SSL Certificate download error


#1

Hi,

When I download the cetificate using the below commang, getting the following error.

./getssl --debug "hostname"

wellknown_url http://hostname/.well-known/acme-challenge/NKTEIEGeM-Hn8kthT6PLuMNOgwrFOW9pPKGjtjuU8gE
getssl: for some reason could not reach http://hostname/.well-known/acme-challenge/NKTEIEGeM-Hn8kthT6PLuMNOgwrFOW9pPKGjtjuU8gE - please check it manually

Kindly help me to fix this issue.

Regards,
Nagarajan S


#2

Full log file for the getssl debug command below

[root@ ~]# ./getssl --debug “hostname”

detected os type = linux

checking for required which … /usr/bin/which

checking for required openssl … /usr/bin/openssl

checking for required curl … /usr/bin/curl

checking for nslookup … /usr/bin/nslookup

function nslookup found at /usr/bin/nslookup - setting DNS_CHECK_FUNC to nslookup

checking for required awk … /bin/awk

checking for required tr … /usr/bin/tr

checking for required date … /bin/date

checking for required grep … /bin/grep

checking for required sed … /bin/sed

checking for required sort … /bin/sort

checking for required mktemp … /bin/mktemp

current code is version 2.10

Most recent version is 2.10

reading config from /root/.getssl/getssl.cfg

Making temp directory - /root/.getssl/hostname/tmp

reading config from /root/.getssl/hostname/getssl.cfg

checking config

checked ACCOUNT_KEY_TYPE

checked PRIVATE_KEY_ALG

checking domain hostname

found IPv4 record for hostname

hostname: check_config completed - all OK

getting certificate for hostname from remote server
hostname: no certificate obtained from host

Account key exists at /root/.getssl/account.key skipping generation

domain key exists at /root/.getssl/hostname/hostname.key - skipping generation

created SAN list = subjectAltName=DNS:hostname

domain csr exists at - /root/.getssl/hostname/hostname.csr

jwk alg = RS256

jwk = {“e”:“AQAB”,“kty”:“RSA”,“n”:“xDeWeuKqdjlF1w9muXSfCunHteLjqzfdAfNsXsCNTodTc6zY-jXm-CePJVGs7v39_KAKpNVh1fMk4Y8k5WR-q2pF2cmfbjbfZSwX5F–mi5_1KvJwyduGVKCEySuKy5hFuFkbdH_0IC-0iGxk2ufI8bd1GZmpLVsm0DMZcyuP5R3s2esym0aN95oj1IMWRqJSx-C5AIu2n2zGwtIxfKrx2CaPCZsCb0i-E3_JuwgZqXhw8V2Ww5Pa0CNztSYKoEZZPKpK_y5bWf1JZeSwh1zFEAm2T01QnQsxT5xQWa0qq3xk4ujBvlJ4DTquRDvVKQ6eORaAyCiiabV0UsXcCEL9SIFxMxhQbYfaSq4yEGHbOaqosBepp_BcpGlHFDnEPCGgO9U_c45Sf3VUfcpsDPoq45yp1Z0eLucP0fBJ15zbxwhMhyDLeSwtgfIFi90esQ2aFAf_nJZz-jvEE17AvzcXeXwK99P7WIzFxD89liTE5MsFxLdqIPlXwAaaRdGjpDeCiv5giKocI5gdEMeZOIDLVrjEbsdoM-LADfCliRLoB3aIriNBpgVB870-rh7ZwcehkCEiFzORK2nX81P9r18-iPhKue40Fe26VUcoCBzHLT0yzS3jwnK9cokCInYq0gsid54_e-44pgn7iZoovHfysyhn_EDnxKxrTtX_4YZLxc”}

thumbprint z1iIRPasWlChz5d091jaHxOcNZPRyTlCHPYt3zRaTOc
Registering account

url https://acme-v01.api.letsencrypt.org/acme/new-reg

payload {“resource”: “new-reg”, “agreement”: “https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf”}

