Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Error when creating new certificate - "error": "Unable to verify HMAC"'

    Scheduled Pinned Locked Moved ACME
    5 Posts 2 Posters 647 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cjbujold
      last edited by

      Hi,

      Need help with fixing an error. Do not understand what it means. Using Pfsense 2.4.4 with acme 0.6.4 and trying to add a new server to the certificate. When I test the entry I get:

      [Sat Jan 11 15:07:48 AST 2020] response='{"error": ["Unable to verify HMAC"]}'
      [Sat Jan 11 15:07:48 AST 2020] name?domainname=ca
      [Sat Jan 11 15:07:48 AST 2020] od exists=0
      [Sat Jan 11 15:07:48 AST 2020] GET
      [Sat Jan 11 15:07:48 AST 2020] url='https://api.dnsmadeeasy.com/V2.0/dns/managed/name?domainname=ca'
      [Sat Jan 11 15:07:48 AST 2020] timeout=
      [Sat Jan 11 15:07:48 AST 2020] Http already initialized.
      [Sat Jan 11 15:07:48 AST 2020] _CURL='curl -L --silent --dump-header /tmp/acme/accra.ca//http.header -g '
      [Sat Jan 11 15:07:48 AST 2020] ret='0'
      [Sat Jan 11 15:07:48 AST 2020] response='{"error": ["Unable to verify HMAC"]}'
      [Sat Jan 11 15:07:48 AST 2020] invalid domain
      [Sat Jan 11 15:07:48 AST 2020] Error add txt for domain:_acme-challenge.ftpweb.accra.ca
      [Sat Jan 11 15:07:48 AST 2020] _on_issue_err
      [Sat Jan 11 15:07:48 AST 2020] Please check log file for more details: /tmp/acme/accra.ca/acme_issuecert.log

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        What exactly did you change in the ACME entry?

        Can you post the full logs from /tmp/acme/accra.ca/acme_issuecert.log ? (be sure to edit out any keys/passwords/etc)

        Remember: Upvote with the πŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        C 1 Reply Last reply Reply Quote 0
        • C
          cjbujold
          last edited by

          Found a work around. I deleted the certificates and recreated them under a different name and everything now works. I presume that the configuration got corrupted somehow and re-creating it fixed the issue.

          Thanks
          Charles

          1 Reply Last reply Reply Quote 0
          • C
            cjbujold @jimp
            last edited by

            @jimp Error when creating new certificate - "error": "Unable to verify HMAC"' the issue came back after 13 days. I am attaching the redacted log . hope it can identify the issue.

            Thanks

            Charles

            acme_issuecertLog.txt

            1 Reply Last reply Reply Quote 0
            • jimpJ
              jimp Rebel Alliance Developer Netgate
              last edited by

              Looks like the error is being sent back from api.dnsmadeeasy.com -- so I'd check your account settings there and the credentials. Maybe they have some limit you're exceeding, or something else wrong.

              Remember: Upvote with the πŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.