Unable to create Let's Encrypt cert

Need help with FileZilla Server? Something does not work as expected? In this forum you may find an answer.

Moderator: Project members

Post Reply
Message
Author
DataWarehouse
500 Command not understood
Posts: 5
Joined: 2023-01-22 09:49
First name: Data
Last name: Warehouse

Unable to create Let's Encrypt cert

#1 Post by DataWarehouse » 2023-01-24 12:29

windows server 2022, IIS, filezilla server 1.6.5 fz server running as administrative user,
path to which the server responds to GET requests: D:\inetpub-media\.well-known\acme-challenge (I check the checkbox to 'create if not exist' but fz does not create)
iis virtual directory ".well-known" mapped to to d:\inetpub-media\.well-known
a test file placed in the directory correctly replies (http://mediatemp.codarus.com/.well-know ... e/test.txt)
When I attempt to create the TLS let's encrypt and press 'generate new' I receive the following error:

Code: Select all

<Date> Info [Type] Message
<24-01-2023 06:22:19> Admin UI [Status] Successfully connected to server 127.0.0.1:14148.
<24-01-2023 06:22:19> Admin UI [Error] Some of the TLS certificates in use on the server have expired.
<24-01-2023 06:22:30> Admin UI [Status] Retrieving configuration from the server...
<24-01-2023 06:22:30> Admin UI [Status] Server's configuration retrieved.
<24-01-2023 06:23:14> Admin UI [Status] Generating ACME certificate
<24-01-2023 06:23:16> Administration Server [Error] Error processing generate_acme_certificate: {
<24-01-2023 06:23:16> Administration Server [Error]   "detail": "35.225.49.228: Invalid response from http://mediatemp.codarus.com/.well-known/acme-challenge/OUIdM9C_D0bs9AOj9PiM-tEh20L7oiNq2Ov-nwcYphE: 404",
<24-01-2023 06:23:16> Administration Server [Error]   "status": 403,
<24-01-2023 06:23:16> Administration Server [Error]   "type": "urn:ietf:params:acme:error:unauthorized"
<24-01-2023 06:23:16> Administration Server [Error] }
<24-01-2023 06:24:12> Admin UI [Status] Retrieving configuration from the server...
<24-01-2023 06:24:12> Admin UI [Status] Server's configuration retrieved.
Thanks in advance

User avatar
oibaf
Contributor
Posts: 398
Joined: 2021-07-16 21:02
First name: Fabio
Last name: Alemagna

Re: Unable to create Let's Encrypt cert

#2 Post by oibaf » 2023-01-24 12:38

Your web server is giving 404 error (Not found) for the specific file it's looking for. Is the file there? If not, is FileZilla Server's giving out other errors beside that one? If the file is there, then your webserver needs to be configured with the proper permissions.

Also, FileZilla Server's service can only create the directory if the filesystem has the right permissions for it to do so.

DataWarehouse
500 Command not understood
Posts: 5
Joined: 2023-01-22 09:49
First name: Data
Last name: Warehouse

Re: Unable to create Let's Encrypt cert

#3 Post by DataWarehouse » 2023-01-24 20:13

There is no file in the directory aside from the .well-known/acme-challenge/test.txt file that I placed. test.txt retrieves just fine.

Code: Select all

<Date> Info [Type] Message
<24-01-2023 14:11:20> ACME/HTTP Client [Trace] [Status: 1] 
<24-01-2023 14:11:20> ACME [Trace] Account auth for [mediatemp.codarus.com] is: {
<24-01-2023 14:11:20> ACME [Trace]   "identifier": {
<24-01-2023 14:11:20> ACME [Trace]     "type": "dns",
<24-01-2023 14:11:20> ACME [Trace]     "value": "mediatemp.codarus.com"
<24-01-2023 14:11:20> ACME [Trace]   },
<24-01-2023 14:11:20> ACME [Trace]   "status": "invalid",
<24-01-2023 14:11:20> ACME [Trace]   "expires": "2023-01-31T20:11:19Z",
<24-01-2023 14:11:20> ACME [Trace]   "challenges": [
<24-01-2023 14:11:20> ACME [Trace]     {
<24-01-2023 14:11:20> ACME [Trace]       "type": "http-01",
<24-01-2023 14:11:20> ACME [Trace]       "status": "invalid",
<24-01-2023 14:11:20> ACME [Trace]       "error": {
<24-01-2023 14:11:20> ACME [Trace]         "type": "urn:ietf:params:acme:error:unauthorized",
<24-01-2023 14:11:20> ACME [Trace]         "detail": "35.225.49.228: Invalid response from http://mediatemp.codarus.com/.well-known/acme-challenge/ml-ejCZYCuIDSscNXwe94NGj7rNTo0UUK-z1pTjsk5Q: 404",
<24-01-2023 14:11:20> ACME [Trace]         "status": 403
<24-01-2023 14:11:20> ACME [Trace]       },
<24-01-2023 14:11:20> ACME [Trace]       "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/197922458337/z03h1Q",
<24-01-2023 14:11:20> ACME [Trace]       "token": "ml-ejCZYCuIDSscNXwe94NGj7rNTo0UUK-z1pTjsk5Q",
<24-01-2023 14:11:20> ACME [Trace]       "validationRecord": [
<24-01-2023 14:11:20> ACME [Trace]         {
<24-01-2023 14:11:20> ACME [Trace]           "url": "http://mediatemp.codarus.com/.well-known/acme-challenge/ml-ejCZYCuIDSscNXwe94NGj7rNTo0UUK-z1pTjsk5Q",
<24-01-2023 14:11:20> ACME [Trace]           "hostname": "mediatemp.codarus.com",
<24-01-2023 14:11:20> ACME [Trace]           "port": "80",
<24-01-2023 14:11:20> ACME [Trace]           "addressesResolved": [
<24-01-2023 14:11:20> ACME [Trace]             "35.225.49.228"
<24-01-2023 14:11:20> ACME [Trace]           ],
<24-01-2023 14:11:20> ACME [Trace]           "addressUsed": "35.225.49.228"
<24-01-2023 14:11:20> ACME [Trace]         }
<24-01-2023 14:11:20> ACME [Trace]       ],
<24-01-2023 14:11:20> ACME [Trace]       "validated": "2023-01-24T20:11:19Z"
<24-01-2023 14:11:20> ACME [Trace]     }
<24-01-2023 14:11:20> ACME [Trace]   ]
<24-01-2023 14:11:20> ACME [Trace] }
<24-01-2023 14:11:20> Administration Server [Error] Error processing generate_acme_certificate: {
<24-01-2023 14:11:20> Administration Server [Error]   "detail": "35.225.49.228: Invalid response from http://mediatemp.codarus.com/.well-known/acme-challenge/ml-ejCZYCuIDSscNXwe94NGj7rNTo0UUK-z1pTjsk5Q: 404",
<24-01-2023 14:11:20> Administration Server [Error]   "status": 403,
<24-01-2023 14:11:20> Administration Server [Error]   "type": "urn:ietf:params:acme:error:unauthorized"
<24-01-2023 14:11:20> Administration Server [Error] }