payload64 eyJyZXNvdXJjZSI6ICJuZXctcmVnIiwgImFncmVlbWVudCI6ICJodHRwczovL2xldHNlbmNyeXB0Lm9yZy9kb2N1bWVudHMvTEUtU0EtdjEuMi1Ob3ZlbWJlci0xNS0yMDE3LnBkZiJ9

nonce 22arvobmb8d7WMsp7Xv0fFmS2BRYFPxViLxk28yZBFo

protected {“alg”: “RS256”, “jwk”: {“e”:“AQAB”,“kty”:“RSA”,“n”:“xDeWeuKqdjlF1w9muXSfCunHteLjqzfdAfNsXsCNTodTc6zY-jXm-CePJVGs7v39_KAKpNVh1fMk4Y8k5WR-q2pF2cmfbjbfZSwX5F–mi5_1KvJwyduGVKCEySuKy5hFuFkbdH_0IC-0iGxk2ufI8bd1GZmpLVsm0DMZcyuP5R3s2esym0aN95oj1IMWRqJSx-C5AIu2n2zGwtIxfKrx2CaPCZsCb0i-E3_JuwgZqXhw8V2Ww5Pa0CNztSYKoEZZPKpK_y5bWf1JZeSwh1zFEAm2T01QnQsxT5xQWa0qq3xk4ujBvlJ4DTquRDvVKQ6eORaAyCiiabV0UsXcCEL9SIFxMxhQbYfaSq4yEGHbOaqosBepp_BcpGlHFDnEPCGgO9U_c45Sf3VUfcpsDPoq45yp1Z0eLucP0fBJ15zbxwhMhyDLeSwtgfIFi90esQ2aFAf_nJZz-jvEE17AvzcXeXwK99P7WIzFxD89liTE5MsFxLdqIPlXwAaaRdGjpDeCiv5giKocI5gdEMeZOIDLVrjEbsdoM-LADfCliRLoB3aIriNBpgVB870-rh7ZwcehkCEiFzORK2nX81P9r18-iPhKue40Fe26VUcoCBzHLT0yzS3jwnK9cokCInYq0gsid54_e-44pgn7iZoovHfysyhn_EDnxKxrTtX_4YZLxc”}, “nonce”: “22arvobmb8d7WMsp7Xv0fFmS2BRYFPxViLxk28yZBFo”, “url”: “https://acme-v01.api.letsencrypt.org/acme/new-reg”}

