returns 202 Accepted with no Retry-After. It returned it when “status”:“pending” (still with no , it returns it now when “status”:“valid”.
is staging api end point still in service ? what about using public beta one ?
@eva2000 they both run the same build, compare https://acme-v01.api.letsencrypt.org/build and https://acme-staging.api.letsencrypt.org/build
1 Like
i see thanks for the info
Sorry about the confusion, the authorization endpoint returns 200, used to be status:pending, now status:valid, no Retry-After at any time. Some data dumps from my client:
unrecognized tls-sni-01
recognized http-01
Create file in htdocs: (CVL0uy6D2dotYLQPBnI7FAoBoC2_CTSAnT2pCgxm5LA)
.well-known/acme-challenge/CVL0uy6D2dotYLQPBnI7FAoBoC2_CTSAnT2pCgxm5LA
Accept challenge (y/N)? y
Changes done.
Submitted.
Polling
https://acme-staging.api.letsencrypt.org/acme/challenge/On_Kjn49KTdh1hj5Zq7XCDOUlZGUvmimNmtcmqIzsac/794170
[202,
{'keyAuthorization': 'CVL0uy6D2dotYLQPBnI7FAoBoC2_CTSAnT2pCgxm5LA.dcIYtVuu-LvsnCecLsdkb1ogm2wwxkTepZo-8-KSWaM',
'status': 'pending',
'token': 'CVL0uy6D2dotYLQPBnI7FAoBoC2_CTSAnT2pCgxm5LA',
'type': 'http-01',
'uri': 'https://acme-staging.api.letsencrypt.org/acme/challenge/On_Kjn49KTdh1hj5Zq7XCDOUlZGUvmimNmtcmqIzsac/794170'},
[('Server', 'nginx'),
('Content-Type', 'application/json'),
('Content-Length', '315'),
('Link',
'<https://acme-staging.api.letsencrypt.org/acme/authz/On_Kjn49KTdh1hj5Zq7XCDOUlZGUvmimNmtcmqIzsac>;rel="up"'),
('Location',
'https://acme-staging.api.letsencrypt.org/acme/challenge/On_Kjn49KTdh1hj5Zq7XCDOUlZGUvmimNmtcmqIzsac/794170'),
('Replay-Nonce', 'bwjsTJefuPRqyF_Qkz1N4GpkqsBVpX6hpvafE2c9X-s'),
('Expires', 'Thu, 03 Dec 2015 19:38:28 GMT'),
('Cache-Control', 'max-age=0, no-cache, no-store'),
('Pragma', 'no-cache'),
('Date', 'Thu, 03 Dec 2015 19:38:28 GMT'),
('Connection', 'keep-alive')]]
Polling
https://acme-staging.api.letsencrypt.org/acme/authz/On_Kjn49KTdh1hj5Zq7XCDOUlZGUvmimNmtcmqIzsac
[200,
{'challenges': [{'status': 'pending',
'token': 'pUf6i7nWlnQ43Y3rfMUB_OUUdTPvAfgFUo9Jx49JIQQ',
'type': 'tls-sni-01',
'uri': 'https://acme-staging.api.letsencrypt.org/acme/challenge/On_Kjn49KTdh1hj5Zq7XCDOUlZGUvmimNmtcmqIzsac/794169'},
{'keyAuthorization': 'CVL0uy6D2dotYLQPBnI7FAoBoC2_CTSAnT2pCgxm5LA.dcIYtVuu-LvsnCecLsdkb1ogm2wwxkTepZo-8-KSWaM',
'status': 'pending',
'token': 'CVL0uy6D2dotYLQPBnI7FAoBoC2_CTSAnT2pCgxm5LA',
'type': 'http-01',
'uri': 'https://acme-staging.api.letsencrypt.org/acme/challenge/On_Kjn49KTdh1hj5Zq7XCDOUlZGUvmimNmtcmqIzsac/794170'}],
'combinations': [[1], [0]],
'expires': '2015-12-10T19:38:26Z',
'identifier': {'type': 'dns', 'value': 'hristo.venev.name'},
'status': 'pending'},
[('Server', 'nginx'),
('Content-Type', 'application/json'),
('Content-Length', '675'),
('Link',
'<https://acme-staging.api.letsencrypt.org/acme/new-cert>;rel="next"'),
('Replay-Nonce', '3emL9TPFvqLusMyZkZr1gJGlbEtG-RSw8rbsLsWWAno'),
('X-Frame-Options', 'DENY'),
('Strict-Transport-Security', 'max-age=604800'),
('Expires', 'Thu, 03 Dec 2015 19:38:28 GMT'),
('Cache-Control', 'max-age=0, no-cache, no-store'),
('Pragma', 'no-cache'),
('Date', 'Thu, 03 Dec 2015 19:38:28 GMT'),
('Connection', 'keep-alive')]]
If you think you found an implementation issue of the ACME server, you’re better off reporting it at https://github.com/letsencrypt/boulder/issues
1 Like
Polling the authorization endpoint again:
Polling
