How to check if 7 day lock is over - Strange error message


#1

Dear community

Last Sunday I had an issue to generate certificates and because I had some lack of knowledge I generated my certificates a bit to often.

Tody I’ve tried again to regenerate a cert and reinstalled the server because of some other issuse. Now the client tells me the following

ni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Correct zName    
not found for TLS SNI challenge. Found , www.golden-griffons.de (tls-sni-01):  
urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Correct zName not   
found for TLS SNI challenge. Found , golden-griffons.de (tls-sni-01):   
urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Correct zName not 
found for TLS SNI challenge. Found

Is there something I have to do or should I just try this tomorrow again?


#2

I’d try testing with the test / staging server ( as that doesn’t have the same limits - and will issue certificates to test, they just are signed as trusted by all browsers - good for you to test though).

I’d then check your domain and apache ( ? ) config … if I go to www.golden-griffons.de I get a redirect and a 500 error


#3

That’s true for now. Because we are currently re uploading the sites backup.


#4

Well, hopefully once the sites are backup and working again, it’ll work. Currently it was complaining as it was unreachable - hence couldn’t access to confirm ownership of the domain.


#5

Now that the site is reachable again but not fully uploaded the client tells the following

./letsencrypt-auto -d golden-griffons.de -d www.golden-griffons.de

IMPORTANT NOTES:


#6

The self-signed certificate on the current webserver has a Common Name of “CN=mail.golden-griffons.de”. This doesn’t correspond with golden-griffons.de nor www.golden-griffons.de. You should generate a self-signed certificate with a Common Name of one of those two with both of them in the Subject Alternative Name (SubjectAltName/SAN).