Dehydrated client error: Walking chain has failed

prok_in · November 6, 2017, 12:13pm

Hi .

I am receiving this error, while creating the request.

ERROR: Problem connecting to server (get for http://apps.identrust.com/roots/dstrootcax3.p7c; curl returned with 6)

ERROR: Walking chain has failed, your certificate has been created and can be found at /home/dehydrated-master/certs/attendance.gov.in/cert-1509968684.pem, the corresponding private key at privkey-1509968684.pem. If you want you can manually continue on creating and linking all necessary files. If this error occurs again you should manually generate the certificate chain and place it under /home/dehydrated-master/chains/4f06f81d.chain (see http://cert.int-x3.letsencrypt.org/)

sahsanu · November 6, 2017, 1:15pm

Helo @prok_in,

dehydrated client is trying to create the chain of certificates but it can’t download the DST Root CA X3 certificate from this url: http://apps.identrust.com/roots/dstrootcax3.p7c

So, or your system can’t resolve apps.identrust.com domain correctly or dehydrated is not configuring correctly the parameter to specify curl command if it is using IPv4 or IPv6 to connect to this domain.

For the first possible case, could you please show the output of these commands?

dig -4 apps.identrust.com

dig -6 apps.identrust.com

And for the second possible case, could you please show the output of these 2 commands (I’ve used the same options used by dehydrated to simulate the same output)?

curl -4 -s -w "%{http_code}" -o "/tmp/dehydrated-test-ipv4" "http://apps.identrust.com/roots/dstrootcax3.p7c";echo -e "\n$?"

curl -6 -s -w "%{http_code}" -o "/tmp/dehydrated-test-ipv6" "http://apps.identrust.com/roots/dstrootcax3.p7c";echo -e "\n$?"

Cheers,
sahsanu

system · December 6, 2017, 1:15pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.