Your message dated Sun, 05 Apr 2020 01:47:39 +0200
with message-id <[email protected]>
and subject line Re: Bug#955765: Error: Received invalid X.509 certificate from
ACME server!
has caused the Debian Bug report #955765,
regarding Error: Received invalid X.509 certificate from ACME server!
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
955765: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955765
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: lacme
Version: 0.6-2
Severity: important
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi,
I cannot get lacme to issue a certificate :-(
I run lacme-accountd from my laptop, and lacme on my server with an
ssh-tunneled socket to lacme-accountd.
Here's the output from lacme:
Certificate URI:
https://acme-v02.api.letsencrypt.org/acme/cert/036c9c4c3720c2241c7f32cb5920470555db
C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
error 2 at 1 depth lookup: unable to get issuer certificate
[live] Error: Received invalid X.509 certificate from ACME server!
Apology ahead if I am missing something obvious and effectively abusing
this as a support forum. I have run out of ideas to explore on my own.
- Jonas
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAl6Iz3IACgkQLHwxRsGg
ASF5fRAAnJhiQfGE9A62QGYB97smRftL8FaDrq4EjsJV2dv43GrGnEmDivCaY94i
K19rMhkh8xNEKrhZxpnf9VT8KcijxXxfF7C0WBkcSdiizOKARU3JQtkvahcB/V1G
L8AR74PGrBhIQDcq3+TToKW/UUWGwSdghsH2/C1gN066at9BB0u20Afc3ZSZobT2
236Llwt3XEO7nP5YufJ1pL/PKIbmWpShCj7hUm9WwJF3pEYv/BubEQk7nD90+AK5
+dhYOu5EJudpR6EHL0nwUY5VO/eKgwsZThWuz0FqZ1sFghvC1U/SLaOED+0eZjat
3XRMkpnFxoN1fcjRGa3CDYgeUiJ9JJwhSfmvBE4WlGCGrkltjzOaUwO+tl53UqL7
/13Jlh/FiV8j8yVu71GvbJ9baT6sINOGex2C7L/7Ga4k3oxtNj+cVK9HWosnD50W
zTJ49/QDmiA1TMpH7/ovwP6VN9+KF1/xChZSMJrrxXQwFFjREF6v0R2+u+PKeHDF
JJ919yMGiQeDMlXVg3P6DP/8neOmjIP+sVKpoK3WHF2chBxwm4PzWPbz+btd0f6r
zx97EkpazfKYEUqLpKtZ+SCz5tRI2ajCGlOP8xpaQYWfjiG8x9KKBcJ93+H7CalO
7r/PgDGU0zBPuUJLF9UUX6tAXjxOH1nto9JwnI0O+fwezrxRXx4=
=RWn1
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Quoting Jonas Smedegaard (2020-04-05 01:22:46)
> Quoting Jonas Smedegaard (2020-04-05 01:13:45)
> > Quoting Jonas Smedegaard (2020-04-05 01:00:04)
> > > Quoting Guilhem Moulin (2020-04-04 20:53:16)
> > > > On Sat, 04 Apr 2020 at 20:18:28 +0200, Jonas Smedegaard wrote:
> > > > > C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
> > > > > error 2 at 1 depth lookup: unable to get issuer certificate
> > > > > [live] Error: Received invalid X.509 certificate from ACME server!
> In case you are curious, the cause is (most likely) bugs#923479 - my
> server is an armhf box bootstrapped with QEMU. I _did_ put a
> workaround in place for that exact bug, but evidently that failed.
I can confirm that after running this command:
openssl rehash -v
lacme succesfully issed a cert!
Phew - I'd fought this for several days now.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
--- End Message ---