cannot generate a certificate

nevolex

hi guys,

may somebody please assist, cannot generate a ssl certificate using Cloudflare api :(

Message in the dialog: 

[Sun Feb  5 09:11:32 NZDT 2023] Using CA: https://acme-staging-v02.api.letsencrypt.org/directory
[Sun Feb  5 09:11:32 NZDT 2023] Single domain='mydomain.example'
[Sun Feb  5 09:11:32 NZDT 2023] Getting domain auth token for each domain
[Sun Feb  5 09:11:34 NZDT 2023] Getting webroot for domain='mydomain.example'
[Sun Feb  5 09:11:34 NZDT 2023] Adding txt value: xxxxxxxxxxxxxxxxxxxxxxxxx_URQhX0zP-PrmnLM for domain:  _acme-challenge.mydomain.example
[Sun Feb  5 09:11:35 NZDT 2023] invalid domain
[Sun Feb  5 09:11:35 NZDT 2023] Error add txt for domain:_acme-challenge.mydomain.example
[Sun Feb  5 09:11:35 NZDT 2023] Please check log file for more details: /tmp/acme/remote-pfsense-mydomain.example/acme_issuecert.log



in the logs:

[Sat Feb  4 22:55:20 NZDT 2023] _CURL='curl --silent --dump-header /tmp/acme/remote-pfsense-mydomain.example//http.header  -L '
[Sat Feb  4 22:55:21 NZDT 2023] ret='0'
[Sat Feb  4 22:55:21 NZDT 2023] response='{"success":false,"errors":[{"code":6003,"message":"Invalid request headers","error_chain":[{"code":6111,"message":"Invalid format for Authorization header"}]}],"messages":[],"result":null}'
[Sat Feb  4 22:55:21 NZDT 2023] invalid domain
[Sat Feb  4 22:55:21 NZDT 2023] Error add txt for domain:_acme-challenge.mydomain.example
[Sat Feb  4 22:55:21 NZDT 2023] _on_issue_err
[Sat Feb  4 22:55:21 NZDT 2023] Please check log file for more details: /tmp/acme/remote-pfsense-mydomain.example/acme_issuecert.log
[Sat Feb  4 22:55:21 NZDT 2023] _chk_vlist='*.mydomain.example#u9CduNpAT8m9bd0aIOeWSj2Q2VkkDrxRQic9bJ0dLsM.h9lVFzs6Auj9eC1hevR9j4j-7y1aeIsOohKKKyhFD8k#https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5231099963/tsbqVw#dns-01#dns_cf,mydomain.example#pnv-1J_xxxxxxxxxxxxxx_Uxxxxxxxxxxxxxxxxxxx-xxxxxxxxxxxxyhFD8k#https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5231099973/QXMfKQ#dns-01#dns_cf,'
[Sat Feb  4 22:55:21 NZDT 2023] start to deactivate authz
[Sat Feb  4 22:55:21 NZDT 2023] Trigger domain validation.
[Sat Feb  4 22:55:21 NZDT 2023] _t_url='https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5231099963/tsbqVw'
[Sat Feb  4 22:55:21 NZDT 2023] _t_key_authz='xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
[Sat Feb  4 22:55:21 NZDT 2023] _t_vtype
[Sat Feb  4 22:55:21 NZDT 2023] url='https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5231099963/tsbqVw'
[Sat Feb  4 22:55:21 NZDT 2023] payload='{}'
[Sat Feb  4 22:55:21 NZDT 2023] Use cached jwk for file: /tmp/acme/remote-pfsense-mydomain.example//ca/acme-staging-v02.api.letsencrypt.org/directory/account.key
[Sat Feb  4 22:55:21 NZDT 2023] base64 single line.
[Sat Feb  4 22:55:21 NZDT 2023] payload64='e30'
[Sat Feb  4 22:55:21 NZDT 2023] _request_retry_times='1'




thank you 

johnpoz

@nevolex said in cannot generate a certificate:

invalid domain

Going to stated the obvious here - but mydomain.example is never going to work ;) Assuming you obfuscated that, but its saying invalid..

I use cloudflare to get certs via acme.. Did you setup your permissions on your domain, did you use the correct api token, etc..

nevolex

@johnpoz thank you for your quick reply, the issue was on myside, was using the wrong TOKEN code :)