Koozali.org: home of the SME Server

Letsencrypt fail with: provided key authorization was incorrect

Offline ReetP

  • *
  • 3,722
  • +5/-0
Re: Letsencrypt fail with: provided key authorization was incorrect
« Reply #15 on: April 12, 2018, 01:06:49 PM »
Indeed - you are right with what you write...

I try :-)

Quote
I will create a bug report as soon i had a rest :-)

Please do.

Quote
I apreciate verry much your help neverthenless...

No worries.

For your information there is now v0.5 in the smecontribs repo, and v0.6 in the smetest repo.

v0.6 I am testing at the minute as it allows migration from Letsencrypt v1 -> v2 api

I need to add and modify a couple of keys in smeserver-letsencrypt to ensure a smooth move and I will post something on this in the next few days.
...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation

Offline michelandre

  • *
  • 261
  • +0/-0
Re: Letsencrypt fail with: provided key authorization was incorrect
« Reply #16 on: April 15, 2018, 03:44:13 AM »
I Beast,

You wrote:
Quote
i cleaned up unnsed domains in /etc/dehydrated/certs/

Then you said:
Quote
i edit with nano -w config   and  my domains.txt with my old values.

You should clean domains.txt of all unused domains, not  /etc/dehydrated/certs/. Make sure domains.txt is only one line.
I think that the first domain in domains.txt should be the one in Primary i-bay (not sure of that)

If I remember right, /etc/dehydrated/certs/ contains a folder with the name of the first domain in domains.txt. This folder contains all the requests, certs and chains.

Also, maybe save accounts keys somewhere and delete everything in accounts directory.
Then
Code: [Select]
/etc/dehydrated/dehydrated --register --accept-termsAnd then
Code: [Select]
/etc/dehydrated/dehydrated -cor to force the renewal if still valid.
Code: [Select]
/etc/dehydrated/dehydrated -c --force
Michel-André
« Last Edit: April 15, 2018, 03:49:42 AM by michelandre »

Offline ReetP

  • *
  • 3,722
  • +5/-0
Re: Letsencrypt fail with: provided key authorization was incorrect
« Reply #17 on: April 15, 2018, 10:30:51 AM »
It's best to do as little manually as possible.. !

The v0.6 that I am testing has a  clean/archive function for old certs that works nicely.
...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation