Malformed key thumbprint?

Hello,

I tried to generate a certificate for a domain on my CentOS/Apache2/Plesk server using the following command:

./letsencrypt-auto certonly -a manual -d www.mydomain.de --server https://acme-v01.api.letsencrypt.org/directory --agree-dev-preview --rsa-key-size 4096

and was asked to have the web server display ‘the following content’ at http://www.mydomain.de/.well-known/acme-challenge/xxxx : yyyy . According to the instruction on how to generate this from command line, I take xxxx is a simple ascii text file containing nothing but the text string yyyy ?
Still, I received the error message
urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Error parsing key authorization file: Invalid key authorization: malformed key thumbprint … can anyone tell me the reason for this error? Can’t see what I might have done wrong.

@rookey Take a look to this post. It is possible that your “problem” is related to a new line character in the challenge file.

thanks a lot, that was indeed the reason! No idea how this crlf smuggled itself in without me noticing! :blush:

I think it would be epic if acme could just ignore all whitespaces, so this wouldnt have to be asked anymore.

I already sent a PR and it’s already merged, it’s just not deployed yet.

then it just has to be deployed. by the way what characters are ignored? just \n?

Trailing spaces, newlines and tabs.

See https://github.com/letsencrypt/boulder/pull/1142/files#diff-2ff0ef2a0a5152608dd9c1ea1f66dda1R35

you also should kill the \r or whatever it was because in windows and mac \r or whatever it was is used as a part of the newline.

Feel free to send a PR. :wink:

problem. I never coded go (90%+ of my coding life was PHP HTML and CSS) and as I am not sure and I certainly dont want to destroy the code.

You just have to add the \r into the linked string. I didn’t code any Go before that PR either.

well yeah edit button does not work.

the other repo were I am doung stuff with my friend there the button works…