Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsesne Let’s Encrypt error issuing Certificate

    Scheduled Pinned Locked Moved ACME
    5 Posts 2 Posters 1.6k Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      sshami
      last edited by sshami

      Hi, I am getting problem while issuing lets encrypt certificate.
      Using Domain SAN list - Standalone HTTP server.
      name.domainname/:Verify error:Invalid response from http://name.domainname/.well-known/acme-challenge/C27R5jTknkrfD3-7gMfiISsDIG3qtluDM_JcI8CEUHI [xxx.xx.xx.xx]: 503
      Note: Above domain name is changed just for example.
      If i go to/tmp/acme/acme_issuecert.log
      “type”: “urn:ietf:params:acme:error:malformed”,
      “detail”: “Unable to update challenge :: authorization must be pending”,
      “status”: 400
      If i hit : http://name.domainname/.well-known/acme-challenge/C27R5jTknkrfD3-7gMfiISsDIG3qtluDM_JcI8CEUHI
      503 Service Unavailable
      No server is available to handle this request.

      My steup is 2 Pfsese with HA with CARP virtual IP.

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG Offline
        Gertjan @sshami
        last edited by

        @sshami said in Pfsesne Let’s Encrypt error issuing Certificate:

        If i hit : http://name.domainname/.....
        then
        503 Service Unavailable

        which means that, when LE contacted on port 80 TCP (a classic http request) the "name.domainname" web server, there was no answer = no web server present ?
        "name.domainname" points to a web server ?

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        S 1 Reply Last reply Reply Quote 0
        • S Offline
          sshami @Gertjan
          last edited by sshami

          @gertjan
          Thanks !
          First of all i a unable to create certificate via LE giving error 503.
          What would be posible cause and where i have to check. Even i can dns lookup my entry and it resolved correct IP.
          Could i try to use DNS-Amazon Route53 API method instead of standalone HTTP server.

          GertjanG 1 Reply Last reply Reply Quote 0
          • GertjanG Offline
            Gertjan @sshami
            last edited by

            @sshami

            @sshami said in Pfsesne Let’s Encrypt error issuing Certificate:

            What would be posible cause

            You have to own = rent "name.domainname".
            You have a A record setup that point to an IP.
            On this IP you should have a web server, that should answer, at least, '80' (http).

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            S 1 Reply Last reply Reply Quote 0
            • S Offline
              sshami @Gertjan
              last edited by sshami

              This post is deleted!
              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.