security/py-certbot ignores --standalone

tech-lists tech-lists at zyxst.net
Sun Jun 24 14:06:47 UTC 2018 

aaagh please ignore... thought it'd operate on port 443 and not 80 
(which was not allowed in pf.conf)

sorry for the noise

On 24/06/2018 15:02, tech-lists wrote:
> Hello,
> 
> context is 12.0-CURRENT #0 r335317 and ports r473196 on amd64.
> 
> I haven't got a webserver installed yet, so I install 
> security/py-certbot and run it with the intention of spinning up its 
> standalone server, to create/fetch the certs. But it always wants to 
> verify the domain using the webroot method, no matter if I select 
> standalone from the interactive option or --standalone to run it on one 
> line.
> 
> 
> Is ports@ the right place to report this?
> 
> ========================================================================
> 
> root at v007:/usr/ports/security/py-certbot# certbot certonly
> Saving debug log to /var/log/letsencrypt/letsencrypt.log
> 
> How would you like to authenticate with the ACME CA?
> ------------------------------------------------------------------------------- 
> 
> 1: Spin up a temporary webserver (standalone)
> 2: Place files in webroot directory (webroot)
> ------------------------------------------------------------------------------- 
> 
> Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
> 
> Plugins selected: Authenticator standalone, Installer None
> Please enter in your domain name(s) (comma and/or space separated) 
> (Enter 'c'
> to cancel): [REDACTED]
> 
> Obtaining a new certificate
> Performing the following challenges:
> http-01 challenge for [REDACTED]
> Waiting for verification...
> Cleaning up challenges
> Failed authorization procedure. [REDACTED] (http-01): 
> urn:acme:error:connection :: The server could not connect to the client 
> to verify the domain :: Fetching 
> http://[REDACTED]/.well-known/acme-challenge/x02YKwY5V0fWT_frDkJjJlUvZ5ErLZ38c41F2BJs-Uo: 
> Connection refused
> 
> IMPORTANT NOTES:
>   - The following errors were reported by the server:
> 
>     Domain: [REDACTED]
>     Type:   connection
>     Detail: Fetching
> 
> http://[REDACTED]/.well-known/acme-challenge/x02YKwY5V0fWT_frDkJjJlUvZ5ErLZ38c41F2BJs-Uo: 
> 
>     Connection refused
> 
>     To fix these errors, please make sure that your domain name was
>     entered correctly and the DNS A/AAAA record(s) for that domain
>     contain(s) the right IP address. Additionally, please check that
>     your computer has a publicly routable IP address and that no
>     firewalls are preventing the server from communicating with the
>     client. If you're using the webroot plugin, you should also verify
>     that you are serving files from the webroot path you provided.
> 
> =========================================================================
> 
> thanks,


-- 
J.

More information about the freebsd-ports mailing list