ACME Http-01 Challange validating via HTTPS instead of HTTP causing task to fail

R

redotheone

New Member
Aug 1, 2024
1
0
1
Hi,

After running the following command:
Code: 
pvenode acme cert order

I get this output:
Code: 
Loading ACME account details
Placing ACME order
Order URL: https://acme-staging-v02.api.letsencrypt.org/acme/order/157874733/{code}

Getting authorization details from 'https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/{request code}'

The validation for pve.emtechsg.net is pending!

Setting up webserver
Server URL: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/{request code}/OU3BkA

Triggering validation
Sleeping for 5 seconds
Status is still 'pending', trying again in 10 seconds

TASK ERROR: validating challenge 'https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/{request code}' failed - status: invalid

When I check the authorization details at https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/{request code}, I see:
Code: 
{
  "identifier": {
    "type": "dns",
    "value": "{hostname}"
  },
  "status": "invalid",
  "expires": "2024-08-08T17:30:16Z",
  "challenges": [
    {
      "type": "http-01",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/{request code}/j1b-NA",
      "status": "invalid",
      "validated": "2024-08-01T17:30:47Z",
      "error": {
        "type": "urn:ietf:params:acme:error:connection",
        "detail": "{ipaddress}: Fetching https://{hostname}/.well-known/acme-challenge/E1InPcf9IgcN3athXD8nIcKWlMl8nf_uJ71AvJc_SK0: Timeout after connect (your server may be slow or overloaded)",
        "status": 400
      },
      "token": "E1InPcf9IgcN3athXD8nIcKWlMl8nf_uJ71AvJc_SK0",
      "validationRecord": [
        {
          "url": "http:/{hostname}/.well-known/acme-challenge/E1InPcf9IgcN3athXD8nIcKWlMl8nf_uJ71AvJc_SK0",
          "hostname": "{hostname}",
          "port": "80",
          "addressesResolved": [
            "{ipaddress}"
          ],
          "addressUsed": "{ipaddress}"
        },
        {
          "url": "https://{hostname}/.well-known/acme-challenge/E1InPcf9IgcN3athXD8nIcKWlMl8nf_uJ71AvJc_SK0",
          "hostname": "{hostname}",
          "port": "443",
          "addressesResolved": [
            "{ipaddress}"
          ],
          "addressUsed": "{ipaddress}"
        }
      ]
    }
  ]
}

The token code appears to be fetched via HTTPS instead of HTTP, causing the validation to fail. This issue occurs despite the script only setting up a webserver on port 80, which should only use HTTP.

Anyone facing the same issue?
 
Last edited:
You must log in or register to reply here.
Top Bottom