Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Error on send_csr

See original GitHub issue

Which version of python are you using?

3.6.4

What operating system and version of operating system are you uing?

Mac OS

What version of sewer are you using?

0.5.5

What did you do? (be as detailed as you can)

$ sewer \
> --endpoint staging \
> --dns aliyun \
> --bundle_name=jinlinbao.net \
> --domain *.jinlinbao.net \
> --alt_domains jinlinbao.net \
> --loglevel DEBUG \
> --action run

and

sewer \
--endpoint staging \
--dns aliyun \
--bundle_name=menduo-test.jinlinbao.net \
--domain *.menduo-test.jinlinbao.net \
--alt_domains menduo-test.jinlinbao.net \
--action run

and

sewer \
--endpoint staging \
--dns hurricane \
--bundle_name=menduo.net \
--domain *.menduo.net \
--alt_domains menduo.net \
--loglevel DEBUG \
--action run

What did you expect to see/happen/not happen?

Both valid certificate.

What did you actually see/happen?

Two works ok, another not.

  • *.menduo.net with hurricane dns ok
  • *.menduo-test.jinlinbao.net with aliyun dns ok
  • but *..jinlinbadns o.net with aliyun not.

Paste here the log output generated by sewer, if any. Please remember to remove any sensitive items from the log before pasting here.

If you can, run sewer with loglevel set to debug; eg sewer --loglevel DEBUG

*.jinlinbao.net , doesn’t works:

