API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 20th, 2017
175
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 22.90 KB | None | 0 0
raw download clone embed print report
  1.  
  2. root@vps40-vvw:~# certbot -vv
  3. Root logging level set at 0
  4. Saving debug log to /var/log/letsencrypt/letsencrypt.log
  5. certbot version: 0.9.3
  6. Arguments: ['-vv']
  7. Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
  8. Requested authenticator None and installer None
  9. Single candidate plugin: * apache
  10. Description: Apache Web Server plugin - Beta
  11. Interfaces: IAuthenticator, IInstaller, IPlugin
  12. Entry point: apache = certbot_apache.configurator:ApacheConfigurator
  13. Initialized: <certbot_apache.configurator.ApacheConfigurator object at 0xb431b40c>
  14. Prep: True
  15. Selected authenticator <certbot_apache.configurator.ApacheConfigurator object at 0xb431b40c> and installer <certbot_apache.configurator.ApacheConfigurator object at 0xb431b40c>
  16. No names were found in your configuration files. Please enter in your domain
  17. name(s) (comma and/or space separated)  (Enter 'c' to cancel):precode.eu
  18. Picked account: <Account(8c768f87dda8c46c0b28feed79308b13)>
  19. Sending GET request to https://acme-v01.api.letsencrypt.org/directory. args: (), kwargs: {}
  20. Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
  21. "GET /directory HTTP/1.1" 200 352
  22. Received <Response [200]>. Headers: {'Content-Length': '352', 'Expires': 'Mon, 20 Feb 2017 15:47:28 GMT', 'Boulder-Request-Id': 'p_3X8JO5Z4idM9OJSX__5ZvtXqf_cYi2AOgGOi81XOI', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Mon, 20 Feb 2017 15:47:28 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': '3Sqhc3hMVuQUv12C-AGuKq02xjF3udM2PbUVfXc5ObU'}. Content: '{\n  "key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",\n  "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",\n  "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",\n  "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",\n  "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"\n}'
  23. Received response <Response [200]> (headers: {'Content-Length': '352', 'Expires': 'Mon, 20 Feb 2017 15:47:28 GMT', 'Boulder-Request-Id': 'p_3X8JO5Z4idM9OJSX__5ZvtXqf_cYi2AOgGOi81XOI', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Mon, 20 Feb 2017 15:47:28 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': '3Sqhc3hMVuQUv12C-AGuKq02xjF3udM2PbUVfXc5ObU'}): '{\n  "key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",\n  "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",\n  "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",\n  "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",\n  "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"\n}'
  24. Obtaining a new certificate
  25. Requesting fresh nonce
  26. Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {}
  27. "HEAD /acme/new-authz HTTP/1.1" 405 0