header, payload and signature = {“header”: {“alg”: “RS256”, “jwk”: {“e”:“AQAB”,“kty”:“RSA”,“n”:“xDeWeuKqdjlF1w9muXSfCunHteLjqzfdAfNsXsCNTodTc6zY-jXm-CePJVGs7v39_KAKpNVh1fMk4Y8k5WR-q2pF2cmfbjbfZSwX5F–mi5_1KvJwyduGVKCEySuKy5hFuFkbdH_0IC-0iGxk2ufI8bd1GZmpLVsm0DMZcyuP5R3s2esym0aN95oj1IMWRqJSx-C5AIu2n2zGwtIxfKrx2CaPCZsCb0i-E3_JuwgZqXhw8V2Ww5Pa0CNztSYKoEZZPKpK_y5bWf1JZeSwh1zFEAm2T01QnQsxT5xQWa0qq3xk4ujBvlJ4DTquRDvVKQ6eORaAyCiiabV0UsXcCEL9SIFxMxhQbYfaSq4yEGHbOaqosBepp_BcpGlHFDnEPCGgO9U_c45Sf3VUfcpsDPoq45yp1Z0eLucP0fBJ15zbxwhMhyDLeSwtgfIFi90esQ2aFAf_nJZz-jvEE17AvzcXeXwK99P7WIzFxD89liTE5MsFxLdqIPlXwAaaRdGjpDeCiv5giKocI5gdEMeZOIDLVrjEbsdoM-LADfCliRLoB3aIriNBpgVB870-rh7ZwcehkCEiFzORK2nX81P9r18-iPhKue40Fe26VUcoCBzHLT0yzS3jwnK9cokCInYq0gsid54_e-44pgn7iZoovHfysyhn_EDnxKxrTtX_4YZLxc”}},“protected”: “eyJhbGciOiAiUlMyNTYiLCAiandrIjogeyJlIjoiQVFBQiIsImt0eSI6IlJTQSIsIm4iOiJ4RGVXZXVLcWRqbEYxdzltdVhTZkN1bkh0ZUxqcXpmZEFmTnNYc0NOVG9kVGM2elktalhtLUNlUEpWR3M3djM5X0tBS3BOVmgxZk1rNFk4azVXUi1xMnBGMmNtZmJqYmZaU3dYNUYtLW1pNV8xS3ZKd3lkdUdWS0NFeVN1S3k1aEZ1RmtiZEhfMElDLTBpR3hrMnVmSThiZDFHWm1wTFZzbTBETVpjeXVQNVIzczJlc3ltMGFOOTVvajFJTVdScUpTeC1DNUFJdTJuMnpHd3RJeGZLcngyQ2FQQ1pzQ2IwaS1FM19KdXdnWnFYaHc4VjJXdzVQYTBDTnp0U1lLb0VaWlBLcEtfeTViV2YxSlplU3doMXpGRUFtMlQwMVFuUXN4VDV4UVdhMHFxM3hrNHVqQnZsSjREVHF1UkR2VktRNmVPUmFBeUNpaWFiVjBVc1hjQ0VMOVNJRnhNeGhRYllmYVNxNHlFR0hiT2Fxb3NCZXBwX0JjcEdsSEZEbkVQQ0dnTzlVX2M0NVNmM1ZVZmNwc0RQb3E0NXlwMVowZUx1Y1AwZkJKMTV6Ynh3aE1oeURMZVN3dGdmSUZpOTBlc1EyYUZBZl9uSlp6LWp2RUUxN0F2emNYZVh3Szk5UDdXSXpGeEQ4OWxpVEU1TXNGeExkcUlQbFh3QWFhUmRHanBEZUNpdjVnaUtvY0k1Z2RFTWVaT0lETFZyakVic2RvTS1MQURmQ2xpUkxvQjNhSXJpTkJwZ1ZCODcwLXJoN1p3Y2Voa0NFaUZ6T1JLMm5YODFQOXIxOC1pUGhLdWU0MEZlMjZWVWNvQ0J6SExUMHl6UzNqd25LOWNva0NJbllxMGdzaWQ1NF9lLTQ0cGduN2lab292SGZ5c3lobl9FRG54S3hyVHRYXzRZWkx4YyJ9LCAibm9uY2UiOiAiMjJhcnZvYm1iOGQ3V01zcDdYdjBmRm1TMkJSWUZQeFZpTHhrMjh5WkJGbyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMS5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LXJlZyJ9”,“payload”: “eyJyZXNvdXJjZSI6ICJuZXctcmVnIiwgImFncmVlbWVudCI6ICJodHRwczovL2xldHNlbmNyeXB0Lm9yZy9kb2N1bWVudHMvTEUtU0EtdjEuMi1Ob3ZlbWJlci0xNS0yMDE3LnBkZiJ9”,“signature”: “VSVysh1eH1L3AeKU1LzhJNTB60cmeSK_biXvHsYX59IP-6AiVoMc_9GV-YVibHx6S3_oAXJlajgrVfIgkP_MAiQGJ_sqLxR0TAkxamPrEZgBkOnWVZSoPciYXsnmJQbbrGEjZvyvoucTFBZ5qtlT2XVGTDD3dnl3TMdSMdcL-kUjwdKwUv078tnI2_ltSjPjMUO5Z8voTmIf5VL_EPVfW3qVByGkMU0ouyjjdC8vf7Sm_fm6WxLRp9Hmusg63mHlxXAugI-mqB5cvV1mbNlgkomAaFYOl4XI3xPK2JHCziR8V1xdv9XEYroppVW8Py9eC9SHH84xTNltttwFfgV-tXeR64nOKlBrAQLZ6D5D24X4fd10-oapMChAChy5oZ4cLN-YIVhGkF-JiLUe918UiVkYdKSRV80Gg1yzElY3D72cUQm9SVyO9rSoLijaWmA3lyY_xGywiAChrH0XrLP8w2587keDgQ9IarIOsCoa87z6pcyCDEhQmGicq0N8wnQE3R13pIZxFQayz1LW4KwNkKvoeknicpfCLbMSaUIktBcx4IkQ4RMMC0RBUFEPuYCllOPuahFY9dsqci61EtJLfdJHqhhYdBx-9aL1m3d-H912KS-EkhhOigWeH3B89-WrHAhoBMQNV4v2qMCsgPckkwQT5Ptt3zfMz8QxN9HYQRI”}

