search

go-acme / lego

Let's Encrypt/ACME client and library written in Go
https://go-acme.github.io/lego/
MIT License
7.58k stars 994 forks source link

nearlyfreespeech: always fails with "The authentication hash was not correct" #1998

Closed robryk closed 11 months ago

robryk commented 11 months ago

Welcome

What did you expect to see?

I expected my formerly-working setup that uses nfsn-backed DNS challenge to continue providing me with certs.

What did you see instead?

A failure. See below for the output.

How do you use lego?

Binary

Reproduction steps

Try to use lego's nfsn DNS integration.

(Apologies for my extreme brevity, but I've already debugged it, will send a PR immediately, but want to first file an issue so that people looking for already-reported problems with nfsn integration will be able to find it more easily.)

Version of lego

# /nix/store/81qygbwgkwmxdhccckyzk56nsv98rjjm-lego-4.13.2/bin/lego --version
lego version 4.13.2 linux/amd64

Logs

```console Aug 04 19:05:38 littlemu acme-robryk.org-start[3608336]: + lego --accept-tos --path . -d '*.robryk.org' --email robryk@gmail.com --key-type ec256 --dns nearlyfreespeech --dns.disable-cp renew --no-random-sleep --days 30 Aug 04 19:05:38 littlemu acme-robryk.org-start[3608339]: 2023/08/04 19:05:38 [INFO] [*.robryk.org] acme: Trying renewal with -2151 hours remaining Aug 04 19:05:38 littlemu acme-robryk.org-start[3608339]: 2023/08/04 19:05:38 [INFO] [*.robryk.org] acme: Obtaining bundled SAN certificate Aug 04 19:05:39 littlemu acme-robryk.org-start[3608339]: 2023/08/04 19:05:39 [INFO] [*.robryk.org] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/251929014576 Aug 04 19:05:39 littlemu acme-robryk.org-start[3608339]: 2023/08/04 19:05:39 [INFO] [*.robryk.org] acme: use dns-01 solver Aug 04 19:05:39 littlemu acme-robryk.org-start[3608339]: 2023/08/04 19:05:39 [INFO] [*.robryk.org] acme: Preparing to solve DNS-01 Aug 04 19:05:40 littlemu acme-robryk.org-start[3608339]: 2023/08/04 19:05:40 [INFO] [*.robryk.org] acme: Cleaning DNS-01 challenge Aug 04 19:05:40 littlemu acme-robryk.org-start[3608339]: 2023/08/04 19:05:40 [WARN] [*.robryk.org] acme: cleaning up failed: nearlyfreespeech: The API request could not be authenticated.: The authentication hash was not correct. Aug 04 19:05:40 littlemu acme-robryk.org-start[3608339]: 2023/08/04 19:05:40 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/251929014576 Aug 04 19:05:40 littlemu acme-robryk.org-start[3608339]: 2023/08/04 19:05:40 error: one or more domains had a problem: Aug 04 19:05:40 littlemu acme-robryk.org-start[3608339]: [*.robryk.org] [*.robryk.org] acme: error presenting token: nearlyfreespeech: The API request could not be authenticated.: The authentication hash was not correct. ```

Go environment (if applicable)

```console $ go version && go env # paste output here ```
ldez commented 11 months ago

ping @KittyKatt

Related to https://github.com/go-acme/lego/pull/1652