Comments (13)
What you can try out is a Thread.sleep(3000L)
before challenge.trigger()
. Anyway, the reason for the error is that Let's Encrypt was unable to access your challenge file. The problem is related with your server setup or your implementation, and is out of scope of this issue. Please understand that I don't have the time to debug that problem for you, but you should find everything you need in this issue.
I will close this ticket now, since the problem is not related to acme4j.
from acme4j.
The Order
object also stores an error if it failed. Can you add a getError()
to the log, e.g. like that?
if (order.getStatus() == Status.INVALID) {
LOG.error("Order has failed, reason: {}", order.getError());
LOG.error(order.getError().toString());
throw new AcmeException("Order failed... Giving up.");
}
It should then log the reason why the order is invalid.
from acme4j.
I didn't throw any exceptions during the authorization process.
Line 437 is printed 10 times with the error message "status=INVALID, Challenge failed... Giving up."
And then after authoriz(auth) is done, this method [order.execute(csrb.getEncoded())] should have an exception.
The exception message is: "org. shredzone. acme4j. exception. AcmeServerException: Order 's status (" invalid") is not acceptable for finalization".
So I can't print 264 lines, I can't print order.getError()
from acme4j.
OK, it wasn't clear to me that the challenge is failing. Please change your code in line 436-439 like this:
if (status == Status.INVALID) {
Debug.logInfo("authorize-domainName=%s, status=%s, Challenge failed... Giving up.", module, domain, status);
Debug.logError("authorize-domainName=%s, reason=%s", module, domain, challenge.getError());
throw new AcmeException("Challenge failed.. Giving up");
}
challenge.getError()
will give you the reason for why your challenge has failed. That's in the example, too.
from acme4j.
I saw this challenge.getError : "status=INVALID, error=2a02:4780:3:696:0:aae:4af9:1: Invalid response from http://almanostore.com/.well-known/acme-challenge/qjUxh0eAfFpFAUrkfc8g4yxzw_q5bg_vYcftlXlac7M: 404, Challenge failed... Giving up."
I might know what went wrong. but I didn't know why it didn't work. Was it because I configured ipv6?
from acme4j.
I don't think it's related to the IPv6 configuration.
The error means that Let's Encrypt has tried to access your HTTP challenge at http://almanostore.com/.well-known/acme-challenge/qjUxh0eAfFpFAUrkfc8g4yxzw_q5bg_vYcftlXlac7M, but got a 404 from your web server instead of the challenge response.
You should check that the response file is reachable from public. Is your web server configured properly to deliver the file? Also it must be available there before you invoke challenge.trigger()
, and it must be there until the challenge is completed (either in VALID
or INVALID
state).
from acme4j.
However, my other test domain name is able to generate the certificate correctly, and path is accessible to the public network.
I access this path on the Internet and can download the file. http://almanostore.com/.well-known/acme-challenge/qjUxh0eAfFpFAUrkfc8g4yxzw_q5bg_vYcftlXlac7M
from acme4j.
Well, all I can tell you is that Let's Encrypt couldn't download the file, but got a 404.
A common problem is that challenge.trigger()
is invoked too early. Let's Encrypt may access the file as soon as challenge.trigger()
is invoked. If your web server is not ready yet (e.g. because the file has not been written yet, or needs to be replicated first), you will get this error.
from acme4j.
oh, can I make the thread wait a few seconds before calling challenge.trigger() ?Maybe can solve this problem?
from acme4j.
It depends on your implementation. But it's surely worth a try.
from acme4j.
I forgot to show you the code for the challenge. I wrote this file after the findChallenge() method. It should be okay, right?
from acme4j.
Generally it looks good to me.
On a side node: Your bufferedWriter
is not closed. This is not the cause for the problem because you do a bufferedWriter.flush()
. However you should prefer constructs like try (BufferedWriter bufferedWriter = new BufferedWriter(new FileWriter(file))) { ... }
, because it will auto-close your writer at the end of the try block. Also see here: https://docs.oracle.com/javase/tutorial/essential/exceptions/tryResourceClose.html
from acme4j.
I'm sorry. I'm a little bad at it. Where should I call this method [challenge.trigger() ], and how should I change it? Can you teach me? hahaha
from acme4j.
Related Issues (20)
- Remove service loader mechanism HOT 3
- Did you find any provider for RFC8823 support / email-reply-00 challenges? HOT 4
- The challenge status is always "INVALID" HOT 5
- http://${domain}/.well-known/acme-challenge/${token}
- acme4j example is creating zero- length crt files HOT 10
- preferred-chain attribute, for alternate chains HOT 2
- Can only parse traditional files HOT 2
- EAB HMAC keys with arbitrary lengths HOT 5
- CVE-2023-33201 from Bouncy Castle HOT 8
- add utils to do pre validation or help
- How to check if certificate needs renewal without ordering a new one? HOT 8
- Is there a way to keep txt unchanged and verify twice? HOT 2
- New account registration HOT 1
- Bouncy Castel dependency? HOT 9
- Allow to pass query parameters in directory URL HOT 2
- Provide example showing how to save and load existing certificates HOT 2
- AcmeJsonResource#update throws AcmeRetryAfterException even if resource is ready HOT 3
- Abstract away certificate renewal HOT 6
- response is not reading correctly HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from acme4j.