Server returned error code: 3: name error


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
https://buildly.recrm.io
I ran this command:
We are using openresty lua auto ssl docker, we hit https://buildly.recrm.
It produced this output:
Your connection is not private
Attackers might be trying to steal your information from buildly.recrm.io (for example, passwords, messages or credit cards). Learn more
NET::ERR_CERT_AUTHORITY_INVALID
the error log from the docker image is

2018/12/05 13:25:55 [notice] 4157#4157: *636 [lua] ssl_certificate.lua:89: issue_cert(): auto-ssl: issuing new certificate for buildly.recrm.io, context: ssl_certificate_by_lua*, client: 202.65.141.34, server: 0.0.0.0:443
{"server_name": "", "remoteAddress": "127.0.0.1", "timeLocal":"05/Dec/2018:13:25:58 +0000", "request_time":"0.002","request": "POST /deploy-challenge HTTP/1.1", "status":"200",  "bytesSent":53, "referrer":"-", "host":"127.0.0.1","target":"", "scheme":"http", "http_x_forwarded_for":"-", "connection_serial_number":"647",  "connection_requests":"1", "connections_waiting":"1", "uri":"/deploy-challenge", "http_user_agent":"curl/7.61.1", "args":"-", "nginx_version":"1.13.6"}
{"server_name": "", "remoteAddress": "66.133.109.36", "timeLocal":"05/Dec/2018:13:26:00 +0000", "request_time":"0.075","request": "GET /.well-known/acme-challenge/BcV_kJuut2fgTI-5PUmvhFAEJ_AVTgtyxYGBmjsbp30 HTTP/1.1", "status":"404",  "bytesSent":175, "referrer":"-", "host":"buildly.recrm.io","target":"testing.build.ly", "scheme":"http", "http_x_forwarded_for":"-", "connection_serial_number":"650",  "connection_requests":"1", "connections_waiting":"1", "uri":"/.well-known/acme-challenge/BcV_kJuut2fgTI-5PUmvhFAEJ_AVTgtyxYGBmjsbp30", "http_user_agent":"Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)", "args":"-", "nginx_version":"1.13.6"}
{"server_name": "", "remoteAddress": "127.0.0.1", "timeLocal":"05/Dec/2018:13:26:01 +0000", "request_time":"0.059","request": "POST /clean-challenge HTTP/1.1", "status":"200",  "bytesSent":53, "referrer":"-", "host":"127.0.0.1","target":"", "scheme":"http", "http_x_forwarded_for":"-", "connection_serial_number":"653",  "connection_requests":"1", "connections_waiting":"1", "uri":"/clean-challenge", "http_user_agent":"curl/7.61.1", "args":"-", "nginx_version":"1.13.6"}
2018/12/05 13:26:01 [error] 4157#4157: *636 [lua] lets_encrypt.lua:41: issue_cert(): auto-ssl: dehydrated failed: env HOOK_SECRET=3e9d05a3d54bdfd5802eed68bc113f0f944048b4e70f2e4b9738da8c05485e7a HOOK_SERVER_PORT=8999 /usr/local/openresty/luajit/bin/resty-auto-ssl/dehydrated --cron --accept-terms --no-lock --domain buildly.recrm.io --challenge http-01 --config /etc/resty-auto-ssl/letsencrypt/config --hook /usr/local/openresty/luajit/bin/resty-auto-ssl/letsencrypt_hooks status: 256 out: # INFO: Using main config file /etc/resty-auto-ssl/letsencrypt/config
Processing buildly.recrm.io
 + Signing domains...
 + Generating private key...
 + Generating signing request...
 + Requesting challenge for buildly.recrm.io...
Server returned error code: 3: name error
 + Responding to challenge for buildly.recrm.io...
Server returned error code: 3: name error
Invalid challenge: DOMAIN=buildly.recrm.io RESPONSE={
  "type": "http-01",
  "status": "invalid",
  "error": {
    "type": "urn:acme:error:unauthorized",
    "detail": "Invalid response from http://buildly.recrm.io/.well-known/acme-challenge/BcV_kJuut2fgTI-5PUmvhFAEJ_AVTgtyxYGBmjsbp30: \"\u003chtml\u003e\\r\\n\u003chead\u003e\u003ctitle\u003e404 Not Found\u003c/title\u003e\u003c/head\u003e\\r\\n\u003cbody bgcolor=\\\"white\\\"\u003e\\r\\n\u003ccenter\u003e\u003ch1\u003e404 Not Found\u003c/h1\u003e\u003c/center\u003e\\r\\n\u003chr\u003e\u003ccenter\u003e\"",
    "status": 403
  },
  "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/FvJu_08Tafu_-7LNtrzM0sfNtyKMD3hg8ug33HXGBlg/9989234700",
  "token": "BcV_kJuut2fgTI-5PUmvhFAEJ_AVTgtyxYGBmjsbp30",
  "validationRecord": [
    {
      "url": "http://buildly.recrm.io/.well-known/acme-challenge/BcV_kJuut2fgTI-5PUmvhFAEJ_AVTgtyxYGBmjsbp30",
      "hostname": "buildly.recrm.io",
      "port": "80",
      "addressesResolved": [
        "13.232.99.128"
      ],
      "addressUsed": "13.232.99.128"
    }
  ]
}
 err: # !! WARNING !! Extra configuration directory /etc/resty-auto-ssl/letsencrypt/conf.d exists, but no configuration found in it.
, context: ssl_certificate_by_lua*, client: 202.65.141.34, server: 0.0.0.0:443
2018/12/05 13:26:01 [error] 4157#4157: *636 [lua] ssl_certificate.lua:92: issue_cert(): auto-ssl: issuing new certificate failed: dehydrated failure, context: ssl_certificate_by_lua*, client: 202.65.141.34, server: 0.0.0.0:443
2018/12/05 13:26:01 [error] 4157#4157: *636 [lua] ssl_certificate.lua:256: auto-ssl: could not get certificate for buildly.recrm.io - using fallback - failed to get or issue certificate, context: ssl_certificate_by_lua*, client: 202.65.141.34, server: 0.0.0.0:443
2018/12/05 13:26:01 [info] 4157#4157: *633 client closed connection while waiting for request, client: 202.65.141.34, server: 0.0.0.0:443

My web server is (include version):
openresty/openresty:alpine-fat
The operating system my web server runs on is (include version):
ubuntu
My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel)no


#2

Hi @prudhvi

I don’t see a name error. I see a

Invalid response from http://buildly.recrm.io/.well-known/acme-challenge/BcV_kJuut2fgTI-5PUmvhFAEJ_AVTgtyxYGBmjsbp30

404 Not Found

error.

So Letsencrypt can’t get your validation file. But checking your domain via https://check-your-website.server-daten.de/?q=buildly.recrm.io , I don’t see a real problem:


Domainname Http-Status redirect Sec. G
http://buildly.recrm.io/
13.232.99.128 200 0.480 H
https://buildly.recrm.io/
13.232.99.128 200 10.100 N
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
http://buildly.recrm.io/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
13.232.99.128 404 0.360 A
Not Found

The 404 is ok, the file doesn’t exist. Do you have wrong redirects? Or does your client find the right directory to save the file?

There is a warning:

err: # !! WARNING !! Extra configuration directory /etc/resty-auto-ssl/letsencrypt/conf.d exists, but no configuration found in it.

But I don’t know the details of this client.


#3

Hi JuergenAuer,

Thanks for your reply, we sought out the issue.

Thanks & Regards,

Prudhvi.