Authorization error1


#1

AcmeClient.NewAuthorization(new AuthorizationIdentifier{Type = AuthorizationIdentifierTypes.Dns,Value = “letsencrypt.org”});
return null challenges
and gin auAuthorization error


#2

Post a full, runnable code sample.


#3

using (var client = new AcmeClient(WellKnownServers.LetsEncrypt))
{

            var account = await client.NewRegistraton("mailto:teamdream458@gmail.com");

            account.Data.Agreement = account.GetTermsOfServiceUri();
            account = await client.UpdateRegistration(account);

            // Initialize authorization
            var authz = await client.NewAuthorization(new AuthorizationIdentifier
            {
                Type = AuthorizationIdentifierTypes.Dns,
                Value = "letsencrypt.org"
            });
            Console.WriteLine(" // Initialize authorization complete");
            // Comptue key authorization for http-01
            var httpChallengeInfo = authz.Data.Challenges.Where(c => c.Type == ChallengeTypes.Http01).First();
            var keyAuthString = client.ComputeKeyAuthorization(httpChallengeInfo);

            // Do something to fullfill the challenge,
            // e.g. upload key auth string to well known path, or make changes to DNS

            // Info ACME server to validate the identifier
            var httpChallenge = await client.CompleteChallenge(httpChallengeInfo);

            // Check authorization status
            authz = await client.GetAuthorization(httpChallenge.Location);
            Console.WriteLine(" authz.Data.Status: " + authz.Data.Status);
            while (authz.Data.Status == EntityStatus.Pending)
            {
                // Wait for ACME server to validate the identifier
                await Task.Delay(10000);
                authz = await client.GetAuthorization(httpChallenge.Location);
                Console.WriteLine(" authz.Data.Status: " + authz.Data.Status);
            }
            Console.WriteLine(" authz.Data.Status: " + authz.Data.Status);
            if (authz.Data.Status == EntityStatus.Valid)
            {
                // Create certificate
                var csr = new CertificationRequestBuilder();
                csr.AddName("CN", "xyz.net");
                var cert = await client.NewCertificate(csr);

                // Export Pfx
                var pfxBuilder = cert.ToPfx();
                var pfx = pfxBuilder.Build("my-free-cert", "abcd1234");
                File.WriteAllBytes(@"E:\testsite\my-free-cert.pfx", pfx);

                // Revoke certificate
                //  await client.RevokeCertificate(cert);
            }
            Console.WriteLine(" finish,press any key to exit. ");
            // await client.DeleteRegistration(account);
        }

#4

Your code works fine for me.

Maybe check that you haven’t been rate limited, since you’re using the production environment in your example:

Perhaps WellKnownServers.LetsEncryptStaging instead.

Adding this below the NewAuthorization worked for me with your exact code:

foreach (var chall in authz.Data.Challenges) {
    Console.WriteLine("Challenge {0} (type {1}): {2}", chall.Uri, chall.Type, chall.Token);
}
$ dotnet run
Challenge https://acme-staging.api.letsencrypt.org/acme/challenge/RsmRjdcqgl4tZbEYe-OUM3MkK38ldVlKoJ5Equss_So/140179009 (type dns-01): X0zdByVmGYDnjarl669n0IZLKQHBhkDVlrK0Cxc1pOw
Challenge https://acme-staging.api.letsencrypt.org/acme/challenge/RsmRjdcqgl4tZbEYe-OUM3MkK38ldVlKoJ5Equss_So/140179010 (type http-01): 2TbqD176La-Mrwe-FqXvFeOIZiJCY-_vRdjUFlbDCFo
Challenge https://acme-staging.api.letsencrypt.org/acme/challenge/RsmRjdcqgl4tZbEYe-OUM3MkK38ldVlKoJ5Equss_So/140179011 (type tls-alpn-01): M6AUMkXbYcMBgtoUiAUwQuXVsEuy3VrZrTE-_icH5MA
// Initialize authorization complete
authz.Data.Status: invalid
authz.Data.Status: invalid
finish,press any key to exit.

#5

Actual I am getting
KeyAutharization value is Null in httpChallengeInfo can u help me
and How i can get authz.Data.Status: valid
Actula error I am getting on
order.Generate()


#6

You already have the key-authz in the code:

var keyAuthString = client.ComputeKeyAuthorization(httpChallengeInfo);

and it’s not null for me:

Console.WriteLine("key-authz: {0}", keyAuthString);
key-authz: 7bddQMuqt1crlDOt5oRhAM97p7x4lBbRrXVAUCZ2CJg.jFU0vb_FyhNYT8asqygdJFfIcYqj4cIYU9iVItYocx4

Perhaps take a look at the Certes README. It shows a much simpler API surface than what you’re trying: https://github.com/fszlin/certes#usage


#7

Then Why I am getting UnAutharization error can u help me


#8

Hi @teamdream

is this that what you want? You want to use letsencrypt. But this is already defined in the client-variable.

client.NewAuthorization should start a new Authorization. So you must use your own domain name as value, not letsencryt.org. You try to get a certificate with CN=letsencrypt.org

The payload of the new-order is something like

"payload": base64url({
  "identifiers": [{"type:"dns","value":"example.com"}, {"type":"dns","value":"www.example.com"}]
})

#9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.