zmi
June 27, 2017, 7:12am
1
Hostname: transfer.viennapaint.com
I have a host which runs acme.sh from crontab, and didn’t renew the cert. Now it’s outdated, and I tried manually:
/backup/scripts_multihost/.acme.sh/acme.sh --home /backup/scripts_multihost/.acme.sh/ --issue -d transfer.viennapaint.com -w /www/viennapaint.com.transfer/ --staging --log --debug 2
I will attach the log. It’s an apache server on SLES12.0.
zmi
June 27, 2017, 7:25am
3
/backup/scripts_multihost/.acme.sh/acme.sh --home /backup/scripts_multihost/.acme.sh/ --issue -d transfer.viennapaint.com -w /www/viennapaint.com.transfer/ --staging --log
[Tue Jun 27 09:22:25 CEST 2017] Using stage ACME_DIRECTORY: https://acme-staging.api.letsencrypt.org/directory
[Tue Jun 27 09:22:25 CEST 2017] Single domain=‘transfer.viennapaint.com ’
[Tue Jun 27 09:22:25 CEST 2017] Getting domain auth token for each domain
[Tue Jun 27 09:22:25 CEST 2017] Getting webroot for domain=‘transfer.viennapaint.com ’
[Tue Jun 27 09:22:25 CEST 2017] Getting new-authz for domain=‘transfer.viennapaint.com ’
[Tue Jun 27 09:22:26 CEST 2017] The new-authz request is ok.
[Tue Jun 27 09:22:27 CEST 2017] Verifying:transfer.viennapaint.com
[Tue Jun 27 09:22:30 CEST 2017] transfer.viennapaint.com :Verify error:Fetching https://transfer.viennapaint.com.well-known/acme-challenge/Tvi6breVivSmrp2P1uVbYdvI97vTe4vOrCJDRaanUZE: Error getting validation data
[Tue Jun 27 09:22:30 CEST 2017] Please check log file for more details: /backup/scripts_multihost/.acme.sh//acme.sh.log
the full debug2 output is here: http://owncloud.zmi.at/index.php/s/C1yuFCqe2YFZGCN
Hi @zmi ,
You have a redirection from https to http and that is strange but that is not the problem, the problem is that you forgot to add a /
at the end of your Apache redirection/rewrite rule (whatever you are using) so when your site is checked, instead of:
http://transfer.viennapaint.com/.well-known/acme-challenge/whatever
it receives this
http://transfer.viennapaint.com.well-known/acme-challenge/whatever
Example:
curl -IkL https://transfer.viennapaint.com/.well-known/acme-challenge/whatever
HTTP/1.1 302 Found
Date: Tue, 27 Jun 2017 12:39:03 GMT
Server: Apache/2.4.10 (Linux/SUSE)
Location: http://transfer.viennapaint.com.well-known/acme-challenge/whatever
Connection: close
Content-Type: text/html; charset=iso-8859-1
curl: (6) Couldn't resolve host 'transfer.viennapaint.com.well-known'
So the domain can’t be resolved because it is wrong.
Cheers.
sahsanu
2 Likes
zmi
June 29, 2017, 5:14am
5
Good catch, thank you. I reported it to the webmaster.
1 Like
system
Closed
July 29, 2017, 5:15am
6
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.