My domain is: oscarkilo.com
I ran this command: HTTP requests to staging using a new golang client
It produced this output: see below
My web server is: a custom golang binary
The operating system my web server runs on is: Debian
My hosting provider, if applicable, is: none
I can login to a root shell on my machine: yes
I'm using a control panel to manage my site: no
The version of my client is: custom Go code
Greetings. I'm trying to get a new certificate by implementing my own client in Go using the HTTP API with the http-01 challenge. I can create an order:
{
"identifier": {
"type": "dns",
"value": "oscarkilo.com"
},
"status": "pending",
"expires": "2022-11-13T16:20:24Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/4229901414/5jlvXg",
"token": "hjIpkaeS5LkhnkynrXIHUrQ6nkCDVgSzgVi1ZlHSfNk"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/4229901414/aUEQSw",
"token": "hjIpkaeS5LkhnkynrXIHUrQ6nkCDVgSzgVi1ZlHSfNk"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/4229901414/XK3BWA",
"token": "hjIpkaeS5LkhnkynrXIHUrQ6nkCDVgSzgVi1ZlHSfNk"
}
]
}
And I can request an http-01 challenge:
{
"type": "http-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/4229901414/5jlvXg",
"token": "hjIpkaeS5LkhnkynrXIHUrQ6nkCDVgSzgVi1ZlHSfNk"
}
But I don't see the incoming /.well-known/acme-challenge/... request, and when I check back on the status of the challenge 2 seconds later, I get this:
{
"type": "urn:ietf:params:acme:error:malformed",
"detail": "Unable to update challenge :: authorization must be pending",
"status": 400
}
and the order page shows this:
{
"type": "urn:ietf:params:acme:error:malformed",
"detail": "No such challenge",
"status": 404
}
Is there a way for me to see the URL of the request that LetsEncrypt sent to me in order to verify the challenge? It should be something like this:
http://oscarkilo.com/.well-known/acme-challenge/10RgoQjyBzvBU0M-XsO8PS9eQzmdxQS2VnyIK4Ae7U8
When I open this URL in my browser, my server gets the request and responds correctly. But I don't see this request from LetsEncrypt before the challenge fails and disappears.
I searched for other similar issues, and it seems that people are getting this error with the dns-01 challenge, which is not what I'm doing. Other people had trouble with expired authz, but I'm making a new account and a new order each time, so that should not be a problem.
Also, what is the right way to interpret the message "authorization must be pending"? Does it mean "authorization is probably pending" or "authorization is not pending, but should be"? I'm assuming it's the latter because the /authz-v3 page returns "no such challenge".
Most of the source code is here: package certrefresh// LetsEncrypt.org Clientimport ( "bytes" "cryp - Pastebin.com
I call NewAccount() followed by NewOrder().
Then 2 seconds later, CheckChallengeStatus() fails.
Thank you very much.