Issue with let's encrypt ICEWARP MAIL SERVER

Help
1

Hello Team

since a while our server ICEWARP cannot renew or have any certificate from let's encrypt

below the curl results from my server :

pro ~]$ curl -v [https://acme-v02.api.letsencrypt.org](https://acme-v02.api.letsencrypt.org/)

* About to connect() to [acme-v02.api.letsencrypt.org](http://acme-v02.api.letsencrypt.org/) port 443 (#0)
* Trying 172.65.32.248...
* Connected to [acme-v02.api.letsencrypt.org](http://acme-v02.api.letsencrypt.org/) (172.65.32.248) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN=acme-v02.api.letsencrypt.org
* start date: mai 07 18:19:30 2023 GMT
* expire date: août 05 18:19:29 2023 GMT
* common name: acme-v02.api.letsencrypt.org
* issuer: CN=R3,O=Let's Encrypt,C=US

> GET / HTTP/1.1
> User-Agent: curl/7.29.0
> Host: [acme-v02.api.letsencrypt.org](http://acme-v02.api.letsencrypt.org/)
> Accept: */*

< HTTP/1.1 200 OK
< Server: nginx
< Date: Mon, 03 Jul 2023 22:33:31 GMT
< Content-Type: text/html
< Content-Length: 1540
< Last-Modified: Thu, 23 Jun 2022 21:26:03 GMT
< Connection: keep-alive
< ETag: "62b4da6b-604"
< X-Frame-Options: DENY
< Strict-Transport-Security: max-age=604800
<

Boulder: The Let's Encrypt CA header { display: flex; max-height: 30vh; flex-wrap: wrap; margin-bottom: 10vh; } header img { display: flex; max-height: 20vh; align-content: flex-end; margin-right: 20px; }

Boulder

The Let's Encrypt CA

This is an ACME Certificate Authority running Boulder.

This is a programmatic endpoint, an API for a computer to talk to. You should probably be using a specialized client to utilize the service, and not your web browser. See Documentation - Let's Encrypt for help.

If you're trying to use this service, note that the starting point, the directory, is available at this URL: https://acme-v02.api.letsencrypt.org/directory.

Service Status (letsencrypt.status.io) | Let's Encrypt Twitter

* Connection #0 to host acme-v02.api.letsencrypt.org left intact

========================================================
open ssl version

@pro ~]$ openssl version
OpenSSL 1.0.2k-fips 26 Jan 2017

@pro ~]$ curl -v --tls-max 1.2 https://acme-v02.api.letsencrypt.org/directory

* About to connect() to [acme-v02.api.letsencrypt.org](http://acme-v02.api.letsencrypt.org/) port 443 (#0)
* Trying 172.65.32.248...
* Connected to [acme-v02.api.letsencrypt.org](http://acme-v02.api.letsencrypt.org/) (172.65.32.248) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN=acme-v02.api.letsencrypt.org
* start date: juin 28 21:51:31 2023 GMT
* expire date: sept. 26 21:51:30 2023 GMT
* common name: acme-v02.api.letsencrypt.org
* issuer: CN=R3,O=Let's Encrypt,C=US

> GET /directory HTTP/1.1
> User-Agent: curl/7.29.0
> Host: [acme-v02.api.letsencrypt.org](http://acme-v02.api.letsencrypt.org/)
> Accept: */*

< HTTP/1.1 200 OK
< Server: nginx
< Date: Mon, 03 Jul 2023 22:36:21 GMT
< Content-Type: application/json
< Content-Length: 752
< Connection: keep-alive
< Cache-Control: public, max-age=0, no-cache
< X-Frame-Options: DENY
< Strict-Transport-Security: max-age=604800
<
{
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"[letsencrypt.org](http://letsencrypt.org/)"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
"website": "[https://letsencrypt.org](https://letsencrypt.org/)"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-01/renewalInfo/",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert",
"ydXiTinANSM": "[Adding random entries to the directory](https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417)"

* Connection #0 to host [acme-v02.api.letsencrypt.org](http://acme-v02.api.letsencrypt.org/) left intact

everything looks fine and we can reach the LE server with curl but there is no certificate from this latter also the http / https are published with no restrictions from our firewall

could you please help me ?

Appreciate your prompt feedback

2

here the output of the debug :

pro ~]$ openssl s_client -connect [acme-v02.api.letsencrypt.org:443](http://acme-v02.api.letsencrypt.org:443/) \