https://acme-staging.api.letsencrypt.org/acme/authz/On_Kjn49KTdh1hj5Zq7XCDOUlZGUvmimNmtcmqIzsac
[200,
{'challenges': [{'status': 'pending',
'token': 'pUf6i7nWlnQ43Y3rfMUB_OUUdTPvAfgFUo9Jx49JIQQ',
'type': 'tls-sni-01',
'uri': 'https://acme-staging.api.letsencrypt.org/acme/challenge/On_Kjn49KTdh1hj5Zq7XCDOUlZGUvmimNmtcmqIzsac/794169'},
{'keyAuthorization': 'CVL0uy6D2dotYLQPBnI7FAoBoC2_CTSAnT2pCgxm5LA.dcIYtVuu-LvsnCecLsdkb1ogm2wwxkTepZo-8-KSWaM',
'status': 'valid',
'token': 'CVL0uy6D2dotYLQPBnI7FAoBoC2_CTSAnT2pCgxm5LA',
'type': 'http-01',
'uri': 'https://acme-staging.api.letsencrypt.org/acme/challenge/On_Kjn49KTdh1hj5Zq7XCDOUlZGUvmimNmtcmqIzsac/794170',
'validationRecord': [{'addressUsed': '95.111.59.55',
'addressesResolved': ['95.111.59.55'],
'hostname': 'hristo.venev.name',
'port': '80',
'url': 'http://hristo.venev.name/.well-known/acme-challenge/CVL0uy6D2dotYLQPBnI7FAoBoC2_CTSAnT2pCgxm5LA'},
{'addressUsed': '95.111.59.55',
'addressesResolved': ['95.111.59.55'],
'hostname': 'hristo.venev.name',
'port': '443',
'url': 'https://hristo.venev.name/.well-known/acme-challenge/CVL0uy6D2dotYLQPBnI7FAoBoC2_CTSAnT2pCgxm5LA'}]}],
'combinations': [[1], [0]],
'expires': '2016-09-28T19:38:29Z',
'identifier': {'type': 'dns', 'value': 'hristo.venev.name'},
'status': 'valid'},
[('Server', 'nginx'),
('Content-Type', 'application/json'),
('Content-Length', '1124'),
('Link',
'<https://acme-staging.api.letsencrypt.org/acme/new-cert>;rel="next"'),
('Replay-Nonce', '1KWR0mVabYcoaBsvmbHVcZ46s0ChaL5SMq0oKdWoLBE'),
('X-Frame-Options', 'DENY'),
('Strict-Transport-Security', 'max-age=604800'),
('Expires', 'Thu, 03 Dec 2015 19:41:22 GMT'),
('Cache-Control', 'max-age=0, no-cache, no-store'),
('Pragma', 'no-cache'),
('Date', 'Thu, 03 Dec 2015 19:41:22 GMT'),
('Connection', 'keep-alive')]]
And curl $challenge_url:
> GET /acme/challenge/On_Kjn49KTdh1hj5Zq7XCDOUlZGUvmimNmtcmqIzsac/794170 HTTP/1.1
> Host: acme-staging.api.letsencrypt.org
> User-Agent: curl/7.46.0
> Accept: */*
>
< HTTP/1.1 202 Accepted
< Server: nginx
< Content-Type: application/json
< Content-Length: 766
< Link: <https://acme-staging.api.letsencrypt.org/acme/authz/On_Kjn49KTdh1hj5Zq7XCDOUlZGUvmimNmtcmqIzsac>;rel="up"
< Location: https://acme-staging.api.letsencrypt.org/acme/challenge/On_Kjn49KTdh1hj5Zq7XCDOUlZGUvmimNmtcmqIzsac/794170
< Replay-Nonce: qkV9vss0o1T0zOB3ACtXCnHrXxnlIIANZeSJIjOWvWI
< Expires: Thu, 03 Dec 2015 19:43:00 GMT
< Cache-Control: max-age=0, no-cache, no-store
< Pragma: no-cache
< Date: Thu, 03 Dec 2015 19:43:00 GMT
< Connection: keep-alive
{'keyAuthorization': 'CVL0uy6D2dotYLQPBnI7FAoBoC2_CTSAnT2pCgxm5LA.dcIYtVuu-LvsnCecLsdkb1ogm2wwxkTepZo-8-KSWaM',
'status': 'valid',
'token': 'CVL0uy6D2dotYLQPBnI7FAoBoC2_CTSAnT2pCgxm5LA',
'type': 'http-01',
'uri': 'https://acme-staging.api.letsencrypt.org/acme/challenge/On_Kjn49KTdh1hj5Zq7XCDOUlZGUvmimNmtcmqIzsac/794170',
'validationRecord': [{'addressUsed': '95.111.59.55',
'addressesResolved': ['95.111.59.55'],
'hostname': 'hristo.venev.name',
'port': '80',
'url': 'http://hristo.venev.name/.well-known/acme-challenge/CVL0uy6D2dotYLQPBnI7FAoBoC2_CTSAnT2pCgxm5LA'},
{'addressUsed': '95.111.59.55',
'addressesResolved': ['95.111.59.55'],
'hostname': 'hristo.venev.name',
'port': '443',
'url': 'https://hristo.venev.name/.well-known/acme-challenge/CVL0uy6D2dotYLQPBnI7FAoBoC2_CTSAnT2pCgxm5LA'}]}
I reported an issue in boulder.