$ sewer \
> --endpoint staging \
> --dns aliyun \
> --bundle_name=jinlinbao.net \
> --domain *.jinlinbao.net \
> --alt_domains jinlinbao.net \
> --loglevel DEBUG \
> --action run
chosen_dns_provider. Using aliyun as dns provider.
get_acme_endpoints
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 724
get_acme_endpoints_response. status_code=200
create_certificate_key
create_csr
create_account_key
intialise_success, sewer_version=0.5.5, domain_names=['*.jinlinbao.net', 'jinlinbao.net'], acme_server=https://acme-staging...
account key succesfully written to /data/install/jinlinbao.net.account.key.
get_certificate
acme_register
make_signed_acme_request
get_acme_header
get_nonce
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/new-nonce HTTP/1.1" 204 0
sign_message
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-acct HTTP/1.1" 201 544
acme_register_response. status_code=201. response={'id': 6609583, 'key': {'kty': 'RSA', 'n': 'tVx-mT3ZccyLBRSwJLPzRU2_cCf0ACKv-nkyh2BX5Asd4McFzRbx8acadesUWDwX1riyRQulD7o6RuggbrGZoAOdEG3OdWV_gMHEUwMV3W3LXeqaharkM-LylMZwOLZp9gND01JS9p0l92WvsuFlxInCY06I3dqvub2egjNPKmF_iOMxXZXldbSQe4qH24XLFLnk5USA1FJgCTYtLIiu6GLc6gesAIE50_s_FqeDi3cL9b0GfFzf8LBlrPCmAB4ArWWADamYateTOMX4RFocBOhYhJQtskbQXpVkibySr2wvWr8ncu_iwFpcA1BkdwKY7C_6Eya30WMLjgSA86tYDw', 'e': 'AQAB'}, 'contact': [], 'initialIp': '223.255.127.32', 'createdAt': '2018-08-08T12:47:01.920137714Z', 'status': 'valid'}
acme_register_success
apply_for_cert_issuance
make_signed_acme_request
get_acme_header
get_nonce
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/new-nonce HTTP/1.1" 204 0
sign_message
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 559
apply_for_cert_issuance_response. status_code=201. response={'status': 'pending', 'expires': '2018-08-15T12:47:06.088752426Z', 'identifiers': [{'type': 'dns', 'value': '*.jinlinbao.net'}, {'type': 'dns', 'value': 'jinlinbao.net'}], 'authorizations': ['https://acme-staging-v02.api.letsencrypt.org/acme/authz/X_-e_lySZKmDM3KEEg1-sDX_69Szw_F0zX8Jq7-sbyU', 'https://acme-staging-v02.api.letsencrypt.org/acme/authz/Bg9vSpRPeg7J929PQYK-UsR7jyu5tn0DHaODm5hEFwQ'], 'finalize': 'https://acme-staging-v02.api.letsencrypt.org/acme/finalize/6609583/5597584'}
apply_for_cert_issuance_success
get_identifier_authorization
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/authz/X_-e_lySZKmDM3KEEg1-sDX_69Szw_F0zX8Jq7-sbyU HTTP/1.1" 200 430
get_identifier_authorization_response. status_code=200. response={'identifier': {'type': 'dns', 'value': 'jinlinbao.net'}, 'status': 'pending', 'expires': '2018-08-15T12:47:06Z', 'challenges': [{'type': 'dns-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/X_-e_lySZKmDM3KEEg1-sDX_69Szw_F0zX8Jq7-sbyU/157563783', 'token': '6nPAAIBlNVyhqQcuGSbTHc-cHPVoO1BzW4FcwX3-gsI'}], 'wildcard': True}
get_identifier_authorization_success. identifier_auth={'domain': '*.jinlinbao.net', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/authz/X_-e_lySZKmDM3KEEg1-sDX_69Szw_F0zX8Jq7-sbyU', 'wildcard': True, 'dns_token': '6nPAAIBlNVyhqQcuGSbTHc-cHPVoO1BzW4FcwX3-gsI', 'dns_challenge_url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/X_-e_lySZKmDM3KEEg1-sDX_69Szw_F0zX8Jq7-sbyU/157563783'}
get_identifier_authorization_success
get_keyauthorization
get_acme_header
get_nonce
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/new-nonce HTTP/1.1" 204 0
create_dns_record start: ('*.jinlinbao.net', '-BJlP1VpUcCspuy9UGABzuNLE4yWv6GUUjraK_QQNoE')
