Hi,
I’m getting the same error when I’m trying to generate a simple cert for a .de domain, now that let’s encrypt is in public beta.
I run the command on a Fedora VM. This is the terminal output:
[vpc@localhost letsencrypt]$ ./letsencrypt-auto certonly --authenticator manual --agree-dev-preview --server https://acme-v01.api.letsencrypt.org/directory --text --csr signreq.der
Updating letsencrypt and virtual environment dependencies.......
Running with virtualenv: sudo /home/vpc/.local/share/letsencrypt/bin/letsencrypt certonly --authenticator manual --agree-dev-preview --server https://acme-v01.api.letsencrypt.org/directory --text --csr signreq.der
Use of --agree-dev-preview is deprecated.
-------------------------------------------------------------------------------
NOTE: The IP of this machine will be publicly logged as having requested this
certificate. If you're running letsencrypt in manual mode on a machine that is
not your server, please ensure you're okay with that.
Are you OK with your IP being logged?
-------------------------------------------------------------------------------
(Y)es/(N)o: y
Make sure your web server displays the following content at
http://kinderbasar-luhe.de/.well-known/acme-challenge/MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o before continuing:
MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o.dY9nFOGupj544HjQN-TnlH2jCVo-4UxlbXiujRoiJr4
If you don't have HTTP server configured, you can run the following
command on the target server (as root):
mkdir -p /tmp/letsencrypt/public_html/.well-known/acme-challenge
cd /tmp/letsencrypt/public_html
printf "%s" MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o.dY9nFOGupj544HjQN-TnlH2jCVo-4UxlbXiujRoiJr4 > .well-known/acme-challenge/MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o
# run only once per server:
$(command -v python2 || command -v python2.7 || command -v python2.6) -c \
"import BaseHTTPServer, SimpleHTTPServer; \
s = BaseHTTPServer.HTTPServer(('', 80), SimpleHTTPServer.SimpleHTTPRequestHandler); \
s.serve_forever()"
Press ENTER to continue
An unexpected error occurred:
The server experienced an internal error :: Error creating new cert
Please see the logfiles in /var/log/letsencrypt for more details.
[vpc@localhost letsencrypt]$
This is the logfile:
2015-12-03 20:29:20,416:DEBUG:letsencrypt.cli:Root logging level set at 30
2015-12-03 20:29:20,417:INFO:letsencrypt.cli:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2015-12-03 20:29:20,418:DEBUG:letsencrypt.cli:letsencrypt version: 0.1.0
2015-12-03 20:29:20,418:DEBUG:letsencrypt.cli:Arguments: ['--authenticator', 'manual', '--agree-dev-preview', '--server', 'https://acme-v01.api.letsencrypt.org/directory', '--text', '--csr', 'signreq.der']
2015-12-03 20:29:20,418:DEBUG:letsencrypt.cli:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
2015-12-03 20:29:20,419:DEBUG:letsencrypt.cli:Requested authenticator manual and installer None
2015-12-03 20:29:20,423:DEBUG:letsencrypt.display.ops:Single candidate plugin: * manual
Description: Manually configure an HTTP server
Interfaces: IAuthenticator, IPlugin
Entry point: manual = letsencrypt.plugins.manual:Authenticator
