search

natemcmaster / LettuceEncrypt

Free, automatic HTTPS certificate generation for ASP.NET Core web apps
https://nuget.org/packages/LettuceEncrypt
Apache License 2.0
1.59k stars 154 forks source link

Failed to validate ownership of domain #158

Closed VoIPTools closed 3 years ago

VoIPTools commented 3 years ago

I created a generic ASP.Net API project and I'm following the developer instructions and using ngrok. I keep getting the following error:

fail: LettuceEncrypt.Internal.AcmeCertificateLoader[0] Failed to validate ownership of domainName '0884dd10f800.ngrok.io'. Reason: urn:ietf:params:acme:error:unauthorized: Cannot negotiate ALPN protocol "acme-tls/1" for tls-alpn-01 challenge, Code = Forbidden

I see in ngrok:

GET /.well-known/acme-challenge/PPLGfHvD3OOOPrTjH1f4OrsF-bxgw49HruQYUH7Bses 200 OK

Why?

VoIPTools commented 3 years ago

If I set:

UseStagingServer = true;

Then everything seems to work, except that I don't get a real certificate.

BrnPer commented 3 years ago

I'm also facing this issue 😔 Can somebody help? I have my API running at port 80...

edwinhuish commented 3 years ago

same issue here

natemcmaster commented 3 years ago

Sorry for long delays on responses. I am merging a refactor of domain validation. It has been really hard to test and reproduce these kinds of errors, but I think I found an important thing this library was doing wrong. The fix should be in the 1.1.0 version of this library, which I intended to release soon. Please give the updated and open an new issue if you still have errors.