create_dns_record end: ('*.jinlinbao.net', '-BJlP1VpUcCspuy9UGABzuNLE4yWv6GUUjraK_QQNoE', {'RecordId': '4012399967605760', 'RequestId': '07F05A58-B162-4211-80F5-9F1F0FE5BC2E'})
get_identifier_authorization
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/authz/Bg9vSpRPeg7J929PQYK-UsR7jyu5tn0DHaODm5hEFwQ HTTP/1.1" 200 926
get_identifier_authorization_response. status_code=200. response={'identifier': {'type': 'dns', 'value': 'jinlinbao.net'}, 'status': 'pending', 'expires': '2018-08-15T12:47:06Z', 'challenges': [{'type': 'dns-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/Bg9vSpRPeg7J929PQYK-UsR7jyu5tn0DHaODm5hEFwQ/157563784', 'token': 'gaERieFaVRwgsalHGyDtXueLBAecKj8XCXss3-cNHK8'}, {'type': 'tls-alpn-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/Bg9vSpRPeg7J929PQYK-UsR7jyu5tn0DHaODm5hEFwQ/157563785', 'token': 'MN-O1dRzaJDsXjPpVWowWm5CsofDJM_iJQDHcwaJTuQ'}, {'type': 'http-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/Bg9vSpRPeg7J929PQYK-UsR7jyu5tn0DHaODm5hEFwQ/157563786', 'token': 'ejgEHEMoMIJ3x_WJgMoLH4TX8jpfNshFAkdMcCTKUmU'}]}
get_identifier_authorization_success. identifier_auth={'domain': 'jinlinbao.net', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/authz/Bg9vSpRPeg7J929PQYK-UsR7jyu5tn0DHaODm5hEFwQ', 'wildcard': None, 'dns_token': 'gaERieFaVRwgsalHGyDtXueLBAecKj8XCXss3-cNHK8', 'dns_challenge_url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/Bg9vSpRPeg7J929PQYK-UsR7jyu5tn0DHaODm5hEFwQ/157563784'}
get_identifier_authorization_success
get_keyauthorization
get_acme_header
get_nonce
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/new-nonce HTTP/1.1" 204 0
create_dns_record start: ('jinlinbao.net', '3Q5b03mMAzEtNyazJEzgxgCr3Zb4WHsD6uUgauy14Nc')
create_dns_record end: ('jinlinbao.net', '3Q5b03mMAzEtNyazJEzgxgCr3Zb4WHsD6uUgauy14Nc', {'RecordId': '4012400023606272', 'RequestId': '3597AB27-F6CB-4FB3-A986-55A6DEEDCEBA'})
check_authorization_status
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/authz/X_-e_lySZKmDM3KEEg1-sDX_69Szw_F0zX8Jq7-sbyU HTTP/1.1" 200 430
check_authorization_status_response. status_code=200. response={'identifier': {'type': 'dns', 'value': 'jinlinbao.net'}, 'status': 'pending', 'expires': '2018-08-15T12:47:06Z', 'challenges': [{'type': 'dns-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/X_-e_lySZKmDM3KEEg1-sDX_69Szw_F0zX8Jq7-sbyU/157563783', 'token': '6nPAAIBlNVyhqQcuGSbTHc-cHPVoO1BzW4FcwX3-gsI'}], 'wildcard': True}
check_authorization_status_success
respond_to_challenge
make_signed_acme_request
get_acme_header
get_nonce
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/new-nonce HTTP/1.1" 204 0
sign_message
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/challenge/X_-e_lySZKmDM3KEEg1-sDX_69Szw_F0zX8Jq7-sbyU/157563783 HTTP/1.1" 200 229
respond_to_challenge_response. status_code=200. response={'type': 'dns-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/X_-e_lySZKmDM3KEEg1-sDX_69Szw_F0zX8Jq7-sbyU/157563783', 'token': '6nPAAIBlNVyhqQcuGSbTHc-cHPVoO1BzW4FcwX3-gsI'}
respond_to_challenge_success
check_authorization_status
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/authz/Bg9vSpRPeg7J929PQYK-UsR7jyu5tn0DHaODm5hEFwQ HTTP/1.1" 200 926