> -servername [acme-v02.api.letsencrypt.org](http://acme-v02.api.letsencrypt.org/) -debug
> CONNECTED(00000003)
> write to 0x128a2f0 [0x1296320] (326 bytes => 326 (0x146))
> 0000 - 16 03 01 01 41 01 00 01-3d 03 03 5d c5 9d ed f9 ....A...=..]....
> 0010 - a3 af c3 e9 6d 3e d4 44-89 b9 23 5f 4f 6d 35 c9 ....m>.D..#_Om5.
> 0020 - 6d 2a 2c 03 46 76 3b af-c1 da b8 00 00 ac c0 30 m*,.Fv;........0
> 0030 - c0 2c c0 28 c0 24 c0 14-c0 0a 00 a5 00 a3 00 a1 .,.(.$..........
> 0040 - 00 9f 00 6b 00 6a 00 69-00 68 00 39 00 38 00 37 ...k.j.i.h.9.8.7
> 0050 - 00 36 00 88 00 87 00 86-00 85 c0 32 c0 2e c0 2a .6.........2...*
> 0060 - c0 26 c0 0f c0 05 00 9d-00 3d 00 35 00 84 c0 2f .&.......=.5.../
> 0070 - c0 2b c0 27 c0 23 c0 13-c0 09 00 a4 00 a2 00 a0 .+.'.#..........
> 0080 - 00 9e 00 67 00 40 00 3f-00 3e 00 33 00 32 00 31 ...g.@.?.>.3.2.1
> 0090 - 00 30 00 9a 00 99 00 98-00 97 00 45 00 44 00 43 .0.........E.D.C
> 00a0 - 00 42 c0 31 c0 2d c0 29-c0 25 c0 0e c0 04 00 9c .B.1.-.).%......
> 00b0 - 00 3c 00 2f 00 96 00 41-c0 12 c0 08 00 16 00 13 .<./...A........
> 00c0 - 00 10 00 0d c0 0d c0 03-00 0a 00 07 c0 11 c0 07 ................
> 00d0 - c0 0c c0 02 00 05 00 04-00 ff 01 00 00 68 00 00 .............h..
> 00e0 - 00 21 00 1f 00 00 1c 61-63 6d 65 2d 76 30 32 2e .!.....acme-v02.
> 00f0 - 61 70 69 2e 6c 65 74 73-65 6e 63 72 79 70 74 2e api.letsencrypt.
> 0100 - 6f 72 67 00 0b 00 04 03-00 01 02 00 0a 00 0a 00 org.............
> 0110 - 08 00 17 00 19 00 18 00-16 00 23 00 00 00 0d 00 ..........#.....
> 0120 - 20 00 1e 06 01 06 02 06-03 05 01 05 02 05 03 04 ...............
> 0130 - 01 04 02 04 03 03 01 03-02 03 03 02 01 02 02 02 ................
> 0140 - 03 00 0f 00 01 01 ......
> read from 0x128a2f0 [0x129b880] (7 bytes => 7 (0x7))
> 0000 - 16 03 03 00 5d 02 ....].
> 0007 - <SPACES/NULS>
> read from 0x128a2f0 [0x129b88a] (91 bytes => 91 (0x5B))
> 0000 - 00 59 03 03 0d 24 db 79-80 b1 17 2a 02 ed 5e ff .Y...$.y...<em>..^.
> 0010 - 5c 38 f2 c4 17 dc bc 49-a7 9d bf ff 44 4f 57 4e \8.....I....DOWN
> 0020 - 47 52 44 01 20 78 fc ee-4f 47 28 f7 9f 8b 1b 38 GRD. x..OG(....8
> 0030 - 34 f0 6c a4 87 6b c9 bd-06 df 8b e9 9c 9b 6c 89 4.l..k........l.
> 0040 - 23 ab 9e 4f e1 c0 2f 00-00 11 ff 01 00 01 00 00 #..O../.........
> 0050 - 00 00 00 00 0b 00 04 03-00 01 02 ...........
> read from 0x128a2f0 [0x129b883] (5 bytes => 5 (0x5))
> 0000 - 16 03 03 0a ef .....
> read from 0x128a2f0 [0x129b888] (2799 bytes => 2799 (0xAEF))
> 0000 - 0b 00 0a eb 00 0a e8 00-05 c8 30 82 05 c4 30 82 ..........0...0.
> 0010 - 04 ac a0 03 02 01 02 02-12 03 b3 f2 fe 54 c6 4c .............T.L
> 0020 - c3 53 a0 ca 53 09 89 94-b0 9b 3b 30 0d 06 09 2a .S..S.....;0...</em>
> 0030 - 86 48 86 f7 0d 01 01 0b-05 00 30 32 31 0b 30 09 .H........021.0.
> 0040 - 06 03 55 04 06 13 02 55-53 31 16 30 14 06 03 55 ..U....US1.0...U
> 0050 - 04 0a 13 0d 4c 65 74 27-73 20 45 6e 63 72 79 70 ....Let's Encryp
> 0060 - 74 31 0b 30 09 06 03 55-04 03 13 02 52 33 30 1e t1.0...U....R30.
> 0070 - 17 0d 32 33 30 36 33 30-32 30 33 38 34 30 5a 17 ..230630203840Z.
> 0080 - 0d 32 33 30 39 32 38 32-30 33 38 33 39 5a 30 27 .230928203839Z0'
> 0090 - 31 25 30 23 06 03 55 04-03 13 1c 61 63 6d 65 2d 1%0#..U....acme-
> 00a0 - 76 30 32 2e 61 70 69 2e-6c 65 74 73 65 6e 63 72 v02.api.letsencr
> 00b0 - 79 70 74 2e 6f 72 67 30-82 01 22 30 0d 06 09 2a ypt.org0.."0...*
> 00c0 - 86 48 86 f7 0d 01 01 01-05 00 03 82 01 0f 00 30 .H.............0
> 00d0 - 82 01 0a 02 82 01 01 00-ce dd d2 0f 28 60 a9 d0 ............(`.. 00e0 - c0 a1 49 b2 00 61 7c e1-0b 31 22 61 d4 bc 4b 9f ..I..a|..1"a..K. 00f0 - d8 75 d6 1b b5 48 3e 25-3f 8f a9 ec 9d 29 1d ed .u...H>%?....).. 0100 - 7a 0b 69 cd b0 53 f7 39-47 e9 1b eb 78 42 0a e2 z.i..S.9G...xB.. 0110 - a2 d2 7e d4 46 70 e3 c6-60 bb 8e 4b b3 50 b2 17 ..~.Fp..`..K.P..
> 0120 - ea 76 cd cb 7a 56 59 b3-6d 70 69 4d 28 c9 bc 32 .v..zVY.mpiM(..2
> 0130 - 09 72 72 14 a1 8e b9 63-a1 84 17 41 4b 71 6c c8 .rr....c...AKql.
> 0140 - f0 dc 72 ef 1a 78 18 8b-6c 0a ab de db 6a 12 5a ..r..x..l....j.Z
> 0150 - b4 a3 0d 2a 8c 4a d5 b9-ec 2f c4 d3 ee 89 ef d3 ...<em>.J.../......
> 0160 - 85 77 02 25 fd 3e b3 ae-8d 2e 29 5d 12 f2 4d e5 .w.%.>....)]..M.
> 0170 - 91 a7 2b 0f d8 16 df 8f-f6 0e e7 58 36 2b 96 85 ..+........X6+..
> 0180 - f5 4c 67 70 69 a7 0e 66-43 da 91 30 3f 2f da 22 .Lgpi..fC..0?/."
> 0190 - dc e1 1d 40 06 bb 2a c3-8b eb 91 5a 5c 78 73 8c ...@..</em>....Z\xs.
> 01a0 - a3 74 fa a2 cf 40 97 ab-be e6 67 9c 00 33 92 9d .t...@....g..3..
> 01b0 - 0d 77 96 bd 7c 6d 27 df-a4 b4 4e 5d 01 7c f9 d8 .w..|m'...N].|..
> 01c0 - a9 61 30 e2 8d d3 11 49-ea 5e 5a 5f 32 26 e7 94 .a0....I.^Z_2&..
> 01d0 - 1d e4 94 17 5e e2 3d bd-02 03 01 00 01 a3 82 02 ....^.=.........
> 01e0 - dd 30 82 02 d9 30 0e 06-03 55 1d 0f 01 01 ff 04 .0...0...U......
> 01f0 - 04 03 02 05 a0 30 1d 06-03 55 1d 25 04 16 30 14 .....0...U.%..0.
> 0200 - 06 08 2b 06 01 05 05 07-03 01 06 08 2b 06 01 05 ..+.........+...
> 0210 - 05 07 03 02 30 0c 06 03-55 1d 13 01 01 ff 04 02 ....0...U.......
> 0220 - 30 00 30 1d 06 03 55 1d-0e 04 16 04 14 21 0a 89 0.0...U......!..
> 0230 - 5d e8 f1 9d b3 25 f8 1c-f3 7a e9 a1 ac d2 c8 15 ]....%...z......
> 0240 - e7 30 1f 06 03 55 1d 23-04 18 30 16 80 14 14 2e .0...U.#..0.....
> 0250 - b3 17 b7 58 56 cb ae 50-09 40 e6 1f af 9d 8b 14 ...XV..P.@......
> 0260 - c2 c6 30 55 06 08 2b 06-01 05 05 07 01 01 04 49 ..0U..+........I
> 0270 - 30 47 30 21 06 08 2b 06-01 05 05 07 30 01 86 15 0G0!..+.....0...
> 0280 - 68 74 74 70 3a 2f 2f 72-33 2e 6f 2e 6c 65 6e 63 [http://r3.o.lenc](http://r3.o.lenc/)
> 0290 - 72 2e 6f 72 67 30 22 06-08 2b 06 01 05 05 07 30 r.org0"..+.....0
> 02a0 - 02 86 16 68 74 74 70 3a-2f 2f 72 33 2e 69 2e 6c ...[http://r3.i.l](http://r3.i.l/)
> 02b0 - 65 6e 63 72 2e 6f 72 67-2f 30 81 e3 06 03 55 1d [encr.org/0....U](http://encr.org/0....U).
> 02c0 - 11 04 81 db 30 81 d8 82-1e 61 63 6d 65 2d 76 30 ....0....acme-v0
> 02d0 - 32 2d 31 2e 61 70 69 2e-6c 65 74 73 65 6e 63 72 2-1.api.letsencr
> 02e0 - 79 70 74 2e 6f 72 67 82-1e 61 63 6d 65 2d 76 30 [ypt.org](http://ypt.org/)..acme-v0
> 02f0 - 32 2d 32 2e 61 70 69 2e-6c 65 74 73 65 6e 63 72 2-2.api.letsencr
> 0300 - 79 70 74 2e 6f 72 67 82-1e 61 63 6d 65 2d 76 30 [ypt.org](http://ypt.org/)..acme-v0