Initialized: <letsencrypt.plugins.manual.Authenticator object at 0x7f2fbeda0d10>
Prep: True
2015-12-03 20:29:20,423:DEBUG:letsencrypt.cli:Selected authenticator <letsencrypt.plugins.manual.Authenticator object at 0x7f2fbeda0d10> and installer None
2015-12-03 20:29:20,435:DEBUG:letsencrypt.cli:Picked account: <Account(45c8ab189209753b7c113da40bf2c2c5)>
2015-12-03 20:29:20,436:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/directory. args: (), kwargs: {}
2015-12-03 20:29:20,438:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2015-12-03 20:29:20,758:DEBUG:requests.packages.urllib3.connectionpool:"GET /directory HTTP/1.1" 200 263
2015-12-03 20:29:20,760:DEBUG:root:Received <Response [200]>. Headers: {'Content-Length': '263', 'Expires': 'Thu, 03 Dec 2015 20:29:20 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Thu, 03 Dec 2015 20:29:20 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'jC_HEIZc5h4zkboxHsKM9ncVEQLX6NpL9TYcPsEZ-6c'}. Content: '{"new-authz":"https://acme-v01.api.letsencrypt.org/acme/new-authz","new-cert":"https://acme-v01.api.letsencrypt.org/acme/new-cert","new-reg":"https://acme-v01.api.letsencrypt.org/acme/new-reg","revoke-cert":"https://acme-v01.api.letsencrypt.org/acme/revoke-cert"}'
2015-12-03 20:29:20,760:DEBUG:acme.client:Received response <Response [200]> (headers: {'Content-Length': '263', 'Expires': 'Thu, 03 Dec 2015 20:29:20 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Thu, 03 Dec 2015 20:29:20 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'jC_HEIZc5h4zkboxHsKM9ncVEQLX6NpL9TYcPsEZ-6c'}): '{"new-authz":"https://acme-v01.api.letsencrypt.org/acme/new-authz","new-cert":"https://acme-v01.api.letsencrypt.org/acme/new-cert","new-reg":"https://acme-v01.api.letsencrypt.org/acme/new-reg","revoke-cert":"https://acme-v01.api.letsencrypt.org/acme/revoke-cert"}'
2015-12-03 20:29:20,760:DEBUG:letsencrypt.client:CSR: CSR(file='/home/vpc/letsenc/letsencrypt/signreq.der', data='0\x82\x02\xaf0\x82\x01\x97\x02\x01\x00091\x0b0\t\x06\x03U\x04\x06\x13\x02DE1\x140\x12\x06\x03U\x04\n\x0c\x0bPreisser-IT1\x140\x12\x06\x03U\x04\x03\x0c\x0bPreisser-IT0\x82\x01"0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\n\x02\x82\x01\x01\x00\xb6\xd9U\xee{\xff\xfeP\x05\x8b!Z\x14\x8bw\x13s\x00\xe3\xb2\'\x9c\xa59\xdf\x12\x07\x8b<7_t\xbb(\xa3\xa4r\xc5\xa5\\Q6\x8d\xb8\xc7\xbf\xe9\xec\xd3\xd50p\x1e\x90R3\xcc\xfe\xee\x8cG\x8a9\x91~`\x7f\xce\xf8/l\x9dd$.\xa9\x97i>\xac\x9ea\xaf\x1d\xa8\xe2T\x83!\xa81I\xb1.\xc1\xd9\x1f\xa0\x90\'!\xd6\xc6\nM\xbd\x9a,\xb0u\x9aq\xb0\xb3\x86\xb9;:\xe9\x03\x17\x13\xd4\xd4\x89i\xf8\xc5E\x9f\x9b\xb0\xc4$\x98H\x9f\x01S\x0b\xbf\xd5\xcdA\x0eH\xb4\xac\x87\xf8\xbf[\x92\xd3\x86\xb3\x0f\xa4DC\xfb\x8b\xb6\xd1\xb9\xeci\xf1\xd3\x92\xea\\8Y\xde\xc2\xc1\xcarG\x13\xe1\xb6P\x122yp\xca\xa3\xbc{\x98\xae\xdae\xe9D\x15\x11\xa4g\xa0U\xb4\xa5L\xfa|\x91Z\xa6kwO\xb9\xf9\x03\xfaK\xcb\xff\xc84\xae[\x00n\xc9X\xb8;\xc2\xb6\xc3?mp]n\xfb\x88\xed\xa2|\x10\xc8\xab6q<\xe9\xca\x19GS\x02\x03\x01\x00\x01\xa010/\x06\t*\x86H\x86\xf7\r\x01\t\x0e1"0 0\x1e\x06\x03U\x1d\x11\x04\x170\x15\x82\x13kinderbasar-luhe.de0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\x9a\xcc0\x1e(\xc2\xe8\x81\xcb\x994\xc0\xd5i\x90\xee\xb7\xf5>M\xe3^}\x19\xc2\xf1\x03\xee\xc4\xd5\xe9\xfc\xc9E\xfa.