Challenge marked as invalid

kelunik / acme-client

Let's Encrypt / ACME client written in PHP for the CLI.

MIT License

392 stars 45 forks source link

Challenge marked as invalid #70

Open yamenarahman opened 6 years ago

yamenarahman commented 6 years ago

I have a shared host with godaddy with multiple domains, I was able to generate a certificate successfully with one domain however when I run

php bin/acme issue --domains domain.com:www.domain.com --path /home/my-user/public_html/domain.com:/home/my-user/public_html/domain.com --server letsencrypt

I got this

Providing payload at http://domain.com/.well-known/acme-challenge/uEL7i6-Yv36qf2H5-U6AquxvJztONBlqlqal42eA9lo
    Providing payload at http://www.domain.com/.well-known/acme-challenge/5nigAHYUYuKbeccW1pVs0J4h-mQNVwca51ES5MrCIyo
Kelunik\Acme\AcmeException: Challenge marked as invalid! in /home/my-user/acme-client/vendor/kelunik/acme/lib/AcmeService.php:234

kelunik commented 6 years ago

This shouldn't usually happen. It means that Let's Encrypt couldn't verify the challenge successfully. Do you have multiple servers behind the domain maybe? Maybe www.domain.com/.well-known/acme-challenge/* gets redirected to domain.com/ instead of keeping the path?

yamenarahman commented 6 years ago

I've got it to work! The problem was with a CAA record in the DNS of this domain, when I removed this record it works fine. Thanks for your response and your great work.

kelunik commented 6 years ago

Thanks for the feedback. I've just created https://github.com/kelunik/acme/issues/30 to improve the error message.

Ronaldo-Cruz-Bastos commented 6 years ago

Hello friends! I am getting the same message but I have no CAA record in my DNS ..

php bin/acme issue --domains mydomain.com:www.mydomain.com --path /home/mydomain/public_html:/home/mydomain/public_html --server letsencrypt

this is the message:

    Providing payload at http://mydomain.com/.well-known/acme-challenge/XfOJqzTTHm2zfu9N1T14oBtiUHvwel48MBcNJUykm-g
    Providing payload at http://mydomain.com/.well-known/acme-challenge/ihUednd1waRzrmWiO-qzi9tqNiEf7hkSSj2opXaITtA

Kelunik\Acme\AcmeException: Challenge marked as invalid! in /home/mydomain/acme-client/vendor/kelunik/acme/lib/AcmeService.php:234

Would you help me?

kelunik commented 6 years ago

I'll see whether there is additional information contained in the response that I can expose.

kelunik commented 6 years ago

@Ronaldo-Cruz-Bastos I've released https://github.com/kelunik/acme-client/releases/tag/v0.3.0-beta.3, which should give a more helpful error message. Please test it and report back whether works. I haven't tested the code myself yet.

Ronaldo-Cruz-Bastos commented 6 years ago

@kelunik
Now displays the following message: Kelunik\Acme\AcmeException: Challenge marked as invalid: Unknown error in /home/mydomain/acme-client/vendor/kelunik/acme/lib/AcmeService.php:246

kelunik commented 6 years ago

@Ronaldo-Cruz-Bastos Thanks for reporting, I kind of expected that it wouldn't work instantly. I'll push another release today in the evening if I don't forget.

kelunik commented 6 years ago

@Ronaldo-Cruz-Bastos I've published a new release that allows running with an environment variable to enable verbose logging. Please run your issue command prefixed with ACME_LOG=1 to set the environment variable. I'll need the latest response from the server to correct the code that builds the error message.