User avatar
oibaf
Contributor
Posts: 398
Joined: 2021-07-16 21:02
First name: Fabio
Last name: Alemagna

Re: Unable to create Let's Encrypt cert

#4 Post by oibaf » 2023-01-25 05:41

If the server were not able to generate a file in that directory, it would spit out a specific error in the logs, which would look like "Failed check: !challenger_->serve(token, d_->jwk_) [...]".

I just tried to download the test file, alas I got a 404 error. Is the file still there?

DataWarehouse
500 Command not understood
Posts: 5
Joined: 2023-01-22 09:49
First name: Data
Last name: Warehouse

Re: Unable to create Let's Encrypt cert

#5 Post by DataWarehouse » 2023-01-25 15:22

I've turned on directory browsing, you could try again at https://mediatemp.codarus.com/.well-kno ... e/test.txt

in Rights Management I am running as other user: data_warehouse , which is the same user that I used to create test.txt

Thanks for your help

Code: Select all

<Date> Info [Type] Message
<25-01-2023 09:13:24> Admin UI [Status] Successfully connected to server 127.0.0.1:14148.
<25-01-2023 09:13:24> Admin UI [Error] Some of the TLS certificates in use on the server have expired.
<25-01-2023 09:13:28> Admin UI [Status] Retrieving configuration from the server...
<25-01-2023 09:13:28> Admin UI [Status] Server's configuration retrieved.
<25-01-2023 09:13:55> Admin UI [Status] Retrieving configuration from the server...
<25-01-2023 09:13:55> Admin UI [Status] Server's configuration retrieved.
<25-01-2023 09:14:54> Admin UI [Status] Generating new ACME account
<25-01-2023 09:14:54> ACME [Trace] Getting terms of service...
<25-01-2023 09:14:54> ACME/HTTP Client [Trace] Connecting to acme-v02.api.letsencrypt.org:443
<25-01-2023 09:14:54> ACME/HTTP Client [Trace] Certificate is trusted: yes
<25-01-2023 09:14:54> ACME/HTTP Client [Trace] add_to_buffer()/request: GET /directory HTTP/1.1
<25-01-2023 09:14:54> ACME/HTTP Client [Trace] Connection: close
<25-01-2023 09:14:54> ACME/HTTP Client [Trace] Host: acme-v02.api.letsencrypt.org
<25-01-2023 09:14:54> ACME/HTTP Client [Trace] User-Agent: FileZilla-Server/1.6.5
<25-01-2023 09:14:54> ACME/HTTP Client [Trace] ***END
<25-01-2023 09:14:54> ACME/HTTP Client [Trace] [Status: 0] HTTP/1.1 200 OK
<25-01-2023 09:14:54> ACME/HTTP Client [Trace] [Status: 1] Server: nginx
<25-01-2023 09:14:54> ACME/HTTP Client [Trace] [Status: 1] Date: Wed, 25 Jan 2023 15:14:54 GMT
<25-01-2023 09:14:54> ACME/HTTP Client [Trace] [Status: 1] Content-Type: application/json
<25-01-2023 09:14:54> ACME/HTTP Client [Trace] [Status: 1] Content-Length: 659
<25-01-2023 09:14:54> ACME/HTTP Client [Trace] [Status: 1] Connection: close
<25-01-2023 09:14:54> ACME/HTTP Client [Trace] [Status: 1] Cache-Control: public, max-age=0, no-cache
<25-01-2023 09:14:54> ACME/HTTP Client [Trace] [Status: 1] X-Frame-Options: DENY
<25-01-2023 09:14:54> ACME/HTTP Client [Trace] [Status: 1] Strict-Transport-Security: max-age=604800
<25-01-2023 09:14:54> ACME/HTTP Client [Trace] [Status: 1] 
<25-01-2023 09:14:56> ACME [Trace] Getting directory...
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] Connecting to acme-v02.api.letsencrypt.org:443
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] Certificate is trusted: yes
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] add_to_buffer()/request: GET /directory HTTP/1.1
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] Connection: close
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] Host: acme-v02.api.letsencrypt.org
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] User-Agent: FileZilla-Server/1.6.5
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] ***END
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 0] HTTP/1.1 200 OK
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] Server: nginx
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] Date: Wed, 25 Jan 2023 15:14:56 GMT
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] Content-Type: application/json
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] Content-Length: 659
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] Connection: close
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] Cache-Control: public, max-age=0, no-cache
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] X-Frame-Options: DENY
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] Strict-Transport-Security: max-age=604800
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] 
<25-01-2023 09:14:56> ACME [Trace] Directory: {
<25-01-2023 09:14:56> ACME [Trace]   "e3kryYLl6c4": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
<25-01-2023 09:14:56> ACME [Trace]   "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
<25-01-2023 09:14:56> ACME [Trace]   "meta": {
<25-01-2023 09:14:56> ACME [Trace]     "caaIdentities": [
<25-01-2023 09:14:56> ACME [Trace]       "letsencrypt.org"
<25-01-2023 09:14:56> ACME [Trace]     ],
<25-01-2023 09:14:56> ACME [Trace]     "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
<25-01-2023 09:14:56> ACME [Trace]     "website": "https://letsencrypt.org"
<25-01-2023 09:14:56> ACME [Trace]   },
<25-01-2023 09:14:56> ACME [Trace]   "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
<25-01-2023 09:14:56> ACME [Trace]   "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