  28. Received <Response [405]>. Headers: {'Content-Length': '91', 'Pragma': 'no-cache', 'Boulder-Request-Id': 'dTz8pN1K57pcmPraOcDdBTv-_8lhz1-xLj8RpZtUHA4', 'Expires': 'Mon, 20 Feb 2017 15:47:28 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'Allow': 'POST', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Mon, 20 Feb 2017 15:47:28 GMT', 'Content-Type': 'application/problem+json', 'Replay-Nonce': 'PhElkJEbhMhPEWKJu-rTlZobjHcRymCDHiD0XTy-2Jw'}. Content: ''
  29. Storing nonce: '>\x11%\x90\x91\x1b\x84\xc8O\x11b\x89\xbb\xea\xd3\x95\x9a\x1b\x8cw\x11\xca`\x83\x1e \xf4]<\xbe\xd8\x9c'
  30. Omitted empty fields: status=None, challenges=None, expires=None, combinations=None
  31. Serialized JSON: {"identifier": {"type": "dns", "value": "precode.eu"}, "resource": "new-authz"}
  32. Omitted empty fields: x5c=(), crit=(), x5u=None, x5tS256=None, x5t=None, cty=None, alg=None, jwk=None, kid=None, typ=None, jku=None
  33. Omitted empty fields: x5c=(), crit=(), x5u=None, x5tS256=None, x5t=None, cty=None, nonce=None, kid=None, typ=None, jku=None
  34. Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "vgseNg0c92ujXaTpA7GGbIE_E4DjQpMkGsF-lx_CLd4e5cixsdX81ji9rHYP1XsRFQ-rQAJ7JH31yiwATB0pSpAA_JPktYo9xwYg-CJGZjNMUaw6xX5TnpfjB15QO4ztbdeohadT8FJDXfd7lK454kQPQbD3KS4MJJE-3uWDjBYOQIgPqVyihtb_HpGXyiMJp-y5T5CCVUf1Wem_XEGBGcoIQIoXG_5ddALgHZI6P4lbmeSAG4mxT6ls2rF1lyo0MD76zrggSWC-HgyLm3-HcRawOInQdDtkt520hzOx0g4xsG_DibF-MZ3n_beS2IJAfAct7ne3v5nvRDopBzTNBpURM2eZYdxjtFwJNBC7JcAOr5r-5ct9Rk7OIQv_fbZ88n504mCFlnXan-tNfd8CvnMipD7PoASNctphshfFWOZn1AvHL-XX9wv6Qsi01rH_wYB4sAsX-x2WVsUvMLF0dpjkVc10BtBnxf2y5Y9vYgsgEc0KX0XHX0P1-To2DI_vM5ivccgpWJy_GvzeGX2jrZN52g7Gjk9jV0Gy3NR1B80FhTZJpbep1kdrDqJukJZH-Q1AoVl8rZ9t_Zh_lXID3LKKi2BCLlLiq08qQ1fM5U_k152lapYk27nM1TmNLU4RRB4acaUc1gJcrYLrIzKHv34OfnpJkBRHRbn01ks5Lh8"}}, "protected": "eyJub25jZSI6ICJQaEVsa0pFYmhNaFBFV0tKdS1yVGxab2JqSGNSeW1DREhpRDBYVHktMkp3In0", "payload": "eyJpZGVudGlmaWVyIjogeyJ0eXBlIjogImRucyIsICJ2YWx1ZSI6ICJwcmVjb2RlLmV1In0sICJyZXNvdXJjZSI6ICJuZXctYXV0aHoifQ", "signature": "Z9EDvPanJIs-xiFDGwzyYPIysZgJWAEv_xbxeVDF_gmNfj-l0PCANbQNqrB8aM9ndKhH4GFBbJrR1-ikJbQ5ED0knLzyL0h3-Ip5miOLdHtW1_PI9cmMyUR_zgJTgr-SscScVn7U5mNKXSshGUNqK3c20dfKI386wN0sie_eQq4ufVq7rHrJBI0DWhXn0u_O60U1Ifka6puJ40t5td-DsrriY-Ku7GwkEEFUaoVrJyBQP2RVODLSfebMUN7gbeUCk7qSZdCnAeDfCCQlBsgxqHu4o7MN45Yn5NKMEnteIZG6R-685-aoGCyZJWmxAmmPvr353d8iEJVGJgL7jkMVwmrpNf1zIO0b2HLXDRBegMWu2EjcWHjeXY5tViY0Af6LhbvAruCdMpIRRknA_WQB-Fg2EYjnRAzmytJZKv_elL5DfjVzOEyjrfruIBJZYOqueHNGvTAWn-uaP2Pw305kCFnOvfGNPjwai6x6yTffz1c8WOrtqFQLR3MppG-kN-bsEa3XO30DQjo95j0x38aMYUdtfnBZmZV8fG53KnAyhPUzhLPfpwB3fn66iOqrgQx943PSYX0o7bUtCF7Op1plM7INgGXWdH-aseZob6yDWflUGEw-retRgUxyOXmOUMbTvLEObGVp7YQ07SNzlEM3EFNi6O226RU7f6AD_QAKQC0"}'}
  35. "POST /acme/new-authz HTTP/1.1" 201 995
