/usr/bin/hook-script.sh"
# db hosts show wpad.xxx.de
wpad.ivbonline.de=host
ExternalIP=
HostType=Self
InternalIP=
MACAddress=
letsencryptSSLcert=disabled
# db hosts show ftp.xxx.de
ftp.ivbonline.de=host
ExternalIP=
HostType=Self
InternalIP=
MACAddress=
letsencryptSSLcert=disabled
# db hosts show proxy.xxx.de
proxy.ivbonline.de=host
ExternalIP=
HostType=Self
InternalIP=
MACAddress=
letsencryptSSLcert=disabled
I realize that in the old cert are additional hosts: ftp, proxy and wpad. Could
this be the reason? Actually I don't want these ones in public redirection
connected with my IP.
Regards,
stefan
--
You are receiving this mail because:
You are the QA Contact for the bug._______________________________________________
Mail for each SME Contribs bug report
To unsubscribe, e-mail [email protected]
Searchable archive at https://lists.contribs.org/mailman/public/contribteam/
