Issues with Dehydrated and Let's Encrypt

Status
Not open for further replies.

smeyer

New Member
Feb 18, 2021
24
0
1
39
New to the forum so please excuse me if I am posting in the wrong area. I am having issues while reissuing my cert. Following some other guides I was successful in making matters worse. I now have some concerns as to if the non-wildcard cert is now also screwed.


root@fusionpbx:/usr/src/fusionpbx-install.sh/debian/resources# ./letsencrypt.sh
Domain Name: *.DOMAIN.com
Email Address: smeyer@DOMAIN.com
fatal: destination path 'dehydrated' already exists and is not an empty directory.
fatal: destination path 'dns-01-manual' already exists and is not an empty directory.
# INFO: Using main config file /etc/dehydrated/config
+ Account already registered!
# INFO: Using main config file /etc/dehydrated/config
Unknown hook "this_hookscript_is_broken__dehydrated_is_working_fine__please_ignore_unknown_hooks_in_your_script"
Unknown hook "startup_hook"
Processing *.DOMAIN.com
+ Creating new directory /etc/dehydrated/certs/DOMAIN.com ...
Unknown hook "this_hookscript_is_broken__dehydrated_is_working_fine__please_ignore_unknown_hooks_in_your_script"
+ Signing domains...
+ Generating private key...
+ Generating signing request...
+ Requesting new certificate order from CA...
+ Received 1 authorizations URLs from the CA
+ Handling authorization for DOMAIN.com
+ 1 pending challenge(s)
+ Deploying challenge tokens...

Add the following to the zone definition of DOMAIN.com:
_acme-challenge.DOMAIN.com. IN TXT "Gkm_ul2iwCpj_wfnU_VnQuL8a_XXi887-H4LPlVAsO4"

Press enter to continue...

+ Responding to challenge for DOMAIN.com authorization...
Unknown hook "invalid_challenge"
+ Cleaning challenge tokens...

Now you can remove the following from the zone definition of DOMAIN.com:
_acme-challenge.DOMAIN.com. IN TXT "Gkm_ul2iwCpj_wfnU_VnQuL8a_XXi887-H4LPlVAsO4"

Press enter to continue...

+ Challenge validation has failed :(
ERROR: Challenge is invalid! (returned: invalid) (result: {
"type": "dns-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "Incorrect TXT record \"MNzK6kBvycgqnrPVLse-ItGAlWQtlRDTPhlvgELG4L8\" found at _acme-challenge.DOMAIN.com",
"status": 403
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/10977451680/OLpc4A",
"token": "t67GH3_82ej4wBXdy-BmcIgJNEf6vF763NyEVn6zC9U"
})
Challenge is invalid! (returned: invalid) (result: {
"type": "dns-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "Incorrect TXT record \"MNzK6kBvycgqnrPVLse-ItGAlWQtlRDTPhlvgELG4L8\" found at _acme-challenge.DOMAIN.com",
"status": 403
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/10977451680/OLpc4A",
"token": "t67GH3_82ej4wBXdy-BmcIgJNEf6vF763NyEVn6zC9U"
})
nginx: [emerg] BIO_new_file("/etc/dehydrated/certs/DOMAIN.com/fullchain.pem") failed (SSL: error:02001002:system library:fop en:No such file or directory:fopen('/etc/dehydrated/certs/DOMAIN.com/fullchain.pem','r') error:2006D080:BIO routines:BIO_new _file:no such file)
nginx: configuration file /etc/nginx/nginx.conf test failed
cat: /etc/dehydrated/certs/DOMAIN.com/fullchain.pem: No such file or directory
cat: /etc/dehydrated/certs/DOMAIN.com/privkey.pem: No such file or directory
cp: cannot stat '/etc/dehydrated/certs/DOMAIN.com/cert.pem': No such file or directory
cp: cannot stat '/etc/dehydrated/certs/DOMAIN.com/chain.pem': No such file or directory
cp: cannot stat '/etc/dehydrated/certs/DOMAIN.com/fullchain.pem': No such file or directory
cp: cannot stat '/etc/dehydrated/certs/DOMAIN.com/privkey.pem': No such file or directory
 

