Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

More issues with letsencrypt

Scheduled Pinned Locked Moved Solved Support
letsencryptcertificates
7 Posts 4 Posters 193 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • S Offline
    S Offline
    seanmahrt
    wrote on last edited by girish
    #1

    Not 100% sure this is identical to the other issues.. Yeah, I've got 7.3.6 loaded on there. cloudron is not able to renew any of my certs for the sub-applications. I've not changed anything as of recent, just noticed my domain didn't go anywhere.... I hit the "renew certs" button hoping it'd clear out the issue, but no dice.... where to next?

    (I cleared out the unique tokens/nonce. I assume they're one shot but wasn't 100% sure)

    Feb 05 10:19:48 box:cert/acme2 sendSignedRequest: using nonce --- for url https://acme-v02.api.letsencrypt.org/acme/chall-v3/201074202356/5rIrmw
    Feb 05 10:19:48 box:cert/acme2 waitForChallenge: status is "pending" "{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/201074202356/5rIrmw","token":"--"}"
    Feb 05 10:19:48 box:cert/acme2 Attempt 3 failed. Will retry: Challenge is in pending state
    Feb 05 10:20:08 box:cert/acme2 waitingForChallenge: getting status
    Feb 05 10:20:08 box:cert/acme2 sendSignedRequest: using nonce -- for url https://acme-v02.api.letsencrypt.org/acme/chall-v3/201074202356/5rIrmw
    Feb 05 10:20:09 box:cert/acme2 waitForChallenge: status is "invalid" "{"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"173.29.155.194: Invalid response from http://smoke.littleappleservice.com/.well-known/acme-challenge/--: 504","status":403},"url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/201074202356/5rIrmw","token":"--","validationRecord":[{"url":"http://smoke.littleappleservice.com/.well-known/acme-challenge/--","hostname":"smoke.littleappleservice.com","port":"80","addressesResolved":["173.29.155.194"],"addressUsed":"173.29.155.194"}],"validated":"2023-02-05T16:19:06Z"}"
    Feb 05 10:20:09 box:cert/acme2 Attempt 4 failed. Will retry: Unexpected status when waiting for challenge: invalid

    girishG 1 Reply Last reply
    1
  • J Offline
    J Offline
    jayonrails translator
    wrote on last edited by
    #2

    Does it happen to all domains or just a specific one?

    jdaviescoatesJ 1 Reply Last reply
    1
  • girishG girish marked this topic as a question on
  • jdaviescoatesJ Offline
    jdaviescoatesJ Offline
    jdaviescoates
    replied to jayonrails on last edited by
    #3

    @jayonrails said in More issues with letsencrypt:

    Does it happen to all domains or just a specific one?

    and what DNS provider/ set-up?

    I use Cloudron with Gandi & Hetzner

    S 1 Reply Last reply
    0
  • S Offline
    S Offline
    seanmahrt
    replied to jdaviescoates on last edited by
    #4

    @jdaviescoates said in More issues with letsencrypt:

    @jayonrails said in More issues with letsencrypt:

    Does it happen to all domains or just a specific one?

    and what DNS provider/ set-up?

    both domains, and I use manual (namecheap), which has not changed. DNS is still resolving.

    It's a cname, to an A record that is driven by namecheap dynamic name. been working for over 2 years...

    1 Reply Last reply
    0
  • girishG Offline
    girishG Offline
    girish Staff
    replied to seanmahrt on last edited by
    #5

    @seanmahrt strange, we haven't changed anything in the LE code itself (since quite a while). Do you think you can write to us at support@cloudron.io ? Have to debug further to understand what the issue is. Could also be a temporary Let's Encrypt issue.

    S 1 Reply Last reply
    0
  • S Offline
    S Offline
    seanmahrt
    replied to girish on last edited by
    #6

    @girish just sent email. Also tried refresh today and still same behavior...

    Sean

    1 Reply Last reply
    1
  • S Offline
    S Offline
    seanmahrt
    wrote on last edited by
    #7

    Found it with help of tech support... HSTS locally was masking an issue where my port 80 forwarding was broken. fixed that and the certs renewed just fine.. 🙂

    R 1 Reply Last reply
    2
  • S seanmahrt has marked this topic as solved on
  • girishG girish forked this topic on
  • girishG girish locked this topic on

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.