(apologies as I edit to clean this up ... my first post)
My domain is: mail.vsm.com.au
I ran this command:
mcr cgi_exe:wucme.exe --uacme --force --verbose issue mail.vsm.com.au
It produced this output:
$ mcr cgi_exe:wucme.exe --uacme --force --verbose issue mail.vsm.com.au
2024-03-15 04:08:54.40: version WUCME IA64-1.1.8 (1.1.2) (OpenSSL 3.0.7 9 Nov 2022) starting
2024-03-15 04:08:54.40: loading key from /wasd_root/local/wucme_k_account.pem
2024-03-15 04:08:54.45: loading key from /wasd_root/local/wucme_k_mail_vsm_com_au.pem
2024-03-15 04:08:54.48: checking existence and expiration of /wasd_root/local/wucme_c_mail_vsm_com_au.pem
2024-03-15 04:08:54.51: /wasd_root/local/wucme_c_mail_vsm_com_au.pem expires in 16 days
2024-03-15 04:08:54.51: /wasd_root/local/wucme_c_mail_vsm_com_au.pem is due for renewal
2024-03-15 04:08:54.51: fetching directory at https://acme-v02.api.letsencrypt.org/directory
2024-03-15 04:08:58.71: retrieving account at https://acme-v02.api.letsencrypt.org/acme/new-acct
8< snip of sensitive data 8<
2024-03-15 04:09:11.60: polling challenge status at https://acme-v02.api.letsencrypt.org/acme/chall-v3/326275863427/SQ7PVQ
2024-03-15 04:09:12.79: challenge https://acme-v02.api.letsencrypt.org/acme/chall-v3/326275863427/SQ7PVQ failed with status invalid
2024-03-15 04:09:12.79: the server reported the following error:
{
"type": "urn:ietf:params:acme:error:connection",
"detail": "During secondary validation: 119.252.17.13: Fetching http://mail.vsm.com.au/.well-known/acme-challenge/l6Z-lhDjeP80iP
eZ_iKNVb7sd6L24WTJcMpxKHTLPhc: Error getting validation data",
"status": 400
}
2024-03-15 04:09:12.79: failed to authorize order at https://acme-v02.api.letsencrypt.org/acme/order/17298823/252306525507
This does not appear to be dns/firewall/etc issue as the web server is observed receiving and processing the challenge request and response.
|04:09:09.34 SERVICE 1779 000002 CONNECT VIRTUAL mail.vsm.com.au:80|
|04:09:09.34 REQUEST 4442 000002 REQUEST GET /.well-known/acme-challenge/l6Z-lhDjeP80iPeZ_8< security snip 8<|
8< snip 8<
|04:09:09.37 NET 2696 000002 RES-HEADER HEADER 275 bytes|
HTTP/1.1 200 OK
Server: HTTPd-WASD/12.2.0 OpenVMS/IA64 SSL
Date: Thu, 14 Mar 2024 17:39:09 GMT
Accept-Ranges: bytes
Accept-Encoding: gzip, deflate
Content-Length: 87
Connection: close
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
|04:09:09.37 NET 2839 000002 RES-BODY BODY 87 bytes|
6C365A2D 6C68446A 65503830 6950655A 5F694B4E 56623773 64364C32 3457544A l6Z-lhDjeP80iPeZ_iKNVb7sd6L24WTJ
8< 32 bytes snipped for sensitivity 8<
4A6D5A55 73744737 66666A42 76684E6D 645F472D 4C7338 JmZUstG7ffjBvhNmd_G-Ls8
8< snip 8<
As can be seen from crt.sh this has been working up until recently and for other sites continues to work. Seems to be just be VSM certs.
My web server is (include version): WASD v12.2.0
The operating system my web server runs on is (include version): VMS V8.4-2L3
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): WUCME IA64-1.1.8 (1.1.2) (OpenSSL 3.0.7 9 Nov 2022) ... this is essentially uACME v1.1.2 and has been running OK since 2016-12-31 (from crt.sh)