<25-01-2023 09:14:56> ACME [Trace]   "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
<25-01-2023 09:14:56> ACME [Trace]   "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
<25-01-2023 09:14:56> ACME [Trace] }
<25-01-2023 09:14:56> ACME [Trace] Getting Nonce...
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] Connecting to acme-v02.api.letsencrypt.org:443
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] Certificate is trusted: yes
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] add_to_buffer()/request: HEAD /acme/new-nonce HTTP/1.1
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] Connection: close
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] Host: acme-v02.api.letsencrypt.org
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] User-Agent: FileZilla-Server/1.6.5
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] ***END
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 0] HTTP/1.1 200 OK
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] Server: nginx
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] Date: Wed, 25 Jan 2023 15:14:56 GMT
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] Connection: close
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] Cache-Control: public, max-age=0, no-cache
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] Replay-Nonce: 853FrpLFuvdGmtRaosM5VpvUDIhMeifd2t14gQmanRn6Ww8
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] X-Frame-Options: DENY
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] Strict-Transport-Security: max-age=604800
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] [Status: 1] 
<25-01-2023 09:14:56> ACME [Trace] Nonce: 853FrpLFuvdGmtRaosM5VpvUDIhMeifd2t14gQmanRn6Ww8
<25-01-2023 09:14:56> ACME [Trace] make_jws, payload: {"contact":["mailto:data.warehouse@codarus.com"],"onlyReturnExisting":false,"termsOfServiceAgreed":true}
<25-01-2023 09:14:56> ACME [Trace] make_jws, extra: {"jwk":{"crv":"P-256","kty":"EC","x":"Mq2hBj7DvZ2HL6doT_d6jU7CPK2IdqYvcQryHnDHLjU","y":"ZYjoDKcEN4S9SZJkclhvPIN9r6VK3qp6ZlMrSTqRPbQ"},"nonce":"853FrpLFuvdGmtRaosM5VpvUDIhMeifd2t14gQmanRn6Ww8","url":"https://acme-v02.api.letsencrypt.org/acme/new-acct"}
<25-01-2023 09:14:56> ACME [Trace] Getting account...
<25-01-2023 09:14:56> ACME/HTTP Client [Trace] Connecting to acme-v02.api.letsencrypt.org:443
<25-01-2023 09:14:57> ACME/HTTP Client [Trace] Certificate is trusted: yes
<25-01-2023 09:14:57> ACME/HTTP Client [Trace] add_to_buffer()/request: POST /acme/new-acct HTTP/1.1
<25-01-2023 09:14:57> ACME/HTTP Client [Trace] Connection: close
<25-01-2023 09:14:57> ACME/HTTP Client [Trace] Content-length: 623
<25-01-2023 09:14:57> ACME/HTTP Client [Trace] Content-Type: application/jose+json
<25-01-2023 09:14:57> ACME/HTTP Client [Trace] Host: acme-v02.api.letsencrypt.org
<25-01-2023 09:14:57> ACME/HTTP Client [Trace] User-Agent: FileZilla-Server/1.6.5
<25-01-2023 09:14:57> ACME/HTTP Client [Trace] {"payload":"eyJjb250YWN0IjpbIm1haWx0bzpkYXRhLndhcmVob3VzZUBjb2RhcnVzLmNvbSJdLCJvbmx5UmV0dXJuRXhpc3RpbmciOmZhbHNlLCJ0ZXJtc09mU2VydmljZUFncmVlZCI6dHJ1ZX0","protected":"eyJhbGciOiJFUzI1NiIsImp3ayI6eyJjcnYiOiJQLTI1NiIsImt0eSI6IkVDIiwieCI6Ik1xMmhCajdEdloySEw2ZG9UX2Q2alU3Q1BLMklkcVl2Y1FyeUhuREhMalUiLCJ5IjoiWllqb0RLY0VONFM5U1pKa2NsaHZQSU45cjZWSzNxcDZabE1yU1RxUlBiUSJ9LCJub25jZSI6Ijg1M0ZycExGdXZkR210UmFvc001VnB2VURJaE1laWZkMnQxNGdRbWFuUm42V3c4IiwidXJsIjoiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LWFjY3QifQ","signature":"ar8-Nt72nSu-BDegZZ-EG6w50ttvH76v0qOgq9UGDsAQQ8lkntGmpOYDdMvCZ0gXKDIzPOgvM3O4aV01nt_5pQ"}***END
<25-01-2023 09:14:59> ACME/HTTP Client [Trace] [Status: 0] HTTP/1.1 201 Created
<25-01-2023 09:14:59> ACME/HTTP Client [Trace] [Status: 1] Server: nginx
<25-01-2023 09:14:59> ACME/HTTP Client [Trace] [Status: 1] Date: Wed, 25 Jan 2023 15:14:57 GMT
<25-01-2023 09:14:59> ACME/HTTP Client [Trace] [Status: 1] Content-Type: application/json
<25-01-2023 09:14:59> ACME/HTTP Client [Trace] [Status: 1] Content-Length: 328
<25-01-2023 09:14:59> ACME/HTTP Client [Trace] [Status: 1] Connection: close
<25-01-2023 09:14:59> ACME/HTTP Client [Trace] [Status: 1] Boulder-Requester: 933151817
<25-01-2023 09:14:59> ACME/HTTP Client [Trace] [Status: 1] Cache-Control: public, max-age=0, no-cache
<25-01-2023 09:14:59> ACME/HTTP Client [Trace] [Status: 1] Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
<25-01-2023 09:14:59> ACME/HTTP Client [Trace] [Status: 1] Link: <https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf>;rel="terms-of-service"
<25-01-2023 09:14:59> ACME/HTTP Client [Trace] [Status: 1] Location: https://acme-v02.api.letsencrypt.org/acme/acct/933151817
<25-01-2023 09:14:59> ACME/HTTP Client [Trace] [Status: 1] Replay-Nonce: 2712Xqwe66XNfJz4dv8GUeP2ZMAB0Gt6WHZIkT3zFpCWpSc
<25-01-2023 09:14:59> ACME/HTTP Client [Trace] [Status: 1] X-Frame-Options: DENY
<25-01-2023 09:14:59> ACME/HTTP Client [Trace] [Status: 1] Strict-Transport-Security: max-age=604800
<25-01-2023 09:14:59> ACME/HTTP Client [Trace] [Status: 1] 
<25-01-2023 09:14:59> ACME [Trace] Account object: {
<25-01-2023 09:14:59> ACME [Trace]   "key": {
<25-01-2023 09:14:59> ACME [Trace]     "kty": "EC",
<25-01-2023 09:14:59> ACME [Trace]     "crv": "P-256",
<25-01-2023 09:14:59> ACME [Trace]     "x": "Mq2hBj7DvZ2HL6doT_d6jU7CPK2IdqYvcQryHnDHLjU",