\xa2\x06\n\x89Z\x85\xdev\xa7\x88,xA\xee\xf7\xcf3\xeb\xaa\xc4\xc4\xe3A\xac\x9b%\x9e\x8d]\x8e.\xf3P\x97X\x03\xcb\x86u\x9d\x170\tE\xdb\x97\x1f\x08S\xe1\x83\xb7\x13\xfdJ2\xa7\xeb\xe862\xac\xf3O%\x0b\xde\xd8\xbbj5\xc1\xb2"\x852Ji\xda\xbe\xb8r0\xf9n\x08\x16$B\xce\x14\xc2\x9c]Jc\xf7\x17\x8a\xba\xed~\x1c\xb9\x12(\xecL\x84\xcb$\xfd\xcf\x97-\x9eZ\xa3&\x1a\xa0\xa1b\x0c5\x98L\xdf6\xe4\x1a\x96\x91\xfe\x1ax\x93\x19\xea\x82NH0\x07\x81\x17\xa7NQ\x18\xf5\xb7\xce\xd8M\xcf\xaf\xe2O\xbc\x9e9\x00\xf6\x0b\x99\xdd\x9d\x96\xd5\xcc\x02\xf1\x03@@9\x10<\x85\xb1\xc0\xad\x04\xd0p\x9d\x80\x87\x03V\x0f\x16\xe1\xc1\xb7\xbc\x9eP\x10\x1eh\x8dp\x17\x8e\xddO\x13Z\x0e\xc3/\x0c\xd3\xacJs\xfb\x89', form='der'), domains: ['kinderbasar-luhe.de']
2015-12-03 20:29:20,761:DEBUG:root:Requesting fresh nonce
2015-12-03 20:29:20,761:DEBUG:root:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {}
2015-12-03 20:29:20,761:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2015-12-03 20:29:21,047:DEBUG:requests.packages.urllib3.connectionpool:"HEAD /acme/new-authz HTTP/1.1" 405 0
2015-12-03 20:29:21,049:DEBUG:root:Received <Response [405]>. Headers: {'Content-Length': '0', 'Pragma': 'no-cache', 'Expires': 'Thu, 03 Dec 2015 20:29:21 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'Allow': 'POST', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Thu, 03 Dec 2015 20:29:21 GMT', 'Content-Type': 'application/problem+json', 'Replay-Nonce': 'D9Gcj0L7DGhuXGvx1YZhoacA8W4r1aEzw-60wVU1gxI'}. Content: ''
2015-12-03 20:29:21,049:DEBUG:acme.client:Storing nonce: '\x0f\xd1\x9c\x8fB\xfb\x0chn\\k\xf1\xd5\x86a\xa1\xa7\x00\xf1n+\xd5\xa13\xc3\xee\xb4\xc1U5\x83\x12'
2015-12-03 20:29:21,050:DEBUG:acme.jose.json_util:Omitted empty fields: combinations=None, challenges=None, expires=None, status=None
2015-12-03 20:29:21,050:DEBUG:acme.client:Serialized JSON: {"identifier": {"type": "dns", "value": "kinderbasar-luhe.de"}, "resource": "new-authz"}
2015-12-03 20:29:21,050:DEBUG:acme.jose.json_util:Omitted empty fields: kid=None, x5c=(), crit=(), jwk=None, typ=None, alg=None, jku=None, cty=None, x5tS256=None, x5u=None, x5t=None
2015-12-03 20:29:21,052:DEBUG:acme.jose.json_util:Omitted empty fields: kid=None, x5c=(), crit=(), typ=None, jku=None, cty=None, x5tS256=None, x5u=None, x5t=None, nonce=None
2015-12-03 20:29:21,052:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "o3UEOKn5uACs2tyPJbsdS_h3w8ZXnENXJTG60gJEdK15entrhImQLy-Z0GlmX8IMGTOkgWot27Lflykhjjrm-mlJ_TeURbk76vLypihS1FZ1mZxlMX7SV8vM672ylA4sdhCMd3ss9XO3uy2pC6b_53Q_N8tUVygtwqkjYHFlhmOr0Bz4IxcfclT6RT1mTk2ov4RCnUZ6S7Uir53fPPsjiMLaW21ROW9W_LVAFNPjfglQJJZRkKKshwsy7DKgePi9UVC7HFOhxOGQU6tQPWYNT5C1d7FlO2yNIbQ3v6UYQ6iQRnGOykmKEyzYNTCDQlxFTxfLA-AlRWVtomeow6eEyw"}}, "protected": "eyJub25jZSI6ICJEOUdjajBMN0RHaHVYR3Z4MVlaaG9hY0E4VzRyMWFFenctNjB3VlUxZ3hJIn0", "payload": "eyJpZGVudGlmaWVyIjogeyJ0eXBlIjogImRucyIsICJ2YWx1ZSI6ICJraW5kZXJiYXNhci1sdWhlLmRlIn0sICJyZXNvdXJjZSI6ICJuZXctYXV0aHoifQ", "signature": "BcQJO25k8wEovHGV3vsdFXZGOuLUz9zpf65BXrP0LXjysmie2LbQ58Ge4GZ1LJCqZ2jGa1RDFRELtH-QJUm66SOilhrnN-AGzlGrjNOwv6Bgwfg8rkpSYhjZbOGKipT-C8sIsgqd2zL6DLG4lF4jPtXa9eqWBfZqPujQAZrIz0-EVBR1PX5727h4Z3LwcM1Opp0iOZ57u-FWlei3jVdBavYXs6oRqyVMf3-E_4PNh7MFeXyWytD5XdW3bjFeYXhe6KIrv1T5fvZkzpXTQM8AnAUCTsC_uLOuiDAFuEQ-jam5vRS3OjtlRfr34SQ1kABPB0cSnBrwjJpti7B34nCzhg"}'}
