Using acme.sh - Error getting validation data - Paths seem wrong

TurboGFF · August 28, 2018, 2:54pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: cloud.turbogff.com

I ran this command: acme.sh --renew -d cloud.turbogff.com --force --log

It produced this output:
[Tue Aug 28 10:45:48 EDT 2018] Renew: ‘cloud.turbogff.com’
[Tue Aug 28 10:45:49 EDT 2018] Single domain=‘cloud.turbogff.com’
[Tue Aug 28 10:45:49 EDT 2018] Getting domain auth token for each domain
[Tue Aug 28 10:45:49 EDT 2018] Getting webroot for domain=‘cloud.turbogff.com’
[Tue Aug 28 10:45:49 EDT 2018] Getting new-authz for domain=‘cloud.turbogff.com’
[Tue Aug 28 10:45:49 EDT 2018] The new-authz request is ok.
[Tue Aug 28 10:45:49 EDT 2018] Verifying:cloud.turbogff.com
[Tue Aug 28 10:45:52 EDT 2018] cloud.turbogff.com:Verify error:Fetching https:// cloud.turbogff.com.well-known/acme-challenge/9keAP8p2YDDcqaqoArxCs-PCx7FcAF17Kw2 ZUyf4aW4: Error getting validation data
[Tue Aug 28 10:45:52 EDT 2018] Please check log file for more details: /root/.ac me.sh/acme.sh.log

My web server is (include version): Apache/2.4.12

The operating system my web server runs on is (include version):
Ubuntu Linux 16.04.2