check_authorization_status_response. status_code=200. response={'identifier': {'type': 'dns', 'value': 'jinlinbao.net'}, 'status': 'pending', 'expires': '2018-08-15T12:47:06Z', 'challenges': [{'type': 'dns-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/Bg9vSpRPeg7J929PQYK-UsR7jyu5tn0DHaODm5hEFwQ/157563784', 'token': 'gaERieFaVRwgsalHGyDtXueLBAecKj8XCXss3-cNHK8'}, {'type': 'tls-alpn-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/Bg9vSpRPeg7J929PQYK-UsR7jyu5tn0DHaODm5hEFwQ/157563785', 'token': 'MN-O1dRzaJDsXjPpVWowWm5CsofDJM_iJQDHcwaJTuQ'}, {'type': 'http-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/Bg9vSpRPeg7J929PQYK-UsR7jyu5tn0DHaODm5hEFwQ/157563786', 'token': 'ejgEHEMoMIJ3x_WJgMoLH4TX8jpfNshFAkdMcCTKUmU'}]}
check_authorization_status_success
respond_to_challenge
make_signed_acme_request
get_acme_header
get_nonce
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/new-nonce HTTP/1.1" 204 0
sign_message
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/challenge/Bg9vSpRPeg7J929PQYK-UsR7jyu5tn0DHaODm5hEFwQ/157563784 HTTP/1.1" 200 229
respond_to_challenge_response. status_code=200. response={'type': 'dns-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/Bg9vSpRPeg7J929PQYK-UsR7jyu5tn0DHaODm5hEFwQ/157563784', 'token': 'gaERieFaVRwgsalHGyDtXueLBAecKj8XCXss3-cNHK8'}
respond_to_challenge_success
send_csr
make_signed_acme_request
get_acme_header
get_nonce
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/new-nonce HTTP/1.1" 204 0
sign_message
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/finalize/6609583/5597584 HTTP/1.1" 400 148
send_csr_response. status_code=400. response={'type': 'urn:ietf:params:acme:error:malformed', 'detail': 'Order\'s status ("invalid") is not acceptable for finalization', 'status': 400}
Error: Unable to issue certificate. error=Error sending csr: status_code=400 response={'type': 'urn:ietf:params:acme:error:malformed', 'detail': 'Order\'s status ("invalid") is not acceptable for finalization', 'status': 400}
delete_dns_record start: ('*.jinlinbao.net', '-BJlP1VpUcCspuy9UGABzuNLE4yWv6GUUjraK_QQNoE')
start to delete dns record, id: 4012400023606272
delete_dns_record end: ('*.jinlinbao.net', '-BJlP1VpUcCspuy9UGABzuNLE4yWv6GUUjraK_QQNoE', {'RecordId': '4012400023606272', 'RequestId': '74006751-4868-472C-8DAA-DB1E7B57215B'})
delete_dns_record start: ('jinlinbao.net', '3Q5b03mMAzEtNyazJEzgxgCr3Zb4WHsD6uUgauy14Nc')
start to delete dns record, id: 4012399967605760
delete_dns_record end: ('jinlinbao.net', '3Q5b03mMAzEtNyazJEzgxgCr3Zb4WHsD6uUgauy14Nc', {'RecordId': '4012399967605760', 'RequestId': '5C44D956-0AAD-41F3-A581-09BEC4D45386'})
Traceback (most recent call last):
  File "/Users/mdp/ws/jlbao/_jlbenv364/bin/sewer", line 11, in <module>
    sys.exit(main())
  File "/Users/mdp/ws/jlbao/_jlbenv364/lib/python3.6/site-packages/sewer/cli.py", line 284, in main
    certificate = client.cert()
  File "/Users/mdp/ws/jlbao/_jlbenv364/lib/python3.6/site-packages/sewer/client.py", line 708, in cert
    return self.get_certificate()
  File "/Users/mdp/ws/jlbao/_jlbenv364/lib/python3.6/site-packages/sewer/client.py", line 696, in get_certificate
    raise e
  File "/Users/mdp/ws/jlbao/_jlbenv364/lib/python3.6/site-packages/sewer/client.py", line 691, in get_certificate
    certificate_url = self.send_csr(finalize_url)
  File "/Users/mdp/ws/jlbao/_jlbenv364/lib/python3.6/site-packages/sewer/client.py", line 515, in send_csr
    response=self.log_response(send_csr_response)))
ValueError: Error sending csr: status_code=400 response={'type': 'urn:ietf:params:acme:error:malformed', 'detail': 'Order\'s status ("invalid") is not acceptable for finalization', 'status': 400}