  36. Received <Response [201]>. Headers: {'Content-Length': '995', 'Expires': 'Mon, 20 Feb 2017 15:47:29 GMT', 'Boulder-Request-Id': 'JgiU0OL-W_aJxascwmYkufSZfsv5920WN5dc9qqk5lw', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE', 'Pragma': 'no-cache', 'Boulder-Requester': '9823849', 'Date': 'Mon, 20 Feb 2017 15:47:29 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'uOvfA3wZmPrfCIV_xEluA9Bk_FFWD_h29qA-DYbqcZU'}. Content: '{\n  "identifier": {\n    "type": "dns",\n    "value": "precode.eu"\n  },\n  "status": "pending",\n  "expires": "2017-02-27T15:47:29.108367989Z",\n  "challenges": [\n    {\n      "type": "dns-01",\n      "status": "pending",\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965355",\n      "token": "8q206VqscQFgpQYC8vVvpKDHBNbtCtXG7E8YuczZkVs"\n    },\n    {\n      "type": "tls-sni-01",\n      "status": "pending",\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965356",\n      "token": "n4wnIQJAujIpx4J5Cswz3ctrOW6VvFhqCz8dBjwyBmg"\n    },\n    {\n      "type": "http-01",\n      "status": "pending",\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965357",\n      "token": "0nhzzOZO-nAgje-xVuFir7GrNdkd-8lqR-Wmvu1BdbU"\n    }\n  ],\n  "combinations": [\n    [\n      1\n    ],\n    [\n      2\n    ],\n    [\n      0\n    ]\n  ]\n}'
  37. Storing nonce: '\xb8\xeb\xdf\x03|\x19\x98\xfa\xdf\x08\x85\x7f\xc4In\x03\xd0d\xfcQV\x0f\xf8v\xf6\xa0>\r\x86\xeaq\x95'
  38. Received response <Response [201]> (headers: {'Content-Length': '995', 'Expires': 'Mon, 20 Feb 2017 15:47:29 GMT', 'Boulder-Request-Id': 'JgiU0OL-W_aJxascwmYkufSZfsv5920WN5dc9qqk5lw', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE', 'Pragma': 'no-cache', 'Boulder-Requester': '9823849', 'Date': 'Mon, 20 Feb 2017 15:47:29 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'uOvfA3wZmPrfCIV_xEluA9Bk_FFWD_h29qA-DYbqcZU'}): '{\n  "identifier": {\n    "type": "dns",\n    "value": "precode.eu"\n  },\n  "status": "pending",\n  "expires": "2017-02-27T15:47:29.108367989Z",\n  "challenges": [\n    {\n      "type": "dns-01",\n      "status": "pending",\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965355",\n      "token": "8q206VqscQFgpQYC8vVvpKDHBNbtCtXG7E8YuczZkVs"\n    },\n    {\n      "type": "tls-sni-01",\n      "status": "pending",\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965356",\n      "token": "n4wnIQJAujIpx4J5Cswz3ctrOW6VvFhqCz8dBjwyBmg"\n    },\n    {\n      "type": "http-01",\n      "status": "pending",\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965357",\n      "token": "0nhzzOZO-nAgje-xVuFir7GrNdkd-8lqR-Wmvu1BdbU"\n    }\n  ],\n  "combinations": [\n    [\n      1\n    ],\n    [\n      2\n    ],\n    [\n      0\n    ]\n  ]\n}'
  39. Performing the following challenges:
  40. tls-sni-01 challenge for precode.eu
  41. Enabled Apache socache_shmcb module
  42. Enabled Apache ssl module
  43. Adding Include /etc/apache2/le_tls_sni_01_cert_challenge.conf to /files/etc/apache2/apache2.conf
  44. writing a config file with text:
  45.  <IfModule mod_ssl.c>
  46. <VirtualHost *:443>
  47.     ServerName 3511df10e39b76499bc376524a480392.c5d60af6db111adac37795731aaa5bea.acme.invalid
  48.     UseCanonicalName on
  49.     SSLStrictSNIVHostCheck on
  50.  
