Hi,
We have a web site builder with thousands of websites.
We are using Greenlock-express.
When renewing ssl for a domain I succeed with the www version of the domain but get an error
for the none www version.
for example www.mybooks.co.il worked fine.
mybooks.co.il fails.
I get - Error: authorizations were not fetched
Thanks!!!
_az
November 9, 2018, 9:25am
2
There’s almost no chance of us figuring out what’s wrong with your Greenlock integration unless you can post a runnable application that exhibits the problem.
Hi @shlomi_st
I don't find a direct error. But checking your files there are http status 200, 404 are expected:
The last two - the file names are testnames, so they don't exist. Checked with my own online-tool https://check-your-website.server-daten.de/?q=mybooks.co.il
I don't use this client. Are there more error messages or a protocol?
Thanks for the reply.
When trying to create the certificate for https://www.mybooks.co.il i get the following errors:
[acme-v2.js] authorizations were not fetched:
{ type: ‘urn:ietf:params:acme:error:malformed’,
detail: ‘JWS verification error’,
status: 400 }
[acme-v2] handled(?) rejection as errback:
Error: authorizations were not fetched
at /home/chderen/www/node_modules/acme-v2/node.js:588:31
at
That's an unusual error. Let's Encrypt thinks the ACME client is sending some sort of invalid request.
Are you running the latest version of greenlock-express?
It seems to support extensive debug logging, including HTTP requests and responses. I'm not sure how to turn it on, or if it's on by default.
Can you enable it -- if necessary -- and post a full log of what happened?
Thanks for the reply.
I will check it
mnordhoff:
That’s an unusual
Hi,
We've fixed the 404 issue. Still some of the domains without the www fail to create ssl Cerl.
For example - https://boozers.beer .
https://check-your-website.server-daten.de/?q=boozers.beer
Any Idea?
You have a certificate with the www-domainname, created today.
What's the difference between your www- and your non-www version? (Server configuration)
www works, non-www has a SendFailure error.
But it's not a https -> port 80 or http -> port 443 - error.
Now checked with Ssllabs:
https://www.ssllabs.com/ssltest/analyze.html?d=boozers.beer&hideResults=on
Error: Failed to communicate with the secure server
Explantation:
Failed to communicate with the secure server - No secure protocol supported. Possibly this server only supports a draft version of TLS 1.3
So your Ssl-configuration of the non-www version looks broken.
system
Closed
December 14, 2018, 4:43pm
11
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.