2015-12-03 20:29:21,053:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2015-12-03 20:29:21,382:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/new-authz HTTP/1.1" 201 570
2015-12-03 20:29:21,383:DEBUG:root:Received <Response [201]>. Headers: {'Content-Length': '570', 'Expires': 'Thu, 03 Dec 2015 20:29:21 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Thu, 03 Dec 2015 20:29:21 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'yirqD1rfphqnhBC2vs9SPaGggHKl-eKLfHfbm47YoIk'}. Content: '{"identifier":{"type":"dns","value":"kinderbasar-luhe.de"},"status":"pending","expires":"2015-12-10T20:29:21.277934462Z","challenges":[{"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28/572687","token":"MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o"},{"type":"tls-sni-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28/572688","token":"XSsEY6ThXGY_fU5-hexWL9y8ZrpQVSD_9u1mgS4bvWI"}],"combinations":[[0],[1]]}'
2015-12-03 20:29:21,384:DEBUG:acme.client:Storing nonce: '\xca*\xea\x0fZ\xdf\xa6\x1a\xa7\x84\x10\xb6\xbe\xcfR=\xa1\xa0\x80r\xa5\xf9\xe2\x8b|w\xdb\x9b\x8e\xd8\xa0\x89'
2015-12-03 20:29:21,384:DEBUG:acme.client:Received response <Response [201]> (headers: {'Content-Length': '570', 'Expires': 'Thu, 03 Dec 2015 20:29:21 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Thu, 03 Dec 2015 20:29:21 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'yirqD1rfphqnhBC2vs9SPaGggHKl-eKLfHfbm47YoIk'}): '{"identifier":{"type":"dns","value":"kinderbasar-luhe.de"},"status":"pending","expires":"2015-12-10T20:29:21.277934462Z","challenges":[{"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28/572687","token":"MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o"},{"type":"tls-sni-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28/572688","token":"XSsEY6ThXGY_fU5-hexWL9y8ZrpQVSD_9u1mgS4bvWI"}],"combinations":[[0],[1]]}'
2015-12-03 20:29:21,384:INFO:letsencrypt.auth_handler:Performing the following challenges:
2015-12-03 20:29:21,384:INFO:letsencrypt.auth_handler:http-01 challenge for kinderbasar-luhe.de
2015-12-03 20:30:05,024:DEBUG:acme.challenges:Verifying http-01 at http://kinderbasar-luhe.de/.well-known/acme-challenge/MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o...
2015-12-03 20:30:05,025:INFO:requests.packages.urllib3.connectionpool:Starting new HTTP connection (1): kinderbasar-luhe.de
2015-12-03 20:30:05,085:DEBUG:requests.packages.urllib3.connectionpool:"GET /.well-known/acme-challenge/MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o HTTP/1.1" 200 87
2015-12-03 20:30:05,086:DEBUG:acme.challenges:Received <Response [200]>: MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o.dY9nFOGupj544HjQN-TnlH2jCVo-4UxlbXiujRoiJr4. Headers: {'Date': 'Thu, 03 Dec 2015 20:30:04 GMT', 'Content-Length': '87', 'Content-Type': 'text/plain; charset=utf-8', 'Server': 'Microsoft-IIS/8.5'}
2015-12-03 20:30:05,086:INFO:letsencrypt.auth_handler:Waiting for verification...