responseHeaders HTTP/1.1 200 Connection established

HTTP/1.1 100 Continue
Expires: Thu, 19 Jul 2018 08:07:14 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 409 Conflict
Server: nginx
Content-Type: application/problem+json
Content-Length: 107
Boulder-Requester: 38590656
Location: https://acme-v01.api.letsencrypt.org/acme/reg/38590656
Replay-Nonce: l65Qm84rw97Xuy7G7Z41JrRgL-_UN45SXUcNX7hmPqo
Expires: Thu, 19 Jul 2018 08:07:14 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 19 Jul 2018 08:07:14 GMT
Connection: close

response {
“type”: “urn:acme:error:malformed”,
“detail”: “Registration key is already in use”,
“status”: 409
}

code 409

response status =

Already registered
Verify each domain
Verifying hostname

url https://acme-v01.api.letsencrypt.org/acme/new-authz

payload {“resource”:“new-authz”,“identifier”:{“type”:“dns”,“value”:“hostname”}}

payload64 eyJyZXNvdXJjZSI6Im5ldy1hdXRoeiIsImlkZW50aWZpZXIiOnsidHlwZSI6ImRucyIsInZhbHVlIjoiT1JDRVJUZXN0Lm9hYnJuZC5jb20ifX0

nonce FZT_s2JsZN50oMeAsSQ5_A_Xkc3e_tlWq10LEbdUhaI

protected {“alg”: “RS256”, “jwk”: {“e”:“AQAB”,“kty”:“RSA”,“n”:“xDeWeuKqdjlF1w9muXSfCunHteLjqzfdAfNsXsCNTodTc6zY-jXm-CePJVGs7v39_KAKpNVh1fMk4Y8k5WR-q2pF2cmfbjbfZSwX5F–mi5_1KvJwyduGVKCEySuKy5hFuFkbdH_0IC-0iGxk2ufI8bd1GZmpLVsm0DMZcyuP5R3s2esym0aN95oj1IMWRqJSx-C5AIu2n2zGwtIxfKrx2CaPCZsCb0i-E3_JuwgZqXhw8V2Ww5Pa0CNztSYKoEZZPKpK_y5bWf1JZeSwh1zFEAm2T01QnQsxT5xQWa0qq3xk4ujBvlJ4DTquRDvVKQ6eORaAyCiiabV0UsXcCEL9SIFxMxhQbYfaSq4yEGHbOaqosBepp_BcpGlHFDnEPCGgO9U_c45Sf3VUfcpsDPoq45yp1Z0eLucP0fBJ15zbxwhMhyDLeSwtgfIFi90esQ2aFAf_nJZz-jvEE17AvzcXeXwK99P7WIzFxD89liTE5MsFxLdqIPlXwAaaRdGjpDeCiv5giKocI5gdEMeZOIDLVrjEbsdoM-LADfCliRLoB3aIriNBpgVB870-rh7ZwcehkCEiFzORK2nX81P9r18-iPhKue40Fe26VUcoCBzHLT0yzS3jwnK9cokCInYq0gsid54_e-44pgn7iZoovHfysyhn_EDnxKxrTtX_4YZLxc”}, “nonce”: “FZT_s2JsZN50oMeAsSQ5_A_Xkc3e_tlWq10LEbdUhaI”, “url”: “https://acme-v01.api.letsencrypt.org/acme/new-authz”}