  51.     LimitRequestBody 1048576
  52.  
  53.     Include /etc/letsencrypt/options-ssl-apache.conf
  54.     SSLCertificateFile /var/lib/letsencrypt/n4wnIQJAujIpx4J5Cswz3ctrOW6VvFhqCz8dBjwyBmg.crt
  55.     SSLCertificateKeyFile /var/lib/letsencrypt/n4wnIQJAujIpx4J5Cswz3ctrOW6VvFhqCz8dBjwyBmg.pem
  56.  
  57.     DocumentRoot /var/lib/letsencrypt/tls_sni_01_page/
  58. </VirtualHost>
  59.  
  60. </IfModule>
  61.  
  62. Creating backup of /etc/apache2/apache2.conf
  63. Waiting for verification...
  64. Serialized JSON: {"keyAuthorization": "n4wnIQJAujIpx4J5Cswz3ctrOW6VvFhqCz8dBjwyBmg.6Qef2V4pIdoaMSdBQHgLYj2oBQlF-7rcwduuMGcKPWk", "type": "tls-sni-01", "resource": "challenge"}
  65. Omitted empty fields: x5c=(), crit=(), x5u=None, x5tS256=None, x5t=None, cty=None, alg=None, jwk=None, kid=None, typ=None, jku=None
  66. Omitted empty fields: x5c=(), crit=(), x5u=None, x5tS256=None, x5t=None, cty=None, nonce=None, kid=None, typ=None, jku=None
  67. Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965356. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "vgseNg0c92ujXaTpA7GGbIE_E4DjQpMkGsF-lx_CLd4e5cixsdX81ji9rHYP1XsRFQ-rQAJ7JH31yiwATB0pSpAA_JPktYo9xwYg-CJGZjNMUaw6xX5TnpfjB15QO4ztbdeohadT8FJDXfd7lK454kQPQbD3KS4MJJE-3uWDjBYOQIgPqVyihtb_HpGXyiMJp-y5T5CCVUf1Wem_XEGBGcoIQIoXG_5ddALgHZI6P4lbmeSAG4mxT6ls2rF1lyo0MD76zrggSWC-HgyLm3-HcRawOInQdDtkt520hzOx0g4xsG_DibF-MZ3n_beS2IJAfAct7ne3v5nvRDopBzTNBpURM2eZYdxjtFwJNBC7JcAOr5r-5ct9Rk7OIQv_fbZ88n504mCFlnXan-tNfd8CvnMipD7PoASNctphshfFWOZn1AvHL-XX9wv6Qsi01rH_wYB4sAsX-x2WVsUvMLF0dpjkVc10BtBnxf2y5Y9vYgsgEc0KX0XHX0P1-To2DI_vM5ivccgpWJy_GvzeGX2jrZN52g7Gjk9jV0Gy3NR1B80FhTZJpbep1kdrDqJukJZH-Q1AoVl8rZ9t_Zh_lXID3LKKi2BCLlLiq08qQ1fM5U_k152lapYk27nM1TmNLU4RRB4acaUc1gJcrYLrIzKHv34OfnpJkBRHRbn01ks5Lh8"}}, "protected": "eyJub25jZSI6ICJ1T3ZmQTN3Wm1QcmZDSVZfeEVsdUE5QmtfRkZXRF9oMjlxQS1EWWJxY1pVIn0", "payload": "eyJrZXlBdXRob3JpemF0aW9uIjogIm40d25JUUpBdWpJcHg0SjVDc3d6M2N0ck9XNlZ2RmhxQ3o4ZEJqd3lCbWcuNlFlZjJWNHBJZG9hTVNkQlFIZ0xZajJvQlFsRi03cmN3ZHV1TUdjS1BXayIsICJ0eXBlIjogInRscy1zbmktMDEiLCAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIn0", "signature": "Q0xeLjbPqUY-280QnW2xNZHqsF7KqWme-a31pnI7eqjIcTdvVAngANspeWasLGvSN7mRdsnb2Vw0gNJqrlJ9uYQ_YzXnrVaPejonKB8wZ2EHnW0gNmoWMTSGcTAlGJsrdGxVxv-wyiPf45tygt9PtOod4rhGbuoK7TpUJGBSQ1DrRj2wdSlvoQ60mjqHaFLDx4Bw0MsqIfLrFzr_aLXI6LbenHGzTrHQ7qt6VtiVsfdieAdDbInz-yQWYkMf99qD_PtoYCvmkoUFWx0YgmOf9BZzfl78YeMpM_ZtxbHWyKLwVqVKXCVplXMRi-odtNOrqwNBCFzCbowOdarljQbavwZm7m3mT3th2nothnoHMYaVoX4eIKwCLlk8xvlqFyy4eprvgF637crhfFg1iZdXy-dyuzcwMnkjPyR55211ooJC9SOJN_RwjQ7YxvxqOOn4YjM2ZuOR_NcBT3cpZ_IO3d7aOQFw_trgfnSs3-IvlPVgtX41ZApa6PxxFAkzVyIqaR6L_5dTD48uBoJnWfslFg2ngrTutY9k1It3d44uplLurDhaZX0I2nQ90HKhljfWPWXLH6NQJoCEwf1E3R7L7GbieDX6yT_26hQJ9-X38hrXBb1u3372Eb1bLAgfbtm7bz_P7RvUXNk3aHNeodYq5MQQ78il93iADdz7FIig0U8"}'}
  68. "POST /acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965356 HTTP/1.1" 202 338
