hi, My certificate for freedombox.rocks has been working fine for a long long time. Some time ago, I noticed that in the Let's Encrypt status page there was another certificate for hsd1.nj.comcast.net (Comcast is my internet provider). So far I've left it alone, not sure if I wanted to obtain it. What would be the advantage? But I just tried it and it failed with this message:
Failed to obtain certificate for domain hsd1.nj.comcast.net: Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator webroot, Installer None Performing the following challenges: http-01 challenge for hsd1.nj.comcast.net Using the webroot path /var/www/html for all unmatched domains. Waiting for verification... Challenge failed for domain hsd1.nj.comcast.net http-01 challenge for hsd1.nj.comcast.net Cleaning up challenges Some challenges have failed. Not sure what to make of it. Is it not working because I'm missing something? or is it not working because comcast is purposefully not allowing it to work? It seems to be related to "no valid AAAA records found". In the Name Services page, the "Domain Name" is listed as hsd1.nj.comcast.net with Services: All. Augustine This is what's in the log file: 2022-01-31 14:21:30,622:DEBUG:urllib3.connectionpool:https://acme-v02.api.letse ncrypt.org:443 "POST /acme/authz-v3/73872895510 HTTP/1.1" 200 637 2022-01-31 14:21:30,625:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 31 Jan 2022 19:21:30 GMT Content-Type: application/json Content-Length: 637 Connection: keep-alive Boulder-Requester: 283468160 Cache-Control: public, max-age=0, no-cache Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index" Replay-Nonce: 0102F7FbVfXBrav7zsv6RQjUGKfXMIHwJiW1_Sit1XZSvHo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "hsd1.nj.comcast.net" }, "status": "invalid", "expires": "2022-02-07T19:21:29Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:dns", "detail": "no valid A records found for hsd1.nj.comcast.net; no valid AAAA records found for hsd1.nj.comcast.net", "status": 400 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/73872895510/0oDaVA", "token": "BlaMJz5uZM0FFKNkj0IkQ3sm_GCmufnWOL9a2wE1bmw", "validated": "2022-01-31T19:21:29Z" } ] } 2022-01-31 14:21:30,626:DEBUG:acme.client:Storing nonce: 0102F7FbVfXBrav7zsv6RQjUGKfXMIHwJiW1_Sit1XZSvHo 2022-01-31 14:21:30,629:WARNING:certbot._internal.auth_handler:Challenge failed for domain hsd1.nj.comcast.net 2022-01-31 14:21:30,629:INFO:certbot._internal.auth_handler:http-01 challenge for hsd1.nj.comcast.net 2022-01-31 14:21:30,631:DEBUG:certbot._internal.reporter:Reporting to user: The following errors were reported by the server: Domain: hsd1.nj.comcast.net Type: dns Detail: no valid A records found for hsd1.nj.comcast.net; no valid AAAA records found for hsd1.nj.comcast.net 2022-01-31 14:21:30,637:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. _______________________________________________ Freedombox-discuss mailing list Freedombox-discuss@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/freedombox-discuss