Jump to content
Froxlor Forum
  • 0

Letsencrypt Update Fehler


dg3fbl
 Share

Question

Hallo,

ich habe das Forum schon rauf und runter gelesen, bin aber die Tage nicht weiter gekommen. Ich bekomme im Log Fehlermeldungen das die Zertifikate nicht verlängert werden können. Noch einem Beitrag hier habe ich dann das cronjob Script per Hand aufgerufen "/var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --debug" und folgende Debug Ausgabe bekommen.

Eine test-Datei habe ich auch schon probiert unter "/var/www/froxlor/.well-known/acme-challenge/" abzulegen, und dann mit der Domain aufzurufen. Das klappt ohne Probleme. Und es ist auch egal ob es sich um eine Hauptdomain oder Subdomain handelt. Der Server läuft übrigens unter Debian Jessie und mittlerweile sind alle letsencrypt Zertifikate leider abgelaufen.

Wo müsste ich denn noch suchen?

- - - - -

[information] Updating wiresx2web.dg3fbl.de
[information] Adding SAN entry: wiresx2web.dg3fbl.de
[information] letsencrypt Using 'https://acme-v01.api.letsencrypt.org' to generate certificate
[information] letsencrypt Using existing account key
[information] letsencrypt Starting certificate generation process for domains
[information] letsencrypt Requesting challenge for wiresx2web.dg3fbl.de
[information] letsencrypt Sending signed request to /acme/new-authz
[information] letsencrypt Got challenge token for wiresx2web.dg3fbl.de
[information] letsencrypt Token for wiresx2web.dg3fbl.de saved at /var/www/froxlor/.well-known/acme-challenge/1Xksj2yT56ttOocBj0dk3GbL2elts4G2zRmTFsIZFyI and should be available at http://wiresx2web.dg3fbl.de/.well-known/acme-challenge/1Xksj2yT56ttOocBj0dk3GbL2elts4G2zRmTFsIZFyI
[error] letsencrypt Please check http://wiresx2web.dg3fbl.de/.well-known/acme-challenge/1Xksj2yT56ttOocBj0dk3GbL2elts4G2zRmTFsIZFyI - token not available; PHP error: {"type":2,"message":"file_get_contents(http:\/\/wiresx2web.dg3fbl.de\/.well-known\/acme-challenge\/1Xksj2yT56ttOocBj0dk3GbL2elts4G2zRmTFsIZFyI): failed to open stream: HTTP request failed! HTTP\/1.0 404 Not Found\r\n","file":"\/var\/www\/froxlor\/lib\/classes\/ssl\/class.lescript.php","line":232}
[information] letsencrypt Sending request to challenge
[information] letsencrypt Sending signed request to https://acme-v01.api.letsencrypt.org/acme/challenge/iKFoWJ2IxpzgAhe1kOtD6XS0PjKLSCNdhHFGMBA5XdE/2331751669
[information] letsencrypt Verification pending, sleeping 1s
[information] letsencrypt Verification pending, sleeping 1s
[error] Could not get Let's Encrypt certificate for wiresx2web.dg3fbl.de: Verification ended with error: {"identifier":{"type":"dns","value":"wiresx2web.dg3fbl.de"},"status":"invalid","expires":"2017-11-04T19:53:22Z","challenges":[{"type":"dns-01","status":"pending","uri":"https:\/\/acme-v01.api.letsencrypt.org\/acme\/challenge\/iKFoWJ2IxpzgAhe1kOtD6XS0PjKLSCNdhHFGMBA5XdE\/2331751667","token":"b3CwxBVqZPluzQZheZWT1GSeY1wT0HdRI9nXkQzYX64"},{"type":"http-01","status":"invalid","error":{"type":"urn:acme:error:unauthorized","detail":"Invalid response from http:\/\/wiresx2web.dg3fbl.de\/.well-known\/acme-challenge\/1Xksj2yT56ttOocBj0dk3GbL2elts4G2zRmTFsIZFyI: \"<!DOCTYPE HTML PUBLIC \"-\/\/IETF\/\/DTD HTML 2.0\/\/EN\">\n<html><head>\n<title>404 Not Found<\/title>\n<\/head><body>\n<h1>Not Found<\/h1>\n<p\"","status":403},"uri":"https:\/\/acme-v01.api.letsencrypt.org\/acme\/challenge\/iKFoWJ2IxpzgAhe1kOtD6XS0PjKLSCNdhHFGMBA5XdE\/2331751669","token":"1Xksj2yT56ttOocBj0dk3GbL2elts4G2zRmTFsIZFyI","keyAuthorization":"1Xksj2yT56ttOocBj0dk3GbL2elts4G2zRmTFsIZFyI.JRnlJHkwZsm4-XcnRPBe87rrBQZ3Mzxtj0kr5nYulZY","validationRecord":[{"url":"http:\/\/wiresx2web.dg3fbl.de\/.well-known\/acme-challenge\/1Xksj2yT56ttOocBj0dk3GbL2elts4G2zRmTFsIZFyI","hostname":"wiresx2web.dg3fbl.de","port":"80","addressesResolved":["87.140.45.66"],"addressUsed":"87.140.45.66","addressesTried":[]}]},{"type":"tls-sni-01","status":"pending","uri":"https:\/\/acme-v01.api.letsencrypt.org\/acme\/challenge\/iKFoWJ2IxpzgAhe1kOtD6XS0PjKLSCNdhHFGMBA5XdE\/2331751671","token":"CrMPSD4NBVcerPeQ77kCN5pBAdh64JiiUh_jADGzO9c"}],"combinations":[[1],[0],[2]]}
[information] Let's Encrypt certificates have been updated
[notice] Checking system's last guid

 

Link to comment
Share on other sites

5 answers to this question

Recommended Posts

  • 0

Lege eine Datei z.b. "test" in deinem froxlor/.well-known/acme-challenge ordner mit dem Inhalt "test" an und versuche diese unter http://wiresx2web.dg3fbl.de/.well-known/acme-challenge/test aufzurufen, wenn du eine 404 Meldung erhältst, fehlt die in deinen conf-enabled files von Apache der alias. Du findest den in den Konfigurationsdaten von Froxlor für den Webserver.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...