header, payload and signature = {“header”: {“alg”: “RS256”, “jwk”: {“e”:“AQAB”,“kty”:“RSA”,“n”:“xDeWeuKqdjlF1w9muXSfCunHteLjqzfdAfNsXsCNTodTc6zY-jXm-CePJVGs7v39_KAKpNVh1fMk4Y8k5WR-q2pF2cmfbjbfZSwX5F–mi5_1KvJwyduGVKCEySuKy5hFuFkbdH_0IC-0iGxk2ufI8bd1GZmpLVsm0DMZcyuP5R3s2esym0aN95oj1IMWRqJSx-C5AIu2n2zGwtIxfKrx2CaPCZsCb0i-E3_JuwgZqXhw8V2Ww5Pa0CNztSYKoEZZPKpK_y5bWf1JZeSwh1zFEAm2T01QnQsxT5xQWa0qq3xk4ujBvlJ4DTquRDvVKQ6eORaAyCiiabV0UsXcCEL9SIFxMxhQbYfaSq4yEGHbOaqosBepp_BcpGlHFDnEPCGgO9U_c45Sf3VUfcpsDPoq45yp1Z0eLucP0fBJ15zbxwhMhyDLeSwtgfIFi90esQ2aFAf_nJZz-jvEE17AvzcXeXwK99P7WIzFxD89liTE5MsFxLdqIPlXwAaaRdGjpDeCiv5giKocI5gdEMeZOIDLVrjEbsdoM-LADfCliRLoB3aIriNBpgVB870-rh7ZwcehkCEiFzORK2nX81P9r18-iPhKue40Fe26VUcoCBzHLT0yzS3jwnK9cokCInYq0gsid54_e-44pgn7iZoovHfysyhn_EDnxKxrTtX_4YZLxc”}},“protected”: “eyJhbGciOiAiUlMyNTYiLCAiandrIjogeyJlIjoiQVFBQiIsImt0eSI6IlJTQSIsIm4iOiJ4RGVXZXVLcWRqbEYxdzltdVhTZkN1bkh0ZUxqcXpmZEFmTnNYc0NOVG9kVGM2elktalhtLUNlUEpWR3M3djM5X0tBS3BOVmgxZk1rNFk4azVXUi1xMnBGMmNtZmJqYmZaU3dYNUYtLW1pNV8xS3ZKd3lkdUdWS0NFeVN1S3k1aEZ1RmtiZEhfMElDLTBpR3hrMnVmSThiZDFHWm1wTFZzbTBETVpjeXVQNVIzczJlc3ltMGFOOTVvajFJTVdScUpTeC1DNUFJdTJuMnpHd3RJeGZLcngyQ2FQQ1pzQ2IwaS1FM19KdXdnWnFYaHc4VjJXdzVQYTBDTnp0U1lLb0VaWlBLcEtfeTViV2YxSlplU3doMXpGRUFtMlQwMVFuUXN4VDV4UVdhMHFxM3hrNHVqQnZsSjREVHF1UkR2VktRNmVPUmFBeUNpaWFiVjBVc1hjQ0VMOVNJRnhNeGhRYllmYVNxNHlFR0hiT2Fxb3NCZXBwX0JjcEdsSEZEbkVQQ0dnTzlVX2M0NVNmM1ZVZmNwc0RQb3E0NXlwMVowZUx1Y1AwZkJKMTV6Ynh3aE1oeURMZVN3dGdmSUZpOTBlc1EyYUZBZl9uSlp6LWp2RUUxN0F2emNYZVh3Szk5UDdXSXpGeEQ4OWxpVEU1TXNGeExkcUlQbFh3QWFhUmRHanBEZUNpdjVnaUtvY0k1Z2RFTWVaT0lETFZyakVic2RvTS1MQURmQ2xpUkxvQjNhSXJpTkJwZ1ZCODcwLXJoN1p3Y2Voa0NFaUZ6T1JLMm5YODFQOXIxOC1pUGhLdWU0MEZlMjZWVWNvQ0J6SExUMHl6UzNqd25LOWNva0NJbllxMGdzaWQ1NF9lLTQ0cGduN2lab292SGZ5c3lobl9FRG54S3hyVHRYXzRZWkx4YyJ9LCAibm9uY2UiOiAiRlpUX3MySnNaTjUwb01lQXNTUTVfQV9Ya2MzZV90bFdxMTBMRWJkVWhhSSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMS5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LWF1dGh6In0”,“payload”: “eyJyZXNvdXJjZSI6Im5ldy1hdXRoeiIsImlkZW50aWZpZXIiOnsidHlwZSI6ImRucyIsInZhbHVlIjoiT1JDRVJUZXN0Lm9hYnJuZC5jb20ifX0”,“signature”: “tz82j2B2GH5KhaI-USU03kWYUpxhYJKWK5QHeTqPnw_De5y64rNOCwzZQSh-TAWLdgVyOIuw2FU-en-FN_b0wxV0zArtFBTlK7t4IDNQu-XxOxDdLDaDUu25K7qkqm63BtxgdjE5ZrcykotJTI4d2fcnt4yBkKneN-3hJ89jd-HjAXMibBA3o33fcNkUvsJnLsSPh1CZtHXcEQx7nUT9bUS8Suc6oBWNlS0E9Iwq8cLiwdBQdckpRMgDCtsvy-3GMsI4SEHIH0gC-vMrTTikcGpOIV74BycbgfTU3NjQpKCtVTWNfioEOiwN1FPIGPF3NSXNm1pAdKD-w9jft_xqlehl5LBjQK1sZyBTwRWkrdA1XxbfYTkfY-nFw1rlbJ9e1aybHNtvRUAosri90Esq0mSs8xUGBCZhqUoJv6XiE3Q_3aeoHX28zB4EbQwmvB1XOp_cyX2Cpb80_wFuHzQaxpvy1zpsAJGun-bKGoJlN10yICo19V5AEAYR85w4Ak5Y0wRGw_JuPBvYlI7hTvDZkAokD8WLVpokBSQG5K_zokDI_3IOzILt-G-fi13BMjhJSt3JrAvHaK47emGfcgMxjoAjSd2n6IAPzj7XgdUt9fC4O0i3N3KL7dNwqo_T2ZCgcv6aV0f-cA_0W8eBkoTKyTqBP94lIoDhGNVJy4jF0Ac”}