<25-01-2023 09:14:59> ACME [Trace]     "y": "ZYjoDKcEN4S9SZJkclhvPIN9r6VK3qp6ZlMrSTqRPbQ"
<25-01-2023 09:14:59> ACME [Trace]   },
<25-01-2023 09:14:59> ACME [Trace]   "contact": [
<25-01-2023 09:14:59> ACME [Trace]     "mailto:data.warehouse@codarus.com"
<25-01-2023 09:14:59> ACME [Trace]   ],
<25-01-2023 09:14:59> ACME [Trace]   "initialIp": "35.225.49.228",
<25-01-2023 09:14:59> ACME [Trace]   "createdAt": "2023-01-25T15:14:57.340145014Z",
<25-01-2023 09:14:59> ACME [Trace]   "status": "valid"
<25-01-2023 09:14:59> ACME [Trace] }
<25-01-2023 09:14:59> ACME [Trace] Account URI: https://acme-v02.api.letsencrypt.org/acme/acct/933151817
<25-01-2023 09:14:59> Admin UI [Status] Generated ACME account: https://acme-v02.api.letsencrypt.org/acme/acct/933151817
<25-01-2023 09:15:05>  [Status] Settings written to C:\ProgramData\filezilla-server\groups.xml.
<25-01-2023 09:15:05>  [Status] Settings written to C:\ProgramData\filezilla-server\users.xml.
<25-01-2023 09:15:05>  [Status] Settings written to C:\ProgramData\filezilla-server\disallowed_ips.xml.
<25-01-2023 09:15:05>  [Status] Settings written to C:\ProgramData\filezilla-server\settings.xml.
<25-01-2023 09:15:05>  [Status] Settings written to C:\ProgramData\filezilla-server\allowed_ips.xml.
<25-01-2023 09:15:13> Admin UI [Status] Retrieving configuration from the server...
<25-01-2023 09:15:13> Admin UI [Status] Server's configuration retrieved.
<25-01-2023 09:15:31> Admin UI [Status] Generating ACME certificate
<25-01-2023 09:15:31> ACME [Trace] Getting directory...
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Connecting to acme-v02.api.letsencrypt.org:443
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Certificate is trusted: yes
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] add_to_buffer()/request: GET /directory HTTP/1.1
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Connection: close
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Host: acme-v02.api.letsencrypt.org
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] User-Agent: FileZilla-Server/1.6.5
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] ***END
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 0] HTTP/1.1 200 OK
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Server: nginx
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Date: Wed, 25 Jan 2023 15:15:31 GMT
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Content-Type: application/json
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Content-Length: 659
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Connection: close
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Cache-Control: public, max-age=0, no-cache
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] X-Frame-Options: DENY
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Strict-Transport-Security: max-age=604800
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] 
<25-01-2023 09:15:31> ACME [Trace] Directory: {
<25-01-2023 09:15:31> ACME [Trace]   "8TRiqIlVVzk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
<25-01-2023 09:15:31> ACME [Trace]   "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
<25-01-2023 09:15:31> ACME [Trace]   "meta": {
<25-01-2023 09:15:31> ACME [Trace]     "caaIdentities": [
<25-01-2023 09:15:31> ACME [Trace]       "letsencrypt.org"
<25-01-2023 09:15:31> ACME [Trace]     ],
<25-01-2023 09:15:31> ACME [Trace]     "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
<25-01-2023 09:15:31> ACME [Trace]     "website": "https://letsencrypt.org"
<25-01-2023 09:15:31> ACME [Trace]   },
<25-01-2023 09:15:31> ACME [Trace]   "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
<25-01-2023 09:15:31> ACME [Trace]   "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
<25-01-2023 09:15:31> ACME [Trace]   "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
<25-01-2023 09:15:31> ACME [Trace]   "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
<25-01-2023 09:15:31> ACME [Trace] }
<25-01-2023 09:15:31> ACME [Trace] Getting Nonce...
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Connecting to acme-v02.api.letsencrypt.org:443
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Certificate is trusted: yes
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] add_to_buffer()/request: HEAD /acme/new-nonce HTTP/1.1
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Connection: close
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Host: acme-v02.api.letsencrypt.org
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] User-Agent: FileZilla-Server/1.6.5
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] ***END
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 0] HTTP/1.1 200 OK
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Server: nginx
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Date: Wed, 25 Jan 2023 15:15:31 GMT
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Connection: close
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Cache-Control: public, max-age=0, no-cache
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Replay-Nonce: 2712mcQTBH7E3W1kp-Bt8bocbCHOLu2NvsO6U2JH2AQW5Fo
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] X-Frame-Options: DENY
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Strict-Transport-Security: max-age=604800
