Authorization error1

AcmeClient.NewAuthorization(new AuthorizationIdentifier{Type = AuthorizationIdentifierTypes.Dns,Value = “”});
return null challenges
and gin auAuthorization error

Post a full, runnable code sample.

using (var client = new AcmeClient(WellKnownServers.LetsEncrypt))

            var account = await client.NewRegistraton("");

            account.Data.Agreement = account.GetTermsOfServiceUri();
            account = await client.UpdateRegistration(account);

            // Initialize authorization
            var authz = await client.NewAuthorization(new AuthorizationIdentifier
                Type = AuthorizationIdentifierTypes.Dns,
                Value = ""
            Console.WriteLine(" // Initialize authorization complete");
            // Comptue key authorization for http-01
            var httpChallengeInfo = authz.Data.Challenges.Where(c => c.Type == ChallengeTypes.Http01).First();
            var keyAuthString = client.ComputeKeyAuthorization(httpChallengeInfo);

            // Do something to fullfill the challenge,
            // e.g. upload key auth string to well known path, or make changes to DNS

            // Info ACME server to validate the identifier
            var httpChallenge = await client.CompleteChallenge(httpChallengeInfo);

            // Check authorization status
            authz = await client.GetAuthorization(httpChallenge.Location);
            Console.WriteLine(" authz.Data.Status: " + authz.Data.Status);
            while (authz.Data.Status == EntityStatus.Pending)
                // Wait for ACME server to validate the identifier
                await Task.Delay(10000);
                authz = await client.GetAuthorization(httpChallenge.Location);
                Console.WriteLine(" authz.Data.Status: " + authz.Data.Status);
            Console.WriteLine(" authz.Data.Status: " + authz.Data.Status);
            if (authz.Data.Status == EntityStatus.Valid)
                // Create certificate
                var csr = new CertificationRequestBuilder();
                csr.AddName("CN", "");
                var cert = await client.NewCertificate(csr);

                // Export Pfx
                var pfxBuilder = cert.ToPfx();
                var pfx = pfxBuilder.Build("my-free-cert", "abcd1234");
                File.WriteAllBytes(@"E:\testsite\my-free-cert.pfx", pfx);

                // Revoke certificate
                //  await client.RevokeCertificate(cert);
            Console.WriteLine(" finish,press any key to exit. ");
            // await client.DeleteRegistration(account);

Your code works fine for me.

Maybe check that you haven't been rate limited, since you're using the production environment in your example:

Perhaps WellKnownServers.LetsEncryptStaging instead.

Adding this below the NewAuthorization worked for me with your exact code:

foreach (var chall in authz.Data.Challenges) {
    Console.WriteLine("Challenge {0} (type {1}): {2}", chall.Uri, chall.Type, chall.Token);
$ dotnet run
Challenge (type dns-01): X0zdByVmGYDnjarl669n0IZLKQHBhkDVlrK0Cxc1pOw
Challenge (type http-01): 2TbqD176La-Mrwe-FqXvFeOIZiJCY-_vRdjUFlbDCFo
Challenge (type tls-alpn-01): M6AUMkXbYcMBgtoUiAUwQuXVsEuy3VrZrTE-_icH5MA
// Initialize authorization complete
authz.Data.Status: invalid
authz.Data.Status: invalid
finish,press any key to exit.

Actual I am getting
KeyAutharization value is Null in httpChallengeInfo can u help me
and How i can get authz.Data.Status: valid
Actula error I am getting on

You already have the key-authz in the code:

var keyAuthString = client.ComputeKeyAuthorization(httpChallengeInfo);

and it’s not null for me:

Console.WriteLine("key-authz: {0}", keyAuthString);
key-authz: 7bddQMuqt1crlDOt5oRhAM97p7x4lBbRrXVAUCZ2CJg.jFU0vb_FyhNYT8asqygdJFfIcYqj4cIYU9iVItYocx4

Perhaps take a look at the Certes README. It shows a much simpler API surface than what you’re trying:

Then Why I am getting UnAutharization error can u help me

Hi @teamdream

is this that what you want? You want to use letsencrypt. But this is already defined in the client-variable.

client.NewAuthorization should start a new Authorization. So you must use your own domain name as value, not You try to get a certificate with

The payload of the new-order is something like

"payload": base64url({
  "identifiers": [{"type:"dns","value":""}, {"type":"dns","value":""}]

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.