I have a fresh install of PF 10 on both Centos and Debian. I am having the same issue with Let's Encrypt.
I have updated PF with the latest patches: /usr/local/pf/addons/ pf-maint.pl Following previous issues with lets encrypt, I ran: journalctl -u packetfence-pfperl-api -f Below is the output. It seems that Lets Encrypt is being denied when verifying back to the PF box. I verified that ports 80 and 443 are open (and even opened all ports a few times) and on my firewall, I can see the traffic communication between Lets Encrypt and the PF box. The key issues I believe are these lines: Apr 29 22:58:58 eduroam02 pfperl-api[757]: "detail": "Fetching http://eduroam02.gmcs.k12.nm.us/.well-known/acme-challenge/xYQAQNimUxDeiluSy8JeuWxukB_GthXpIbV8SzX34Q4: Connection refused", Apr 29 22:58:58 eduroam02 pfperl-api[757]: "status": 400 Below is the full output. Apr 29 22:58:53 eduroam02 pfperl-api[757]: $VAR1 = { Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'reason' => 'OK', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'success' => 1, Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'headers' => { Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'connection' => 'keep-alive', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'content-length' => '658', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'strict-transport-security' => 'max-age=604800', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'server' => 'nginx', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'content-type' => 'application/json', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'date' => 'Thu, 30 Apr 2020 04:58:53 GMT', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'x-frame-options' => 'DENY', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'cache-control' => 'public, max-age=0, no-cache' Apr 29 22:58:53 eduroam02 pfperl-api[757]: }, Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'content' => '{ Apr 29 22:58:53 eduroam02 pfperl-api[757]: "_RtOSQ5K7IE": " https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417 ", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "keyChange": " https://acme-v02.api.letsencrypt.org/acme/key-change", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "meta": { Apr 29 22:58:53 eduroam02 pfperl-api[757]: "caaIdentities": [ Apr 29 22:58:53 eduroam02 pfperl-api[757]: "letsencrypt.org" Apr 29 22:58:53 eduroam02 pfperl-api[757]: ], Apr 29 22:58:53 eduroam02 pfperl-api[757]: "termsOfService": " https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "website": " https://letsencrypt.org" Apr 29 22:58:53 eduroam02 pfperl-api[757]: }, Apr 29 22:58:53 eduroam02 pfperl-api[757]: "newAccount": " https://acme-v02.api.letsencrypt.org/acme/new-acct", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "newNonce": " https://acme-v02.api.letsencrypt.org/acme/new-nonce", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "newOrder": " https://acme-v02.api.letsencrypt.org/acme/new-order", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "revokeCert": " https://acme-v02.api.letsencrypt.org/acme/revoke-cert" Apr 29 22:58:53 eduroam02 pfperl-api[757]: }', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'protocol' => 'HTTP/1.1', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'status' => '200', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'url' => ' https://acme-v02.api.letsencrypt.org/directory' Apr 29 22:58:53 eduroam02 pfperl-api[757]: }; Apr 29 22:58:53 eduroam02 pfperl-api[757]: $VAR1 = { Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'date' => 'Thu, 30 Apr 2020 04:58:53 GMT', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'x-frame-options' => 'DENY', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'cache-control' => 'public, max-age=0, no-cache', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'replay-nonce' => '0002EYJMg3Sb3jrRNYSVCvWLVyOFOpd6kBeogZ0hHmt-nUs', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'strict-transport-security' => 'max-age=604800', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'link' => '< https://acme-v02.api.letsencrypt.org/directory>;rel="index"', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'server' => 'nginx', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'connection' => 'keep-alive' Apr 29 22:58:53 eduroam02 pfperl-api[757]: }; Apr 29 22:58:53 eduroam02 pfperl-api[757]: Directory loaded successfully. Apr 29 22:58:53 eduroam02 pfperl-api[757]: Account key generated. Apr 29 22:58:53 eduroam02 pfperl-api[757]: CSR key loaded Apr 29 22:58:53 eduroam02 pfperl-api[757]: CSR generated. Apr 29 22:58:53 eduroam02 pfperl-api[757]: $VAR1 = { Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'url' => ' https://acme-v02.api.letsencrypt.org/acme/new-acct', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'status' => '201', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'headers' => { Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'strict-transport-security' => 'max-age=604800', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'replay-nonce' => '00024Aak7Czlzh4ELTzUnt3f1RPYGu81RcjHJTLXyH6MzQg', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'server' => 'nginx', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'content-type' => 'application/json', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'link' => [ Apr 29 22:58:53 eduroam02 pfperl-api[757]: '<https://acme-v02.api.letsencrypt.org/directory>;rel="index"', Apr 29 22:58:53 eduroam02 pfperl-api[757]: '<https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf >;rel="terms-of-service"' Apr 29 22:58:53 eduroam02 pfperl-api[757]: ], Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'date' => 'Thu, 30 Apr 2020 04:58:53 GMT', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'cache-control' => 'public, max-age=0, no-cache', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'x-frame-options' => 'DENY', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'boulder-requester' => '84853044', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'location' => 'https://acme-v02.api.letsencrypt.org/acme/acct/84853044', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'content-length' => '869', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'connection' => 'keep-alive' Apr 29 22:58:53 eduroam02 pfperl-api[757]: }, Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'content' => '{ Apr 29 22:58:53 eduroam02 pfperl-api[757]: "key": { Apr 29 22:58:53 eduroam02 pfperl-api[757]: "kty": "RSA", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "n": "qz_KPvpqahVtKutXLWMMZNi7dPaSAs1v4sT-YNLwiXpeObKoaJH_fIC7NRXuFK6kpVyN_SY41DWalZxzhi4_oSS8vf4wRttnqmvhox3B0iCq8VYBeNRljDBnk4-I-Wlz7YM6PGjm03ZZzuNS4FUVZJRRvzPIgZgco77JrvMO9lVGVQnk3whsy6LpNDgk_KETcsewnPsoNF1siYdXBXEfQwWfFX0C1caWbzkJK3NQfw9rwQ4y45xefYOh5X8HWkwO1MU9LQ8nVFFhG_ih0nxUPrD2clITzqnkZ_hnADrOhweLloaTPM3QU2t1uP4IslIl5e6-z91YFTWfl8ILy9raSbuhVsXutn51gnjUCo6jI5b5ybT1aUucScrFvzjTzsF0UkjNRIlbE6JuyubM_OH3br0FIoPXTsb2q05ZCKOS8469m8bsMHuBHjDMNwTyYQyVPuTckyj9AnAwwu6YTsF0sEVJA__fZUwmRygncABE20NLbq0hI0jlcj8c1v8amiT8xg34wcXCblS8dOwKfWIjJKinLkf3Cq1dXZUgdRtC2iSPiNaXzN4hXMxGX58QWl9RMUb4HVxUYjHvNk6zfni7AYHFaf3HOt3MXdddbYbFArSw-1km1OEgyfvgSzv_xOPPGJDaaB6o5_Z3sdRMKoGLY1OxaZ4nSkiXHKEmFdjtVDk", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "e": "AQAB" Apr 29 22:58:53 eduroam02 pfperl-api[757]: }, Apr 29 22:58:53 eduroam02 pfperl-api[757]: "contact": [], Apr 29 22:58:53 eduroam02 pfperl-api[757]: "initialIp": "199.115.128.154", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "createdAt": "2020-04-30T04:58:53.542392895Z", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "status": "valid" Apr 29 22:58:53 eduroam02 pfperl-api[757]: }', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'protocol' => 'HTTP/1.1', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'reason' => 'Created', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'success' => 1 Apr 29 22:58:53 eduroam02 pfperl-api[757]: }; Apr 29 22:58:53 eduroam02 pfperl-api[757]: New key is now registered, reg path: https://acme-v02.api.letsencrypt.org/acme/acct/84853044. You need to accept TOS at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf Apr 29 22:58:53 eduroam02 pfperl-api[757]: Registration success: TOS change status - 1, new registration flag - 1. Apr 29 22:58:53 