responseHeaders HTTP/1.1 200 Connection established

HTTP/1.1 100 Continue
Expires: Thu, 19 Jul 2018 08:07:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache

HTTP/1.1 201 Created
Server: nginx
Content-Type: application/json
Content-Length: 999
Boulder-Requester: 38590656
Link: https://acme-v01.api.letsencrypt.org/acme/new-cert;rel=“next”
Location: https://acme-v01.api.letsencrypt.org/acme/authz/idA1F2rKEoeuufihx111t2-Hu3WrczhqpsFK-cWoL-E
Replay-Nonce: MuHodau697xJSIRTmkRCaQp2nrXvYWDIfY7ElhpP1w4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 19 Jul 2018 08:07:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 19 Jul 2018 08:07:16 GMT
Connection: keep-alive

response {
“identifier”: {
“type”: “dns”,
“value”: “orcertest.oabrnd.com
},
“status”: “pending”,
“expires”: “2018-07-26T07:53:32Z”,
“challenges”: [
{
“type”: “tls-alpn-01”,
“status”: “pending”,
“uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/idA1F2rKEoeuufihx111t2-Hu3WrczhqpsFK-cWoL-E/5776330327”,
“token”: “_wgPDcDRpncgZwExDwYnLYW2qAWIsHwLAoUHtZJ0AFQ”
},
{
“type”: “dns-01”,
“status”: “pending”,
“uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/idA1F2rKEoeuufihx111t2-Hu3WrczhqpsFK-cWoL-E/5776330328”,
“token”: “Oi-qhLSj1T68AM3XOALifk8isEjOOpwN85xX_g6kExQ”
},
{
“type”: “http-01”,
“status”: “pending”,
“uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/idA1F2rKEoeuufihx111t2-Hu3WrczhqpsFK-cWoL-E/5776330329”,
“token”: “NKTEIEGeM-Hn8kthT6PLuMNOgwrFOW9pPKGjtjuU8gE”
}
],
“combinations”: [
[
0
],
[
2
],
[
1
]
]
}

