security/py-certbot ignores --standalone
tech-lists
tech-lists at zyxst.net
Sun Jun 24 14:06:47 UTC 2018
aaagh please ignore... thought it'd operate on port 443 and not 80
(which was not allowed in pf.conf)
sorry for the noise
On 24/06/2018 15:02, tech-lists wrote:
> Hello,
>
> context is 12.0-CURRENT #0 r335317 and ports r473196 on amd64.
>
> I haven't got a webserver installed yet, so I install
> security/py-certbot and run it with the intention of spinning up its
> standalone server, to create/fetch the certs. But it always wants to
> verify the domain using the webroot method, no matter if I select
> standalone from the interactive option or --standalone to run it on one
> line.
>
>
> Is ports@ the right place to report this?
>
> ========================================================================
>
> root at v007:/usr/ports/security/py-certbot# certbot certonly
> Saving debug log to /var/log/letsencrypt/letsencrypt.log
>
> How would you like to authenticate with the ACME CA?
> -------------------------------------------------------------------------------
>
> 1: Spin up a temporary webserver (standalone)
> 2: Place files in webroot directory (webroot)
> -------------------------------------------------------------------------------
>
> Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
>
> Plugins selected: Authenticator standalone, Installer None
> Please enter in your domain name(s) (comma and/or space separated)
> (Enter 'c'
> to cancel): [REDACTED]
>
> Obtaining a new certificate
> Performing the following challenges:
> http-01 challenge for [REDACTED]
> Waiting for verification...
> Cleaning up challenges
> Failed authorization procedure. [REDACTED] (http-01):
> urn:acme:error:connection :: The server could not connect to the client
> to verify the domain :: Fetching
> http://[REDACTED]/.well-known/acme-challenge/x02YKwY5V0fWT_frDkJjJlUvZ5ErLZ38c41F2BJs-Uo:
> Connection refused
>
> IMPORTANT NOTES:
> - The following errors were reported by the server:
>
> Domain: [REDACTED]
> Type: connection
> Detail: Fetching
>
> http://[REDACTED]/.well-known/acme-challenge/x02YKwY5V0fWT_frDkJjJlUvZ5ErLZ38c41F2BJs-Uo:
>
> Connection refused
>
> To fix these errors, please make sure that your domain name was
> entered correctly and the DNS A/AAAA record(s) for that domain
> contain(s) the right IP address. Additionally, please check that
> your computer has a publicly routable IP address and that no
> firewalls are preventing the server from communicating with the
> client. If you're using the webroot plugin, you should also verify
> that you are serving files from the webroot path you provided.
>
> =========================================================================
>
> thanks,
--
J.
More information about the freebsd-ports
mailing list