Submitted by gnilebein on Mon, 04/03/2017 - 03:23
Hello,
when i try to request an certificate for a domain i get the following error:
Parsing account key...
Parsing CSR...
Registering account...
Already registered!
Verifying webmail.feuerbiber.de...
webmail.feuerbiber.de verified!
Verifying www.webmail.feuerbiber.de...
www.webmail.feuerbiber.de verified!
Verifying mail.webmail.feuerbiber.de...
Wrote file to /home/feuerbiber.de/domains/webmail.feuerbiber.de/public_html/.well-known/acme-challenge/OMdsehjE0p_iYU2wLnEHeZYJZrXCd1-Vgu8Ap0X_guo, but couldn't download http://mail.webmail.feuerbiber.de/.well-known/acme-challenge/OMdsehjE0p_iYU2wLnEHeZYJZrXCd1-Vgu8Ap0X_guo
Traceback (most recent call last):
File "/usr/share/webmin/webmin/acme_tiny.py", line 203, in <module>
main(sys.argv[1:])
File "/usr/share/webmin/webmin/acme_tiny.py", line 199, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca)
File "/usr/share/webmin/webmin/acme_tiny.py", line 154, in get_crt
domain, challenge_status))
ValueError: mail.webmail.feuerbiber.de challenge did not pass: {u'status': u'invalid', u'validationRecord': [{u'url': u'http://mail.webmail.feuerbiber.de/.well-known/acme-challenge/OMdsehjE0p_iYU2wLnEHeZYJZrXCd1-Vgu8Ap0X_guo', u'hostname': u'mail.webmail.feuerbiber.de', u'addressUsed': u'', u'port': u'80', u'addressesResolved': []}], u'keyAuthorization': u'OMdsehjE0p_iYU2wLnEHeZYJZrXCd1-Vgu8Ap0X_guo.kQAPzMel9ln5klX00ERlRvulFO9VE8DfmkAIqozXuY4', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/O900SjSYoDh7JlIg5uZbjwXv5_Apq9A9oFn76FTy2nQ/946378824', u'token': u'OMdsehjE0p_iYU2wLnEHeZYJZrXCd1-Vgu8Ap0X_guo', u'error': {u'status': 400, u'type': u'urn:acme:error:connection', u'detail': u'DNS problem: NXDOMAIN looking up A for mail.webmail.feuerbiber.de'}, u'type': u'http-01'}
There a a few irritations and questions at this point.
- I do not use the default DNS Name for MX (Setting in BIND Server Template) --> Why the dns record mail.webmail.feuerbiber.de is set?
- I have disabled mail for the domain webmail.feuerbiber.de --> Why the dns record mail.webmail.feuerbiber.de is set & why is mail.webmail.feuerbiber.de set by default in the request?
- There is no alias in nginx config for mail.webmail.feuerbiber.de. So It will never work without manual adjustment.
Best regards, Patrick Niebeling
Status:
Active
Comments
Submitted by andreychek on Mon, 04/03/2017 - 09:16 Comment #1
You appear to be seeing this bug here:
https://www.virtualmin.com/node/51470
Jamie, can we ship a new package version that corrects this issue? There's a lot of folks who are running into this.
Submitted by JamieCameron on Mon, 04/03/2017 - 17:36 Comment #2
Can this be worked around by just entering
webmail.feuerbiber.deon the Let's Encrypt form rather than using the automatic list of hostnames?Submitted by gnilebein on Tue, 04/04/2017 - 03:38 Comment #3
Sure. this is an possible workaround. But it would be nice if you can fix it soon.