Issues making certificates

#22

ok i’v looked into it, for some reason firefox doesn’t load the page at all. ill look into fixing that, maybe it will fix the other issue as well

and when i mean it doesnt load, it doesnt parse the responce as a http responce, it prints out the entire responce without parsing it

#23

There’s a Unicode byte order mark before the data.

$ hd xqcLvoVuBoUMWLd9HWLNQuDR9Gs0y36i_LgVKfHu9tk | less
00000000  ef bb bf 48 54 54 50 2f  31 2e 31 20 34 30 34 20  |...HTTP/1.1 404 |
00000010  4e 6f 74 20 46 6f 75 6e  64 0d 0a 44 61 74 65 3a  |Not Found..Date:|
00000020  20 46 72 69 2c 20 32 32  20 4d 61 72 20 32 30 31  | Fri, 22 Mar 201|

Plus it doesn’t close the connection after it finished sending the response.

Edit: Maybe ignore the last sentence. It does send a Content-Length header, which the client ignores, because of the other issue.

#24

so its sending a header in unicode? wtf

#25

By the way, the time zone in the Date header isn’t “GMT”.

Date: Fri, 22 Mar 2019 22:36:42 UTC+1
#26

ok ill fix that in a bit, you sure that the UTF-8 header isnt just comming from wget writting to the file?

#27

wget doesn’t add BOMs for no reason.

#28

yea i’v set it up to where i serlize it and send it directly to the socket stream, the stupid ass StreamWriter thought it was writting to a file.

but the lets encrypt attempt still failed.

at least it load in firefox now

#29

What error message did Let’s Encrypt have now?

#30

1 sec, i got to remove some code to allow me to debug the error

#31

ok i got a key type error, BUT IT FRIKING WORKS!

thank you so much man, i never NEVER would have thought it would add in an encoding header. and probably would of just given up. so thank you SO MUCH!!!

#32

now i got a new issue. ;-;

’ policy forbids issuing for: “exhibitionhttptestingserver”’ ’
is this just something with the staging server?

#33

The production and staging rules should be about the same, AFAIK. What name did you actually try to get a certificate for? It has to be something syntactically valid and not blacklisted (e.g. a large bank). www.exhibapi.dynu.net would be good, localhost or paypal.com would not.

#34

Certes.AcmeRequestException: ‘Fail to load resource from ‘https://acme-v02.api.letsencrypt.org/acme/finalize/53819622/366715481’.
urn:ietf:params:acme:error:malformed: Error finalizing order :: policy forbids issuing for: “exhibitionhttptestingserver”’

this is the Csr Info:

image

#35

ok yea, i just relized my stupidity, the CN has to be the DNS name -_-

closed #36

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.