Not able to meet challenge requirements anymore

I am not able to figure out why my challenges is all of the sudden failing, I have not changed anything for a long time and now they have started to fail. Has something changed that I am not aware of?

My domain is: sonicz.dk

I ran this command: ./dehydrated -c

It produced this output:

My web server is (include version): BIG-IP

The operating system my web server runs on is (include version):
14.1.2
My hosting provider, if applicable, is:
Cloudflare
I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): Dehydrated 0.6.5

Hope for some input/ideas :slightly_smiling_face:

1 Like

This means your server is requiring authentication.
You should make an exclusion for the /.well-known/acme-challenge/ requests from such a requirement.

I'm not familiar with BIG-IPs [only the little ones...].
Is it anything similar to Apache or NGINX?
Is there a virtual host configuration file?

1 Like

I have a iRule handling the /.well-known/acme-challenge/ and it have worked until now:

when HTTP_REQUEST {
if { not ([HTTP::path] starts_with “/.well-known/acme-challenge/”) } { return }
set token [lindex [split [HTTP::path] “/”] end]
set response [class match -value – $token equals acme_responses]
if { “$response” == “” } {
log local0. “Responding with 404 to ACME challenge $token”
HTTP::respond 404 content “Challenge-response token not found.”
} else {
log local0. “Responding to ACME challenge $token with response $response”
HTTP::respond 200 content “$response” “Content-Type” “text/plain; charset=utf-8”
}
}
It generates the token just fine, it stops when validating the token.

1 Like
 if { not ([HTTP::path] starts_with “/.well-known/acme-challenge/”) } { return }
 set token [lindex [split [HTTP::path] “/”] end]
 set response [class match -value – $token equals acme_responses]

I don’t quite follow the program logic.

Nvm I think I get it now.

Can you place a test file in that folder to ensure your coding works?

I can make a static entry and get the data in it returned when I call the URL.

Can you share that link to confirm?

Like:
http://rdp.sonicz.dk/.well-known/acme-challenge/testfile1234

1 Like

Here you go:

http://rdp.sonicz.dk/.well-known/acme-challenge/testfile1234

1 Like

Solved - For some reason a config file was corrupt. Thanks alot for all the help :):sunglasses:

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.