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] 
<25-01-2023 09:15:31> ACME [Trace] Nonce: 2712mcQTBH7E3W1kp-Bt8bocbCHOLu2NvsO6U2JH2AQW5Fo
<25-01-2023 09:15:31> ACME [Trace] make_jws, payload: {"onlyReturnExisting":true,"termsOfServiceAgreed":true}
<25-01-2023 09:15:31> ACME [Trace] make_jws, extra: {"jwk":{"crv":"P-256","kty":"EC","x":"Mq2hBj7DvZ2HL6doT_d6jU7CPK2IdqYvcQryHnDHLjU","y":"ZYjoDKcEN4S9SZJkclhvPIN9r6VK3qp6ZlMrSTqRPbQ"},"nonce":"2712mcQTBH7E3W1kp-Bt8bocbCHOLu2NvsO6U2JH2AQW5Fo","url":"https://acme-v02.api.letsencrypt.org/acme/new-acct"}
<25-01-2023 09:15:31> ACME [Trace] Getting account...
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Connecting to acme-v02.api.letsencrypt.org:443
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Certificate is trusted: yes
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] add_to_buffer()/request: POST /acme/new-acct HTTP/1.1
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Connection: close
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Content-length: 558
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Content-Type: application/jose+json
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Host: acme-v02.api.letsencrypt.org
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] User-Agent: FileZilla-Server/1.6.5
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] {"payload":"eyJvbmx5UmV0dXJuRXhpc3RpbmciOnRydWUsInRlcm1zT2ZTZXJ2aWNlQWdyZWVkIjp0cnVlfQ","protected":"eyJhbGciOiJFUzI1NiIsImp3ayI6eyJjcnYiOiJQLTI1NiIsImt0eSI6IkVDIiwieCI6Ik1xMmhCajdEdloySEw2ZG9UX2Q2alU3Q1BLMklkcVl2Y1FyeUhuREhMalUiLCJ5IjoiWllqb0RLY0VONFM5U1pKa2NsaHZQSU45cjZWSzNxcDZabE1yU1RxUlBiUSJ9LCJub25jZSI6IjI3MTJtY1FUQkg3RTNXMWtwLUJ0OGJvY2JDSE9MdTJOdnNPNlUySkgyQVFXNUZvIiwidXJsIjoiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LWFjY3QifQ","signature":"fYo9EXex_9U-Tn24rTEN2mR_olOLDzauZKDLbZPBX6Fqc3EGAzpCAByHsDM2mBodObkrtpK52uj-BfRQk7zsJA"}***END
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 0] HTTP/1.1 200 OK
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Server: nginx
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Date: Wed, 25 Jan 2023 15:15:31 GMT
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Content-Type: application/json
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Content-Length: 318
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Connection: close
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Boulder-Requester: 933151817
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Cache-Control: public, max-age=0, no-cache
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Location: https://acme-v02.api.letsencrypt.org/acme/acct/933151817
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Replay-Nonce: 1DFAG7qgpVOKaldryeURJc_4deE86sp6wHKBMMt-pPncxeQ
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] X-Frame-Options: DENY
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] Strict-Transport-Security: max-age=604800
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] [Status: 1] 
<25-01-2023 09:15:31> ACME [Trace] Account object: {
<25-01-2023 09:15:31> ACME [Trace]   "key": {
<25-01-2023 09:15:31> ACME [Trace]     "kty": "EC",
<25-01-2023 09:15:31> ACME [Trace]     "crv": "P-256",
<25-01-2023 09:15:31> ACME [Trace]     "x": "Mq2hBj7DvZ2HL6doT_d6jU7CPK2IdqYvcQryHnDHLjU",
<25-01-2023 09:15:31> ACME [Trace]     "y": "ZYjoDKcEN4S9SZJkclhvPIN9r6VK3qp6ZlMrSTqRPbQ"
<25-01-2023 09:15:31> ACME [Trace]   },
<25-01-2023 09:15:31> ACME [Trace]   "contact": [
<25-01-2023 09:15:31> ACME [Trace]     "mailto:data.warehouse@codarus.com"
<25-01-2023 09:15:31> ACME [Trace]   ],
<25-01-2023 09:15:31> ACME [Trace]   "initialIp": "35.225.49.228",
<25-01-2023 09:15:31> ACME [Trace]   "createdAt": "2023-01-25T15:14:57Z",
<25-01-2023 09:15:31> ACME [Trace]   "status": "valid"
<25-01-2023 09:15:31> ACME [Trace] }
<25-01-2023 09:15:31> ACME [Trace] Account URI: https://acme-v02.api.letsencrypt.org/acme/acct/933151817
<25-01-2023 09:15:31> ACME [Trace] make_jws, payload: {"identifiers":[{"type":"dns","value":"mediatemp.codarus.com"}]}
<25-01-2023 09:15:31> ACME [Trace] make_jws, extra: {"kid":"https://acme-v02.api.letsencrypt.org/acme/acct/933151817","nonce":"1DFAG7qgpVOKaldryeURJc_4deE86sp6wHKBMMt-pPncxeQ","url":"https://acme-v02.api.letsencrypt.org/acme/new-order"}
<25-01-2023 09:15:31> ACME [Trace] Getting certificate order...
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Connecting to acme-v02.api.letsencrypt.org:443
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Certificate is trusted: yes
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] add_to_buffer()/request: POST /acme/new-order HTTP/1.1
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Connection: close
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Content-length: 480
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Content-Type: application/jose+json
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] Host: acme-v02.api.letsencrypt.org
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] User-Agent: FileZilla-Server/1.6.5