> 0310 - 32 2d 33 2e 61 70 69 2e-6c 65 74 73 65 6e 63 72 2-3.api.letsencr
> 0320 - 79 70 74 2e 6f 72 67 82-1e 61 63 6d 65 2d 76 30 [ypt.org](http://ypt.org/)..acme-v0
> 0330 - 32 2d 34 2e 61 70 69 2e-6c 65 74 73 65 6e 63 72 2-4.api.letsencr
> 0340 - 79 70 74 2e 6f 72 67 82-1e 61 63 6d 65 2d 76 30 [ypt.org](http://ypt.org/)..acme-v0
> 0350 - 32 2d 35 2e 61 70 69 2e-6c 65 74 73 65 6e 63 72 2-5.api.letsencr
> 0360 - 79 70 74 2e 6f 72 67 82-1c 61 63 6d 65 2d 76 30 [ypt.org](http://ypt.org/)..acme-v0
> 0370 - 32 2e 61 70 69 2e 6c 65-74 73 65 6e 63 72 79 70 2.api.letsencryp
> 0380 - 74 2e 6f 72 67 82 18 69-6e 63 69 64 65 6e 74 2e [t.org](http://t.org/)..incident.
> 0390 - 6c 65 74 73 65 6e 63 72-79 70 74 2e 6f 72 67 30 letsencrypt.org0
> 03a0 - 13 06 03 55 1d 20 04 0c-30 0a 30 08 06 06 67 81 ...U. ..0.0...g.
> 03b0 - 0c 01 02 01 30 82 01 06-06 0a 2b 06 01 04 01 d6 ....0.....+.....
> 03c0 - 79 02 04 02 04 81 f7 04-81 f4 00 f2 00 77 00 7a y............w.z
> 03d0 - 32 8c 54 d8 b7 2d b6 20-ea 38 e0 52 1e e9 84 16 2.T..-. .8.R....
> 03e0 - 70 32 13 85 4d 3b d2 2b-c1 3a 57 a3 52 eb 52 00 p2..M;.+.:W.R.R.
> 03f0 - 00 01 89 0e 3e 70 60 00-00 04 03 00 48 30 46 02 ....>p`.....H0F. 0400 - 21 00 e8 80 04 1b e6 8e-3d 81 92 8f 42 c5 e3 f2 !.......=...B... 0410 - 94 56 28 7f 70 0d bd fc-81 65 37 b6 8e 00 89 fc .V(.p....e7..... 0420 - eb e4 02 21 00 90 80 fe-9a d0 0a 57 eb 5a 08 27 ...!.......W.Z.' 0430 - 46 ea 46 0f f4 7e d1 e9-6e da d9 ba 0e 46 26 09 F.F..~..n....F&. 0440 - e9 2b 35 b4 a1 00 77 00-b7 3e fb 24 df 9c 4d ba .+5...w..>.$..M. 0450 - 75 f2 39 c5 ba 58 f4 6c-5d fc 42 cf 7a 9f 35 c4 u.9..X.l].B.z.5. 0460 - 9e 1d 09 81 25 ed b4 99-00 00 01 89 0e 3e 70 62 ....%........>pb 0470 - 00 00 04 03 00 48 30 46-02 21 00 ee b6 79 58 66 .....H0F.!...yXf 0480 - 88 2d 14 d7 58 c6 d6 c6-b4 27 a9 fe a9 51 5e e6 .-..X....'...Q^. 0490 - c6 c2 69 0f 39 8b aa 16-7d 93 08 02 21 00 c1 3b ..i.9...}...!..; 04a0 - 25 8b 18 53 aa 69 36 73-a2 3b 2e dd 9b 29 35 0d %..S.i6s.;...)5. 04b0 - 7c 0c 44 9d ab b1 64 50-52 6b f0 78 0f 2b 30 0d |.D...dPRk.x.+0. 04c0 - 06 09 2a 86 48 86 f7 0d-01 01 0b 05 00 03 82 01 ..*.H........... 04d0 - 01 00 9f 0f 9c 89 e2 f5-7f b8 69 ab ad 1f 50 58 ..........i...PX 04e0 - 39 f8 1b c0 9a a0 c1 8c-68 69 d9 4d a3 dc a2 94 9.......hi.M.... 04f0 - 4c 8a d6 45 21 ec a3 de-ba e2 28 56 de 04 72 85 L..E!.....(V..r. 0500 - 47 a7 09 e9 fe ee 2e 0a-97 59 4e f0 a5 36 f0 b1 G........YN..6.. 0510 - ac be ba d5 ce be 98 4b-5b 79 8f 00 e7 b9 cb 25 .......K[y.....% 0520 - 2f 58 ff 69 85 a7 f6 33-89 48 4e 0b 43 9e 02 4e /X.i...3.HN.C..N 0530 - f2 94 ef 01 e2 91 31 f7-cf b1 9d bc e6 9a 0e d2 ......1......... 0540 - 3f 1b 45 cf 97 4b a0 c5-cb eb bb 06 a6 92 fd 21 ?.E..K.........! 0550 - bb 37 90 5b 48 95 b2 61-5d 99 03 31 98 b5 55 53 .7.[H..a]..1..US 0560 - 70 05 9c c1 69 be 4b 49-82 74 c4 0d 4d 1b 49 f0 p...i.KI.t..M.I. 0570 - c5 10 9f 79 72 65 11 3c-7a 84 f0 8f 59 00 7a cf ...yre.<z...Y.z. 0580 - b9 46 dc e0 55 f1 3c 9a-ae bc 8f ee ec 3c 7d 9f .F..U.<......<}. 0590 - 1c 50 23 2d 51 a4 94 fd-f0 b1 ac 80 ce de 12 a5 .P#-Q........... 05a0 - 8e b3 44 01 e4 f8 08 63-ab ba 3f 02 14 50 96 33 ..D....c..?..P.3 05b0 - ee 2a ae 0c 89 6f 39 dd-a1 94 42 c4 79 6a 44 d8 .*...o9...B.yjD. 05c0 - 1c 2c 47 c0 48 3a 0a 5d-58 ea 45 ba 62 9f a7 63 .,G.H:.]X.E.b..c 05d0 - 32 e0 00 05 1a 30 82 05-16 30 82 02 fe a0 03 02 2....0...0...... 05e0 - 01 02 02 11 00 91 2b 08-4a cf 0c 18 a7 53 f6 d6 ......+.J....S.. 05f0 - 2e 25 a7 5f 5a 30 0d 06-09 2a 86 48 86 f7 0d 01 .%._Z0...*.H.... 0600 - 01 0b 05 00 30 4f 31 0b-30 09 06 03 55 04 06 13 ....0O1.0...U... 0610 - 02 55 53 31 29 30 27 06-03 55 04 0a 13 20 49 6e .US1)0'..U... In 0620 - 74 65 72 6e 65 74 20 53-65 63 75 72 69 74 79 20 ternet Security 0630 - 52 65 73 65 61 72 63 68-20 47 72 6f 75 70 31 15 Research Group1. 0640 - 30 13 06 03 55 04 03 13-0c 49 53 52 47 20 52 6f 0...U....ISRG Ro 0650 - 6f 74 20 58 31 30 1e 17-0d 32 30 30 39 30 34 30 ot X10...2009040 0660 - 30 30 30 30 30 5a 17 0d-32 35 30 39 31 35 31 36 00000Z..25091516 0670 - 30 30 30 30 5a 30 32 31-0b 30 09 06 03 55 04 06 0000Z021.0...U.. 0680 - 13 02 55 53 31 16 30 14-06 03 55 04 0a 13 0d 4c ..US1.0...U....L 0690 - 65 74 27 73 20 45 6e 63-72 79 70 74 31 0b 30 09 et's Encrypt1.0. 06a0 - 06 03 55 04 03 13 02 52-33 30 82 01 22 30 0d 06 ..U....R30.."0.. 06b0 - 09 2a 86 48 86 f7 0d 01-01 01 05 00 03 82 01 0f .*.H............ 06c0 - 00 30 82 01 0a 02 82 01-01 00 bb 02 15 28 cc f6 .0...........(.. 06d0 - a0 94 d3 0f 12 ec 8d 55-92 c3 f8 82 f1 99 a6 7a .......U.......z 06e0 - 42 88 a7 5d 26 aa b5 2b-b9 c5 4c b1 af 8e 6b f9 B..]&..+..L...k. 06f0 - 75 c8 a3 d7 0f 47 94 14-55 35 57 8c 9e a8 a2 39 u....G..U5W....9 0700 - 19 f5 82 3c 42 a9 4e 6e-f5 3b c3 2e db 8d c0 b0 ...<B.Nn.;...... 0710 - 5c f3 59 38 e7 ed cf 69-f0 5a 0b 1b be c0 94 24 \.Y8...i.Z.....$ 0720 - 25 87 fa 37 71 b3 13 e7-1c ac e1 9b ef db e4 3b %..7q..........; 0730 - 45 52 45 96 a9 c1 53 ce-34 c8 52 ee b5 ae ed 8f ERE...S.4.R..... 0740 - de 60 70 e2 a5 54 ab b6-6d 0e 97 a5 40 34 6b 2b .`p..T..m...@4k+
> 0750 - d3 bc 66 eb 66 34 7c fa-6b 8b 8f 57 29 99 f8 30 ..f.f4|.k..W)..0
> 0760 - 17 5d ba 72 6f fb 81 c5-ad d2 86 58 3d 17 c7 e7 .].ro......X=...
> 0770 - 09 bb f1 2b f7 86 dc c1-da 71 5d d4 46 e3 cc ad ...+.....q].F...
> 0780 - 25 c1 88 bc 60 67 75 66-b3 f1 18 f7 a2 5c e6 53 %...`guf.....\.S 0790 - ff 3a 88 b6 47 a5 ff 13-18 ea 98 09 77 3f 9d 53 .:..G.......w?.S 07a0 - f9 cf 01 e5 f5 a6 70 17-14 af 63 a4 ff 99 b3 93 ......p...c..... 07b0 - 9d dc 53 a7 06 fe 48 85-1d a1 69 ae 25 75 bb 13 ..S...H...i.%u.. 07c0 - cc 52 03 f5 ed 51 a1 8b-db 15 02 03 01 00 01 a3 .R...Q.......... 07d0 - 82 01 08 30 82 01 04 30-0e 06 03 55 1d 0f 01 01 ...0...0...U.... 07e0 - ff 04 04 03 02 01 86 30-1d 06 03 55 1d 25 04 16 .......0...U.%.. 07f0 - 30 14 06 08 2b 06 01 05-05 07 03 02 06 08 2b 06 0...+.........+. 0800 - 01 05 05 07 03 01 30 12-06 03 55 1d 13 01 01 ff ......0...U..... 0810 - 04 08 30 06 01 01 ff 02-01 00 30 1d 06 03 55 1d ..0.......0...U. 0820 - 0e 04 16 04 14 14 2e b3-17 b7 58 56 cb ae 50 09 ..........XV..P. 0830 - 40 e6 1f af 9d 8b 14 c2-c6 30 1f 06 03 55 1d 23 @........0...U.# 0840 - 04 18 30 16 80 14 79 b4-59 e6 7b b6 e5 e4 01 73 ..0...y.Y.{....s 0850 - 80 08 88 c8 1a 58 f6 e9-9b 6e 30 32 06 08 2b 06 .....X...n02..+. 0860 - 01 05 05 07 01 01 04 26-30 24 30 22 06 08 2b 06 .......&0$0"..+. 0870 - 01 05 05 07 30 02 86 16-68 74 74 70 3a 2f 2f 78 ....0...http://x 0880 - 31 2e 69 2e 6c 65 6e 63-72 2e 6f 72 67 2f 30 27 1.i.lencr.org/0' 0890 - 06 03 55 1d 1f 04 20 30-1e 30 1c a0 1a a0 18 86 ..U... 0.0...... 08a0 - 16 68 74 74 70 3a 2f 2f-78 31 2e 63 2e 6c 65 6e .http://x1.c.len 08b0 - 63 72 2e 6f 72 67 2f 30-22 06 03 55 1d 20 04 1b cr.org/0"..U. .. 08c0 - 30 19 30 08 06 06 67 81-0c 01 02 01 30 0d 06 0b 0.0...g.....0... 08d0 - 2b 06 01 04 01 82 df 13-01 01 01 30 0d 06 09 2a +..........0...* 08e0 - 86 48 86 f7 0d 01 01 0b-05 00 03 82 02 01 00 85 .H.............. 08f0 - ca 4e 47 3e a3 f7 85 44-85 bc d5 67 78 b2 98 63 .NG>...D...gx..c 0900 - ad 75 4d 1e 96 3d 33 65-72 54 2d 81 a0 ea c3 ed .uM..=3erT-..... 0910 - f8 20 bf 5f cc b7 70 00-b7 6e 3b f6 5e 94 de e4 . ._..p..n;.^... 0920 - 20 9f a6 ef 8b b2 03 e7-a2 b5 16 3c 91 ce b4 ed ..........<.... 0930 - 39 02 e7 7c 25 8a 47 e6-65 6e 3f 46 f4 d9 f0 ce 9..|%.G.en?F.... 0940 - 94 2b ee 54 ce 12 bc 8c-27 4b b8 c1 98 2f a2 af .+.T....'K.../.. 0950 - cd 71 91 4a 08 b7 c8 b8-23 7b 04 2d 08 f9 08 57 .q.J....#{.-...W 0960 - 3e 83 d9 04 33 0a 47 21-78 09 82 27 c3 2a c8 9b >...3.G!x..'.*.. 0970 - b9 ce 5c f2 64 c8 c0 be-79 c0 4f 8e 6d 44 0c 5e ..\.d...y.O.mD.^ 0980 - 92 bb 2e f7 8b 10 e1 e8-1d 44 29 db 59 20 ed 63 .........D).Y .c 0990 - b9 21 f8 12 26 94 93 57-a0 1d 65 04 c1 0a 22 ae .!..&..W..e...". 09a0 - 10 0d 43 97 a1 18 1f 7e-e0 e0 86 37 b5 5a b1 bd ..C....~...7.Z.. 09b0 - 30 bf 87 6e 2b 2a ff 21-4e 1b 05 c3 f5 18 97 f0 0..n+*.!N....... 09c0 - 5e ac c3 a5 b8 6a f0 2e-bc 3b 33 b9 ee 4b de cc ^....j...;3..K.. 09d0 - fc e4 af 84 0b 86 3f c0-55 43 36 f6 68 e1 36 17 ......?.UC6.h.6. 09e0 - 6a 8e 99 d1 ff a5 40 a7-34 b7 c0 d0 63 39 35 39 j.....@.4...c959 09f0 - 75 6e f2 ba 76 c8 93 02-e9 a9 4b 6c 17 ce 0c 02 un..v.....Kl.... 0a00 - d9 bd 81 fb 9f b7 68 d4-06 65 b3 82 3d 77 53 f8 ......h..e..=wS. 0a10 - 8e 79 03 ad 0a 31 07 75-2a 43 d8 55 97 72 c4 29 .y...1.u*C.U.r.) 0a20 - 0e f7 c4 5d 4e c8 ae 46-84 30 d7 f2 85 5f 18 a1 ...]N..F.0..._.. 0a30 - 79 bb e7 5e 70 8b 07 e1-86 93 c3 b9 8f dc 61 71 y..^p.........aq 0a40 - 25 2a af df ed 25 50 52-68 8b 92 dc e5 d6 b5 e3 %*...%PRh....... 0a50 - da 7d d0 87 6c 84 21 31-ae 82 f5 fb b9 ab c8 89 .}..l.!1........ 0a60 - 17 3d e1 4c e5 38 0e f6-bd 2b bd 96 81 14 eb d5 .=.L.8...+...... 0a70 - db 3d 20 a7 7e 59 d3 e2-f8 58 f9 5b b8 48 cd fe .= .~Y...X.[.H.. 0a80 - 5c 4f 16 29 fe 1e 55 23-af c8 11 b0 8d ea 7c 93 \O.)..U#......|. 0a90 - 90 17 2f fd ac a2 09 47-46 3f f0 e9 b0 b7 ff 28 ../....GF?.....( 0aa0 - 4d 68 32 d6 67 5e 1e 69-a3 93 b8 f5 9d 8b 2f 0b Mh2.g^.i....../. 0ab0 - d2 52 43 a6 6f 32 57 65-4d 32 81 df 38 53 85 5d .RC.o2WeM2..8S.] 0ac0 - 7e 5d 66 29 ea b8 dd e4-95 b5 cd b5 56 12 42 cd ~]f)........V.B. 0ad0 - c4 4e c6 25 38 44 50 6d-ec ce 00 55 18 fe e9 49 .N.%8DPm...U...I 0ae0 - 64 d4 4e ca 97 9c b4 5b-c0 73 a8 ab b8 47 c2 d.N....[.s...G. depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = R3 verify return:1 depth=0 CN = acme-v02.api.letsencrypt.org verify return:1 read from 0x128a2f0 [0x129b883] (5 bytes => 5 (0x5)) 0000 - 16 03 03 01 4d ....M read from 0x128a2f0 [0x129b888] (333 bytes => 333 (0x14D)) 0000 - 0c 00 01 49 03 00 17 41-04 31 0a 8a d2 94 64 8a ...I...A.1....d. 0010 - f4 d9 7f 07 9e b8 15 57-2a e9 c0 75 10 eb a1 e1 .......W*..u.... 0020 - 35 ac 95 ac 58 fe b1 ec-6b 6f b5 8d fe b5 e2 05 5...X...ko...... 0030 - 4d df ed 09 d1 07 2d 23-f3 37 93 fe 90 d6 d9 97 M.....-#.7...... 0040 - ad d8 f6 3a 19 50 02 44-06 04 01 01 00 72 3f 84 ...:.P.D.....r?. 0050 - d8 76 78 d9 81 60 64 c4-91 64 2f b2 38 86 c0 8f .vx..`d..d/.8...
> 0060 - af 95 b2 14 c4 91 1b 03-76 8f eb 01 81 54 ee 81 ........v....T..
> 0070 - ab f2 d8 19 8d 97 2d bb-39 de ed 30 3a 9c 9c c1 ......-.9..0:...
> 0080 - 0f 48 5c 78 a6 70 c7 3f-3e 0d 52 77 51 56 3d 7f .H\x.p.?>.RwQV=.
> 0090 - 68 25 79 7e cd b1 4b c2-91 09 df 9a 33 b6 29 06 h%y~..K.....3.).
> 00a0 - 14 83 f3 82 01 2d 82 5c-d0 42 c3 91 8f bd 27 5d .....-..B....']
> 00b0 - 2a 91 56 2f 78 0d df c3-c6 ac c4 33 bd 85 00 fe *.V/x......3....
> 00c0 - 98 3a e3 c5 e2 8a f9 8f-3d 48 76 d7 29 2b 7d 55 .:......=Hv.)+}U
> 00d0 - 8d 2f 06 ba f9 62 e5 8e-86 fe 08 5b 4b 07 ae 1d ./...b.....[K...
> 00e0 - e1 07 c6 6c a6 db 0b 61-e2 79 2d 03 cc 12 88 de ...l...a.y-.....
> 00f0 - a3 9d ee 6c 2e 4f 7d 32-17 c7 ab 09 f4 f3 38 5d ...l.O}2......8]
> 0100 - b4 d3 6d 7b 35 44 cc cf-a1 af 69 a3 ae c5 88 1c ..m{5D....i.....
> 0110 - 8b 27 c9 99 54 8f 22 d0-48 18 88 57 0e 16 7a a8 .'..T.".H..W..z.
> 0120 - b1 53 8d 8f d9 98 e3 ed-f6 6b 86 bb 28 87 cb 37 .S.......k..(..7
> 0130 - 86 5d 06 18 c9 bc 12 ae-ce cb fe ac da 36 ea 71 .]...........6.q
> 0140 - 9a 9b 87 44 52 66 ab d8-46 7d 4c 52 86 ...DRf..F}LR.
> read from 0x128a2f0 [0x129b883] (5 bytes => 5 (0x5))
> 0000 - 16 03 03 00 04 .....
> read from 0x128a2f0 [0x129b888] (4 bytes => 4 (0x4))
> 0000 - 0e .
> 0004 - <SPACES/NULS>
> write to 0x128a2f0 [0x12a5740] (75 bytes => 75 (0x4B))
> 0000 - 16 03 03 00 46 10 00 00-42 41 04 30 97 34 be 29 ....F...BA.0.4.)
> 0010 - dc 0c 79 95 99 80 96 75-df fa ed 2d c1 15 22 11 ..y....u...-..".
> 0020 - b6 92 4d 11 56 ac e5 4e-45 94 90 9b 3b d4 18 13 ..M.V..NE...;...
> 0030 - 88 ca 86 ef ef 33 ae 1d-fc 73 da 0a 70 9d ca c2 .....3...s..p...
> 0040 - 18 ce 7f 77 1b a7 32 63-13 68 c1 ...w..2c.h.
> write to 0x128a2f0 [0x12a5740] (6 bytes => 6 (0x6))
> 0000 - 14 03 03 00 01 01 ......
> write to 0x128a2f0 [0x12a5740] (45 bytes => 45 (0x2D))
> 0000 - 16 03 03 00 28 90 be f8-d9 be c0 f0 f3 97 92 55 ....(..........U
> 0010 - 6a 08 ba 37 26 e4 fe 3a-e6 72 0b 94 7b 2f 6a a2 j..7&..:.r..{/j.
> 0020 - 48 bb b3 64 87 37 eb d4-b0 e4 ea 7e ac H..d.7.....~.
> read from 0x128a2f0 [0x129b883] (5 bytes => 5 (0x5))
> 0000 - 14 03 03 00 01 .....
> read from 0x128a2f0 [0x129b888] (1 bytes => 1 (0x1))
> 0000 - 01 .
> read from 0x128a2f0 [0x129b883] (5 bytes => 5 (0x5))
> 0000 - 16 03 03 00 28 ....(
> read from 0x128a2f0 [0x129b888] (40 bytes => 40 (0x28))
> 0000 - 00 b9 22 12 4b dd 29 e0-5b 6f 8c 1f 15 b3 49 a7 ..".K.).[o....I.
> 0010 - 9f 58 9f 47 bb 79 d6 84-ff 80 12 a6 3d f7 81 f4 .X.G.y......=...
> 0020 - fe d0 77 1a e5 be df bc- ..w.....

---

## Certificate chain
0 s:/CN=[acme-v02.api.letsencrypt.org](http://acme-v02.api.letsencrypt.org/)
i:/C=US/O=Let's Encrypt/CN=R3
1 s:/C=US/O=Let's Encrypt/CN=R3
i:/C=US/O=Internet Security Research Group/CN=ISRG Root X1

## Server certificate
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISA7Py/lTGTMNToMpTCYmUsJs7MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA2MzAyMDM4NDBaFw0yMzA5MjgyMDM4MzlaMCcxJTAjBgNVBAMT
HGFjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDO3dIPKGCp0MChSbIAYXzhCzEiYdS8S5/YddYbtUg+JT+P
qeydKR3tegtpzbBT9zlH6RvreEIK4qLSftRGcOPGYLuOS7NQshfqds3LelZZs21w
aU0oybwyCXJyFKGOuWOhhBdBS3FsyPDccu8aeBiLbAqr3ttqElq0ow0qjErVuewv
xNPuie/ThXcCJf0+s66NLildEvJN5ZGnKw/YFt+P9g7nWDYrloX1TGdwaacOZkPa
kTA/L9oi3OEdQAa7KsOL65FaXHhzjKN0+qLPQJervuZnnAAzkp0Nd5a9fG0n36S0
Tl0BfPnYqWEw4o3TEUnqXlpfMibnlB3klBde4j29AgMBAAGjggLdMIIC2TAOBgNV
HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1Ud
EwEB/wQCMAAwHQYDVR0OBBYEFCEKiV3o8Z2zJfgc83rpoazSyBXnMB8GA1UdIwQY
MBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEF
BQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8v
cjMuaS5sZW5jci5vcmcvMIHjBgNVHREEgdswgdiCHmFjbWUtdjAyLTEuYXBpLmxl
dHNlbmNyeXB0Lm9yZ4IeYWNtZS12MDItMi5hcGkubGV0c2VuY3J5cHQub3Jngh5h
Y21lLXYwMi0zLmFwaS5sZXRzZW5jcnlwdC5vcmeCHmFjbWUtdjAyLTQuYXBpLmxl
dHNlbmNyeXB0Lm9yZ4IeYWNtZS12MDItNS5hcGkubGV0c2VuY3J5cHQub3Jnghxh
Y21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnghhpbmNpZGVudC5sZXRzZW5jcnlw
dC5vcmcwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEGBgorBgEEAdZ5AgQCBIH3BIH0
APIAdwB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYkOPnBgAAAE
AwBIMEYCIQDogAQb5o49gZKPQsXj8pRWKH9wDb38gWU3to4Aifzr5AIhAJCA/prQ
ClfrWggnRupGD/R+0elu2tm6DkYmCekrNbShAHcAtz77JN+cTbp18jnFulj0bF38
Qs96nzXEnh0JgSXttJkAAAGJDj5wYgAABAMASDBGAiEA7rZ5WGaILRTXWMbWxrQn
qf6pUV7mxsJpDzmLqhZ9kwgCIQDBOyWLGFOqaTZzojsu3ZspNQ18DESdq7FkUFJr
8HgPKzANBgkqhkiG9w0BAQsFAAOCAQEAnw+cieL1f7hpq60fUFg5+BvAmqDBjGhp
2U2j3KKUTIrWRSHso9664ihW3gRyhUenCen+7i4Kl1lO8KU28LGsvrrVzr6YS1t5
jwDnucslL1j/aYWn9jOJSE4LQ54CTvKU7wHikTH3z7GdvOaaDtI/G0XPl0ugxcvr
uwamkv0huzeQW0iVsmFdmQMxmLVVU3AFnMFpvktJgnTEDU0bSfDFEJ95cmURPHqE
8I9ZAHrPuUbc4FXxPJquvI/u7Dx9nxxQIy1RpJT98LGsgM7eEqWOs0QB5PgIY6u6
PwIUUJYz7iquDIlvOd2hlELEeWpE2BwsR8BIOgpdWOpFumKfp2My4A==
-----END CERTIFICATE-----
subject=/CN=[acme-v02.api.letsencrypt.org](http://acme-v02.api.letsencrypt.org/)
issuer=/C=US/O=Let's Encrypt/CN=R3

## No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: ECDH, P-256, 256 bits

## SSL handshake has read 3300 bytes and written 452 bytes

## New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 78FCEE4F4728F79F8B1B3834F06CA4876BC9BD06DF8BE99C9B6C8923AB9E4FE1
Session-ID-ctx:
Master-Key: 135ED64D9E104E5A4027A421001E65E450FEAB66F2D493F45D4FDF563D4D1B2E48A6696B99184014CF35FEB69362AFC7
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: 1688424151
Timeout : 300 (sec)
Verify return code: 0 (ok)

write to 0x128a2f0 [0x129fdd3] (30 bytes => 30 (0x1E))
0000 - 17 03 03 00 19 90 be f8-d9 be c0 f0 f4 93 2f 57 ............../W
0010 - b7 57 6c 46 62 75 1e a3-99 8b dd cf f0 6b .WlFbu.......k

write to 0x128a2f0 [0x129fdd3] (30 bytes => 30 (0x1E))
0000 - 17 03 03 00 19 90 be f8-d9 be c0 f0 f5 9d 40 a0 ..............@.
0010 - 81 6c c5 d9 27 29 8c 1c-c7 b5 21 d3 cc e2 .l..')....!...

write to 0x128a2f0 [0x129fdd3] (30 bytes => 30 (0x1E))
0000 - 17 03 03 00 19 90 be f8-d9 be c0 f0 f6 17 df 36 ...............6
0010 - c5 52 d2 f2 d8 eb 12 0b-12 64 1f e0 f0 50 .R.......d...P

write to 0x128a2f0 [0x129fdd3] (30 bytes => 30 (0x1E))
0000 - 17 03 03 00 19 90 be f8-d9 be c0 f0 f7 af f6 f4 ................
0010 - a9 65 04 96 f1 eb 81 63-1b 4e 17 50 99 31 .e.....c.N.P.1

write to 0x128a2f0 [0x129fdd3] (30 bytes => 30 (0x1E))
0000 - 17 03 03 00 19 90 be f8-d9 be c0 f0 f8 52 3b 33 .............R;3
0010 - 71 6d 6f 5e e8 b7 7d 43-47 40 c0 c5 6d 19 qmo^..}CG@..m.

write to 0x128a2f0 [0x129fdd3] (30 bytes => 30 (0x1E))
0000 - 17 03 03 00 19 90 be f8-d9 be c0 f0 f9 e8 48 10 ..............H.
0010 - c9 12 aa 78 f5 56 7f f2-29 c4 ad 8b 8e c4 ...x.V..).....

write to 0x128a2f0 [0x129fdd3] (30 bytes => 30 (0x1E))
0000 - 17 03 03 00 19 90 be f8-d9 be c0 f0 fa a2 ca d5 ................
0010 - 80 26 c3 01 47 2a f2 b4-fc 2f 93 bf 9b 05 .&..G*.../....

write to 0x128a2f0 [0x129fdd3] (30 bytes => 30 (0x1E))
0000 - 17 03 03 00 19 90 be f8-d9 be c0 f0 fb a5 98 8a ................
0010 - 93 1d 4a 68 0b b5 b4 c6-91 2a a9 f3 60 9c ..Jh.....*..`.

write to 0x128a2f0 [0x129fdd3] (30 bytes => 30 (0x1E))
0000 - 17 03 03 00 19 90 be f8-d9 be c0 f0 fc 45 18 0d .............E..
0010 - 2c cb c6 d8 1a c8 a1 e0-11 75 5e fd 59 16 ,........u^.Y.

