Jump to content
Froxlor Forum
Tankard

problems with let's encrypt

Recommended Posts

Hi,

 

I have still no clue why the Let's encrypt support doesn't work. My server configuration is nginx version 1.9.14 and php5 version 5.6.20-1~dotdev+7.1.  php5-curl is also installed. Server is running with Debian Whezzy.

Froxlor Version: 0.9.35.1-1+wheezy1 (DB: 201603150)

 

 

create the file acme.conf with the following statements:

location /.well-known/acme-challenge {
        alias /var/www/froxlor/.well-known/acme-challenge;

        location ~ /.well-known/acme-challenge/(.*) {
                default_type text/plain;
        }
}

when i execute

php /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --debug

i get the following response:

[information] Updating Let's Encrypt certificates
[debug] Updating erpconnector.de
[debug] letsencrypt generating new key / SAN for erpconnector.de
[information] letsencrypt Using 'https://acme-v01.api.letsencrypt.org' to generate certificate
[information] letsencrypt Account already registered. Continuing.
[information] letsencrypt Starting certificate generation process for domains
[information] letsencrypt Requesting challenge for erpconnector.de
[information] letsencrypt Sending signed request to /acme/new-authz
[error] Could not get Let's Encrypt certificate for erpconnector.de: No challenges received for erpconnector.de. Whole response: {"type":"urn:acme:error:unauthorized","detail":"No registration exists matching provided key","status":403}
[debug] Updating software-competence-center.de
[debug] letsencrypt generating new key / SAN for software-competence-center.de
[information] letsencrypt Using 'https://acme-v01.api.letsencrypt.org' to generate certificate
[information] letsencrypt Account already registered. Continuing.
[information] letsencrypt Starting certificate generation process for domains
[information] letsencrypt Requesting challenge for software-competence-center.de
[information] letsencrypt Sending signed request to /acme/new-authz
[error] Could not get Let's Encrypt certificate for software-competence-center.de: No challenges received for software-competence-center.de. Whole response: {"type":"urn:acme:error:unauthorized","detail":"No registration exists matching provided key","status":403}
[information] Let's Encrypt certificates have been updated
[notice] Checking system's last guid

Share this post


Link to post
Share on other sites

Empty all existing certificate entries (disable LE, open SSL-Editor, empty all fields) - then re-enable LE and see if that works

Share this post


Link to post
Share on other sites

Hi,

 

yesterday I hit the same issue while working on bug #1597. Turns out there's a limit for account registration which until now wasn't properly reported in the logs.

 

With PR #353, if account initialization fails, a message with the actual reply from LE will be displayed.

 

Daniel

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now



×