problems with let's encrypt

[Tankard 0]

Hi,

 

I have still no clue why the Let's encrypt support doesn't work. My server configuration is nginx version 1.9.14 and php5 version 5.6.20-1~dotdev+7.1.  php5-curl is also installed. Server is running with Debian Whezzy.

Froxlor Version: 0.9.35.1-1+wheezy1 (DB: 201603150)

 

 

create the file acme.conf with the following statements:

location /.well-known/acme-challenge {
        alias /var/www/froxlor/.well-known/acme-challenge;

        location ~ /.well-known/acme-challenge/(.*) {
                default_type text/plain;
        }
}

when i execute

php /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --debug

i get the following response:

[information] Updating Let's Encrypt certificates
[debug] Updating erpconnector.de
[debug] letsencrypt generating new key / SAN for erpconnector.de
[information] letsencrypt Using 'https://acme-v01.api.letsencrypt.org' to generate certificate
[information] letsencrypt Account already registered. Continuing.
[information] letsencrypt Starting certificate generation process for domains
[information] letsencrypt Requesting challenge for erpconnector.de
[information] letsencrypt Sending signed request to /acme/new-authz
[error] Could not get Let's Encrypt certificate for erpconnector.de: No challenges received for erpconnector.de. Whole response: {"type":"urn:acme:error:unauthorized","detail":"No registration exists matching provided key","status":403}
[debug] Updating software-competence-center.de
[debug] letsencrypt generating new key / SAN for software-competence-center.de
[information] letsencrypt Using 'https://acme-v01.api.letsencrypt.org' to generate certificate
[information] letsencrypt Account already registered. Continuing.
[information] letsencrypt Starting certificate generation process for domains
[information] letsencrypt Requesting challenge for software-competence-center.de
[information] letsencrypt Sending signed request to /acme/new-authz
[error] Could not get Let's Encrypt certificate for software-competence-center.de: No challenges received for software-competence-center.de. Whole response: {"type":"urn:acme:error:unauthorized","detail":"No registration exists matching provided key","status":403}
[information] Let's Encrypt certificates have been updated
[notice] Checking system's last guid

[d00p 140]

Empty all existing certificate entries (disable LE, open SSL-Editor, empty all fields) - then re-enable LE and see if that works

[nachtgeist 0]

Hi,

 

yesterday I hit the same issue while working on bug #1597. Turns out there's a limit for account registration which until now wasn't properly reported in the logs.

 

With PR #353, if account initialization fails, a message with the actual reply from LE will be displayed.

 

Daniel