search

sjkp / letsencrypt-siteextension

Azure Web App Site Extension for easy installation and configuration of Let's Encrypt issued SSL certifcates for custom domain names.
744 stars 77 forks source link

Failing with Azure Functions v2 and Run From Package #321

Open aaronpowell opened 5 years ago

aaronpowell commented 5 years ago

I've created an Azure Function on the v2 stack that is a reimplementation of a v1 Function that I had.

Because it's v2 I'm now doing pre-compiled rather than loose csx files and deploying via Azure Pipelines.

When I try and use the extension it fails on the final provisioning step, my guess is it's to do with the read-only file system. I'm unsure how to verify if there is a virtual directory created.

If we're using Run From Package (and thus, the virtual directly) do we need to create a Function Proxy still? I have created a proxy none the less.

The error I receive on the final step is:

The Lets Encrypt ACME server was probably unable to reach http://some.domain.i.own/.well-known/acme-challenge/<redacted> view error report from Lets Encrypt at https://acme-v01.api.letsencrypt.org/acme/authz/<redacted> for more information

Here's the output of the error report:

{
  "identifier": {
    "type": "dns",
    "value": "some.domain.i.own.com"
  },
  "status": "invalid",
  "expires": "2019-07-18T06:49:53Z",
  "challenges": [
    {
      "type": "tls-alpn-01",
      "status": "invalid",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/<redacted>/18125454510",
      "token": "<redacted>"
    },
    {
      "type": "dns-01",
      "status": "invalid",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/<redacted>/18125454513",
      "token": "<redacted>"
    },
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:acme:error:unauthorized",
        "detail": "Invalid response from http://some.domain.i.own.com/.well-known/acme-challenge/<redacted> [52.187.229.23]: 404",
        "status": 403
      },
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/1N2bFlxno21PHnB_rXV04_yxYRwJoozukM9dW9azu7o/18125454515",
      "token": "<redacted>",
      "validationRecord": [
        {
          "url": "http://some.domain.i.own.com/.well-known/acme-challenge/<redacted>",
          "hostname": "some.domain.i.own.com",
          "port": "80",
          "addressesResolved": [
            "<redacted>"
          ],
          "addressUsed": "<redacted>"
        }
      ]
    }
  ],
  "combinations": [
    [
      0
    ],
    [
      1
    ],
    [
      2
    ]
  ]
}

So, any thoughts on what the issue is?

ohadschn commented 5 years ago

Have you read this thread? https://github.com/sjkp/letsencrypt-siteextension/issues/239

aaronpowell commented 5 years ago

@ohadschn yep I've had a read through it, the thing that's confusing me is the virtual directory stuff with Functions, I'm not sure if that's supported.

I'm now trying to set the variable to override the path it writes to to be somewhere outside the read-only file system.

Edit: Bugger, that didn't work.