*.menduo-test.jinlinbao.net , works okay:

$ sewer \
> --endpoint staging \
> --dns aliyun \
> --bundle_name=menduo-test.jinlinbao.net \
> --domain *.menduo-test.jinlinbao.net \
> --alt_domains menduo-test.jinlinbao.net \
> --action run
chosen_dns_provider. Using aliyun as dns provider.
intialise_success, sewer_version=0.5.5, domain_names=['*.menduo-test.jinlinbao.net', 'menduo-test.jinlinbao.net'], acme_server=https://acme-staging...
account key succesfully written to /data/install/menduo-test.jinlinbao.net.account.key.
acme_register
acme_register_success
apply_for_cert_issuance
apply_for_cert_issuance_success
get_identifier_authorization
get_identifier_authorization_success
create_dns_record start: ('*.menduo-test.jinlinbao.net', '8-zMNFjtL_TSoZKCUIX16WO_gvQOc6tQf_jERsWwrHY')
create_dns_record end: ('*.menduo-test.jinlinbao.net', '8-zMNFjtL_TSoZKCUIX16WO_gvQOc6tQf_jERsWwrHY', {'RecordId': '4012390763090944', 'RequestId': '75F014B4-9B9C-4C21-8BB1-885DDB157F5C'})
get_identifier_authorization
get_identifier_authorization_success
create_dns_record start: ('menduo-test.jinlinbao.net', 'l3Boj2H25Q3NVGquKeMECJ4-h9DUzIT_SmDuW-ZU83Y')
create_dns_record end: ('menduo-test.jinlinbao.net', 'l3Boj2H25Q3NVGquKeMECJ4-h9DUzIT_SmDuW-ZU83Y', {'RecordId': '4012390780770304', 'RequestId': 'F19E5162-0C8C-4C9D-8CF9-C57F9D0932A7'})
check_authorization_status
check_authorization_status_success
respond_to_challenge
respond_to_challenge_success
check_authorization_status
check_authorization_status_success
respond_to_challenge
respond_to_challenge_success
send_csr
send_csr_success
download_certificate
download_certificate_success
delete_dns_record start: ('*.menduo-test.jinlinbao.net', '8-zMNFjtL_TSoZKCUIX16WO_gvQOc6tQf_jERsWwrHY')
start to delete dns record, id: 4012390780770304
delete_dns_record end: ('*.menduo-test.jinlinbao.net', '8-zMNFjtL_TSoZKCUIX16WO_gvQOc6tQf_jERsWwrHY', {'RecordId': '4012390780770304', 'RequestId': 'FCA8923E-ACE6-4247-828A-53209598DBC0'})
delete_dns_record start: ('menduo-test.jinlinbao.net', 'l3Boj2H25Q3NVGquKeMECJ4-h9DUzIT_SmDuW-ZU83Y')
start to delete dns record, id: 4012390763090944
delete_dns_record end: ('menduo-test.jinlinbao.net', 'l3Boj2H25Q3NVGquKeMECJ4-h9DUzIT_SmDuW-ZU83Y', {'RecordId': '4012390763090944', 'RequestId': 'F3EA5B64-4188-4C50-BB12-4A982F3AC609'})
certificate succesfully written to /data/install/menduo-test.jinlinbao.net.crt.
certificate key succesfully written to /data/install/menduo-test.jinlinbao.net.key.
the_end. Certificate Succesfully issued. The certificate, certificate key and account key have been saved in the current directory