eduroam02 pfperl-api[757]: $VAR1 = { Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'reason' => 'OK', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'success' => 1, Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'headers' => { Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'date' => 'Thu, 30 Apr 2020 04:58:53 GMT', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'x-frame-options' => 'DENY', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'cache-control' => 'public, max-age=0, no-cache', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'replay-nonce' => '0001IghGD4RupHTkU0qeled7qqrxYOUqK-5JaccQL9jX8hc', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'strict-transport-security' => 'max-age=604800', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'link' => [ Apr 29 22:58:53 eduroam02 pfperl-api[757]: '<https://acme-v02.api.letsencrypt.org/directory>;rel="index"', Apr 29 22:58:53 eduroam02 pfperl-api[757]: '<https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf >;rel="terms-of-service"' Apr 29 22:58:53 eduroam02 pfperl-api[757]: ], Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'content-type' => 'application/json', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'server' => 'nginx', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'content-length' => '859', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'connection' => 'keep-alive', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'boulder-requester' => '84853044' Apr 29 22:58:53 eduroam02 pfperl-api[757]: }, Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'content' => '{ Apr 29 22:58:53 eduroam02 pfperl-api[757]: "key": { Apr 29 22:58:53 eduroam02 pfperl-api[757]: "kty": "RSA", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "n": "qz_KPvpqahVtKutXLWMMZNi7dPaSAs1v4sT-YNLwiXpeObKoaJH_fIC7NRXuFK6kpVyN_SY41DWalZxzhi4_oSS8vf4wRttnqmvhox3B0iCq8VYBeNRljDBnk4-I-Wlz7YM6PGjm03ZZzuNS4FUVZJRRvzPIgZgco77JrvMO9lVGVQnk3whsy6LpNDgk_KETcsewnPsoNF1siYdXBXEfQwWfFX0C1caWbzkJK3NQfw9rwQ4y45xefYOh5X8HWkwO1MU9LQ8nVFFhG_ih0nxUPrD2clITzqnkZ_hnADrOhweLloaTPM3QU2t1uP4IslIl5e6-z91YFTWfl8ILy9raSbuhVsXutn51gnjUCo6jI5b5ybT1aUucScrFvzjTzsF0UkjNRIlbE6JuyubM_OH3br0FIoPXTsb2q05ZCKOS8469m8bsMHuBHjDMNwTyYQyVPuTckyj9AnAwwu6YTsF0sEVJA__fZUwmRygncABE20NLbq0hI0jlcj8c1v8amiT8xg34wcXCblS8dOwKfWIjJKinLkf3Cq1dXZUgdRtC2iSPiNaXzN4hXMxGX58QWl9RMUb4HVxUYjHvNk6zfni7AYHFaf3HOt3MXdddbYbFArSw-1km1OEgyfvgSzv_xOPPGJDaaB6o5_Z3sdRMKoGLY1OxaZ4nSkiXHKEmFdjtVDk", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "e": "AQAB" Apr 29 22:58:53 eduroam02 pfperl-api[757]: }, Apr 29 22:58:53 eduroam02 pfperl-api[757]: "contact": [], Apr 29 22:58:53 eduroam02 pfperl-api[757]: "initialIp": "199.115.128.154", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "createdAt": "2020-04-30T04:58:53Z", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "status": "valid" Apr 29 22:58:53 eduroam02 pfperl-api[757]: }', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'protocol' => 'HTTP/1.1', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'status' => '200', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'url' => ' https://acme-v02.api.letsencrypt.org/acme/acct/84853044' Apr 29 22:58:53 eduroam02 pfperl-api[757]: }; Apr 29 22:58:53 eduroam02 pfperl-api[757]: Accepted TOS. Apr 29 22:58:53 eduroam02 pfperl-api[757]: $VAR1 = { Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'url' => ' https://acme-v02.api.letsencrypt.org/acme/new-order', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'status' => '201', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'content' => '{ Apr 29 22:58:53 eduroam02 pfperl-api[757]: "status": "pending", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "expires": "2020-05-07T04:58:53.801364905Z", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "identifiers": [ Apr 29 22:58:53 eduroam02 pfperl-api[757]: { Apr 29 22:58:53 eduroam02 pfperl-api[757]: "type": "dns", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "value": " eduroam02.gmcs.k12.nm.us" Apr 29 22:58:53 eduroam02 pfperl-api[757]: } Apr 29 22:58:53 eduroam02 pfperl-api[757]: ], Apr 29 22:58:53 eduroam02 pfperl-api[757]: "authorizations": [ Apr 29 22:58:53 eduroam02 pfperl-api[757]: " https://acme-v02.api.letsencrypt.org/acme/authz-v3/4267698770" Apr 29 22:58:53 eduroam02 pfperl-api[757]: ], Apr 29 22:58:53 eduroam02 pfperl-api[757]: "finalize": " https://acme-v02.api.letsencrypt.org/acme/finalize/84853044/3183233712" Apr 29 22:58:53 eduroam02 pfperl-api[757]: }', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'headers' => { Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'x-frame-options' => 'DENY', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'cache-control' => 'public, max-age=0, no-cache', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'date' => 'Thu, 30 Apr 2020 04:58:53 GMT', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'link' => '<https://acme-v02.api.letsencrypt.org/directory>;rel="index"', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'server' => 'nginx', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'content-type' => 'application/json', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'replay-nonce' => '0001rdSlWM1SYSCSLBR8Y3165z4x4CjQZ05i58fCcELlNm8', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'strict-transport-security' => 'max-age=604800', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'connection' => 'keep-alive', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'content-length' => '354', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'location' => ' https://acme-v02.api.letsencrypt.org/acme/order/84853044/3183233712', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'boulder-requester' => '84853044' Apr 29 22:58:53 eduroam02 pfperl-api[757]: }, Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'protocol' => 'HTTP/1.1', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'success' => 1, Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'reason' => 'Created' Apr 29 22:58:53 eduroam02 pfperl-api[757]: }; Apr 29 22:58:53 eduroam02 pfperl-api[757]: Requesting challenge. Apr 29 22:58:53 eduroam02 pfperl-api[757]: $VAR1 = { Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'protocol' => 'HTTP/1.1', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'content' => '{ Apr 29 22:58:53 eduroam02 pfperl-api[757]: "identifier": { Apr 29 22:58:53 eduroam02 pfperl-api[757]: "type": "dns", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "value": " eduroam02.gmcs.k12.nm.us" Apr 29 22:58:53 eduroam02 pfperl-api[757]: }, Apr 29 22:58:53 eduroam02 pfperl-api[757]: "status": "pending", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "expires": "2020-05-07T04:58:53Z", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "challenges": [ Apr 29 22:58:53 eduroam02 pfperl-api[757]: { Apr 29 22:58:53 eduroam02 pfperl-api[757]: "type": "http-01", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "status": "pending", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "url": " https://acme-v02.api.letsencrypt.org/acme/chall-v3/4267698770/ddWoIw", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "token": "xYQAQNimUxDeiluSy8JeuWxukB_GthXpIbV8SzX34Q4" Apr 29 22:58:53 eduroam02 pfperl-api[757]: }, Apr 29 22:58:53 eduroam02 pfperl-api[757]: { Apr 29 22:58:53 eduroam02 pfperl-api[757]: "type": "dns-01", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "status": "pending", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "url": " https://acme-v02.api.letsencrypt.org/acme/chall-v3/4267698770/Y4CrxQ", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "token": "xYQAQNimUxDeiluSy8JeuWxukB_GthXpIbV8SzX34Q4" Apr 29 22:58:53 eduroam02 pfperl-api[757]: }, Apr 29 22:58:53 eduroam02 pfperl-api[757]: { Apr 29 22:58:53 eduroam02 pfperl-api[757]: "type": "tls-alpn-01", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "status": "pending", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "url": " https://acme-v02.api.letsencrypt.org/acme/chall-v3/4267698770/IE3lew", Apr 29 22:58:53 eduroam02 pfperl-api[757]: "token": "xYQAQNimUxDeiluSy8JeuWxukB_GthXpIbV8SzX34Q4" Apr 29 22:58:53 eduroam02 pfperl-api[757]: } Apr 29 22:58:53 eduroam02 pfperl-api[757]: ] Apr 29 22:58:53 eduroam02 pfperl-api[757]: }', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'headers' => { Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'content-length' => '802', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'connection' => 'keep-alive', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'x-frame-options' => 'DENY', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'cache-control' => 'public, max-age=0, no-cache', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'date' => 'Thu, 30 Apr 2020 04:58:53 GMT', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'link' => '<https://acme-v02.api.letsencrypt.org/directory>;rel="index"', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'content-type' => 'application/json', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'server' => 'nginx', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'strict-transport-security' => 'max-age=604800' Apr 29 22:58:53 eduroam02 pfperl-api[757]: }, Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'reason' => 'OK', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'success' => 1, Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'url' => ' https://acme-v02.api.letsencrypt.org/acme/authz-v3/4267698770', Apr 29 22:58:53 eduroam02 pfperl-api[757]: 'status' => '200' Apr 29 22:58:53 eduroam02 pfperl-api[757]: }; Apr 29 22:58:53 eduroam02 pfperl-api[757]: Received challenges for eduroam02.gmcs.k12.nm.us. Apr 29 22:58:53 eduroam02 pfperl-api[757]: Requested challenges for 1 domain(s). Apr 29 22:58:53 eduroam02 pfperl-api[757]: Accepted challenges for 1 domain(s). Apr 29 22:58:53 eduroam02 packetfence[1012]: INFO pfperl-api(1012): A file 'xYQAQNimUxDeiluSy8JeuWxukB_GthXpIbV8SzX34Q4' with the text: xYQAQNimUxDeiluSy8JeuWxukB_GthXpIbV8SzX34Q4.2QP5W0DVEvnNTD6ElcbIO1-urEQMc-u-5G0Vp1XLh8Q will be created for the Let's Encrypt challenge (pf::ssl::lets_encrypt::process_challenge) Apr 29 22:58:54 eduroam02 pfperl-api[757]: $VAR1 = { Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'url' => ' https://acme-v02.api.letsencrypt.org/acme/chall-v3/4267698770/ddWoIw', Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'status' => '200', Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'protocol' => 'HTTP/1.1', Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'content' => '{ Apr 29 22:58:54 eduroam02 pfperl-api[757]: "type": "http-01", Apr 29 22:58:54 eduroam02 pfperl-api[757]: "status": "pending", Apr 29 22:58:54 eduroam02 pfperl-api[757]: "url": " https://acme-v02.api.letsencrypt.org/acme/chall-v3/4267698770/ddWoIw", Apr 29 22:58:54 eduroam02 pfperl-api[757]: "token": "xYQAQNimUxDeiluSy8JeuWxukB_GthXpIbV8SzX34Q4" Apr 29 22:58:54 eduroam02 pfperl-api[757]: }', Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'headers' => { Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'cache-control' => 'public, max-age=0, no-cache', Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'x-frame-options' => 'DENY', Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'date' => 'Thu, 30 Apr 2020 04:58:53 GMT', Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'server' => 'nginx', Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'content-type' => 'application/json', Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'link' => [ Apr 29 22:58:54 eduroam02 pfperl-api[757]: '<https://acme-v02.api.letsencrypt.org/directory>;rel="index"', Apr 29 22:58:54 eduroam02 pfperl-api[757]: '<https://acme-v02.api.letsencrypt.org/acme/authz-v3/4267698770 >;rel="up"' Apr 29 22:58:54 eduroam02 pfperl-api[757]: ], Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'strict-transport-security' => 'max-age=604800', Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'replay-nonce' => '0002fiMh1ecytS2z-vXyB5evDn9h09S3e2ovuRyWU_7tvlU', Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'connection' => 'keep-alive', Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'content-length' => '185', Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'location' => ' https://acme-v02.api.letsencrypt.org/acme/chall-v3/4267698770/ddWoIw', Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'boulder-requester' => '84853044' Apr 29 22:58:54 eduroam02 pfperl-api[757]: }, Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'success' => 1, Apr 29 22:58:54 eduroam02 pfperl-api[757]: 'reason' => 'OK' Apr 29 22:58:54 eduroam02 pfperl-api[757]: }; Apr 29 22:58:56 eduroam02 pfperl-api[757]: $VAR1 = { Apr 29 22:58:56 eduroam02 pfperl-api[757]: 'reason' => 'OK', Apr 29 22:58:56 eduroam02 pfperl-api[757]: 'success' => 1, Apr 29 22:58:56 eduroam02 pfperl-api[757]: 'content' => '{ Apr 29 22:58:56 eduroam02 pfperl-api[757]: "type": "http-01", Apr 29 22:58:56 eduroam02 pfperl-api[757]: "status": "pending", Apr 29 22:58:56 eduroam02 pfperl-api[757]: "url": " https://acme-v02.api.letsencrypt.org/acme/chall-v3/4267698770/ddWoIw", Apr 29 22:58:56 eduroam02 pfperl-api[757]: "token": "xYQAQNimUxDeiluSy8JeuWxukB_GthXpIbV8SzX34Q4" Apr 29 22:58:56 eduroam02 pfperl-api[757]: }', Apr 29 22:58:56 eduroam02 pfperl-api[757]: 'protocol' => 'HTTP/1.1', Apr 29 22:58:56 eduroam02 pfperl-api[757]: 'headers' => { Apr 29 22:58:56 eduroam02 pfperl-api[757]: 'content-type' => 'application/json', Apr 29 22:58:56 eduroam02 pfperl-api[757]: 'server' => 'nginx', Apr 29 22:58:56 eduroam02 pfperl-api[757]: 'link' => [ Apr 29 22:58:56 eduroam02 pfperl-api[757]: '<https://acme-v02.api.letsencrypt.org/directory>;rel="index"', Apr 29 22:58:56 eduroam02 pfperl-api[757]: '<https://acme-v02.api.letsencrypt.org/acme/authz-v3/4267698770 >;rel="up"' Apr 29 22:58:56 eduroam02 pfperl-api[757]: ], Apr 29 22:58:56 eduroam02 pfperl-api[757]: 'strict-transport-security' => 'max-age=604800', Apr 29 22:58:56 eduroam02 pfperl-api[757]: 'cache-control' => 'public, max-age=0, no-cache', Apr 29 22:58:56 eduroam02 pfperl-api[757]: 'x-frame-options' => 'DENY', Apr 29 22:58:56 eduroam02 pfperl-api[757]: 'date' => 'Thu, 30 Apr 2020 04:58:56 GMT', Apr 29 22:58:56 eduroam02 pfperl-api[757]: 'location' => ' https://acme-v02.api.letsencrypt.org/acme/chall-v3/4267698770/ddWoIw', Apr 29 22:58:56 eduroam02 pfperl-api[757]: 'content-length' => '185', Apr 29 22:58:56 eduroam02 pfperl-api[757]: 'connection' => 'keep-alive' Apr 29 22:58:56 eduroam02 pfperl-api[757]: }, Apr 29 22:58:56 eduroam02 pfperl-api[757]: 'status' => '200', Apr 29 22:58:56 eduroam02 pfperl-api[757]: 'url' => ' https://acme-v02.api.letsencrypt.org/acme/chall-v3/4267698770/ddWoIw' Apr 29 22:58:56 eduroam02 pfperl-api[757]: }; Apr 29 22:58:58 eduroam02 pfperl-api[757]: $VAR1 = { Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'success' => 1, Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'reason' => 'OK', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'content' => '{ Apr 29 22:58:58 eduroam02 pfperl-api[757]: "type": "http-01", Apr 29 22:58:58 eduroam02 pfperl-api[757]: "status": "invalid", Apr 29 22:58:58 eduroam02 pfperl-api[757]: "error": { Apr 29 22:58:58 eduroam02 pfperl-api[757]: "type": "urn:ietf:params:acme:error:connection", Apr 29 22:58:58 eduroam02 pfperl-api[757]: "detail": "Fetching http://eduroam02.gmcs.k12.nm.us/.well-known/acme-challenge/xYQAQNimUxDeiluSy8JeuWxukB_GthXpIbV8SzX34Q4: Connection refused", Apr 29 22:58:58 eduroam02 pfperl-api[757]: "status": 400 Apr 29 22:58:58 eduroam02 pfperl-api[757]: }, Apr 29 22:58:58 eduroam02 pfperl-api[757]: "url": " https://acme-v02.api.letsencrypt.org/acme/chall-v3/4267698770/ddWoIw", Apr 29 22:58:58 eduroam02 pfperl-api[757]: "token": "xYQAQNimUxDeiluSy8JeuWxukB_GthXpIbV8SzX34Q4", Apr 29 22:58:58 eduroam02 pfperl-api[757]: "validationRecord": [ Apr 29 22:58:58 eduroam02 pfperl-api[757]: { Apr 29 22:58:58 eduroam02 pfperl-api[757]: "url": " http://eduroam02.gmcs.k12.nm.us/.well-known/acme-challenge/xYQAQNimUxDeiluSy8JeuWxukB_GthXpIbV8SzX34Q4 ", Apr 29 22:58:58 eduroam02 pfperl-api[757]: "hostname": " eduroam02.gmcs.k12.nm.us", Apr 29 22:58:58 eduroam02 pfperl-api[757]: "port": "80", Apr 29 22:58:58 eduroam02 pfperl-api[757]: "addressesResolved": [ Apr 29 22:58:58 eduroam02 pfperl-api[757]: "199.115.128.154" Apr 29 22:58:58 eduroam02 pfperl-api[757]: ], Apr 29 22:58:58 eduroam02 pfperl-api[757]: "addressUsed": "199.115.128.154" Apr 29 22:58:58 eduroam02 pfperl-api[757]: } Apr 29 22:58:58 eduroam02 pfperl-api[757]: ] Apr 29 22:58:58 eduroam02 pfperl-api[757]: }', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'headers' => { Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'strict-transport-security' => 'max-age=604800', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'link' => [ Apr 29 22:58:58 eduroam02 pfperl-api[757]: '<https://acme-v02.api.letsencrypt.org/directory>;rel="index"', Apr 29 22:58:58 eduroam02 pfperl-api[757]: '<https://acme-v02.api.letsencrypt.org/acme/authz-v3/4267698770 >;rel="up"' Apr 29 22:58:58 eduroam02 pfperl-api[757]: ], Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'server' => 'nginx', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'content-type' => 'application/json', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'date' => 'Thu, 30 Apr 2020 04:58:58 GMT', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'x-frame-options' => 'DENY', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'cache-control' => 'public, max-age=0, no-cache', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'location' => ' https://acme-v02.api.letsencrypt.org/acme/chall-v3/4267698770/ddWoIw', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'connection' => 'keep-alive', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'content-length' => '752' Apr 29 22:58:58 eduroam02 pfperl-api[757]: }, Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'protocol' => 'HTTP/1.1', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'status' => '200', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'url' => ' https://acme-v02.api.letsencrypt.org/acme/chall-v3/4267698770/ddWoIw' Apr 29 22:58:58 eduroam02 pfperl-api[757]: }; Apr 29 22:58:58 eduroam02 pfperl-api[757]: Domain eduroam02.gmcs.k12.nm.us has failed verification (status code 200). Apr 29 22:58:58 eduroam02 pfperl-api[757]: $VAR1 = { Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'token' => 'xYQAQNimUxDeiluSy8JeuWxukB_GthXpIbV8SzX34Q4', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'status' => 'invalid', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'url' => ' https://acme-v02.api.letsencrypt.org/acme/chall-v3/4267698770/ddWoIw', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'type' => 'http-01', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'validationRecord' => [ Apr 29 22:58:58 eduroam02 pfperl-api[757]: { Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'port' => '80', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'addressesResolved' => [ Apr 29 22:58:58 eduroam02 pfperl-api[757]: '199.115.128.154' Apr 29 22:58:58 eduroam02 pfperl-api[757]: ], Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'hostname' => 'eduroam02.gmcs.k12.nm.us', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'addressUsed' => '199.115.128.154', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'url' => ' http://eduroam02.gmcs.k12.nm.us/.well-known/acme-challenge/xYQAQNimUxDeiluSy8JeuWxukB_GthXpIbV8SzX34Q4 ' Apr 29 22:58:58 eduroam02 pfperl-api[757]: } Apr 29 22:58:58 eduroam02 pfperl-api[757]: ], Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'error' => { Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'type' => 'urn:ietf:params:acme:error:connection', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'detail' => 'Fetching http://eduroam02.gmcs.k12.nm.us/.well-known/acme-challenge/xYQAQNimUxDeiluSy8JeuWxukB_GthXpIbV8SzX34Q4: Connection refused', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'status' => 400 Apr 29 22:58:58 eduroam02 pfperl-api[757]: } Apr 29 22:58:58 eduroam02 pfperl-api[757]: }; Apr 29 22:58:58 eduroam02 pfperl-api[757]: All verifications failed Apr 29 22:58:58 eduroam02 pfperl-api[757]: $VAR1 = { Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'success' => 1, Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'reason' => 'Created', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'protocol' => 'HTTP/1.1', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'content' => '{ Apr 29 22:58:58 eduroam02 pfperl-api[757]: "status": "pending", Apr 29 22:58:58 eduroam02 pfperl-api[757]: "expires": "2020-05-07T04:58:58.303022419Z", Apr 29 22:58:58 eduroam02 pfperl-api[757]: "identifiers": [ Apr 29 22:58:58 eduroam02 pfperl-api[757]: { Apr 29 22:58:58 