Please help on ACME Challenge on site http://yw.duopu.cn/

silentacorn · December 17, 2017, 5:26am

I’m getting trouble to complete ACME challenge even the http response is exactly same as required, please help to check it.

When I check the challenge status on this url:
https://acme-v01.api.letsencrypt.org/acme/challenge/mfWG-XkaoX-y-6pOor1nKYI55QIcpTcHMIYtHfPG_zY/2768023139
I got this response:
{
“type”: “http-01”,
“status”: “invalid”,
“error”: {
“type”: “urn:acme:error:unauthorized”,
“detail”: “The key authorization file from the server did not match this challenge [ODdWrr0UJW3HdyGWNcUA5S3BpZvsE3lXEyLfxsN23-A.PmxcITz36tYkGadb_Ti8ApByYtI0VhTKs_jHPnQvFro] != [ODdWrr0UJW3HdyGWNcUA5S3BpZvsE3lXEyLfxsN23-A.PmxcITz36tYkGadb_Ti8ApByYtI0VhTKs_jHPnQvFro]”,
“status”: 403
},
“uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/mfWG-XkaoX-y-6pOor1nKYI55QIcpTcHMIYtHfPG_zY/2768023139”,
“token”: “ODdWrr0UJW3HdyGWNcUA5S3BpZvsE3lXEyLfxsN23-A”,
“keyAuthorization”: “ODdWrr0UJW3HdyGWNcUA5S3BpZvsE3lXEyLfxsN23-A.PmxcITz36tYkGadb_Ti8ApByYtI0VhTKs_jHPnQvFro”,
“validationRecord”: [
{
“url”: “http://yw.duopu.cn/.well-known/acme-challenge/ODdWrr0UJW3HdyGWNcUA5S3BpZvsE3lXEyLfxsN23-A”,
“hostname”: “yw.duopu.cn”,
“port”: “80”,
“addressesResolved”: [
“114.55.59.234”
],
“addressUsed”: “114.55.59.234”,
“addressesTried”: []
}
]
}

My domain is:
http://yw.duopu.cn/

I ran this command on PowerShell:
Submit-ACMEChallenge dns3 -ChallengeType http-01

It produced this output:
IdentifierPart : ACMESharp.Messages.IdentifierPart
IdentifierType : dns
Identifier : yw.duopu.cn
Uri : https://acme-v01.api.letsencrypt.org/acme/authz/mfWG-XkaoX-y-6pOor1nKYI55QIcpTcHMIYtHfPG_zY
Status : pending
Expires : 2017/12/24 4:50:09
Challenges : {, manual, }
Combinations : {1, 0, 2}

My web server is (include version):
Apache/2.2.22 (Win32)

The operating system my web server runs on is (include version):
Windows Server 2012

My hosting provider, if applicable, is:
Alicloud

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes, I login via Microsoft Remote Desktop

mnordhoff · December 17, 2017, 7:05am

It’s not actually exactly the same. It’s not visible in the error message – or your browser, or most text editors – but the file on the server starts with a UTF-8 byte order mark.

00000000  ef bb bf 4f 44 64 57 72  72 30 55 4a 57 33 48 64  |...ODdWrr0UJW3Hd|
00000010  79 47 57 4e 63 55 41 35  53 33 42 70 5a 76 73 45  |yGWNcUA5S3BpZvsE|
00000020  33 6c 58 45 79 4c 66 78  73 4e 32 33 2d 41 2e 50  |3lXEyLfxsN23-A.P|
00000030  6d 78 63 49 54 7a 33 36  74 59 6b 47 61 64 62 5f  |mxcITz36tYkGadb_|
00000040  54 69 38 41 70 42 79 59  74 49 30 56 68 54 4b 73  |Ti8ApByYtI0VhTKs|
00000050  5f 6a 48 50 6e 51 76 46  72 6f                    |_jHPnQvFro|
0000005a

I think you need to make sure it doesn’t.

silentacorn · December 17, 2017, 2:36pm

Thank you so much!
I saved the file as UTF-8 format, after I try again with ANSI encode, it works well now.
Really appreciate!

system · January 16, 2018, 2:37pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
The key authorization file from the server did not match this challenge != Server	2	2113	March 11, 2017
The Let's Encrypt HTTP challenge failed: Invalid response Help	2	12205	February 28, 2017
Help i can't download the cert Help	12	3647	February 17, 2017
Http challenge failure Help	6	264	June 14, 2024
Error downloading certificate Help	4	1419	August 2, 2018

Please help on ACME Challenge on site http://yw.duopu.cn/

Related topics