OPNsense Forum

Archive => 22.1 Legacy Series => Topic started by: urmel on January 28, 2022, 06:23:11 pm

Title: ACME Client no longer working after upgrade to 22.1
Post by: urmel on January 28, 2022, 06:23:11 pm

Hi there

Did the upgrade today - new install from scratch and now restoring privious functionality step by step. All is runing fine so far - exept ACME client.
I have a working setup for the RFC2136 service and it runs without any problems and makes updates to dns using the HMAC-MD5 key which is configured on my bind9 server on the internet.
I now set up the ACME client using DNS-01 challenge. I use exactly the same authorization key (HMAC-MD5) which I use in RFC2136 in the field secret key, but when try to issue or renew the certificate I get always "access denied" entries in my logs on the name server. 

Any help and advice is highly welcome
Thanks Urmel

Title: Re: ACME Client no longer working after upgrade to 22.1
Post by: fraenki on January 29, 2022, 10:51:20 am

Set Log Level to "debug" in Services: ACME Client: Settings. Then try again and check the ACME Log in Services: ACME Client: Log Files, it should contain more debug output, maybe you'll find something useful...

Title: Re: ACME Client no longer working after upgrade to 22.1
Post by: urmel on January 30, 2022, 06:52:17 pm

did this already - nothing in the logs that helps further.

Title: Re: ACME Client no longer working after upgrade to 22.1
Post by: astromeier on January 30, 2022, 09:42:29 pm

Here my HTTP-01 challenge setup is working fine...
System- and ACME-Log were active and ok.
I invoked a manual refresh for testing

Title: Re: ACME Client no longer working after upgrade to 22.1
Post by: urmel on January 31, 2022, 11:00:29 am

I use DNS-01 Challenge and this is not working  - was good in 21.x series ... :-(