  69. Received <Response [202]>. Headers: {'Content-Length': '338', 'Boulder-Request-Id': '8nJJAF2VV_YDR9s54Uga8AeW6J11-H8O-KplceERIcU', 'Expires': 'Mon, 20 Feb 2017 15:47:33 GMT', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/authz/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE>;rel="up"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965356', 'Pragma': 'no-cache', 'Boulder-Requester': '9823849', 'Date': 'Mon, 20 Feb 2017 15:47:33 GMT', 'Content-Type': 'application/json', 'Replay-Nonce': 'F8AedGzw9hnvjgDxKTvZNTdzY0a_FkD5MKmJoRok8NQ'}. Content: '{\n  "type": "tls-sni-01",\n  "status": "pending",\n  "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965356",\n  "token": "n4wnIQJAujIpx4J5Cswz3ctrOW6VvFhqCz8dBjwyBmg",\n  "keyAuthorization": "n4wnIQJAujIpx4J5Cswz3ctrOW6VvFhqCz8dBjwyBmg.6Qef2V4pIdoaMSdBQHgLYj2oBQlF-7rcwduuMGcKPWk"\n}'
  70. Storing nonce: '\x17\xc0\x1etl\xf0\xf6\x19\xef\x8e\x00\xf1);\xd957scF\xbf\x16@\xf90\xa9\x89\xa1\x1a$\xf0\xd4'
  71. Received response <Response [202]> (headers: {'Content-Length': '338', 'Boulder-Request-Id': '8nJJAF2VV_YDR9s54Uga8AeW6J11-H8O-KplceERIcU', 'Expires': 'Mon, 20 Feb 2017 15:47:33 GMT', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/authz/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE>;rel="up"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965356', 'Pragma': 'no-cache', 'Boulder-Requester': '9823849', 'Date': 'Mon, 20 Feb 2017 15:47:33 GMT', 'Content-Type': 'application/json', 'Replay-Nonce': 'F8AedGzw9hnvjgDxKTvZNTdzY0a_FkD5MKmJoRok8NQ'}): '{\n  "type": "tls-sni-01",\n  "status": "pending",\n  "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965356",\n  "token": "n4wnIQJAujIpx4J5Cswz3ctrOW6VvFhqCz8dBjwyBmg",\n  "keyAuthorization": "n4wnIQJAujIpx4J5Cswz3ctrOW6VvFhqCz8dBjwyBmg.6Qef2V4pIdoaMSdBQHgLYj2oBQlF-7rcwduuMGcKPWk"\n}'
  72. Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE. args: (), kwargs: {}
  73. "GET /acme/authz/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE HTTP/1.1" 200 1695
  74. Received <Response [200]>. Headers: {'Content-Length': '1695', 'Expires': 'Mon, 20 Feb 2017 15:47:36 GMT', 'Boulder-Request-Id': 'HU7XkOvvgaof6S5A9KhRNLRI197UbN3kAt0J0jveSEA', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Mon, 20 Feb 2017 15:47:36 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'sEDmqIrDvGV9e2H6mXAoQLvLe-XnBYocKR9Cqd2tAY4'}. Content: '{\n  "identifier": {\n    "type": "dns",\n    "value": "precode.eu"\n  },\n  "status": "invalid",\n  "expires": "2017-02-27T15:47:29Z",\n  "challenges": [\n    {\n      "type": "dns-01",\n      "status": "pending",\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965355",\n      "token": "8q206VqscQFgpQYC8vVvpKDHBNbtCtXG7E8YuczZkVs"\n    },\n    {\n      "type": "tls-sni-01",\n      "status": "invalid",\n      "error": {\n        "type": "urn:acme:error:unauthorized",\n        "detail": "Incorrect validation certificate for TLS-SNI-01 challenge. Requested 3511df10e39b76499bc376524a480392.c5d60af6db111adac37795731aaa5bea.acme.invalid from 