search

natemcmaster / LettuceEncrypt

Free, automatic HTTPS certificate generation for ASP.NET Core web apps
https://nuget.org/packages/LettuceEncrypt
Apache License 2.0
1.55k stars 152 forks source link

Failed to validate ownership of domainName #296

Open patolax opened 1 month ago

patolax commented 1 month ago

Describe the bug Sample application thorws Failed to validate ownership of domainName when testing with ngrok.

I am using the LettuceEncrypt sample application together with ngrok (ngrok http 80) to test Lets Encrypt certificate creation.

fail: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
      Failed to validate ownership of domainName 't79b-149-167-20-95.ngrok-free.app'. Reason: urn:ietf:params:acme:error:tls: x.xxxx:Xxx:Xx: remote error: tls: no application protocol, Code = BadRequest
trce: LettuceEncrypt.Internal.TlsAlpnChallengeResponder[0]
      Clearing ALPN cert for t79b-149-167-20-95.ngrok-free.app
dbug: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
      Validation with TlsAlpn01DomainValidator failed with error: Failed to validate ownership of domainName 't79b-149-167-20-95.ngrok-free.app'
      System.InvalidOperationException: Failed to validate ownership of domainName 't79b-149-167-20-95.ngrok-free.app'
         at LettuceEncrypt.Internal.DomainOwnershipValidator.WaitForChallengeResultAsync(IAuthorizationContext authorizationContext, CancellationToken cancellationToken) in C:\Users\Desktop\LettuceEncrypt-main\src\LettuceEncrypt\Internal\DomainOwnershipValidator.cs:line 56
my question is how to test the sample application.

To Reproduce Steps to reproduce the behavior:

  1. Use sample web project
  2. RUN ngrok http 80 and get the domain url
  3. Update appsettings
  4. Run the code
  5. Error shown on console

Expected behavior Get certificate

Screenshots If applicable, add screenshots to help explain your problem.

Additional context Add any other context about the problem here.

andywu188 commented 1 month ago

Because you did not add DnsChallengeProvider For example: services.AddLettuceEncrypt().PersistDataToDirectory(new DirectoryInfo(AppContext.BaseDirectory), "abc123456"); services.AddxxxxxxxDnsChallengeProvider();

natemcmaster commented 1 month ago

It has been a long time since I tried playing with ngrok to test this. https://github.com/natemcmaster/LettuceEncrypt/blob/49e2c62ed9107294aca992f128ef37a7efc16b76/test/Integration/README.md contains some instructions which I haven't tried several years. Can you give those steps a try?