<25-01-2023 09:15:31> ACME/HTTP Client [Trace] {"payload":"eyJpZGVudGlmaWVycyI6W3sidHlwZSI6ImRucyIsInZhbHVlIjoibWVkaWF0ZW1wLmNvZGFydXMuY29tIn1dfQ","protected":"eyJhbGciOiJFUzI1NiIsImtpZCI6Imh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTMzMTUxODE3Iiwibm9uY2UiOiIxREZBRzdxZ3BWT0thbGRyeWVVUkpjXzRkZUU4NnNwNndIS0JNTXQtcFBuY3hlUSIsInVybCI6Imh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9","signature":"ZulxP71_hA8urOcGeSAuaEcOjdieD2hXNhDNXSy-s8iiExbU6jmOApgTr5Jp4F05Na1LSKQ8S_8JEdMKTaYIsw"}***END
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 0] HTTP/1.1 201 Created
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Server: nginx
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Date: Wed, 25 Jan 2023 15:15:32 GMT
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Content-Type: application/json
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Content-Length: 346
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Connection: close
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Boulder-Requester: 933151817
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Cache-Control: public, max-age=0, no-cache
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Location: https://acme-v02.api.letsencrypt.org/acme/order/933151817/160937655907
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Replay-Nonce: C878ziRMho9OuS2-RCQtgMXSMCCG47TnGJml2-xAHDT61ig
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] X-Frame-Options: DENY
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Strict-Transport-Security: max-age=604800
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] 
<25-01-2023 09:15:32> ACME [Trace] Certificate order: {
<25-01-2023 09:15:32> ACME [Trace]   "status": "pending",
<25-01-2023 09:15:32> ACME [Trace]   "expires": "2023-02-01T15:15:32Z",
<25-01-2023 09:15:32> ACME [Trace]   "identifiers": [
<25-01-2023 09:15:32> ACME [Trace]     {
<25-01-2023 09:15:32> ACME [Trace]       "type": "dns",
<25-01-2023 09:15:32> ACME [Trace]       "value": "mediatemp.codarus.com"
<25-01-2023 09:15:32> ACME [Trace]     }
<25-01-2023 09:15:32> ACME [Trace]   ],
<25-01-2023 09:15:32> ACME [Trace]   "authorizations": [
<25-01-2023 09:15:32> ACME [Trace]     "https://acme-v02.api.letsencrypt.org/acme/authz-v3/198137776497"
<25-01-2023 09:15:32> ACME [Trace]   ],
<25-01-2023 09:15:32> ACME [Trace]   "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/933151817/160937655907"
<25-01-2023 09:15:32> ACME [Trace] }
<25-01-2023 09:15:32> ACME [Trace] make_jws, payload: 
<25-01-2023 09:15:32> ACME [Trace] make_jws, extra: {"kid":"https://acme-v02.api.letsencrypt.org/acme/acct/933151817","nonce":"C878ziRMho9OuS2-RCQtgMXSMCCG47TnGJml2-xAHDT61ig","url":"https://acme-v02.api.letsencrypt.org/acme/authz-v3/198137776497"}
<25-01-2023 09:15:32> ACME [Trace] Getting account auth...
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] Connecting to acme-v02.api.letsencrypt.org:443
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] Certificate is trusted: yes
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] add_to_buffer()/request: POST /acme/authz-v3/198137776497 HTTP/1.1
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] Connection: close
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] Content-length: 410
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] Content-Type: application/jose+json
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] Host: acme-v02.api.letsencrypt.org
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] User-Agent: FileZilla-Server/1.6.5
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] {"payload":"","protected":"eyJhbGciOiJFUzI1NiIsImtpZCI6Imh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTMzMTUxODE3Iiwibm9uY2UiOiJDODc4emlSTWhvOU91UzItUkNRdGdNWFNNQ0NHNDdUbkdKbWwyLXhBSERUNjFpZyIsInVybCI6Imh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzE5ODEzNzc3NjQ5NyJ9","signature":"A6mP41EzIMg2PEl5B0lFEugqpXkSKG-Txg00Qi5RBVlL12uUvsZX-g2OBAjq_-AIBancVuLYonVdMbyh-5NkjA"}***END
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 0] HTTP/1.1 200 OK
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Server: nginx
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Date: Wed, 25 Jan 2023 15:15:32 GMT
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Content-Type: application/json
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Content-Length: 805
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Connection: close
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Boulder-Requester: 933151817
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Cache-Control: public, max-age=0, no-cache
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Replay-Nonce: 371C4NQX9M9yfK8fYZZc3X3Q4yr6q3_AQEjqA-SAU3WUxjg
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] X-Frame-Options: DENY
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Strict-Transport-Security: max-age=604800
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] 
<25-01-2023 09:15:32> ACME [Trace] Account auth for [mediatemp.codarus.com] is: {
<25-01-2023 09:15:32> ACME [Trace]   "identifier": {
<25-01-2023 09:15:32> ACME [Trace]     "type": "dns",
<25-01-2023 09:15:32> ACME [Trace]     "value": "mediatemp.codarus.com"
<25-01-2023 09:15:32> ACME [Trace]   },
<25-01-2023 09:15:32> ACME [Trace]   "status": "pending",
<25-01-2023 09:15:32> ACME [Trace]   "expires": "2023-02-01T15:15:32Z",
<25-01-2023 09:15:32> ACME [Trace]   "challenges": [
<25-01-2023 09:15:32> ACME [Trace]     {