write to 0x128a2f0 [0x129fdd3] (30 bytes => 30 (0x1E))
0000 - 17 03 03 00 19 90 be f8-d9 be c0 f0 fd c9 5a e1 ..............Z.
0010 - dc 9d 38 d7 58 4e d7 a8-f3 9d 8d 19 75 6b ..8.XN......uk

write to 0x128a2f0 [0x129fdd3] (30 bytes => 30 (0x1E))
0000 - 17 03 03 00 19 90 be f8-d9 be c0 f0 fe 06 59 94 ..............Y.
0010 - 43 9c 46 16 bd 90 45 cb-6b 56 86 a6 57 83 C.F...E.kV..W.

write to 0x128a2f0 [0x129fdd3] (30 bytes => 30 (0x1E))
0000 - 17 03 03 00 19 90 be f8-d9 be c0 f0 ff 8c a5 b0 ................
0010 - f3 a7 c8 0f c3 04 3c 7e-96 39 6a a7 50 f5 ......<~.9j.P.

write to 0x128a2f0 [0x129fdd3] (30 bytes => 30 (0x1E))
0000 - 17 03 03 00 19 90 be f8-d9 be c0 f1 00 51 01 9a .............Q..
0010 - a3 9d e9 c3 94 4c 1d a1-57 8b f7 67 7b 4d .....L..W..g{M

write to 0x128a2f0 [0x129fdd3] (30 bytes => 30 (0x1E))
0000 - 17 03 03 00 19 90 be f8-d9 be c0 f1 01 35 4c ef .............5L.
0010 - 13 ec c1 9d 16 5b 1a 41-40 97 5f dc 13 96 .....[.A@._...

write to 0x128a2f0 [0x129fdd3] (34 bytes => 34 (0x22))
0000 - 17 03 03 00 1d 90 be f8-d9 be c0 f1 02 1d b7 e3 ................
0010 - c2 11 4b 24 2d a2 8a 2c-96 3f f5 7b d1 b8 86 66 ..K$-..,.?.{...f
0020 - b6 bc ..

write to 0x128a2f0 [0x129fdd3] (30 bytes => 30 (0x1E))
0000 - 17 03 03 00 19 90 be f8-d9 be c0 f1 03 72 18 e5 .............r..
0010 - 80 6c fb 63 8c 77 09 28-6f 78 77 31 5e 37 .l.c.w.(oxw1^7
read from 0x128a2f0 [0x129b883] (5 bytes => 5 (0x5))
0000 - 17 03 03 01 3f ....?
read from 0x128a2f0 [0x129b888] (319 bytes => 319 (0x13F))
0000 - 00 b9 22 12 4b dd 29 e1-1d b0 10 fa 4a e0 91 5d ..".K.).....J..]
0010 - 49 e5 29 ab 88 2c d1 48-88 bf 4c ff c6 95 2f 2d I.)..,.H..L.../-
0020 - c9 31 ab 42 58 2d da 1b-34 bb 4f 10 3c 45 be ca .1.BX-..4.O.<E..
0030 - 01 e0 d1 81 09 36 ed 93-5d 72 91 22 1e 4d 28 b2 .....6..]r.".M(.
0040 - 36 44 78 59 cc 65 2f 11-2f c1 69 ce 2a 0b 8d 6f 6DxY.e/./.i.<em>..o
0050 - f4 f1 dc d9 80 13 8c 47-65 b8 d0 b5 d1 d6 dc 98 .......Ge.......
0060 - 22 91 6b 08 3a c7 16 24-cb f1 a6 39 82 e6 84 e6 ".k.:..$...9....
0070 - 11 c6 e0 f0 b4 1a 6d 7b-c2 75 c5 64 bf 2a b3 34 ......m{.u.d.</em>.4
0080 - 41 ef c7 58 34 59 3e e1-20 e0 12 68 ac f7 c5 61 A..X4Y>. ..h...a
0090 - 5a 67 a1 6e c3 e6 66 19-c4 cf 73 7a b2 f3 d2 89 Zg.n..f...sz....
00a0 - 3a 44 91 f1 8c 99 53 6e-65 61 51 14 9c 29 cd 44 :D....SneaQ..).D
00b0 - c5 af 0f 74 41 66 8a e3-16 40 25 10 f3 78 8e df ...tAf...@%..x..
00c0 - a9 32 9c fa ac 08 0a ae-3f cc c6 c9 ab 05 e0 13 .2......?.......
00d0 - 92 9b 35 8c 2d e1 1e 91-3b e7 99 bf 29 03 a3 e8 ..5.-...;...)...
00e0 - 17 ba cd 5a a5 b4 cd 5e-db 13 d6 70 fd ec 6c 75 ...Z...^...p..lu
00f0 - a4 f3 24 d5 52 de 8c 90-d4 92 a9 72 7c 5e 6f 2b ..$.R......r|^o+
0100 - 97 8c 21 60 2b 74 e5 e1-47 37 df 02 10 7e 61 db ..!`+t..G7...~a.
0110 - f7 b1 e8 46 0d a2 70 bd-4c 6e 73 20 42 b8 70 b7 ...F..p.Lns B.p.
0120 - bb a5 d7 a2 e6 95 c8 9f-63 d5 07 54 41 54 74 1a ........c..TATt.
0130 - bf 32 5f 6a d0 cc ad 6a-00 53 23 48 cd 2c 5a .2_j...j.S#H.,Z
HTTP/1.1 400 Bad Request
Server: nginx
Date: Mon, 03 Jul 2023 22:43:27 GMT
Content-Type: text/html
Content-Length: 150
Connection: close

400 Bad Request

# 400 Bad Request

---
nginx read from 0x128a2f0 [0x129b883] (5 bytes => 5 (0x5)) 0000 - 15 03 03 00 1a ..... read from 0x128a2f0 [0x129b888] (26 bytes => 26 (0x1A)) 0000 - 00 b9 22 12 4b dd 29 e2-f4 5c af 2d fd 21 3a 6a ..".K.)..\.-.!:j 0010 - c9 ba fc 47 55 0a 0e 64-2e eb ...GU..d.. closed write to 0x128a2f0 [0x129fdd3] (31 bytes => 31 (0x1F)) 0000 - 15 03 03 00 1a 90 be f8-d9 be c0 f1 04 6e 6b 8e .............nk. 0010 - 3c 02 42 f2 18 a3 73 86-87 60 24 79 40 86 67 <.B...s..`$y@.g
1 Like
3

Your connection tests to the Let's Encrypt server look normal.

But, we need more info about your situation to help you. Please answer as much as you can from the form you were shown when posting

===========================

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

3 Likes
4

Hello Mike ,
the let's encrypt certificate are generated from icewarp server , there is no command , it is a graphical console integrated with icewarp solution for mail
for example we tried to install for : webmail.woodboard.dz and it is stucked there (csr) unfortunetly there is no output in real time ,

image
image841×359 24.5 KB

My web server is : the server is under icewarp solution , and control module is up to ensure web login for http / https (those are opened in public with no restrictions from our firewall)

operating system : centos 7

hosting provider : ICOSNET SPA Algeria

i can login via root

i use icewarp control panel ,

we are not using certbot

br

5

Does that solution give you access to log files? If so, those might indicate what the problem is.

6 Likes
6

yes ,

SYSTEM [00007F1E51039700] 01:04:02:268 Thread TCertificationThread(0x2B14400) terminated unexpectedly Could not connect to acme-v02.api.letsencrypt.org Exception: EHTTPClientException Could not connect to acme-v02.api.letsencrypt.org
Exception class: EHTTPClientException
Message: Could not connect to acme-v02.api.letsencrypt.org
$0000000000000000

7

I don't know Icewarp at all but that log error is not helpful. You have shown you can connect just fine. You might have to ask on an Icewarp forum.

But, you have gotten certs for your woodboard domain from Let's Encrypt before. Your most recent was issued on Jun21. But, when connecting to woodboard I see a cert from Sectigo which is invalid for woodboard because it has the wrong domain name in the cert. Although, I only checked ports 443 and 465.

I don't know that this causes your Icewarp problem but it seems a helpful clue

image
image1755×513 83.5 KB

Why would a wildcard cert naming icosnethosting.com be used?

openssl s_client -connect webmail.woodboard.dz:443 

Certificate chain
 0 s:CN = *.icosnethosting.com
   i:C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
   a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA256
   v:NotBefore: Jul 28 00:00:00 2022 GMT; NotAfter: Aug 20 23:59:59 2023 GMT
 1 s:C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
   i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA384
5 Likes
8

I don't think ICEWARP is an ACME client.

How does your system obtain LE certs?

