I am running openbsd 5.8 and try now to renew certificates and it fails, whatever client or acme server (staging or prod’) I try.
Here it is with acme-tiny:
stephane@blackblock:/var/www/www.22decembre.eu doas -u le /var/le/generate www.22decembre.eu
doas (stephane@blackblock.22decembre.eu) password:
Generating RSA private key, 4096 bit long modulus
................................................................................................................................................................++
............................................................................................................................................................................................++
e is 65537 (0x10001)
Parsing account key...
Parsing CSR...
Registering account...
Already registered!
Verifying www.22decembre.eu...
Traceback (most recent call last):
File "/var/le/acme-tiny/acme_tiny.py", line 198, in <module>
main(sys.argv[1:])
File "/var/le/acme-tiny/acme_tiny.py", line 194, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca)
File "/var/le/acme-tiny/acme_tiny.py", line 149, in get_crt
domain, challenge_status))
ValueError: www.22decembre.eu challenge did not pass: {u'status': u'invalid', u'validationRecord': [{u'url': u'http://www.22decembre.eu/.well-known/acme-challenge/ti1aguTK5m-YoINFyUtzkB7tDkNaYaAXYSFiaKdFsuQ', u'hostname': u'www.22decembre.eu', u'addressUsed': u'90.185.111.213', u'port': u'80', u'addressesResolved': [u'90.185.111.213']}], u'keyAuthorization': u'ti1aguTK5m-YoINFyUtzkB7tDkNaYaAXYSFiaKdFsuQ.L4TPRmCy6xGjPSjU2Xzk1Yq6IDS9Z3hiv2ASxM1z42s', u'uri': u'https://acme-staging.api.letsencrypt.org/acme/challenge/65TH7qDYiXRxcGpTFixP8LSMOX-ogpthaQF9OSFLiJw/1336745', u'token': u'ti1aguTK5m-YoINFyUtzkB7tDkNaYaAXYSFiaKdFsuQ', u'error': {u'type': u'urn:acme:error:unauthorized', u'detail': u'Invalid response from http://www.22decembre.eu/.well-known/acme-challenge/ti1aguTK5m-YoINFyUtzkB7tDkNaYaAXYSFiaKdFsuQ [90.185.111.213]: 404'}, u'type': u'http-01'}
this one with letsacme:
stephane@blackblock:/home/stephane/letsacme doas python letsacme.py --no-chain --account-key /var/le/master.key --csr /var/le/domains/www.22decembre.eu/cu>
doas (stephane@blackblock.22decembre.eu) password:
Parsing account key...
Parsing CSR...
CN: www.22decembre.eu
Registering account...
Already registered!
Verifying www.22decembre.eu...
www.22decembre.eu challenge did not pass: {u'status': u'invalid', u'validationRecord': [{u'url': u'http://www.22decembre.eu/.well-known/acme-challenge/yxltSqajH3bXXESF_7WiWI8kYLmPgbQWF69S6W_bKFQ', u'hostname': u'www.22decembre.eu', u'addressUsed': u'90.185.111.213', u'port': u'80', u'addressesResolved': [u'90.185.111.213']}], u'keyAuthorization': u'yxltSqajH3bXXESF_7WiWI8kYLmPgbQWF69S6W_bKFQ.L4TPRmCy6xGjPSjU2Xzk1Yq6IDS9Z3hiv2ASxM1z42s', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/y8xr56unkvO00RAwpJCqOAfkCA5y1rgVSD7XsRXP6hs/17564408', u'token': u'yxltSqajH3bXXESF_7WiWI8kYLmPgbQWF69S6W_bKFQ', u'error': {u'type': u'urn:acme:error:unauthorized', u'detail': u'Invalid response from http://www.22decembre.eu/.well-known/acme-challenge/yxltSqajH3bXXESF_7WiWI8kYLmPgbQWF69S6W_bKFQ [90.185.111.213]: 404'}, u'type': u'http-01'}
yet, when I check, I can write a random text file as the user, then download it from an other computer:
stephane@luciole:~$ wget http://www.22decembre.eu/.well-known/acme-challenge/t
--2016-02-17 12:21:32-- http://www.22decembre.eu/.well-known/acme-challenge/t
Résolution de www.22decembre.eu (www.22decembre.eu)… 2001:16d8:dd00:8207::, 2001:16d8:dd00:8207:be5f:f4ff:fe73:a7e0, 2001:16d8:dd00:207::2, ...
Connexion à www.22decembre.eu (www.22decembre.eu)|2001:16d8:dd00:8207::|:80… connecté.
requête HTTP transmise, en attente de la réponse… 200 OK
Taille : 34 [application/octet-stream]
Sauvegarde en : « t.1 »
100%[=============================================================>] 34 --.-K/s ds 0s
any idea ?