2015-12-03 20:30:05,086:DEBUG:acme.client:Serialized JSON: {"keyAuthorization": "MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o.dY9nFOGupj544HjQN-TnlH2jCVo-4UxlbXiujRoiJr4", "type": "http-01", "resource": "challenge"}
2015-12-03 20:30:05,087:DEBUG:acme.jose.json_util:Omitted empty fields: kid=None, x5c=(), crit=(), jwk=None, typ=None, alg=None, jku=None, cty=None, x5tS256=None, x5u=None, x5t=None
2015-12-03 20:30:05,088:DEBUG:acme.jose.json_util:Omitted empty fields: kid=None, x5c=(), crit=(), typ=None, jku=None, cty=None, x5tS256=None, x5u=None, x5t=None, nonce=None
2015-12-03 20:30:05,088:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28/572687. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "o3UEOKn5uACs2tyPJbsdS_h3w8ZXnENXJTG60gJEdK15entrhImQLy-Z0GlmX8IMGTOkgWot27Lflykhjjrm-mlJ_TeURbk76vLypihS1FZ1mZxlMX7SV8vM672ylA4sdhCMd3ss9XO3uy2pC6b_53Q_N8tUVygtwqkjYHFlhmOr0Bz4IxcfclT6RT1mTk2ov4RCnUZ6S7Uir53fPPsjiMLaW21ROW9W_LVAFNPjfglQJJZRkKKshwsy7DKgePi9UVC7HFOhxOGQU6tQPWYNT5C1d7FlO2yNIbQ3v6UYQ6iQRnGOykmKEyzYNTCDQlxFTxfLA-AlRWVtomeow6eEyw"}}, "protected": "eyJub25jZSI6ICJ5aXJxRDFyZnBocW5oQkMydnM5U1BhR2dnSEtsLWVLTGZIZmJtNDdZb0lrIn0", "payload": "eyJrZXlBdXRob3JpemF0aW9uIjogIk1xeERTcUJ0NFNQU2NaYkI5VDM2aUxWNERFX2dUTUFpNEJwVGhlVFI4NG8uZFk5bkZPR3VwajU0NEhqUU4tVG5sSDJqQ1ZvLTRVeGxiWGl1alJvaUpyNCIsICJ0eXBlIjogImh0dHAtMDEiLCAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIn0", "signature": "SV5gpWM162LHiHJ_WBiRbTvx8twjNSdy5shrJKhB6uKdAvhRbXSLdum_kbKHRkqEFZv4d-2ukd_FysNI1KjoFUq9OkdrJ1p-NZRYvjXWoyaooXDNjN7n-pVrH3fUOxSmUtaLlJ5hZ0iaF95ecDKZKvzq2eEMDTd5Zw8GslNzFP6ZYYbCdtkl4CACzSqkhVsLCWkgyDURbVBZRvONgm-hLUdxnYABbsnileRqopCPNb0b2LmZUfT4sIuR-FZmV4L6Fz2vcBoRYcBq30IGyWUG78NcsjerARaaoj-I7bnPfWle_rybnj6TGOLuaS0UXcbhMzlyakr8cRrzcTzIKCZmPw"}'}
2015-12-03 20:30:05,089:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2015-12-03 20:30:05,447:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/challenge/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28/572687 HTTP/1.1" 202 311
2015-12-03 20:30:05,448:DEBUG:root:Received <Response [202]>. Headers: {'Content-Length': '311', 'Expires': 'Thu, 03 Dec 2015 20:30:05 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/authz/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28>;rel="up"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/challenge/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28/572687', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Thu, 03 Dec 2015 20:30:05 GMT', 'Content-Type': 'application/json', 'Replay-Nonce': 'mKBWMfnOMnAkQEzEtehRQqSFd3liE9KHla9l_I5aYPo'}. Content: '{"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28/572687","token":"MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o","keyAuthorization":"MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o.dY9nFOGupj544HjQN-TnlH2jCVo-4UxlbXiujRoiJr4"}'
2015-12-03 20:30:05,448:DEBUG:acme.client:Storing nonce: '\x98\xa0V1\xf9\xce2p$@L\xc4\xb5\xe8QB\xa4\x85wyb\x13\xd2\x87\x95\xafe\xfc\x8eZ`\xfa'