<25-01-2023 09:15:32> ACME [Trace]       "type": "http-01",
<25-01-2023 09:15:32> ACME [Trace]       "status": "pending",
<25-01-2023 09:15:32> ACME [Trace]       "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/198137776497/o7lRtw",
<25-01-2023 09:15:32> ACME [Trace]       "token": "3mV-9g2hh8MFY6ba6a31aGuRYeCbrgN8xcJzyq9x_OE"
<25-01-2023 09:15:32> ACME [Trace]     },
<25-01-2023 09:15:32> ACME [Trace]     {
<25-01-2023 09:15:32> ACME [Trace]       "type": "dns-01",
<25-01-2023 09:15:32> ACME [Trace]       "status": "pending",
<25-01-2023 09:15:32> ACME [Trace]       "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/198137776497/J26vwQ",
<25-01-2023 09:15:32> ACME [Trace]       "token": "3mV-9g2hh8MFY6ba6a31aGuRYeCbrgN8xcJzyq9x_OE"
<25-01-2023 09:15:32> ACME [Trace]     },
<25-01-2023 09:15:32> ACME [Trace]     {
<25-01-2023 09:15:32> ACME [Trace]       "type": "tls-alpn-01",
<25-01-2023 09:15:32> ACME [Trace]       "status": "pending",
<25-01-2023 09:15:32> ACME [Trace]       "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/198137776497/hvjLjg",
<25-01-2023 09:15:32> ACME [Trace]       "token": "3mV-9g2hh8MFY6ba6a31aGuRYeCbrgN8xcJzyq9x_OE"
<25-01-2023 09:15:32> ACME [Trace]     }
<25-01-2023 09:15:32> ACME [Trace]   ]
<25-01-2023 09:15:32> ACME [Trace] }
<25-01-2023 09:15:32> ACME [Trace] make_jws, payload: {}
<25-01-2023 09:15:32> ACME [Trace] make_jws, extra: {"kid":"https://acme-v02.api.letsencrypt.org/acme/acct/933151817","nonce":"371C4NQX9M9yfK8fYZZc3X3Q4yr6q3_AQEjqA-SAU3WUxjg","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/198137776497/o7lRtw"}
<25-01-2023 09:15:32> ACME [Trace] Starting challenge https://acme-v02.api.letsencrypt.org/acme/chall-v3/198137776497/o7lRtw...
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] Connecting to acme-v02.api.letsencrypt.org:443
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] Certificate is trusted: yes
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] add_to_buffer()/request: POST /acme/chall-v3/198137776497/o7lRtw HTTP/1.1
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] Connection: close
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] Content-length: 423
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] Content-Type: application/jose+json
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] Host: acme-v02.api.letsencrypt.org
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] User-Agent: FileZilla-Server/1.6.5
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] {"payload":"e30","protected":"eyJhbGciOiJFUzI1NiIsImtpZCI6Imh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTMzMTUxODE3Iiwibm9uY2UiOiIzNzFDNE5RWDlNOXlmSzhmWVpaYzNYM1E0eXI2cTNfQVFFanFBLVNBVTNXVXhqZyIsInVybCI6Imh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzE5ODEzNzc3NjQ5Ny9vN2xSdHcifQ","signature":"vX5hSLMgi8i3xflF61s9Xz-FW9xEQhPozjf3OjbZe7vyIpM_jPdin-s14BjeE_a-cPefqDapFHFvyCSJbS7G_A"}***END
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 0] HTTP/1.1 200 OK
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Server: nginx
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Date: Wed, 25 Jan 2023 15:15:32 GMT
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Content-Type: application/json
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Content-Length: 187
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Connection: close
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Boulder-Requester: 933151817
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Cache-Control: public, max-age=0, no-cache
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Link: <https://acme-v02.api.letsencrypt.org/acme/authz-v3/198137776497>;rel="up"
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/198137776497/o7lRtw
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Replay-Nonce: 853FBzEIXC9aJKEPDKuF8-snj6kPL91YFYn0qhZlkdaR82g
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] X-Frame-Options: DENY
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] Strict-Transport-Security: max-age=604800
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] [Status: 1] 
<25-01-2023 09:15:32> ACME [Trace] Challenge started: {
<25-01-2023 09:15:32> ACME [Trace]   "type": "http-01",
<25-01-2023 09:15:32> ACME [Trace]   "status": "pending",
<25-01-2023 09:15:32> ACME [Trace]   "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/198137776497/o7lRtw",
<25-01-2023 09:15:32> ACME [Trace]   "token": "3mV-9g2hh8MFY6ba6a31aGuRYeCbrgN8xcJzyq9x_OE"
<25-01-2023 09:15:32> ACME [Trace] }
<25-01-2023 09:15:32> ACME [Trace] make_jws, payload: 
<25-01-2023 09:15:32> ACME [Trace] make_jws, extra: {"kid":"https://acme-v02.api.letsencrypt.org/acme/acct/933151817","nonce":"853FBzEIXC9aJKEPDKuF8-snj6kPL91YFYn0qhZlkdaR82g","url":"https://acme-v02.api.letsencrypt.org/acme/authz-v3/198137776497"}
<25-01-2023 09:15:32> ACME [Trace] Polling https://acme-v02.api.letsencrypt.org/acme/authz-v3/198137776497...
<25-01-2023 09:15:32> ACME/HTTP Client [Trace] Connecting to acme-v02.api.letsencrypt.org:443
<25-01-2023 09:15:33> ACME/HTTP Client [Trace] Certificate is trusted: yes
<25-01-2023 09:15:33> ACME/HTTP Client [Trace] add_to_buffer()/request: POST /acme/authz-v3/198137776497 HTTP/1.1
<25-01-2023 09:15:33> ACME/HTTP Client [Trace] Connection: close
