3 HTTP Doğrulama Başarılı, Sonuç: Timeout

Yoncu · September 4, 2022, 11:47pm

3 HTTP verification requests are received. For all 3 requests, the answer is the same and sent correctly. If the answer to the 1st request is wrong, the 2nd and 3rd requests will not come. All 3 requests and responses are the same. Tcpdump output is below but as a result letsencrypt response is timeout. What could be the reason?

Request and Response TcpDump:

02:32:37.857209 IP 23.178.112.209.29052 > 185.50.70.28.80: Flags [P.], seq 4001315321:4001315590, ack 3932783766, win 64240, length 269: HTTP: GET /.well-known/acme-challenge/9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE HTTP/1.1
E..5(.@.*..I..p..2F.q|.P..9..i..P...j...GET /.well-known/acme-challenge/9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE HTTP/1.1
Host: gizlihayatlar.com
User-Agent: Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)
Accept: */*
Accept-Encoding: gzip
Connection: close


02:32:37.857227 IP 185.50.70.28.80 > 23.178.112.209.29052: Flags [F.], seq 1:148, ack 269, win 11110, length 147: HTTP: HTTP/1.1 200 OK
E.....@....W.2F...p..Pq|.i....;.P.+f....HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8

9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE.xDCwF7RBAXTkVUKiF8ZQ-rphngrAJZ4TB7e3c4uwFEI
02:32:41.940985 IP 23.178.112.103.27688 > 185.50.70.28.80: Flags [P.], seq 1306214058:1306214327, ack 685863622, win 64240, length 269: HTTP: GET /.well-known/acme-challenge/9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE HTTP/1.1
E..5..@.2.8^..pg.2F.l(.PM.>.(.r.P.......GET /.well-known/acme-challenge/9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE HTTP/1.1
Host: gizlihayatlar.com
User-Agent: Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)
Accept: */*
Accept-Encoding: gzip
Connection: close


02:32:41.941010 IP 185.50.70.28.80 > 23.178.112.103.27688: Flags [F.], seq 1:148, ack 269, win 11110, length 147: HTTP: HTTP/1.1 200 OK
E.....@...
V.2F...pg.Pl((.r.M.?.P.+f....HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8

9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE.xDCwF7RBAXTkVUKiF8ZQ-rphngrAJZ4TB7e3c4uwFEI
02:32:45.750447 IP 23.178.112.103.27996 > 185.50.70.28.80: Flags [P.], seq 590126544:590126813, ack 3641224263, win 64240, length 269: HTTP: GET /.well-known/acme-challenge/9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE HTTP/1.1
E..5CU@.1.~...pg.2F.m\.P#,.....GP.......GET /.well-known/acme-challenge/9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE HTTP/1.1
Host: gizlihayatlar.com
User-Agent: Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)
Accept: */*
Accept-Encoding: gzip
Connection: close


02:32:45.750462 IP 185.50.70.28.80 > 23.178.112.103.27996: Flags [F.], seq 1:148, ack 269, win 11110, length 147: HTTP: HTTP/1.1 200 OK
E.....@......2F...pg.Pm\...G#,..P.+f....HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8

9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE.xDCwF7RBAXTkVUKiF8ZQ-rphngrAJZ4TB7e3c4uwFEI

Challenge Details:

{
  "Header": {
    "url": "https://acme-v02.api.letsencrypt.org/acme/authz-v3/149804918617",
    "content_type": "application/json",
    "http_code": 200,
    "header_size": 327,
    "request_size": 143,
    "filetime": -1,
    "ssl_verify_result": 0,
    "redirect_count": 0,
    "total_time": 0.738453,
    "namelookup_time": 0.012275,
    "connect_time": 0.013939,
    "pretransfer_time": 0.556845,
    "size_upload": 0,
    "size_download": 1092,
    "speed_download": 1478,
    "speed_upload": 0,
    "download_content_length": 1092,
    "upload_content_length": 0,
    "starttransfer_time": 0.7384200000000001,
    "redirect_time": 0,
    "redirect_url": "",
    "primary_ip": "172.65.32.248",
    "certinfo": [],
    "primary_port": 443,
    "local_ip": "185.50.71.44",
    "local_port": 39612,
    "server": "nginx",
    "date": "Sun, 04 Sep 2022 23:33:36 GMT",
    "content-type": "application/json",
    "content-length": "1092",
    "connection": "keep-alive",
    "cache-control": "public, max-age=0, no-cache",
    "link": {
      "index": "https://acme-v02.api.letsencrypt.org/directory"
    },
    "x-frame-options": "DENY",
    "strict-transport-security": "max-age=604800"
  },
  "Body": {
    "identifier": {
      "type": "dns",
      "value": "gizlihayatlar.com"
    },
    "status": "invalid",
    "expires": "2022-09-11T23:33:06Z",
    "challenges": [
      {
        "type": "http-01",
        "status": "invalid",
        "error": {
          "type": "urn:ietf:params:acme:error:connection",
          "detail": "During secondary validation: 185.50.70.28: Fetching http://gizlihayatlar.com/.well-known/acme-challenge/9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE: Timeout during connect (likely firewall problem)",
          "status": 400
        },
        "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/149804918617/pyoNYw",
        "token": "9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE",
        "validationRecord": [
          {
            "url": "http://gizlihayatlar.com/.well-known/acme-challenge/9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE",
            "hostname": "gizlihayatlar.com",
            "port": "80",
            "addressesResolved": [
              "185.50.70.28"
            ],
            "addressUsed": "185.50.70.28"
          }
        ],
        "validated": "2022-09-04T23:33:11Z"
      }
    ]
  }
}

rg305 · September 5, 2022, 12:10am

Only three requests [from two IPs] are shown.

The error is shows as:

Normally, up to four IPs are used to validate HTTP-01 authentications.
The failure is from IPs that aren't in your TCPDUMP.

system · October 5, 2022, 12:10am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.