[SOLVED] "Incomplete authorizations" when trying to create certificate with manual verification

Task: install LE certificate on Amazon OS-powered VM.

Problem: LE client won’t run in that environment, since it expects pip version 7.1.2, and the latest available from repository is 7.1.0

I attempt to use LE on Ubuntu 14.04 (64-bit), using command (domain name replaced):

./letsencrypt-auto --agree-dev-preview --server https://acme-v01.api.letsencrypt.org/directory -a manual -d example.com certonly

and the result is

“Incomplete authorizations”

With --debug argument, I see:

Traceback (most recent call last):
File “/home/user/.local/share/letsencrypt/bin/letsencrypt”, line 11, in
sys.exit(main())
File “/home/user/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/cli.py”, line 1139, in main
return args.func(args, config, plugins)
File “/home/user/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/cli.py”, line 490, in obtaincert
_auth_from_domains(le_client, config, domains, plugins)
File “/home/user/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/cli.py”, line 328, in _auth_from_domains
lineage = le_client.obtain_and_enroll_certificate(domains, plugins)
File “/home/user/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/client.py”, line 229, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File “/home/user/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/client.py”, line 212, in obtain_certificate
return self._obtain_certificate(domains, csr) + (key, csr)
File “/home/user/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/client.py”, line 170, in _obtain_certificate
authzr = self.auth_handler.get_authorizations(domains)
File “/home/user/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/auth_handler.py”, line 87, in get_authorizations
self.verify_authzr_complete()
File “/home/user/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/auth_handler.py”, line 298, in verify_authzr_complete
raise errors.AuthorizationError(“Incomplete authorizations”)
AuthorizationError: Incomplete authorizations

So I am pretty much stuck. Could someone suggest solution for the above? The client fails after it offers to register IP from which verification was requested.

can you try to take out the domain (including the -d) and rather enter it in the pseudo-gui?

also did you even get your challenge (upload this text at this URL)?

I tried omitting the ‘-d example.com’ part.

It then asks for it, asks whether I am OK with IP of my computer being logged, then fails with the same message.

The text in GUI reads: “Self-verify of challenge failed, authorization abandoned.”

I never get the challenge.

I assume you still certonly and -a manual in it?

Correct.

I can’t use automated verification, since the script won’t run in Amazon OS environment.

Are there any more ideas how to make it work?

Thanks.

well I did manual on my raspi without a problem, maybe it is because my raspi and my “webserver” share the same outbound IP (both running at home) I dunno.

All solved, thanks for the hints in related threads.

The problem was the Apache did supply the following Content-Type:

text/plain; charset=UTF-8

whereas the script demanded simply

text/plain

The final message was too cryptic to understand it in full, I just read the whole output with ‘–verbose’ to see the mentioned actual problem.

The certificate is installed and works fine. Thanks.

1 Like

How did you changed to just text/plain?

1 Like