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

TurboGFF · August 28, 2018, 3:01pm

And here is the log -

[Tue Aug 28 10:45:49 EDT 2018] d=‘cloud.turbogff.com’
[Tue Aug 28 10:45:49 EDT 2018] Check for domain=‘cloud.turbogff.com’
[Tue Aug 28 10:45:49 EDT 2018] _currentRoot=’/var/www/owncloud/’
[Tue Aug 28 10:45:49 EDT 2018] d
[Tue Aug 28 10:45:49 EDT 2018] _saved_account_key_hash is not changed, skip register account.
[Tue Aug 28 10:45:49 EDT 2018] Read key length:
[Tue Aug 28 10:45:49 EDT 2018] _createcsr
[Tue Aug 28 10:45:49 EDT 2018] Single domain=‘cloud.turbogff.com’
[Tue Aug 28 10:45:49 EDT 2018] Getting domain auth token for each domain
[Tue Aug 28 10:45:49 EDT 2018] d=‘cloud.turbogff.com’
[Tue Aug 28 10:45:49 EDT 2018] Getting webroot for domain=‘cloud.turbogff.com’
[Tue Aug 28 10:45:49 EDT 2018] _w=’/var/www/owncloud/’
[Tue Aug 28 10:45:49 EDT 2018] _currentRoot=’/var/www/owncloud/’
[Tue Aug 28 10:45:49 EDT 2018] Getting new-authz for domain=‘cloud.turbogff.com’
[Tue Aug 28 10:45:49 EDT 2018] Try new-authz for the 0 time.
[Tue Aug 28 10:45:49 EDT 2018] url=‘https://acme-v01.api.letsencrypt.org/acme/new-authz’
[Tue Aug 28 10:45:49 EDT 2018] payload=’{“resource”: “new-authz”, “identifier”: {“type”: “dns”, “value”: “cloud.turbogff.com”}}’
[Tue Aug 28 10:45:49 EDT 2018] RSA key
[Tue Aug 28 10:45:49 EDT 2018] GET
[Tue Aug 28 10:45:49 EDT 2018] The new-authz request is ok.
[Tue Aug 28 10:45:49 EDT 2018] token=‘9keAP8p2YDDcqaqoArxCs-PCx7FcAF17Kw2ZUyf4aW4’
[Tue Aug 28 10:45:49 EDT 2018] uri=‘https://acme-v01.api.letsencrypt.org/acme/challenge/m04FuatoBZuYxKIlp2n1gW1iiTnYS0REbF0JSuyiD20/6849296834’
[Tue Aug 28 10:45:49 EDT 2018] keyauthorization=‘9keAP8p2YDDcqaqoArxCs-PCx7FcAF17Kw2ZUyf4aW4.wE2D4M0iwXdhMJut8eIOaJMuz4adN_q65Fnmpk7HLdQ’
[Tue Aug 28 10:45:49 EDT 2018] dvlist=‘cloud.turbogff.com#9keAP8p2YDDcqaqoArxCs-PCx7FcAF17Kw2ZUyf4aW4.wE2D4M0iwXdhMJut8eIOaJMuz4adN_q65Fnmpk7HLdQ#https://acme-v01.api.letsencrypt.org/acme/challenge/m04FuatoBZuYxKIlp2n1gW1iiTnYS0REbF0JSuyiD20/6849296834#http-01#/var/www/owncloud/’
[Tue Aug 28 10:45:49 EDT 2018] d
[Tue Aug 28 10:45:49 EDT 2018] vlist=‘cloud.turbogff.com#9keAP8p2YDDcqaqoArxCs-PCx7FcAF17Kw2ZUyf4aW4.wE2D4M0iwXdhMJut8eIOaJMuz4adN_q65Fnmpk7HLdQ#https://acme-v01.api.letsencrypt.org/acme/challenge/m04FuatoBZuYxKIlp2n1gW1iiTnYS0REbF0JSuyiD20/6849296834#http-01#/var/www/owncloud/,’
[Tue Aug 28 10:45:49 EDT 2018] d=‘cloud.turbogff.com’
[Tue Aug 28 10:45:49 EDT 2018] ok, let’s start to verify
[Tue Aug 28 10:45:49 EDT 2018] Verifying:cloud.turbogff.com
[Tue Aug 28 10:45:49 EDT 2018] d=‘cloud.turbogff.com’
[Tue Aug 28 10:45:49 EDT 2018] keyauthorization=‘9keAP8p2YDDcqaqoArxCs-PCx7FcAF17Kw2ZUyf4aW4.wE2D4M0iwXdhMJut8eIOaJMuz4adN_q65Fnmpk7HLdQ’
[Tue Aug 28 10:45:49 EDT 2018] uri=‘https://acme-v01.api.letsencrypt.org/acme/challenge/m04FuatoBZuYxKIlp2n1gW1iiTnYS0REbF0JSuyiD20/6849296834’
[Tue Aug 28 10:45:49 EDT 2018] _currentRoot=’/var/www/owncloud/’
[Tue Aug 28 10:45:49 EDT 2018] wellknown_path=’/var/www/owncloud//.well-known/acme-challenge’
[Tue Aug 28 10:45:49 EDT 2018] writing token:9keAP8p2YDDcqaqoArxCs-PCx7FcAF17Kw2ZUyf4aW4 to /var/www/owncloud//.well-known/acme-challenge/9keAP8p2YDDcqaqoArxCs-PCx7FcAF17Kw2ZUyf4aW4
[Tue Aug 28 10:45:49 EDT 2018] Changing owner/group of .well-known to www-data:www-data
[Tue Aug 28 10:45:49 EDT 2018] url=‘https://acme-v01.api.letsencrypt.org/acme/challenge/m04FuatoBZuYxKIlp2n1gW1iiTnYS0REbF0JSuyiD20/6849296834’
[Tue Aug 28 10:45:49 EDT 2018] payload=’{“resource”: “challenge”, “keyAuthorization”: “9keAP8p2YDDcqaqoArxCs-PCx7FcAF17Kw2ZUyf4aW4.wE2D4M0iwXdhMJut8eIOaJMuz4adN_q65Fnmpk7HLdQ”}’
[Tue Aug 28 10:45:49 EDT 2018] POST
[Tue Aug 28 10:45:49 EDT 2018] _post_url=‘https://acme-v01.api.letsencrypt.org/acme/challenge/m04FuatoBZuYxKIlp2n1gW1iiTnYS0REbF0JSuyiD20/6849296834’
[Tue Aug 28 10:45:49 EDT 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ’
[Tue Aug 28 10:45:50 EDT 2018] _ret=‘0’
[Tue Aug 28 10:45:50 EDT 2018] code=‘202’
[Tue Aug 28 10:45:50 EDT 2018] sleep 2 secs to verify
[Tue Aug 28 10:45:52 EDT 2018] checking
[Tue Aug 28 10:45:52 EDT 2018] GET
[Tue Aug 28 10:45:52 EDT 2018] url=‘https://acme-v01.api.letsencrypt.org/acme/challenge/m04FuatoBZuYxKIlp2n1gW1iiTnYS0REbF0JSuyiD20/6849296834’
[Tue Aug 28 10:45:52 EDT 2018] timeout=
[Tue Aug 28 10:45:52 EDT 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ’
[Tue Aug 28 10:45:52 EDT 2018] ret=‘0’
[Tue Aug 28 10:45:52 EDT 2018] cloud.turbogff.com:Verify error:Fetching https://cloud.turbogff.com.well-known/acme-challenge/9keAP8p2YDDcqaqoArxCs-PCx7FcAF17Kw2ZUyf4aW4: Error getting validation data
[Tue Aug 28 10:45:52 EDT 2018] Please check log file for more details: /root/.acme.sh/acme.sh.log
[Tue Aug 28 10:45:52 EDT 2018] POST
[Tue Aug 28 10:45:52 EDT 2018] _post_url=‘https://acme-v01.api.letsencrypt.org/acme/challenge/m04FuatoBZuYxKIlp2n1gW1iiTnYS0REbF0JSuyiD20/6849296834’
[Tue Aug 28 10:45:52 EDT 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ’
[Tue Aug 28 10:45:53 EDT 2018] _ret=‘0’
[Tue Aug 28 10:45:53 EDT 2018] code=‘400’

stevenzhu · August 28, 2018, 3:05pm

HI,

It seems that you have a misconfiguration in rewrite rules.
When I try to view the token @ http://cloud.turbogff.com/.well-known/acme-challenge/9keAP8p2YDDcqaqoArxCs-PCx7FcAF17Kw2ZUyf4aW4, the site rewrites to https://cloud.turbogff.com.well-known/acme-challenge/9keAP8p2YDDcqaqoArxCs-PCx7FcAF17Kw2ZUyf4aW4

Which means you missed a slash after your hostname (server_name)

Thank you

TurboGFF · August 28, 2018, 3:09pm

Where would I go to fix this?

stevenzhu · August 28, 2018, 3:18pm

Hi,

You would need to find your apache virtual host… and check the rewrite rules
(try locate the virtual hosts in /etc/httpd/sites-enabled/ if in normal tutorial installation)

Thank you

TurboGFF · August 28, 2018, 3:24pm

Edit: Found it. It needed the slash at the end of the redirect. Thanks!

system · September 27, 2018, 3:25pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.