Please answer the questions on post #3:

3 Likes
9

hello

the wildcard certificate from sectigo is to cover the mail server : pro.icosnethosting.com which pointed to the public IP

also when users use outlook as mail client they have the ability to introduce the mail name server so this latter is covered and there will be no issues

br

10

please find below the documentation

https://docs.icewarp.com/Content/IceWarp-Server/Administration-Nodes/System%20Node/Certificates/Server%20Certificates.htm?Highlight=certificate

kindly be noted that icewarp hosted many domain names under the same IP address so each FQDN has it own ssl certificate (the screenshot of some of domains are shared before)

Best Regards

11

Hi @mohamed95,

Even though the issue is about getting a Let's Encrypt certificate, I think we don't really have enough information here yet to see what the problem could be or how to solve it. I would suggest starting with IceWarp support, which I guess is located at

https://support.icewarp.com/hc/en-us

Even if they can just help you get more detailed logs about what IceWarp was trying to do and exactly what failed, we would have more to work with in trying to understand the problem. (Or if the error was just based on a temporary outage or something, they may be able to help you get the software to try requesting the certificate again.)

4 Likes
12

hello Schoen ,

thank you for your reply , below logs from the server when we tried to get certificat for another FQDN webmail.gnt-dz.net

Certification   [00007F1E51039700] 01:03:41:204 Registering Account
Certification   [00007F1E51039700] 01:03:41:205 >>> https://acme-v02.api.letsencrypt.org/directory
                                    
Certification   [00007F1E51039700] 01:03:43:995 <<< HTTP/1.1 200 OK
                                    Server: nginx
                                    Date: Tue, 04 Jul 2023 00:03:43 GMT
                                    Content-Type: application/json
                                    Content-Length: 752
                                    Connection: keep-alive
                                    Cache-Control: public, max-age=0, no-cache
                                    X-Frame-Options: DENY
                                    Strict-Transport-Security: max-age=604800
                                    
                                    
                                    {
                                      "40BwKGVZ7H0": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
                                      "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
                                      "meta": {
                                        "caaIdentities": [
                                          "letsencrypt.org"
                                        ],
                                        "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
                                        "website": "https://letsencrypt.org"
                                      },
                                      "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
                                      "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
                                      "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
                                      "renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-01/renewalInfo/",
                                      "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
                                    }
Certification   [00007F1E51039700] 01:03:43:997 >>> https://acme-v02.api.letsencrypt.org/acme/new-nonce
                                    
Certification   [00007F1E51039700] 01:03:44:746 <<< HTTP/1.1 204 No Content
                                    Server: nginx
                                    Date: Tue, 04 Jul 2023 00:03:44 GMT
                                    Connection: keep-alive
                                    Cache-Control: public, max-age=0, no-cache
                                    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
                                    Replay-Nonce: 853Fn7dHSh4xZdLh9xJZUCCIf321G_x_qu9FMiLS4RoUbpo
                                    X-Frame-Options: DENY
                                    Strict-Transport-Security: max-age=604800
                                    
Certification   [00007F1E51039700] 01:03:44:746 protected: {"url": "https:\/\/acme-v02.api.letsencrypt.org\/acme\/new-acct", "alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "69Sa7bqmDA6M82eylaVHWnW400oXxCH0SyTLhRhGqURjNqKsN6GbTODm5P-fysWY_eaAeFVJBP75CgyhJGZRKOOajCSrG8RNdoFIDaffqJ27o9OQ5gZW7FFwbIkXgFowMYDI-OWscsC5pA4H9P5ToAqO85j6wl7-GRMxPhQ38jNO2b3yTDTPySo01ZlS0jjH1vWDlg3XNvd2hR8rUBVzRJKSpCNSWOUsuI8pPxQwL8Uu06j3hivmDj1PfjBfVA4Cqtk2SOGJEYZ4UKx1qcKPLlvY7PI9x2hzZNwXRWLv8pHO4RIthhnpXzIhKmZ--54TpdPQyy6rqh8uEP4ML10dwJ71Vc7IraDU0mkQ2DmxGbTR8-viO2rFbqxwbigScWyMsnB5grgvFrrb1WZB9MeE55ftDscgf4Fq-WooSbJk5A3AL0X55piXWMP6ZwxSz2i7KtZFzrkLgJuhbR26L8WwJeBmH6rw_TDBKsQt4R6jqEzLbhhDjosCQneLs60btj0qchUQtFYFCzSjRtaDa7-lxMvyetKx50Qj7SPT1oSnNhCrpca-sEyq0FYtlpV4R8BchGkCe4g6nGLrqKhvkr65dkphBK9SgNGUIQYfvO_y1BASdHc6K6xz8S19toVBFp0cANnMr3u2Gn-Kn3pj2HBCQDlxiNx3SJK9YXRw3qNS60c"}, "nonce": "853Fn7dHSh4xZdLh9xJZUCCIf321G_x_qu9FMiLS4RoUbpo"}
Certification   [00007F1E51039700] 01:03:44:746 payload: {"termsOfServiceAgreed": true}
Certification   [00007F1E51039700] 01:03:44:753 >>> https://acme-v02.api.letsencrypt.org/acme/new-acct
                                    {"protected": "eyJ1cmwiOiAiaHR0cHM6XC9cL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmdcL2FjbWVcL25ldy1hY2N0IiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAiNjlTYTdicW1EQTZNODJleWxhVkhXblc0MDBvWHhDSDBTeVRMaFJoR3FVUmpOcUtzTjZHYlRPRG01UC1meXNXWV9lYUFlRlZKQlA3NUNneWhKR1pSS09PYWpDU3JHOFJOZG9GSURhZmZxSjI3bzlPUTVnWlc3RkZ3YklrWGdGb3dNWURJLU9Xc2NzQzVwQTRIOVA1VG9BcU84NWo2d2w3LUdSTXhQaFEzOGpOTzJiM3lURFRQeVNvMDFabFMwampIMXZXRGxnM1hOdmQyaFI4clVCVnpSSktTcENOU1dPVXN1SThwUHhRd0w4VXUwNmozaGl2bURqMVBmakJmVkE0Q3F0azJTT0dKRVlaNFVLeDFxY0tQTGx2WTdQSTl4Mmh6Wk53WFJXTHY4cEhPNFJJdGhobnBYekloS21aLS01NFRwZFBReXk2cnFoOHVFUDRNTDEwZHdKNzFWYzdJcmFEVTBta1EyRG14R2JUUjgtdmlPMnJGYnF4d2JpZ1NjV3lNc25CNWdyZ3ZGcnJiMVdaQjlNZUU1NWZ0RHNjZ2Y0RnEtV29vU2JKazVBM0FMMFg1NXBpWFdNUDZad3hTejJpN0t0WkZ6cmtMZ0p1aGJSMjZMOFd3SmVCbUg2cndfVERCS3NRdDRSNmpxRXpMYmhoRGpvc0NRbmVMczYwYnRqMHFjaFVRdEZZRkN6U2pSdGFEYTctbHhNdnlldEt4NTBRajdTUFQxb1NuTmhDcnBjYS1zRXlxMEZZdGxwVjRSOEJjaEdrQ2U0ZzZuR0xycUtodmtyNjVka3BoQks5U2dO
                                    R1VJUVlmdk9feTFCQVNkSGM2SzZ4ejhTMTl0b1ZCRnAwY0FObk1yM3UyR24tS24zcGoySEJDUURseGlOeDNTSks5WVhSdzNxTlM2MGMifSwgIm5vbmNlIjogIjg1M0ZuN2RIU2g0eFpkTGg5eEpaVUNDSWYzMjFHX3hfcXU5Rk1pTFM0Um9VYnBvIn0", "payload": "eyJ0ZXJtc09mU2VydmljZUFncmVlZCI6IHRydWV9", "signature": "g-HuYd3jyhj3tpAqZzih4SiDq8NLEbQVnVCHeqjh0kKsDTVYKhglPqTe2gihEPfuRzSMobEDtrNUvtx7_Sr4UE7cJg13vEVNsjdMOr5jav-vd0zzdVHCRQyOfjr14Z7sWRqkPx0_Xym3JlvJppDg3pM8C5ZUI4QkFU2fGd4H9SDXP3K3inYEeaXOhpXJH9d9-nvsmb3DCy5Dz3z5EIqgY8PWSO7sa4UQ2z88fyMT4M6HgwAQCZl7lvXdPhqfgFiZec_fbfA4PSenqmHILCI2GBqXUoW6UIDNEO7lQuV9JS_f7bEUPHI8Tdm_H-0SXxMmM7xcpv9O9vfLIx5lVEPYNPRIilKTDIwrR4Bot-_iQA8JFsgDmKs_kWPvF5JuEmtm5YW1_R1g5KgK-eyp8dnP3bf7AMN5eYRj71r3KPZndeb_wfz54_lP-860Hu_8nElAyHBuiFXLzlFy-fDjA4rZMWo7q-7jn8Ws1MRJCGhzo-oxTKL8XxKJtD6RbpR4piRaOqXWxmCGalaY8xW8UWbJwPOzAQi5MxiKQXJ9S3XbrcHV7AhptjYGbcYKE5XvJ2HeNkjFlhzmh-wJchnP2i7WrD3vcPYmbp7vZ91_Fn8D8CTv6UFMC_qZ6lLEXLSm-RKgTTQ4QUJi9nVze_piG73QfVfnws0XArhOS2IhTxGft4E"}
Certification   [00007F1E51039700] 01:03:45:371 <<< HTTP/1.1 200 OK
                                    Server: nginx
                                    Date: Tue, 04 Jul 2023 00:03:45 GMT
                                    Content-Type: application/json
                                    Content-Length: 840
                                    Connection: keep-alive
                                    Boulder-Requester: 66647645
                                    Cache-Control: public, max-age=0, no-cache
                                    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
                                    Location: https://acme-v02.api.letsencrypt.org/acme/acct/66647645
                                    Replay-Nonce: F70EJmxkLs9gRr3XenAU5ZT_HXrCKHKEu0bVmJd2dpW59h4
                                    X-Frame-Options: DENY
                                    Strict-Transport-Security: max-age=604800
                                    