code 201

response status = pending

completed send_signed_request

token NKTEIEGeM-Hn8kthT6PLuMNOgwrFOW9pPKGjtjuU8gE

uri https://acme-v01.api.letsencrypt.org/acme/challenge/idA1F2rKEoeuufihx111t2-Hu3WrczhqpsFK-cWoL-E/5776330329

keyauthorization NKTEIEGeM-Hn8kthT6PLuMNOgwrFOW9pPKGjtjuU8gE.z1iIRPasWlChz5d091jaHxOcNZPRyTlCHPYt3zRaTOc

copying file from /root/.getssl/hostname/tmp/NKTEIEGeM-Hn8kthT6PLuMNOgwrFOW9pPKGjtjuU8gE to /var/www/html/hostname/.well-known/acme-challenge
copying challenge token to /var/www/html/hostname/.well-known/acme-challenge/NKTEIEGeM-Hn8kthT6PLuMNOgwrFOW9pPKGjtjuU8gE

copying from /root/.getssl/hostname/tmp/NKTEIEGeM-Hn8kthT6PLuMNOgwrFOW9pPKGjtjuU8gE to /var/www/html/hostname/.well-known/acme-challenge/NKTEIEGeM-Hn8kthT6PLuMNOgwrFOW9pPKGjtjuU8gE

copied /root/.getssl/hostname/tmp/NKTEIEGeM-Hn8kthT6PLuMNOgwrFOW9pPKGjtjuU8gE to /var/www/html/hostname/.well-known/acme-challenge/NKTEIEGeM-Hn8kthT6PLuMNOgwrFOW9pPKGjtjuU8gE

wellknown_url http://hostname/.well-known/acme-challenge/NKTEIEGeM-Hn8kthT6PLuMNOgwrFOW9pPKGjtjuU8gE
getssl: for some reason could not reach http://hostname/.well-known/acme-challenge/NKTEIEGeM-Hn8kthT6PLuMNOgwrFOW9pPKGjtjuU8gE - please check it manually


#3

Full output of curl command for wellknow URL are below

[root@ORCERTest ]# curl -L http://hostname/.well-known/acme-challenge/NKTEIEGeM-Hn8kthT6PLuMNOgwrFOW9pPKGjtjuU8gE

Network Error
Network Error (dns_unresolved_hostname)

Your requested host "hostname" could not be resolved by DNS.

For assistance, contact your network support team.

#4

If your domain doesn’t exist in DNS, then you won’t be able to get a certificate for it.

Create a DNS record for your domain.


#5

Hi

Thanks for the reply.
This I have informed already to my network team, but they are telling DNS record had been created already for this server.
Is there a way to find out whether DNS record has been created or not ?

Regards,
Nagarajan S


#6

No, it hasn’t. In fact, the domain isn’t even registered.

So you may have made a typo when entering it into getssl, or something else like that.


#7

No. We haven’t do any typo. the domain name in the command was correct. but it is showing the error.

wellknown_url http://hostname/.well-known/acme-challenge/NKTEIEGeM-Hn8kthT6PLuMNOgwrFOW9pPKGjtjuU8gE
getssl: for some reason could not reach http://hostname/.well-known/acme-challenge/NKTEIEGeM-Hn8kthT6PLuMNOgwrFOW9pPKGjtjuU8gE - please check it manually


#8

Your order URL: https://acme-v01.api.letsencrypt.org/acme/authz/idA1F2rKEoeuufihx111t2-Hu3WrczhqpsFK-cWoL-E

contains

  "identifier": {
    "type": "dns",
    "value": "orcertest.oabrnd.com"
  }

oabrnd.com is not a registered domain:

$ whois oabrnd.com
No match for domain "OABRND.COM".
>>> Last update of whois database: 2018-07-19T10:50:37Z <<<

Please understand that by obscuring your domain, you’re making it impossible to help you.


#9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.