eduroam02 pfperl-api[757]: "type": "dns", Apr 29 22:58:58 eduroam02 pfperl-api[757]: "value": " eduroam02.gmcs.k12.nm.us" Apr 29 22:58:58 eduroam02 pfperl-api[757]: } Apr 29 22:58:58 eduroam02 pfperl-api[757]: ], Apr 29 22:58:58 eduroam02 pfperl-api[757]: "authorizations": [ Apr 29 22:58:58 eduroam02 pfperl-api[757]: " https://acme-v02.api.letsencrypt.org/acme/authz-v3/4267699581" Apr 29 22:58:58 eduroam02 pfperl-api[757]: ], Apr 29 22:58:58 eduroam02 pfperl-api[757]: "finalize": " https://acme-v02.api.letsencrypt.org/acme/finalize/84853044/3183234150" Apr 29 22:58:58 eduroam02 pfperl-api[757]: }', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'headers' => { Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'date' => 'Thu, 30 Apr 2020 04:58:58 GMT', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'cache-control' => 'public, max-age=0, no-cache', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'x-frame-options' => 'DENY', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'strict-transport-security' => 'max-age=604800', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'replay-nonce' => '0001lRlrvyzbAzt2XkSEjG3EgRPZ8KKErLOyQS2WPcWI07U', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'content-type' => 'application/json', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'server' => 'nginx', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'link' => '<https://acme-v02.api.letsencrypt.org/directory>;rel="index"', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'content-length' => '354', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'connection' => 'keep-alive', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'boulder-requester' => '84853044', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'location' => ' https://acme-v02.api.letsencrypt.org/acme/order/84853044/3183234150' Apr 29 22:58:58 eduroam02 pfperl-api[757]: }, Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'status' => '201', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'url' => ' https://acme-v02.api.letsencrypt.org/acme/new-order' Apr 29 22:58:58 eduroam02 pfperl-api[757]: }; Apr 29 22:58:58 eduroam02 pfperl-api[757]: $VAR1 = { Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'status' => '403', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'url' => ' https://acme-v02.api.letsencrypt.org/acme/finalize/84853044/3183234150', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'success' => '', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'reason' => 'Forbidden', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'headers' => { Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'link' => '<https://acme-v02.api.letsencrypt.org/directory>;rel="index"', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'server' => 'nginx', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'content-type' => 'application/problem+json', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'replay-nonce' => '0002h1wMSx3QztPk2YrP2ipa_EslrboM3wusxNV4DseBWc4', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'cache-control' => 'public, max-age=0, no-cache', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'date' => 'Thu, 30 Apr 2020 04:58:58 GMT', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'boulder-requester' => '84853044', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'connection' => 'keep-alive', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'content-length' => '152' Apr 29 22:58:58 eduroam02 pfperl-api[757]: }, Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'content' => '{ Apr 29 22:58:58 eduroam02 pfperl-api[757]: "type": "urn:ietf:params:acme:error:orderNotReady", Apr 29 22:58:58 eduroam02 pfperl-api[757]: "detail": "Order\'s status (\\"pending\\") is not acceptable for finalization", Apr 29 22:58:58 eduroam02 pfperl-api[757]: "status": 403 Apr 29 22:58:58 eduroam02 pfperl-api[757]: }', Apr 29 22:58:58 eduroam02 pfperl-api[757]: 'protocol' => 'HTTP/1.1' Apr 29 22:58:58 eduroam02 pfperl-api[757]: }; Apr 29 22:58:58 eduroam02 pfperl-api[757]: Could not finalize an order. Lupe Silva
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users