164.132.149.45:443. Received 2 certificate(s), first certificate had names \\"vps40-vvw\\"",\n        "status": 403\n      },\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965356",\n      "token": "n4wnIQJAujIpx4J5Cswz3ctrOW6VvFhqCz8dBjwyBmg",\n      "keyAuthorization": "n4wnIQJAujIpx4J5Cswz3ctrOW6VvFhqCz8dBjwyBmg.6Qef2V4pIdoaMSdBQHgLYj2oBQlF-7rcwduuMGcKPWk",\n      "validationRecord": [\n        {\n          "hostname": "precode.eu",\n          "port": "443",\n          "addressesResolved": [\n            "164.132.149.45"\n          ],\n          "addressUsed": "164.132.149.45"\n        }\n      ]\n    },\n    {\n      "type": "http-01",\n      "status": "pending",\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965357",\n      "token": "0nhzzOZO-nAgje-xVuFir7GrNdkd-8lqR-Wmvu1BdbU"\n    }\n  ],\n  "combinations": [\n    [\n      1\n    ],\n    [\n      2\n    ],\n    [\n      0\n    ]\n  ]\n}'
  75. Received response <Response [200]> (headers: {'Content-Length': '1695', 'Expires': 'Mon, 20 Feb 2017 15:47:36 GMT', 'Boulder-Request-Id': 'HU7XkOvvgaof6S5A9KhRNLRI197UbN3kAt0J0jveSEA', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Mon, 20 Feb 2017 15:47:36 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'sEDmqIrDvGV9e2H6mXAoQLvLe-XnBYocKR9Cqd2tAY4'}): '{\n  "identifier": {\n    "type": "dns",\n    "value": "precode.eu"\n  },\n  "status": "invalid",\n  "expires": "2017-02-27T15:47:29Z",\n  "challenges": [\n    {\n      "type": "dns-01",\n      "status": "pending",\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965355",\n      "token": "8q206VqscQFgpQYC8vVvpKDHBNbtCtXG7E8YuczZkVs"\n    },\n    {\n      "type": "tls-sni-01",\n      "status": "invalid",\n      "error": {\n        "type": "urn:acme:error:unauthorized",\n        "detail": "Incorrect validation certificate for TLS-SNI-01 challenge. Requested 3511df10e39b76499bc376524a480392.c5d60af6db111adac37795731aaa5bea.acme.invalid from 164.132.149.45:443. Received 2 certificate(s), first certificate had names \\"vps40-vvw\\"",\n        "status": 403\n      },\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965356",\n      "token": "n4wnIQJAujIpx4J5Cswz3ctrOW6VvFhqCz8dBjwyBmg",\n      "keyAuthorization": "n4wnIQJAujIpx4J5Cswz3ctrOW6VvFhqCz8dBjwyBmg.6Qef2V4pIdoaMSdBQHgLYj2oBQlF-7rcwduuMGcKPWk",\n      "validationRecord": [\n        {\n          "hostname": "precode.eu",\n          "port": "443",\n          "addressesResolved": [\n            "164.132.149.45"\n          ],\n          "addressUsed": "164.132.149.45"\n        }\n      ]\n    },\n    {\n      "type": "http-01",\n      "status": "pending",\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/hfTJUhLHgxkEz5eAbLjvjk30_i36XBqIS5hTDjm7QIE/679965357",\n      "token": "0nhzzOZO-nAgje-xVuFir7GrNdkd-8lqR-Wmvu1BdbU"\n    }\n  ],\n  "combinations": [\n    [\n      1\n    ],\n    [\n      2\n    ],\n    [\n      0\n    ]\n  ]\n}'
  76. Reporting to user: The following errors were reported by the server:
  77.  
