OPNsense Forum
Archive => 19.1 Legacy Series => Topic started by: Julien on April 26, 2019, 01:48:43 pm
-
Hi guys,
today one of our box did not update the ssl, the box is on the latest 19.1.6 and the error
[Fri Apr 26 13:43:30 CEST 2019] code='400'
[Fri Apr 26 13:43:30 CEST 2019] _ret='0'
[Fri Apr 26 13:43:29 CEST 2019] _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header -g '
[Fri Apr 26 13:43:29 CEST 2019] _post_url='https://acme-v01.api.letsencrypt.org/acme/challenge/3YVe4DMKwJeRXfLY-x9xS3kdr3DCv-dn7ArcFsVRRO63iY/15188266849'
[Fri Apr 26 13:43:29 CEST 2019] POST
[Fri Apr 26 13:43:29 CEST 2019] payload='{"resource": "challenge", "type": "", "keyAuthorization": "lJ_wTNXzdXDNMS1lgR4b0vl5f5DUQn7kppJvAS6AnX0.32so50xaPXcmog6OgZZYPYbheGhgZAvN-dlCiRtTScQ0"}'
[Fri Apr 26 13:43:29 CEST 2019] url='https://acme-v01.api.letsencrypt.org/acme/challenge/3YVe4wJeRXfLY-x9xS543kdr3DCv-dn7ArcFsVRRO63iY/15188266849'
[Fri Apr 26 13:43:29 CEST 2019] Please check log file for more details: /var/log/acme.sh.log
[Fri Apr 26 13:43:29 CEST 2019] _on_issue_err
[Fri Apr 26 13:43:29 CEST 2019] skip dns.
[Fri Apr 26 13:43:29 CEST 2019] vlist='Firewall.gislaved.org#lJ_wTNXzdXDNMS1lgR4b0vl5f5DUMQn7kppJvACFS6AnX0.32so5xaPXcmog6OgZZYPYbheGhgZAvN-dlCiRtTScQ0#https://acme-v01.api.letsencrypt.org/acme/challenge/3YVe4wJeRXfLY-x9xS3kdr3DCv-dn7ArcFsVRRO63iY/15188266849#http-01#/var/etc/acme-client/challenges,'
[Fri Apr 26 13:43:29 CEST 2019] dnsadded
[Fri Apr 26 13:43:29 CEST 2019] _clearupdns
[Fri Apr 26 13:43:29 CEST 2019] No need to restore nginx, skip.
[Fri Apr 26 13:43:29 CEST 2019] pid
however older box has renew their certificate fine,
-
I have exactly the same problem. My full log is at: https://gist.github.com/cimnine/39a2da0c007861e119d9384a1e30c1b3
-
I can't offer any details or analysis, but I have found this script to be quite unreliable, requiring several reruns before it worked. Unfortunately you'll be hitting rate-limits on the production environment real soon if you try too often.