Setup ACME with Webroot Local Folder



  • I has setup ACME with Validation Method - Webroot Local Folder, and i stuck here
    2c91ce9a-91cb-4d43-a4c6-484a41823a71-image.png

    may be anyone can help me or guide me regarding the case,



  • It's here :
    61d91ed7-e200-48d4-a1a5-1b34e30ccf0d-image.png

    It should create a sub directory (in a sub directory) in the webroot .well-known/acme-challenge/ with the hash file.
    And that didn't work out.

    edit : btw : you have access to this webroot web server, right ? Go have a look yourself.
    The dirs are there ?
    Also : there are log files right ? Use them - see if 'pfSense' accessed your server. Dono how "http api" works, but I'm pretty sure there are server logs that can show you what happens.
    edit end.

    The setting you supplied you gave so "httpapi" should do it's job, couldn't fo it's job ?

    Anyway :
    This is not some funny line :
    b2151ade-5f2d-4dd2-8291-28cd25ccb42c-image.png

    It's actually needed when things don't work.



  • Hi @Gertjan thank you for you attantion,

    sorry i am forgot ti attach the log,
    this is log when i got today

    ([Fri Mar 27 10:34:39 WIB 2020] code='400'
    [Fri Mar 27 10:34:39 WIB 2020] original='{
    "type": "urn:ietf:params:acme:error:malformed",
    "detail": "Unable to update challenge :: authorization must be pending",
    "status": 400)

    Below is the response after i was click issue/renews button on pfsense

    9b17159f-b970-4a66-95c8-5febf0769afa-image.png

    May be anyone can teach me regarding the issue and resove the issue

    regards....



  • Logs ?

    Open a console, SSH, or better SFTP and look in /tmp/acme/your-domain.tld - there is a dot log file.
    This one :
    112f5526-6111-4ba0-ad23-9802642eac83-image.png

    Also :

    If I visit :
    2ea7a531-3b5f-4933-9840-3c6459963808-image.png

    I have a TLS error - as acme has :

    d44fcbf1-8c98-4ae5-a1e8-5114913e991d-image.png

    because the cert is expired since March 6.

    So, when the Letenscypt hits that site, it will bail out.

    I'm not using HAProxy myself, neither the acme webroot method.

    What about : pfsense haproxy acme ,


Log in to reply