Pebble ACME server fails at the attempt to validate http01 challenges

just run it locally with ./pebble.exe or something

4 Likes

In the binary version, the http://localhost:5002/.well-known/acme-challenge/_token_ request still cannot reach the HTTP server.

The HTTP server is set up with an IP address, also "host = "127.0.0.1", port = 5002". I run it with TCP and it listens in the background. The URL would be http://localhost:5002. It's set up to catch GET requests to ./well-known/acme-challenge/token.

I tried to create a GET request with the ACME client and it returns the keyAuthorization correctly. But the pebble ACME server:

Attempting to validate w/ HTTP: http://localhost:5002/.well-known/acme-challenge/_token_

It doesn't seem to reach the HTTP server, or at least it seems so, because the print statements in the code didn't print anything.

if it saw any error there it will return it as txt to client: can you see that?

2 Likes

Yes, but it seems like it has changed a bit. Now it says:

{
   "type": "http-01",
   "url": "https://localhost:14000/chalZ/1uR_7eO0Ge7C5Ksxw7csevWB9qpbuRnrUd6ctmkKcEA",
   "token": "T0DrUYmv5lCfmoEc7DA_FXbiZam_W4oqK3BCISx8K8s",
   "status": "processing"
}

I don't know why, but the status changed to "processing". The next requests are invalid, just like with docker:

{
   "type": "urn:ietf:params:acme:error:malformed",
   "detail": "Cannot update challenge with status invalid, only status pending",
   "status": 400
}

I managed to make it work with the binary version.

I put the mapping of IP address to host name "127.0.0.1 example.local" in the windows host file, and set "example.local" as the domain to try to get the certificate.

I defined in the pebble-config file:

"listenAddress": "127.0.0.1:14000",

I also set the HTTP server host IP to "127.0.0.1", and the challenge validation succeeds.

Thanks for your help!

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.