Hi, I attempt to use acme-client on server OpenBSD 6.1, with nginx runing. But it fail with a bad response.
doas acme-client -vAD test.obsd4a.net acme-client: /etc/ssl/acme/private/test.obsd4a.net-privkey.pem: domain key exists (not creating) acme-client: /etc/acme/letsencrypt-privkey.pem: account key exists (not creating) acme-client: https://acme-v01.api.letsencrypt.org/directory: directories acme-client: acme-v01.api.letsencrypt.org: DNS: 23.206.21.80 acme-client: https://acme-v01.api.letsencrypt.org/acme/new-authz: req-auth: test.obsd4a.net acme-client: /var/www/htdocs/test.obsd4a.net/www/L-pjGy6umVejj6q78_P_gW7rbhyJrV0AuLhjfsqI3aU: created acme-client: https://acme-v01.api.letsencrypt.org/acme/challenge/hf0gCJFBvVlSBRp877_PVmTYLGNYmZDXC9eH2E_I0GE/1485696367: challenge acme-client: https://acme-v01.api.letsencrypt.org/acme/challenge/hf0gCJFBvVlSBRp877_PVmTYLGNYmZDXC9eH2E_I0GE/1485696367: status acme-client: https://acme-v01.api.letsencrypt.org/acme/challenge/hf0gCJFBvVlSBRp877_PVmTYLGNYmZDXC9eH2E_I0GE/1485696367: bad response acme-client: transfer buffer: [{ "type": "http-01", "status": "invalid", "error": { "type": "urn:acme:error:unauthorized", "detail": "Invalid response from http://test.obsd4a.net/.well-known/acme-challenge/L-pjGy6umVejj6q78_P_gW7rbhyJrV0AuLhjfsqI3aU: \"\u003chtml\u003e\r\n\u003chead\u003e\u003ctitle\u003e404 Not Found\u003c/title\u003e\u003c/head\u003e\r\n\u003cbody bgcolor=\"white\"\u003e\r\n\u003ccenter\u003e\u003ch1\u003e404 Not Found\u003c/h1\u003e\u003c/center\u003e\r\n\u003chr\u003e\u003ccenter\u003e\"", "status": 403 }, "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/hf0gCJFBvVlSBRp877_PVmTYLGNYmZDXC9eH2E_I0GE/1485696367", "token": "L-pjGy6umVejj6q78_P_gW7rbhyJrV0AuLhjfsqI3aU", "keyAuthorization": "L-pjGy6umVejj6q78_P_gW7rbhyJrV0AuLhjfsqI3aU.btIkQ8owertOE1LvXr1mezl9i5h6KptZrzIehfgwdcg", "validationRecord": [ { "url": "http://test.obsd4a.net/.well-known/acme-challenge/L-pjGy6umVejj6q78_P_gW7rbhyJrV0AuLhjfsqI3aU", "hostname": "test.obsd4a.net", "port": "80", "addressesResolved": [ "213.246.39.160" ], "addressUsed": "213.246.39.160", "addressesTried": [] } ] }] (1149 bytes) acme-client: bad exit: netproc(32816): 1 I try with this nginx config: location ^~ /.well-known/acme-challenge { #alias /var/www/acme; #try_files $uri =404; allow all; default_type "text/plain"; proxy_redirect off; root /var/www/acme; } or this: location ^~ /.well-known/acme-challenge { alias /usr/local/www/acme; try_files $uri =404; } But, same result, bad status. ---- FIY, i can obtain certs - in mode test - with cerbot ;) (and first setting location). -- ~ " Fully Basic System Distinguish Life! " ~ " Libre as a BSD " +=<<< ---- <me>Stephane HUC as PengouinBSD or CIOTBSD</me> <mail>b...@stephane-huc.net</mail>
signature.asc
Description: OpenPGP digital signature