Andyd358

Member
Aug 23, 2018
260
9
18
55
UK
New to the forum so please excuse me if I am posting in the wrong area. I am having issues while reissuing my cert. Following some other guides I was successful in making matters worse. I now have some concerns as to if the non-wildcard cert is now also screwed.


root@fusionpbx:/usr/src/fusionpbx-install.sh/debian/resources# ./letsencrypt.sh
Domain Name: *.DOMAIN.com
Email Address: smeyer@DOMAIN.com
fatal: destination path 'dehydrated' already exists and is not an empty directory.
fatal: destination path 'dns-01-manual' already exists and is not an empty directory.
# INFO: Using main config file /etc/dehydrated/config
+ Account already registered!
# INFO: Using main config file /etc/dehydrated/config
Unknown hook "this_hookscript_is_broken__dehydrated_is_working_fine__please_ignore_unknown_hooks_in_your_script"
Unknown hook "startup_hook"
Processing *.DOMAIN.com
+ Creating new directory /etc/dehydrated/certs/DOMAIN.com ...
Unknown hook "this_hookscript_is_broken__dehydrated_is_working_fine__please_ignore_unknown_hooks_in_your_script"
+ Signing domains...
+ Generating private key...
+ Generating signing request...
+ Requesting new certificate order from CA...
+ Received 1 authorizations URLs from the CA
+ Handling authorization for DOMAIN.com
+ 1 pending challenge(s)
+ Deploying challenge tokens...

Add the following to the zone definition of DOMAIN.com:
_acme-challenge.DOMAIN.com. IN TXT "Gkm_ul2iwCpj_wfnU_VnQuL8a_XXi887-H4LPlVAsO4"

Press enter to continue...

+ Responding to challenge for DOMAIN.com authorization...
Unknown hook "invalid_challenge"
+ Cleaning challenge tokens...

Now you can remove the following from the zone definition of DOMAIN.com:
_acme-challenge.DOMAIN.com. IN TXT "Gkm_ul2iwCpj_wfnU_VnQuL8a_XXi887-H4LPlVAsO4"

Press enter to continue...

+ Challenge validation has failed :(
ERROR: Challenge is invalid! (returned: invalid) (result: {
"type": "dns-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "Incorrect TXT record \"MNzK6kBvycgqnrPVLse-ItGAlWQtlRDTPhlvgELG4L8\" found at _acme-challenge.DOMAIN.com",
"status": 403
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/10977451680/OLpc4A",
"token": "t67GH3_82ej4wBXdy-BmcIgJNEf6vF763NyEVn6zC9U"
})
Challenge is invalid! (returned: invalid) (result: {
"type": "dns-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "Incorrect TXT record \"MNzK6kBvycgqnrPVLse-ItGAlWQtlRDTPhlvgELG4L8\" found at _acme-challenge.DOMAIN.com",
"status": 403
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/10977451680/OLpc4A",
"token": "t67GH3_82ej4wBXdy-BmcIgJNEf6vF763NyEVn6zC9U"
})
nginx: [emerg] BIO_new_file("/etc/dehydrated/certs/DOMAIN.com/fullchain.pem") failed (SSL: error:02001002:system library:fop en:No such file or directory:fopen('/etc/dehydrated/certs/DOMAIN.com/fullchain.pem','r') error:2006D080:BIO routines:BIO_new _file:no such file)
nginx: configuration file /etc/nginx/nginx.conf test failed
cat: /etc/dehydrated/certs/DOMAIN.com/fullchain.pem: No such file or directory
cat: /etc/dehydrated/certs/DOMAIN.com/privkey.pem: No such file or directory
cp: cannot stat '/etc/dehydrated/certs/DOMAIN.com/cert.pem': No such file or directory
cp: cannot stat '/etc/dehydrated/certs/DOMAIN.com/chain.pem': No such file or directory
cp: cannot stat '/etc/dehydrated/certs/DOMAIN.com/fullchain.pem': No such file or directory
cp: cannot stat '/etc/dehydrated/certs/DOMAIN.com/privkey.pem': No such file or directory
Did you ever resolve this issue I'm having the same errors.
 
Status
Not open for further replies.