Identical challenge keys fail the challenge

ermac0 · December 6, 2017, 12:15am

I’m trying to use Certes .NET client to create certificate but it fails Http Authorization with strange result.
It says the key did not match the challenge, but those quoted keys are identical.

(I’m using staging server)

{
“type”: “http-01”,
“status”: “invalid”,
“error”: {
“type”: “urn:acme:error:unauthorized”,
“detail”: “The key authorization file from the server did not match this challenge [j_S1vYy3MNb_0zcC_Sm85J_fX-8wqVgZ1bUS1RaSPQc.F5NU1KFZl9Cv9sZNWr1TWv71N0yHY02UhNwiPCysnZw] != [j_S1vYy3MNb_0zcC_Sm85J_fX-8wqVgZ1bUS1RaSPQc.F5NU1KFZl9Cv9sZNWr1TWv71N0yHY02UhNwiPCysnZw]”,
“status”: 403
}
}

Response headers:

Request Method:GET
Status Code:200 OK
Content-Encoding:gzip
Content-Length:220
Content-Type:text/plain
Date:Wed, 06 Dec 2017 00:04:37 GMT
Server:Microsoft-IIS/10.0
Vary:Accept-Encoding
X-Powered-By:ASP.NET

jmorahan · December 6, 2017, 12:22am

The second one has a UTF-8 byte order mark.

If you placed the file on your server using a text editor, make sure to configure it to save the file without the byte order mark.

ermac0 · December 6, 2017, 12:31am

It shouldn’t have BOM as that response is served from memory and not a file. But I’ll try different encodings/charsets.

ermac0 · December 7, 2017, 8:57am

Thanks @jmorahan

It was caused by those pesky hidden bytes.

system · January 6, 2018, 8:57am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.