Private key only
-
I've trying to get certificates ACME certs but when it finished I get the little broken chainlink and no indication or error anywhere but the certificates return with only with a private key.
I'm not sure if I broke it, I'v tried both staging and production already and searched the fileystem for clues but even the temp cert have only private keys.
Thanks!
-
That must mean it did not fully complete the validation.
It should display some output when it completes, including a link to the log with more detail. It's usually at
/tmp/acme/<your entry name>/acme_issuecert.log. Look in there and see what it says. -
I actually watched it go using tail -f /tmp/acme/<your entry name>/acme_issuecert.log, it's silly but it gaves me some sort of comfort; there weren't any obvious error. After reading your answers I'm checking again, there's something about a key change and mention that my client broke--on the links given, not on the log. I'm investigating.
Thanks!
-
We have seen a couple reports where the ACME servers won't accept key updates over IPv6 for whatever reason. If you set your firewall to prefer IPv4 under System > Advanced on the Networking tab, does that let it proceed?
-
I have disabled IPv6 network-wide at the moment. It is advertised by my ISP on the edge interfaces though--anyway--I don't think it was that. I thought HAProxy was broken so I resorted to other means and I move back the domains to Cloudflare and on the same entry on ACME I changed each of the requests from Dynu to Cloudflare's credentials and API key and ti went through this time.
I have to rinse and repeat now with the production CA, although I set the cert on HAProxy, tunneled in and it got me a green padlock right away. I think I might just stay put. :)
Thanks!
-
@jimp Thank you! It worked for me :)