2015-12-03 20:30:05,449:DEBUG:acme.client:Received response <Response [202]> (headers: {'Content-Length': '311', 'Expires': 'Thu, 03 Dec 2015 20:30:05 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/authz/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28>;rel="up"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/challenge/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28/572687', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Thu, 03 Dec 2015 20:30:05 GMT', 'Content-Type': 'application/json', 'Replay-Nonce': 'mKBWMfnOMnAkQEzEtehRQqSFd3liE9KHla9l_I5aYPo'}): '{"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28/572687","token":"MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o","keyAuthorization":"MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o.dY9nFOGupj544HjQN-TnlH2jCVo-4UxlbXiujRoiJr4"}'
2015-12-03 20:30:08,453:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28. args: (), kwargs: {}
2015-12-03 20:30:08,454:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2015-12-03 20:30:08,757:DEBUG:requests.packages.urllib3.connectionpool:"GET /acme/authz/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28 HTTP/1.1" 200 909
2015-12-03 20:30:08,759:DEBUG:root:Received <Response [200]>. Headers: {'Content-Length': '909', 'Expires': 'Thu, 03 Dec 2015 20:30:08 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Thu, 03 Dec 2015 20:30:08 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'MVRpCYlZzZ0lSrZqxgnmG8r4WOBHaed3FEx8_dHKqlg'}. Content: '{"identifier":{"type":"dns","value":"kinderbasar-luhe.de"},"status":"valid","expires":"2016-09-28T20:30:06Z","challenges":[{"type":"http-01","status":"valid","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28/572687","token":"MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o","keyAuthorization":"MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o.dY9nFOGupj544HjQN-TnlH2jCVo-4UxlbXiujRoiJr4","validationRecord":[{"url":"http://kinderbasar-luhe.de/.well-known/acme-challenge/MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o","hostname":"kinderbasar-luhe.de","port":"80","addressesResolved":["37.120.162.254"],"addressUsed":"37.120.162.254"}]},{"type":"tls-sni-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28/572688","token":"XSsEY6ThXGY_fU5-hexWL9y8ZrpQVSD_9u1mgS4bvWI"}],"combinations":[[0],[1]]}'
2015-12-03 20:30:08,759:DEBUG:acme.client:Received response <Response [200]> (headers: {'Content-Length': '909', 'Expires': 'Thu, 03 Dec 2015 20:30:08 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Thu, 03 Dec 2015 20:30:08 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'MVRpCYlZzZ0lSrZqxgnmG8r4WOBHaed3FEx8_dHKqlg'}): '{"identifier":{"type":"dns","value":"kinderbasar-luhe.de"},"status":"valid","expires":"2016-09-28T20:30:06Z","challenges":[{"type":"http-01","status":"valid","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28/572687","token":"MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o","keyAuthorization":"MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o.dY9nFOGupj544HjQN-TnlH2jCVo-4UxlbXiujRoiJr4","validationRecord":[{"url":"http://kinderbasar-luhe.de/.well-known/acme-challenge/MqxDSqBt4SPScZbB9T36iLV4DE_gTMAi4BpTheTR84o","hostname":"kinderbasar-luhe.de","port":"80","addressesResolved":["37.120.162.254"],"addressUsed":"37.120.162.254"}]},{"type":"tls-sni-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/ku4gO-fAIG9aQ2XLHxaSpw_jbHY32JiDVMcI10M9H28/572688","token":"XSsEY6ThXGY_fU5-hexWL9y8ZrpQVSD_9u1mgS4bvWI"}],"combinations":[[0],[1]]}'
2015-12-03 20:30:08,760:INFO:letsencrypt.auth_handler:Cleaning up challenges
