DNS label contains malformed punycode


why certbot doubles 80 in my domain name?

certbot version 0.14.0, OS Debian 7

   16: xn--8080apmfex.xn--p1ai
    17: www.xn--8080apmfex.xn--p1ai
    18: xn--v1aaa.xn--8080apmfex.xn--p1ai
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):16
Obtaining a new certificate
An unexpected error occurred:
The request message was malformed :: Error creating new authz :: DNS label contains malformed punycode
Please see the logfiles in /var/log/letsencrypt for more details.

root@vds3997:~# cat /etc/nginx/sites-available/psy-apache | grep server_
    server_name www.xn--80apmfex.xn--p1ai xn--80apmfex.xn--p1ai xn--v1aaa.xn--80apmfex.xn-

Hi @swedenborg,

Could you try grep 8080 instead of grep server_ just to make sure? But I think you are right that this is likely to be a Certbot bug.

@bmw, can you think of a reason why Certbot would read the domain name xn--80apmfex.xn--p1ai from an Apache configuration file as xn--8080apmfex.xn--p1ai (with 8080 in place of 80)?

@swedenborg, instead of choosing from the menu, you could also try to specify -d xn--80ampfex.xn-p1ai on the command line and see if that makes Certbot behave correctly.

I have only one 8080 string in this config. It is a port number for my backend server. So I am sure that certbot is a little bit wrong here.

@swedenborg, I saw that you also posted a GitHub issue, which might be more helpful than this forum topic—I think I agree that this is probably a Certbot bug.

Unfortunately someone else there also had trouble reproducing the bug, so maybe you can keep talking with people on GitHub to try to help others figure out how to reproduce it. Posting relevant configuration or log files there might be helpful too (like your Apache configuration or /var/log/letsencrypt logs, possibly partially redacted if there is some information you don’t want to share).

I closed bug report on github. Error magically disappeared on next day. I
was very surprised.


16 Май 2017 г. 21:14 пользователь “Seth Schoen” <
letsencrypt@discoursemail.com> написал:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.