We’re trying to move from StartCom to LetsEncrypt.
The acme clients are problematic.
certbot has a host of dependency hells. We’ve tried a host of installs:
yast 2, ymp
pip install
git clone
All fail under openSUSE Leap 42.1
So now we’ve moved to trying dehydrated.
Installation is flawless, a breeze. But after setting up config, domains.txt and the requisite
/srv/www/htdocs//.well-known/acme-challenge/m4g1C-t0k3n
validation fails.
What should be the contents of m4g1C-t0k3n
???
Thanks in advance, Andy
Trace:
dehydrated -c -f /etc/dehydrated/config
INFO: Using main config file /etc/dehydrated/config
Processing genietvanhetleven.org with alternative names: www.genietvanhetleven.org
- Signing domains…
- Generating private key…
- Generating signing request…
- Requesting challenge for genietvanhetleven.org…
- Requesting challenge for www.genietvanhetleven.org…
- Responding to challenge for genietvanhetleven.org…
ERROR: Challenge is invalid! (returned: invalid) (result: {
“type”: “http-01”,
“status”: “invalid”,
“error”: {
“type”: “urn:acme:error:unauthorized”,
“detail”: "Invalid response from http://genietvanhetleven.org/.well-known/acme-challenge/ayKsDFHGqexArONrswdGo28hubFcBve_yTnAzyCXnmA: “\u003c?xml version=“1.0” encoding=“UTF-8”?\u003e\n\u003c!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Strict//EN”\n “http://www.w3.org/TR/xhtml1/D””,
“status”: 403
},
“uri”: “https://acme-staging.api.letsencrypt.org/acme/challenge/zMk_lBVFt8qIydn3UnczCjQjIfXiVFbItuGa84Cytmk/25308019”,
“token”: “ayKsDFHGqexArONrswdGo28hubFcBve_yTnAzyCXnmA”,
“keyAuthorization”: “ayKsDFHGqexArONrswdGo28hubFcBve_yTnAzyCXnmA.GRKJbjyX7LV0xWrs1ckEcT4PIaByJvB-6Prmr4_lsYA”,
“validationRecord”: [
{
“url”: “http://genietvanhetleven.org/.well-known/acme-challenge/ayKsDFHGqexArONrswdGo28hubFcBve_yTnAzyCXnmA”,
“hostname”: “genietvanhetleven.org”,
“port”: “80”,
“addressesResolved”: [
“70.186.159.22”
],
“addressUsed”: “70.186.159.22”
}
]
})