Apache virtual host behind firewall Correct zName not found for TLS SNI challenge


#1

Hello
I am trying to generate a letsencrypt certificat for a virtual host behind a firewall
I receice the following error
Correct zName not found for TLS SNI challenge.
but the domain is present in the Found list.
the host is not reported as the same ip by the DNS , since inside this is the local ip, and outside is the public IP shared by many virtual host.

here is part of the log file:

2016-03-24 11:53:57,522:INFO:letsencrypt.auth_handler:Cleaning up challenges
2016-03-24 11:53:58,000:DEBUG:letsencrypt.cli:Exiting abnormally:
Traceback (most recent call last):
File “/root/.local/share/letsencrypt/bin/letsencrypt”, line 11, in
sys.exit(main())
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/cli.py”, line 1993, in main
return config.func(config, plugins)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/cli.py”, line 663, in run
lineage, action = _auth_from_domains(le_client, config, domains)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/cli.py”, line 475, in _auth_from_domains
lineage = le_client.obtain_and_enroll_certificate(domains)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/client.py”, line 269, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/client.py”, line 252, in obtain_certificate
return self.obtain_certificate_from_csr(domains, csr) + (key, csr)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/client.py”, line 225, in obtain_certificate_from_csr
authzr = self.auth_handler.get_authorizations(domains)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/auth_handler.py”, line 84, in get_authorizations
self._respond(cont_resp, dv_resp, best_effort)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/auth_handler.py”, line 142, in _respond
self._poll_challenges(chall_update, best_effort)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/auth_handler.py”, line 204, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. socrates.epet.recherche.enac.fr (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Correct zName not found for TLS SNI challenge. Found ‘sec.recherche.enac.fr, pki.recherche.enac.fr, webmail.recherche.enac.fr, m2rit-ro.recherche.enac.fr, cloud.recherche.enac.fr, dl.recherche.enac.fr, wiki.recherche.enac.fr, www.recherche.enac.fr, maiaa.recherche.enac.fr, isiatm.recherche.enac.fr, itsnt.recherche.enac.fr, share.recherche.enac.fr, socrates.epet.recherche.enac.fr, survey.recherche.enac.fr, bibliotheque.recherche.enac.fr, library.recherche.enac.fr, svn.recherche.enac.fr, svn.tls.cena.fr, sympa.recherche.enac.fr, sympa.enac.fr, gnss-seminars.com, www.gnss-seminars.com, stargate.recherche.enac.fr


#2

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.