*.menduo.net works ok:

$ sewer \
> --endpoint staging \
> --dns hurricane \
> --bundle_name=menduo.net \
> --domain *.menduo.net \
> --alt_domains menduo.net \
> --loglevel DEBUG \
> --action run
chosen_dns_provider. Using hurricane as dns provider.
get_acme_endpoints
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 724
get_acme_endpoints_response. status_code=200
create_certificate_key
create_csr
create_account_key
intialise_success, sewer_version=0.5.5, domain_names=['*.menduo.net', 'menduo.net'], acme_server=https://acme-staging...
account key succesfully written to /data/install/menduo.net.account.key.
get_certificate
acme_register
make_signed_acme_request
get_acme_header
get_nonce
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/new-nonce HTTP/1.1" 204 0
sign_message
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-acct HTTP/1.1" 201 544
acme_register_response. status_code=201. response={'id': 6609616, 'key': {'kty': 'RSA', 'n': 'wbzx4lA7v2KQUrYRB9dGx4RzV1ecYctptTBCZjUdW1iYt1wtddggYzioHQk4rQGhfm-1efJ9Cp7nTegEliq8Yh_QerAKaWaehlkSSdLLefZXj2aJfNFYyO2_M_hFdtZeaJQA2rpAji7q1k-85alfqg7-w5SnbIEg79AMfc4fvCbwXntf-G4mEUswDCQg1MIisd4auAL4zwqFJR-LtTMQD1wj07dVZoQbWbH-MDkKMcdWiaTNiEvThe-W2Y5fJsA67VoMgiqkyOAqrNka8ATJ_ECVWl7lL83-zziaNTwhBzBiY-LN9WhmTVsUcDtef5lIhyZw4GBkbtxF8W0tnjYhwQ', 'e': 'AQAB'}, 'contact': [], 'initialIp': '223.255.127.32', 'createdAt': '2018-08-08T12:53:59.868907713Z', 'status': 'valid'}
acme_register_success
apply_for_cert_issuance
make_signed_acme_request
get_acme_header
get_nonce
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/new-nonce HTTP/1.1" 204 0
sign_message
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 553
apply_for_cert_issuance_response. status_code=201. response={'status': 'pending', 'expires': '2018-08-15T12:54:00.704763088Z', 'identifiers': [{'type': 'dns', 'value': '*.menduo.net'}, {'type': 'dns', 'value': 'menduo.net'}], 'authorizations': ['https://acme-staging-v02.api.letsencrypt.org/acme/authz/NJnLw9S36dRz4r5UBlOS6eVep-41oY3l5kGqiznN-Rs', 'https://acme-staging-v02.api.letsencrypt.org/acme/authz/uxOAon5OiQCPSWE_BFvdYpoMLKPTKDGFWQPm_cNrseo'], 'finalize': 'https://acme-staging-v02.api.letsencrypt.org/acme/finalize/6609616/5597771'}
apply_for_cert_issuance_success
get_identifier_authorization
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/authz/NJnLw9S36dRz4r5UBlOS6eVep-41oY3l5kGqiznN-Rs HTTP/1.1" 200 427
get_identifier_authorization_response. status_code=200. response={'identifier': {'type': 'dns', 'value': 'menduo.net'}, 'status': 'pending', 'expires': '2018-08-15T12:54:00Z', 'challenges': [{'type': 'dns-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/NJnLw9S36dRz4r5UBlOS6eVep-41oY3l5kGqiznN-Rs/157564805', 'token': '4SBS1Xc077iUjwEfcSiBB8SYEY2tVPnL-pjfgoOBB7E'}], 'wildcard': True}
get_identifier_authorization_success. identifier_auth={'domain': '*.menduo.net', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/authz/NJnLw9S36dRz4r5UBlOS6eVep-41oY3l5kGqiznN-Rs', 'wildcard': True, 'dns_token': '4SBS1Xc077iUjwEfcSiBB8SYEY2tVPnL-pjfgoOBB7E', 'dns_challenge_url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/NJnLw9S36dRz4r5UBlOS6eVep-41oY3l5kGqiznN-Rs/157564805'}
get_identifier_authorization_success
get_keyauthorization
get_acme_header
get_nonce
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/new-nonce HTTP/1.1" 204 0
create_dns_record start: ('*.menduo.net', 'r_2bfvT8tNi3jnrQHAbHmgkML6DSLBQp7PaPxkMkKIc')
create_dns_record end: ('*.menduo.net', 'r_2bfvT8tNi3jnrQHAbHmgkML6DSLBQp7PaPxkMkKIc')
get_identifier_authorization
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/authz/uxOAon5OiQCPSWE_BFvdYpoMLKPTKDGFWQPm_cNrseo HTTP/1.1" 200 923
get_identifier_authorization_response. status_code=200. response={'identifier': {'type': 'dns', 'value': 'menduo.net'}, 'status': 'pending', 'expires': '2018-08-15T12:54:00Z', 'challenges': [{'type': 'dns-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/uxOAon5OiQCPSWE_BFvdYpoMLKPTKDGFWQPm_cNrseo/157564806', 'token': 'bh1ltgSS8IYy3qAoJNZX4vox6fJAS2c4ieZPbaHNLqs'}, {'type': 'http-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/uxOAon5OiQCPSWE_BFvdYpoMLKPTKDGFWQPm_cNrseo/157564807', 'token': 'tHOptaRbMwf8UGfNdX6h8DZdk2XrtKlk_e9qbEb3Cak'}, {'type': 'tls-alpn-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/uxOAon5OiQCPSWE_BFvdYpoMLKPTKDGFWQPm_cNrseo/157564808', 'token': '54wqt92omwQu4xsZcms2lAg4bH6AWzcQZa6aqQNUtMQ'}]}
get_identifier_authorization_success. identifier_auth={'domain': 'menduo.net', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/authz/uxOAon5OiQCPSWE_BFvdYpoMLKPTKDGFWQPm_cNrseo', 'wildcard': None, 'dns_token': 'bh1ltgSS8IYy3qAoJNZX4vox6fJAS2c4ieZPbaHNLqs', 'dns_challenge_url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/uxOAon5OiQCPSWE_BFvdYpoMLKPTKDGFWQPm_cNrseo/157564806'}
get_identifier_authorization_success
get_keyauthorization
get_acme_header
get_nonce
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/new-nonce HTTP/1.1" 204 0
create_dns_record start: ('menduo.net', 'dDsdv_S7D4jqfmThoXsR5DF5HwOPhN92y4hj0Vurn2k')
create_dns_record end: ('menduo.net', 'dDsdv_S7D4jqfmThoXsR5DF5HwOPhN92y4hj0Vurn2k')
check_authorization_status
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/authz/NJnLw9S36dRz4r5UBlOS6eVep-41oY3l5kGqiznN-Rs HTTP/1.1" 200 427
check_authorization_status_response. status_code=200. response={'identifier': {'type': 'dns', 'value': 'menduo.net'}, 'status': 'pending', 'expires': '2018-08-15T12:54:00Z', 'challenges': [{'type': 'dns-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/NJnLw9S36dRz4r5UBlOS6eVep-41oY3l5kGqiznN-Rs/157564805', 'token': '4SBS1Xc077iUjwEfcSiBB8SYEY2tVPnL-pjfgoOBB7E'}], 'wildcard': True}
check_authorization_status_success
respond_to_challenge
make_signed_acme_request
get_acme_header
get_nonce
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/new-nonce HTTP/1.1" 204 0
sign_message
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/challenge/NJnLw9S36dRz4r5UBlOS6eVep-41oY3l5kGqiznN-Rs/157564805 HTTP/1.1" 200 229
respond_to_challenge_response. status_code=200. response={'type': 'dns-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/NJnLw9S36dRz4r5UBlOS6eVep-41oY3l5kGqiznN-Rs/157564805', 'token': '4SBS1Xc077iUjwEfcSiBB8SYEY2tVPnL-pjfgoOBB7E'}
respond_to_challenge_success
check_authorization_status
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/authz/uxOAon5OiQCPSWE_BFvdYpoMLKPTKDGFWQPm_cNrseo HTTP/1.1" 200 923
check_authorization_status_response. status_code=200. response={'identifier': {'type': 'dns', 'value': 'menduo.net'}, 'status': 'pending', 'expires': '2018-08-15T12:54:00Z', 'challenges': [{'type': 'dns-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/uxOAon5OiQCPSWE_BFvdYpoMLKPTKDGFWQPm_cNrseo/157564806', 'token': 'bh1ltgSS8IYy3qAoJNZX4vox6fJAS2c4ieZPbaHNLqs'}, {'type': 'http-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/uxOAon5OiQCPSWE_BFvdYpoMLKPTKDGFWQPm_cNrseo/157564807', 'token': 'tHOptaRbMwf8UGfNdX6h8DZdk2XrtKlk_e9qbEb3Cak'}, {'type': 'tls-alpn-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/uxOAon5OiQCPSWE_BFvdYpoMLKPTKDGFWQPm_cNrseo/157564808', 'token': '54wqt92omwQu4xsZcms2lAg4bH6AWzcQZa6aqQNUtMQ'}]}
check_authorization_status_success
respond_to_challenge
make_signed_acme_request
get_acme_header
get_nonce
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/new-nonce HTTP/1.1" 204 0
sign_message
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/challenge/uxOAon5OiQCPSWE_BFvdYpoMLKPTKDGFWQPm_cNrseo/157564806 HTTP/1.1" 200 229
respond_to_challenge_response. status_code=200. response={'type': 'dns-01', 'status': 'pending', 'url': 'https://acme-staging-v02.api.letsencrypt.org/acme/challenge/uxOAon5OiQCPSWE_BFvdYpoMLKPTKDGFWQPm_cNrseo/157564806', 'token': 'bh1ltgSS8IYy3qAoJNZX4vox6fJAS2c4ieZPbaHNLqs'}
respond_to_challenge_success
send_csr
make_signed_acme_request
get_acme_header
get_nonce
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/new-nonce HTTP/1.1" 204 0
sign_message
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/finalize/6609616/5597771 HTTP/1.1" 200 653
send_csr_response. status_code=200. response={'status': 'valid', 'expires': '2018-08-15T12:54:00Z', 'identifiers': [{'type': 'dns', 'value': '*.menduo.net'}, {'type': 'dns', 'value': 'menduo.net'}], 'authorizations': ['https://acme-staging-v02.api.letsencrypt.org/acme/authz/NJnLw9S36dRz4r5UBlOS6eVep-41oY3l5kGqiznN-Rs', 'https://acme-staging-v02.api.letsencrypt.org/acme/authz/uxOAon5OiQCPSWE_BFvdYpoMLKPTKDGFWQPm_cNrseo'], 'finalize': 'https://acme-staging-v02.api.letsencrypt.org/acme/finalize/6609616/5597771', 'certificate': 'https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa9e22ee639a7e7c3da37fde0ea36b0ad8cd'}
send_csr_success
download_certificate
make_signed_acme_request
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/cert/fa9e22ee639a7e7c3da37fde0ea36b0ad8cd HTTP/1.1" 200 3798
download_certificate_response. status_code=200. response=b'-----BEGIN CERTIFICATE-----\nMI'
download_certificate_success
delete_dns_record start: ('*.menduo.net', 'r_2bfvT8tNi3jnrQHAbHmgkML6DSLBQp7PaPxkMkKIc')
delete_dns_record end: ('*.menduo.net', 'r_2bfvT8tNi3jnrQHAbHmgkML6DSLBQp7PaPxkMkKIc')
delete_dns_record start: ('menduo.net', 'dDsdv_S7D4jqfmThoXsR5DF5HwOPhN92y4hj0Vurn2k')
delete_dns_record end: ('menduo.net', 'dDsdv_S7D4jqfmThoXsR5DF5HwOPhN92y4hj0Vurn2k')
certificate succesfully written to /data/install/menduo.net.crt.
certificate key succesfully written to /data/install/menduo.net.key.
the_end. Certificate Succesfully issued. The certificate, certificate key and account key have been saved in the current directory

Alternatively if you want to conribute to this repo, answer this questions instead in your issue:

What is it that you would like to propose to add/remove/change?

Why do you want to add/remove/change that?

How do you want to go about adding/removing/changing that?

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Comments:9 (9 by maintainers)

github_iconTop GitHub Comments

1reaction
menduocommented, Aug 15, 2018

@komuw Thank you, thanks for your patience.

I’m sorry to trouble you about this.

I’ve found the reason, there is a bug in aliyun.py, the extract_zone method returns wrong value when the argument is like *.menduo.net or menduo.net.

Sorry about that. I’ve fix that bug and created a pull request.

Thanks.

0reactions
komuwcommented, Aug 17, 2018
Read more comments on GitHub >

github_iconTop Results From Across the Web

What to do if your CSR is not accepted ('CSR invalid' errors ...
Learn more about What to do if your CSR is not accepted ('CSR invalid' errors) during certificate activation. Find your answers at Namecheap...
Read more >
Resolving Errors With Your CSR | SSL Certificates - GoDaddy
Use this list to check your certificate signing request (CSR) for errors if you have trouble submitting it in the online application.
Read more >
Certificate Services Support - Entrust
Solution: The error specifies which value is missing. Regenerate a Certificate Signing Request (CSR) with the missing value(s).
Read more >
Why do I get an 'Invalid CSR' error message when I try to ...
There are many reasons why a CSR may be invalid. When you create the CSR make sure: The common name is an FQDN...
Read more >
Error Message while sending CSR to Entrust through Venafi ...
Cause: This error is typically been seen by customers when a CN (Common Name) and/or SAN (Subject Alternate Name) Domain is not recognized...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Typo in Repository README

Next page

Add Optional Metadata Parameter to Service Interface