[SOLVED] Docker client giving "Self-verify of challenge failed" errors


#1

I’m using the Docker client in manual mode on my laptop (as I’m having issues trying to run the letsencrypt client proper on a Centos 5 server, but that’s another story). I do:

docker run -it --rm --name letsencrypt \
        -v "~/letsencrypt/etc/letsencrypt:/etc/letsencrypt" \
        -v "~/letsencrypt/var/lib/letsencrypt:/var/lib/letsencrypt" \
        quay.io/letsencrypt/letsencrypt:latest certonly -a manual --text --server https://acme-v01.api.letsencrypt.org/directory

Everything begins to work as I’d expect, and it asks me all the relevant questions - it then tells me to create a file on the server, which I do with the “printf” command supplied, and I can retrieve the URL it successfully with “curl”, so I believe that part is correct - however, it then fails with:

2015-11-05 10:27:11,394:ERROR:letsencrypt.plugins.manual:Self-verify of challenge failed, authorization abandoned.
Incomplete authorizations

and no further information. I can see that the client appears to be correctly requesting the file, as I have see following entry in my Apache log file:

my.ip.here - - [05/Nov/2015:10:27:11 +0000] "GET /.well-known/acme-challenge/long-challenge-string-here HTTP/1.1" 200 87 "-" "python-requests/2.8.1"

Does anyone have any ideas/suggestions?
Many thanks, Neil.


Synology NAS using LE as a CA Signing Authority?
Let's Encrypt can't access verification files (Nginx)
#2

I found the solution by passing -v to the letsencrypt client, and I found the client is a little more picky about its content type than I anticipated - my Apache was serving:

Content-Type: text/plain; charset=UTF-8

Whereas letsencrypt seems to expect it to be EXACTLY:

Content-Type: text/plain

From my end-user viewpoint, I wouldn’t have expected it to be this particular, but things work now.

For anyone hitting the same issue as me, the following Apache configuration block worked for me within the appropriate VirtualHost block.

<Location "/.well-known/acme-challenge">
  ForceType 'text/plain'
  AddDefaultCharset Off
</Location>

#3

where should I write that block of intstructions?