Let's Encrypt fehler seit 0.9.37

[iam]

Hallo,

 

nun melde ich mich auch mal mit einem "Let's Encrypt-Anliegen" zu Wort.

Let's Encrypt hatte bisweil immer wunderbar funktioniert.

 

Zum System:

• Debian 8.5
• Apache 2.4.10
• AWstats 7.2
• Postfix 2.11
• Dovecot 2.2
• Proftpd 1.3.5
• MariaDB 10.0.25
• Quota
• Bind 9.9.5 (Nicht im Einsatz, Service deaktiviert)

 

Als ich Heute aber das Froxlor-Update auf 0.9.37 eingespielt habe, funktioniert Let's Encrypt nicht mehr.

 

Der Fehler [beim ersten cronjob (lepublickey & leprivatekey auf "NULL")]:

[information] Updating Let's Encrypt certificates
[debug] Updating dummy.com
[debug] Adding SAN entry: dummy.com
[information] letsencrypt Using 'https://acme-v01.api.letsencrypt.org' to generate certificate
[information] letsencrypt Starting new account registration
[information] letsencrypt Sending registration to letsencrypt server
[information] letsencrypt Sending signed request to /acme/new-reg
[error] Could not get Let's Encrypt certificate for dummy.com: Account not initialized, probably due to rate limiting. Whole response: Array
[information] Let's Encrypt certificates have been updated
[notice] Checking system's last guid

Der Fehler (beim erneuten cronjob):

[information] Updating Let's Encrypt certificates
[debug] Updating dummy.com
[debug] Adding SAN entry: dummy.com
[debug] Adding SAN entry: www.dummy.com
[information] letsencrypt Using 'https://acme-v01.api.letsencrypt.org' to generate certificate
[information] letsencrypt Account already registered. Continuing.
[information] letsencrypt Starting certificate generation process for domains
[information] letsencrypt Requesting challenge for mandalka.net
[information] letsencrypt Sending signed request to /acme/new-authz
[error] Could not get Let's Encrypt certificate for dummy.com: No challenges received for mandalka.net. Whole response: {"type":"urn:acme:error:unauthorized","detail":"No registration exists matching provided key","status":403}
[information] Let's Encrypt certificates have been updated
[notice] Checking system's last guid

Ich habe bereits die lepublickey & leprivatekey aus der customerstabelle auf "NULL" gesetzt.
Let's Encrypt einmal komplett deaktiviert und wieder aktiviert.

Die Let's Encrypt-Umgebung auf "Testing" umgestellt.

Den Let's Encrypt-Schlüssel lasse ich nicht wiederverwenden. Es soll immer ein neuer generiert werden.

 

Alles ohne Erfolg...

 

Meine ACME Konfigurationsdatei sieht wie folgt aus:

## Let's Encrypt
#
#

Alias "/.well-known/acme-challenge" "/var/www/.well-known/acme-challenge/"

<Directory "/var/www/.well-known/acme-challenge/">
        Require all granted
</Directory>

Auch hier habe ich nichts geändert, da es zuvor ja einwandfrei funktionierte.

[d00p]

Versuchs mal mit https://github.com/Froxlor/Froxlor/commit/b2f815617cfd880c83e9cf233cf9ed4f5b68e08a

[iam]

Versuchs mal mit https://github.com/Froxlor/Froxlor/commit/b2f815617cfd880c83e9cf233cf9ed4f5b68e08a

 

Halo d00p,

wenn das Projekt dich nicht hätte!

DANKE!

[information] Updating Let's Encrypt certificates
[debug] Updating dummy.com
[debug] Adding SAN entry: dummy.com
[information] letsencrypt Using 'https://acme-v01.api.letsencrypt.org' to generate certificate
[information] letsencrypt Starting new account registration
[information] letsencrypt Sending registration to letsencrypt server
[information] letsencrypt Sending signed request to /acme/new-reg
[information] letsencrypt Sending registration to letsencrypt server
[information] letsencrypt Sending signed request to /acme/new-reg
[information] letsencrypt New account certificate registered
[information] letsencrypt Starting certificate generation process for domains
[information] letsencrypt Requesting challenge for dummy.com
[information] letsencrypt Sending signed request to /acme/new-authz
[information] letsencrypt Got challenge token for dummy.com
[information] letsencrypt Token for dummy.com saved at /var/www//.well-known/acme-challenge/*Token* and should be available at http://dummy.com/.well-known/acme-challenge/*Token*
[information] letsencrypt Sending request to challenge
[information] letsencrypt Sending signed request to https://acme-v01.api.letsencrypt.org/acme/challenge/*Token*/*Token*
[information] letsencrypt Verification pending, sleeping 1s
[information] letsencrypt Verification ended with status: valid
[information] letsencrypt Sending signed request to /acme/new-cert
[information] letsencrypt Got certificate! YAY!
[information] letsencrypt Requesting chained cert at /acme/issuer-cert
[information] letsencrypt Done, returning new certificates and key
[information] Updated Let's Encrypt certificate dummy.com
[information] Let's Encrypt certificates have been updated
[notice] Checking system's last guid

LG