<25-01-2023 09:15:33> ACME/HTTP Client [Trace] Content-length: 410
<25-01-2023 09:15:33> ACME/HTTP Client [Trace] Content-Type: application/jose+json
<25-01-2023 09:15:33> ACME/HTTP Client [Trace] Host: acme-v02.api.letsencrypt.org
<25-01-2023 09:15:33> ACME/HTTP Client [Trace] User-Agent: FileZilla-Server/1.6.5
<25-01-2023 09:15:33> ACME/HTTP Client [Trace] {"payload":"","protected":"eyJhbGciOiJFUzI1NiIsImtpZCI6Imh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTMzMTUxODE3Iiwibm9uY2UiOiI4NTNGQnpFSVhDOWFKS0VQREt1Rjgtc25qNmtQTDkxWUZZbjBxaFpsa2RhUjgyZyIsInVybCI6Imh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzE5ODEzNzc3NjQ5NyJ9","signature":"_BRMlpkMaWxAoNs-QX8IrRSrVI320EGvZK1sMgWlp2HjEvGl5VFgp7-EWAHMMA1lKG4SCyfdrszoCadG34fUoA"}***END
<25-01-2023 09:15:35> ACME/HTTP Client [Trace] [Status: 0] HTTP/1.1 200 OK
<25-01-2023 09:15:35> ACME/HTTP Client [Trace] [Status: 1] Server: nginx
<25-01-2023 09:15:35> ACME/HTTP Client [Trace] [Status: 1] Date: Wed, 25 Jan 2023 15:15:33 GMT
<25-01-2023 09:15:35> ACME/HTTP Client [Trace] [Status: 1] Content-Type: application/json
<25-01-2023 09:15:35> ACME/HTTP Client [Trace] [Status: 1] Content-Length: 1052
<25-01-2023 09:15:35> ACME/HTTP Client [Trace] [Status: 1] Connection: close
<25-01-2023 09:15:35> ACME/HTTP Client [Trace] [Status: 1] Boulder-Requester: 933151817
<25-01-2023 09:15:35> ACME/HTTP Client [Trace] [Status: 1] Cache-Control: public, max-age=0, no-cache
<25-01-2023 09:15:35> ACME/HTTP Client [Trace] [Status: 1] Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
<25-01-2023 09:15:35> ACME/HTTP Client [Trace] [Status: 1] Replay-Nonce: A5FElaaJlIHpugHSNH95oWNuDCH-BdKUfRM1XeXpZG9_8t4
<25-01-2023 09:15:35> ACME/HTTP Client [Trace] [Status: 1] X-Frame-Options: DENY
<25-01-2023 09:15:35> ACME/HTTP Client [Trace] [Status: 1] Strict-Transport-Security: max-age=604800
<25-01-2023 09:15:35> ACME/HTTP Client [Trace] [Status: 1] 
<25-01-2023 09:15:35> ACME [Trace] Account auth for [mediatemp.codarus.com] is: {
<25-01-2023 09:15:35> ACME [Trace]   "identifier": {
<25-01-2023 09:15:35> ACME [Trace]     "type": "dns",
<25-01-2023 09:15:35> ACME [Trace]     "value": "mediatemp.codarus.com"
<25-01-2023 09:15:35> ACME [Trace]   },
<25-01-2023 09:15:35> ACME [Trace]   "status": "invalid",
<25-01-2023 09:15:35> ACME [Trace]   "expires": "2023-02-01T15:15:32Z",
<25-01-2023 09:15:35> ACME [Trace]   "challenges": [
<25-01-2023 09:15:35> ACME [Trace]     {
<25-01-2023 09:15:35> ACME [Trace]       "type": "http-01",
<25-01-2023 09:15:35> ACME [Trace]       "status": "invalid",
<25-01-2023 09:15:35> ACME [Trace]       "error": {
<25-01-2023 09:15:35> ACME [Trace]         "type": "urn:ietf:params:acme:error:unauthorized",
<25-01-2023 09:15:35> ACME [Trace]         "detail": "35.225.49.228: Invalid response from http://mediatemp.codarus.com/.well-known/acme-challenge/3mV-9g2hh8MFY6ba6a31aGuRYeCbrgN8xcJzyq9x_OE: 404",
<25-01-2023 09:15:35> ACME [Trace]         "status": 403
<25-01-2023 09:15:35> ACME [Trace]       },
<25-01-2023 09:15:35> ACME [Trace]       "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/198137776497/o7lRtw",
<25-01-2023 09:15:35> ACME [Trace]       "token": "3mV-9g2hh8MFY6ba6a31aGuRYeCbrgN8xcJzyq9x_OE",
<25-01-2023 09:15:35> ACME [Trace]       "validationRecord": [
<25-01-2023 09:15:35> ACME [Trace]         {
<25-01-2023 09:15:35> ACME [Trace]           "url": "http://mediatemp.codarus.com/.well-known/acme-challenge/3mV-9g2hh8MFY6ba6a31aGuRYeCbrgN8xcJzyq9x_OE",
<25-01-2023 09:15:35> ACME [Trace]           "hostname": "mediatemp.codarus.com",
<25-01-2023 09:15:35> ACME [Trace]           "port": "80",
<25-01-2023 09:15:35> ACME [Trace]           "addressesResolved": [
<25-01-2023 09:15:35> ACME [Trace]             "35.225.49.228"
<25-01-2023 09:15:35> ACME [Trace]           ],
<25-01-2023 09:15:35> ACME [Trace]           "addressUsed": "35.225.49.228"
<25-01-2023 09:15:35> ACME [Trace]         }
<25-01-2023 09:15:35> ACME [Trace]       ],
<25-01-2023 09:15:35> ACME [Trace]       "validated": "2023-01-25T15:15:32Z"
<25-01-2023 09:15:35> ACME [Trace]     }
<25-01-2023 09:15:35> ACME [Trace]   ]
<25-01-2023 09:15:35> ACME [Trace] }
<25-01-2023 09:15:35> Administration Server [Error] Error processing generate_acme_certificate: {
<25-01-2023 09:15:35> Administration Server [Error]   "detail": "35.225.49.228: Invalid response from http://mediatemp.codarus.com/.well-known/acme-challenge/3mV-9g2hh8MFY6ba6a31aGuRYeCbrgN8xcJzyq9x_OE: 404",
<25-01-2023 09:15:35> Administration Server [Error]   "status": 403,
<25-01-2023 09:15:35> Administration Server [Error]   "type": "urn:ietf:params:acme:error:unauthorized"
<25-01-2023 09:15:35> Administration Server [Error] }

User avatar
oibaf
Contributor
Posts: 398
Joined: 2021-07-16 21:02
First name: Fabio
Last name: Alemagna

Re: Unable to create Let's Encrypt cert

#6 Post by oibaf » 2023-01-26 13:41

I've tried to reproduce your issue, and turns out it might be due to the web server not serving files whose names have no extension.

As a test, try to create your own test file without an extension and see if you can or cannot download it. If you can't, then we've found the issue.

Don't know much about IIS, but this is what I found with a fast search: https://stackoverflow.com/questions/199 ... -extension

Post Reply