Error when creating new certificate - "error": "Unable to verify HMAC"'



  • Hi,

    Need help with fixing an error. Do not understand what it means. Using Pfsense 2.4.4 with acme 0.6.4 and trying to add a new server to the certificate. When I test the entry I get:

    [Sat Jan 11 15:07:48 AST 2020] response='{"error": ["Unable to verify HMAC"]}'
    [Sat Jan 11 15:07:48 AST 2020] name?domainname=ca
    [Sat Jan 11 15:07:48 AST 2020] od exists=0
    [Sat Jan 11 15:07:48 AST 2020] GET
    [Sat Jan 11 15:07:48 AST 2020] url='https://api.dnsmadeeasy.com/V2.0/dns/managed/name?domainname=ca'
    [Sat Jan 11 15:07:48 AST 2020] timeout=
    [Sat Jan 11 15:07:48 AST 2020] Http already initialized.
    [Sat Jan 11 15:07:48 AST 2020] _CURL='curl -L --silent --dump-header /tmp/acme/accra.ca//http.header -g '
    [Sat Jan 11 15:07:48 AST 2020] ret='0'
    [Sat Jan 11 15:07:48 AST 2020] response='{"error": ["Unable to verify HMAC"]}'
    [Sat Jan 11 15:07:48 AST 2020] invalid domain
    [Sat Jan 11 15:07:48 AST 2020] Error add txt for domain:_acme-challenge.ftpweb.accra.ca
    [Sat Jan 11 15:07:48 AST 2020] _on_issue_err
    [Sat Jan 11 15:07:48 AST 2020] Please check log file for more details: /tmp/acme/accra.ca/acme_issuecert.log


  • Rebel Alliance Developer Netgate

    What exactly did you change in the ACME entry?

    Can you post the full logs from /tmp/acme/accra.ca/acme_issuecert.log ? (be sure to edit out any keys/passwords/etc)



  • Found a work around. I deleted the certificates and recreated them under a different name and everything now works. I presume that the configuration got corrupted somehow and re-creating it fixed the issue.

    Thanks
    Charles


Log in to reply