  78. Domain: precode.eu
  79. Type:   unauthorized
  80. Detail: Incorrect validation certificate for TLS-SNI-01 challenge. Requested 3511df10e39b76499bc376524a480392.c5d60af6db111adac37795731aaa5bea.acme.invalid from 164.132.149.45:443. Received 2 certificate(s), first certificate had names "vps40-vvw"
  81.  
  82. To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address.
  83. Cleaning up challenges
  84. Exiting abnormally:
  85. Traceback (most recent call last):
  86.   File "/usr/bin/certbot", line 9, in <module>
  87.     load_entry_point('certbot==0.9.3', 'console_scripts', 'certbot')()
  88.   File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 776, in main
  89.     return config.func(config, plugins)
  90.   File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 511, in run
  91.     action, lineage = _auth_from_domains(le_client, config, domains)
  92.   File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 100, in _auth_from_domains
  93.     lineage = le_client.obtain_and_enroll_certificate(domains)
  94.   File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 281, in obtain_and_enroll_certificate
  95.     certr, chain, key, _ = self.obtain_certificate(domains)
  96.   File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 253, in obtain_certificate
  97.     self.config.allow_subset_of_names)
  98.   File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 78, in get_authorizations
  99.     self._respond(resp, best_effort)
  100.   File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 135, in _respond
  101.     self._poll_challenges(chall_update, best_effort)
  102.   File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 199, in _poll_challenges
  103.     raise errors.FailedChallenges(all_failed_achalls)
  104. FailedChallenges: Failed authorization procedure. precode.eu (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for TLS-SNI-01 challenge. Requested 3511df10e39b76499bc376524a480392.c5d60af6db111adac37795731aaa5bea.acme.invalid from 164.132.149.45:443. Received 2 certificate(s), first certificate had names "vps40-vvw"
  105.  
  106. Failed authorization procedure. precode.eu (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for TLS-SNI-01 challenge. Requested 3511df10e39b76499bc376524a480392.c5d60af6db111adac37795731aaa5bea.acme.invalid from 164.132.149.45:443. Received 2 certificate(s), first certificate had names "vps40-vvw"
  107.  
  108. IMPORTANT NOTES:
  109.  - The following errors were reported by the server:
  110.  
  111.    Domain: precode.eu
  112.    Type:   unauthorized
  113.    Detail: Incorrect validation certificate for TLS-SNI-01 challenge.
  114.    Requested
  115.    3511df10e39b76499bc376524a480392.c5d60af6db111adac37795731aaa5bea.acme.invalid
  116.    from 164.132.149.45:443. Received 2 certificate(s), first
  117.    certificate had names "vps40-vvw"
  118.  
  119.    To fix these errors, please make sure that your domain name was
  120.    entered correctly and the DNS A record(s) for that domain
  121.    contain(s) the right IP address.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!