                                    
                                    {
                                      "key": {
                                        "kty": "RSA",
                                        "n": "69Sa7bqmDA6M82eylaVHWnW400oXxCH0SyTLhRhGqURjNqKsN6GbTODm5P-fysWY_eaAeFVJBP75CgyhJGZRKOOajCSrG8RNdoFIDaffqJ27o9OQ5gZW7FFwbIkXgFowMYDI-OWscsC5pA4H9P5ToAqO85j6wl7-GRMxPhQ38jNO2b3yTDTPySo01ZlS0jjH1vWDlg3XNvd2hR8rUBVzRJKSpCNSWOUsuI8pPxQwL8Uu06j3hivmDj1PfjBfVA4Cqtk2SOGJEYZ4UKx1qcKPLlvY7PI9x2hzZNwXRWLv8pHO4RIthhnpXzIhKmZ--54TpdPQyy6rqh8uEP4ML10dwJ71Vc7IraDU0mkQ2DmxGbTR8-viO2rFbqxwbigScWyMsnB5grgvFrrb1WZB9MeE55ftDscgf4Fq-WooSbJk5A3AL0X55piXWMP6ZwxSz2i7KtZFzrkLgJuhbR26L8WwJeBmH6rw_TDBKsQt4R6jqEzLbhhDjosCQneLs60btj0qchUQtFYFCzSjRtaDa7-lxMvyetKx50Qj7SPT1oSnNhCrpca-sEyq0FYtlpV4R8BchGkCe4g6nGLrqKhvkr65dkphBK9SgNGUIQYfvO_y1BASdHc6K6xz8S19toVBFp0cANnMr3u2Gn-Kn3pj2HBCQDlxiNx3SJK9YXRw3qNS60c",
                                        "e": "AQAB"
                                      },
                                      "initialIp": "197.140.11.52",
                                      "createdAt": "2019-09-20T16:39:51Z",
                                      "status": "valid"
                                    }
Certification   [00007F1E51039700] 01:03:45:373 Starting domain verification for webmail.gnt-dz.net
Certification   [00007F1E51039700] 01:03:45:373 >>> https://acme-v02.api.letsencrypt.org/acme/new-nonce
                                    
Certification   [00007F1E51039700] 01:03:47:067 <<< HTTP/1.1 204 No Content
                                    Server: nginx
                                    Date: Tue, 04 Jul 2023 00:03:46 GMT
                                    Connection: keep-alive
                                    Cache-Control: public, max-age=0, no-cache
                                    Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
                                    Replay-Nonce: 853FFDIRw7p0SHuih6s_vyO-es3WAJwlf5jxTRXic5fIfho
                                    X-Frame-Options: DENY
                                    Strict-Transport-Security: max-age=604800
                                    
Certification   [00007F1E51039700] 01:03:47:067 protected: {"url": "https:\/\/acme-v02.api.letsencrypt.org\/acme\/new-order", "alg": "RS256", "nonce": "853FFDIRw7p0SHuih6s_vyO-es3WAJwlf5jxTRXic5fIfho", "kid": "https:\/\/acme-v02.api.letsencrypt.org\/acme\/acct\/66647645"}
Certification   [00007F1E51039700] 01:03:47:068 payload: {"identifiers": [{"type": "dns", "value": "webmail.gnt-dz.net"}]}
Certification   [00007F1E51039700] 01:03:47:075 >>> https://acme-v02.api.letsencrypt.org/acme/new-order
                                    {"protected": "eyJ1cmwiOiAiaHR0cHM6XC9cL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmdcL2FjbWVcL25ldy1vcmRlciIsICJhbGciOiAiUlMyNTYiLCAibm9uY2UiOiAiODUzRkZESVJ3N3AwU0h1aWg2c192eU8tZXMzV0FKd2xmNWp4VFJYaWM1ZklmaG8iLCAia2lkIjogImh0dHBzOlwvXC9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnXC9hY21lXC9hY2N0XC82NjY0NzY0NSJ9", "payload": "eyJpZGVudGlmaWVycyI6IFt7InR5cGUiOiAiZG5zIiwgInZhbHVlIjogIndlYm1haWwuZ250LWR6Lm5ldCJ9XX0", "signature": "JUuLNelpHbbmcsxamVzCFLNu_4v4E1gu0q75siLH9WdMT_bcxRvl4buIh6qaeozgbrUOlhwoPkvY0qrot8MJ3b_kRSsGy0GjnBNf6oLNAMrlrf4dbet-0AlqvYdzq0LQJAreDDWCkEgy7F-Nqehv78vb38siofusJhjl07B3eLpRhOmwiUW0dP2Yx2QG1Yo7f-1htWQhXRGX7P6Uki0j32ebGwRM_hzD7jc9KalVHPpl54NnLmVz2lIoq0TS3f5pRVo0tRuzeTOBl_KP5RVQ1CFeYr2r3yBLeMOfnJEA2uwm5YXS9NLrVgjRisWiTSwy5bfoBbDVVTu5NzvxT2zof84afSv8qRj0u5Fzjr0yx0p9vYFb9E48MbpwmDNzTXx4YrlluGowMn3E7x9ngPABQ8OZi7vzXjlKzHz9j5wtonRu1OZbsYznV9BwhOtmbeb2NOAADkCtQrbkxPAnOqaF2J40mmP4a1uU_K7ymVZxkqP-hdmD7EpK2ILZLDRgi3srGov3ax3KMAw58D0dZzxWmszkeUUgO7x0Fa9scQE1ENnqzpZjeBuSZM2wo
                                    1C5R7GzdADklallZ_Xf2oLOJa5z9q3kQd3unw72F8YrQGtiRoS1FZLVq9q2mytOOMu3G9EbXwVzH8d-uzVh2GbpD6fJhikWE-V4hA1MPvhT8hHl6is"}
SYSTEM          [00007F1A39ADA700] 14:57:51:716 Internal Server Error: directly returned from cgi/fastcgi call, Original request:
                                    POST /-.._._.--.._1670236175/webmail/server/webmail.php HTTP/1.1
                                    <iq sid="wm-64a4250b8f0fd491492128" uid="590484480319952.81688479033928" type="get" format="json"><query xmlns="webmail:iq:items"><account uid="sidalibouagab@mustbeauty.dz"><folder uid="Envoyés"><item uid="25667691"><values><to/><from/><sender/><html/><cc/><bcc/><sms/><reply_to/><attachments/><flags/><has_attachment/><has_embedded_attachment/><priority/><tags/><static_flags/><subject/><smime_status/><confirm_addr/><date/><size/><certificate/><message_id/><references/><in_reply_to/><reply_fullpath/><forward_fullpath/><color/><keep_seen/><deferred_delivery/><ctz>60</ctz></values></item></folder></account></query></iq>
1 Like
13

unfortunetly no one here is able to help us on this case since its opening
we will check with another alternative

14

I disagree.
There have been five posts to counter that statement.
And many questions to you have gone unanswered.

And I agree with statement this :100:

5 Likes
15

@mohamed95 I'm sorry I didn't look closely at your log file when you posted it. I appreciate your providing this information, but after reviewing it, I also still think we don't have enough information to understand the problem. Specifically, the log file does not include any error from Icewarp about Let's Encrypt being unable to issue a requested certificate.

This may mean that the log file is incomplete for some reason.

So, I still think it would be necessary to find a way to get a more complete log, showing what Icewarp was trying to do and why Icewarp concluded that it failed.

4 Likes
16

The last communication between your server and Let's Encrypt shown there is

Certification   [00007F1E51039700] 01:03:47:075 >>> https://acme-v02.api.letsencrypt.org/acme/new-order

and then there's no information about whether or how the Let's Encrypt server replied to that request.

5 Likes
17

we are trying to gather more information regarding this issue with icewarp support ,

howerever we want to know if there is someone who can if our IP are blocked at LE level

br

18

The log at Issue with let's encrypt ICEWARP MAIL SERVER - #12 by mohamed95 shows the ACME directory and other ACME traffic between the ACME client and ACME server, so that IP address clearly isn't blocked.

4 Likes
19

It is not blocked by LE. Your curl in first post showed a connection. And, the example log entry below showed connection. You would not see these if you were blocked.

(note the 200 OK response by Let's Encrypt server)

6 Likes
20

Thank you guys for your feedbacks ,

we are still under investigation with icewarp support if there is any suggestion please let us know about it

the idea now is looking around MTU Size

BR

2 Likes