2015-12-03 20:30:08,760:DEBUG:acme.client:Requesting issuance...
2015-12-03 20:30:08,760:DEBUG:acme.client:Serialized JSON: {"resource": "new-cert", "csr": "MIICrzCCAZcCAQAwOTELMAkGA1UEBhMCREUxFDASBgNVBAoMC1ByZWlzc2VyLUlUMRQwEgYDVQQDDAtQcmVpc3Nlci1JVDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALbZVe57__5QBYshWhSLdxNzAOOyJ5ylOd8SB4s8N190uyijpHLFpVxRNo24x7_p7NPVMHAekFIzzP7ujEeKOZF-YH_O-C9snWQkLqmXaT6snmGvHajiVIMhqDFJsS7B2R-gkCch1sYKTb2aLLB1mnGws4a5OzrpAxcT1NSJafjFRZ-bsMQkmEifAVMLv9XNQQ5ItKyH-L9bktOGsw-kREP7i7bRuexp8dOS6lw4Wd7CwcpyRxPhtlASMnlwyqO8e5iu2mXpRBURpGegVbSlTPp8kVqma3dPufkD-kvL_8g0rlsAbslYuDvCtsM_bXBdbvuI7aJ8EMirNnE86coZR1MCAwEAAaAxMC8GCSqGSIb3DQEJDjEiMCAwHgYDVR0RBBcwFYITa2luZGVyYmFzYXItbHVoZS5kZTANBgkqhkiG9w0BAQsFAAOCAQEAmswwHijC6IHLmTTA1WmQ7rf1Pk3jXn0ZwvED7sTV6fzJRfouogYKiVqF3naniCx4Qe73zzPrqsTE40GsmyWejV2OLvNQl1gDy4Z1nRcwCUXblx8IU-GDtxP9SjKn6-g2MqzzTyUL3ti7ajXBsiKFMkpp2r64cjD5bggWJELOFMKcXUpj9xeKuu1-HLkSKOxMhMsk_c-XLZ5aoyYaoKFiDDWYTN825BqWkf4aeJMZ6oJOSDAHgRenTlEY9bfO2E3Pr-JPvJ45APYLmd2dltXMAvEDQEA5EDyFscCtBNBwnYCHA1YPFuHBt7yeUBAeaI1wF47dTxNaDsMvDNOsSnP7iQ"}
2015-12-03 20:30:08,761:DEBUG:acme.jose.json_util:Omitted empty fields: kid=None, x5c=(), crit=(), jwk=None, typ=None, alg=None, jku=None, cty=None, x5tS256=None, x5u=None, x5t=None
2015-12-03 20:30:08,761:DEBUG:acme.jose.json_util:Omitted empty fields: kid=None, x5c=(), crit=(), typ=None, jku=None, cty=None, x5tS256=None, x5u=None, x5t=None, nonce=None
2015-12-03 20:30:08,762:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-cert. args: (), kwargs: {'headers': {'Accept': 'application/pkix-cert'}, 'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "o3UEOKn5uACs2tyPJbsdS_h3w8ZXnENXJTG60gJEdK15entrhImQLy-Z0GlmX8IMGTOkgWot27Lflykhjjrm-mlJ_TeURbk76vLypihS1FZ1mZxlMX7SV8vM672ylA4sdhCMd3ss9XO3uy2pC6b_53Q_N8tUVygtwqkjYHFlhmOr0Bz4IxcfclT6RT1mTk2ov4RCnUZ6S7Uir53fPPsjiMLaW21ROW9W_LVAFNPjfglQJJZRkKKshwsy7DKgePi9UVC7HFOhxOGQU6tQPWYNT5C1d7FlO2yNIbQ3v6UYQ6iQRnGOykmKEyzYNTCDQlxFTxfLA-AlRWVtomeow6eEyw"}}, "protected": "eyJub25jZSI6ICJtS0JXTWZuT01uQWtRRXpFdGVoUlFxU0ZkM2xpRTlLSGxhOWxfSTVhWVBvIn0", "payload": "eyJyZXNvdXJjZSI6ICJuZXctY2VydCIsICJjc3IiOiAiTUlJQ3J6Q0NBWmNDQVFBd09URUxNQWtHQTFVRUJoTUNSRVV4RkRBU0JnTlZCQW9NQzFCeVpXbHpjMlZ5TFVsVU1SUXdFZ1lEVlFRRERBdFFjbVZwYzNObGNpMUpWRENDQVNJd0RRWUpLb1pJaHZjTkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFMYlpWZTU3X181UUJZc2hXaFNMZHhOekFPT3lKNXlsT2Q4U0I0czhOMTkwdXlpanBITEZwVnhSTm8yNHg3X3A3TlBWTUhBZWtGSXp6UDd1akVlS09aRi1ZSF9PLUM5c25XUWtMcW1YYVQ2c25tR3ZIYWppVklNaHFERkpzUzdCMlItZ2tDY2gxc1lLVGIyYUxMQjFtbkd3czRhNU96cnBBeGNUMU5TSmFmakZSWi1ic01Ra21FaWZBVk1MdjlYTlFRNUl0S3lILUw5Ymt0T0dzdy1rUkVQN2k3YlJ1ZXhwOGRPUzZsdzRXZDdDd2NweVJ4UGh0bEFTTW5sd3lxTzhlNWl1Mm1YcFJCVVJwR2VnVmJTbFRQcDhrVnFtYTNkUHVma0Qta3ZMXzhnMHJsc0Fic2xZdUR2Q3RzTV9iWEJkYnZ1STdhSjhFTWlyTm5FODZjb1pSMU1DQXdFQUFhQXhNQzhHQ1NxR1NJYjNEUUVKRGpFaU1DQXdIZ1lEVlIwUkJCY3dGWUlUYTJsdVpHVnlZbUZ6WVhJdGJIVm9aUzVrWlRBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQW1zd3dIaWpDNklITG1UVEExV21RN3JmMVBrM2pYbjBad3ZFRDdzVFY2ZnpKUmZvdW9nWUtpVnFGM25hbmlDeDRRZTczenpQcnFzVEU0MEdzbXlXZWpWMk9Mdk5RbDFnRHk0WjFuUmN3Q1VYYmx4OElVLUdEdHhQOVNqS242LWcyTXF6elR5VUwzdGk3YWpYQnNpS0ZNa3BwMnI2NGNqRDViZ2dXSkVMT0ZNS2NYVXBqOXhlS3V1MS1ITGtTS094TWhNc2tfYy1YTFo1YW95WWFvS0ZpRERXWVROODI1QnFXa2Y0YWVKTVo2b0pPU0RBSGdSZW5UbEVZOWJmTzJFM1ByLUpQdko0NUFQWUxtZDJkbHRYTUF2RURRRUE1RUR5RnNjQ3RCTkJ3bllDSEExWVBGdUhCdDd5ZVVCQWVhSTF3RjQ3ZFR4TmFEc012RE5Pc1NuUDdpUSJ9", "signature": "R3nJ6ehWw9kNBhI8zVqmbf_8tvqJiGWEXdFN3xjjZieOKdgYeATfOUc9JVXWzscgOzlw3DhUNeRwmX2VWhKGmml9AXCsgOusQIYNDf7SjBfxsHRs-FCtimmCFNPs6wvtcBJ3b-2VlTaK1ZIVPiwrB6ATo-bm-xAM1U3QPwcRRZtxFKZb0pY0wBmqEnLwA8fGXZReI4uT-2X3ptBl6WZ4oJIyhrbjxmcd4tRmuJohIJG2rTRNZ9YZcXw9UJgzIoR-VpG1GsZ5UST8uH56G42J5-gIbDlCICfbDpCMzzKN8zLN1PNOW_2I7HefhWulpGFOR47OPSJR_AWiellfskYLFA"}'}
2015-12-03 20:30:08,762:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2015-12-03 20:30:09,097:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/new-cert HTTP/1.1" 500 88
2015-12-03 20:30:09,098:DEBUG:root:Received <Response [500]>. Headers: {'Content-Length': '88', 'Expires': 'Thu, 03 Dec 2015 20:30:09 GMT', 'Server': 'nginx', 'Connection': 'close', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Thu, 03 Dec 2015 20:30:09 GMT', 'Content-Type': 'application/problem+json', 'Replay-Nonce': 'efruEyTuYPdmxc-9GDAsgdhi5N7eyfh9WmcWrNdmwJE'}. Content: '{"type":"urn:acme:error:serverInternal","detail":"Error creating new cert","status":500}'
2015-12-03 20:30:09,098:DEBUG:acme.client:Storing nonce: 'y\xfa\xee\x13$\xee`\xf7f\xc5\xcf\xbd\x180,\x81\xd8b\xe4\xde\xde\xc9\xf8}Zg\x16\xac\xd7f\xc0\x91'
2015-12-03 20:30:09,098:DEBUG:acme.client:Received response <Response [500]> (headers: {'Content-Length': '88', 'Expires': 'Thu, 03 Dec 2015 20:30:09 GMT', 'Server': 'nginx', 'Connection': 'close', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Thu, 03 Dec 2015 20:30:09 GMT', 'Content-Type': 'application/problem+json', 'Replay-Nonce': 'efruEyTuYPdmxc-9GDAsgdhi5N7eyfh9WmcWrNdmwJE'}): '{"type":"urn:acme:error:serverInternal","detail":"Error creating new cert","status":500}'
2015-12-03 20:30:09,099:DEBUG:letsencrypt.cli:Exiting abnormally:
Traceback (most recent call last):
File "/home/vpc/.local/share/letsencrypt/bin/letsencrypt", line 11, in <module>
sys.exit(main())
File "/home/vpc/.local/share/letsencrypt/lib/python2.7/site-packages/letsencrypt/cli.py", line 1283, in main
return args.func(args, config, plugins)
File "/home/vpc/.local/share/letsencrypt/lib/python2.7/site-packages/letsencrypt/cli.py", line 506, in obtain_cert
file=args.csr[0], data=args.csr[1], form="der"))
File "/home/vpc/.local/share/letsencrypt/lib/python2.7/site-packages/letsencrypt/client.py", line 245, in obtain_certificate_from_csr
csr.data, OpenSSL.crypto.FILETYPE_ASN1), csr)
File "/home/vpc/.local/share/letsencrypt/lib/python2.7/site-packages/letsencrypt/client.py", line 228, in _obtain_certificate
authzr)
File "/home/vpc/.local/share/letsencrypt/lib/python2.7/site-packages/acme/client.py", line 310, in request_issuance
headers={'Accept': content_type})
File "/home/vpc/.local/share/letsencrypt/lib/python2.7/site-packages/acme/client.py", line 634, in post
return self._check_response(response, content_type=content_type)
File "/home/vpc/.local/share/letsencrypt/lib/python2.7/site-packages/acme/client.py", line 550, in _check_response
raise messages.Error.from_json(jobj)
Error: urn:acme:error:serverInternal :: The server experienced an internal error :: Error creating new cert
Any idea why I can’t generate a certificate?
Thanks!