Renew lez encrypt pfsense



  • Hello everyone
    if I press on renew certificate, it gives me this error:
    Renewing certificateaccount: NETWORK
    server: letsencrypt-production

    {"type":"urn:acme:error:malformed","detail":"Unable to update challenge :: The challenge is not pending.","status": 400}
    [Mon Jan 22 13:29:13 CET 2018] Please check log file for more details: /tmp/acme/fw-01.s-mart.biz/acme_issuecert.log
    [Mon Jan 22 13:29:14 CET 2018] The dns manual mode can not renew automatically, you must issue it again manually. You'd better use the other modes instead.

    any ideas?



  • @alex1962:

    any ideas?

    Yep.

    As you said yourself : the question and thus the answer is here :
    @alex1962:

    …. Please check log file for more details: /tmp/acme/fw-01.s-mart.biz/acme_issuecert.log

    (we can't check : no access … )
    Btw :
    @alex1962:

    you must issue it again manually. You'd better use the other modes instead.

    is not an error, but you really shouldn't use "DNS-manual" as a method.

    Btw : the ACME is a package, and discussed here : pfSense Forum » pfSense English Support » Packages



  • thank you Gertjan
    now other error  :-[ :-[ :-[ :-[ :-[ :-[ :-[ :-[

    [Mon Jan 22 15:41:06 CET 2018] readlink exists=0

    [Mon Jan 22 15:41:06 CET 2018] dirname exists=0

    [Mon Jan 22 15:41:06 CET 2018] Lets find script dir.

    [Mon Jan 22 15:41:06 CET 2018] SCRIPT='/usr/local/pkg/acme/acme.sh'

    [Mon Jan 22 15:41:06 CET 2018] _script='/usr/local/pkg/acme/acme.sh'

    [Mon Jan 22 15:41:06 CET 2018] _script_home='/usr/local/pkg/acme'

    [Mon Jan 22 15:41:06 CET 2018] Using config home:/tmp/acme/cybercrimine.com/

    [Mon Jan 22 15:41:06 CET 2018] APP

    [Mon Jan 22 15:41:06 CET 2018] 2:LOG_FILE='/tmp/acme/cybercrimine.com/acme_issuecert.log'

    [Mon Jan 22 15:41:06 CET 2018] APP

    [Mon Jan 22 15:41:06 CET 2018] 3:LOG_LEVEL='3'

    [Mon Jan 22 15:41:06 CET 2018] LE_WORKING_DIR='/tmp/acme/cybercrimine.com/'

    [Mon Jan 22 15:41:06 CET 2018] Using config home:/tmp/acme/cybercrimine.com/

    [Mon Jan 22 15:41:06 CET 2018] ACME_DIRECTORY='https://acme-v01.api.letsencrypt.org/directory'

    [Mon Jan 22 15:41:06 CET 2018] _ACME_SERVER_HOST='acme-v01.api.letsencrypt.org'

    [Mon Jan 22 15:41:06 CET 2018] CA_CONF='/tmp/acme/cybercrimine.com//ca/acme-v01.api.letsencrypt.org/ca.conf'

    [Mon Jan 22 15:41:06 CET 2018] DOMAIN_PATH='/tmp/acme/cybercrimine.com//www.cybercrimine.com'

    [Mon Jan 22 15:41:06 CET 2018] Renew: 'www.cybercrimine.com'

    [Mon Jan 22 15:41:06 CET 2018] 'www.cybercrimine.com' is not a issued domain, skip.

    if I analyze the start of pfsense I see a lot of faied pullup errors.
    can it be connected?



  • @alex1962:

    [Mon Jan 22 15:41:06 CET 2018] 'www.cybercrimine.com' is not a issued domain, skip.

    Can't use https://crt.sh right now - better check with that site when it comes up again.

    @alex1962:

    if I analyze the start of pfsense I see a lot of faied pullup errors.
    can it be connected?

    Don't know what you mean.


Log in to reply