On Fri, 14 May 2021 at 13:43, Jerry Geis <jerry.geis at gmail.com> wrote: > On Fri, May 14, 2021 at 11:52 AM Jerry Geis <jerry.geis at gmail.com> wrote: > > > Hi All - I am using getssl on CentOS 7. > > It have been working fine since Feb 17th and just stopped. > > > > My script: > > getssl -u -a -q > > getssl: for some reason could not reach > > > http://MY_NAME/.well-known/acme-challenge/lL_ublhWh3fnmbXhhh3BR3bdnjHoMFAgTimTvZUTLQM > > - please check it manually > > > > So I did check it manually from another machine - it works fine: > > curl > > > http://MY_NAME/.well-known/acme-challenge/lL_ublhWh3fnmbXhhh3BR3bdnjHoMFAgTimTvZUTLQM > > > > > > > lL_ublhWh3fnmbXhhh3BR3bdnjHoMFAgTimTvZUTLQM.tIS27xF0xtz7YHES31MATofXyCeyfqttq7B_YBYZetI > > > > So it works fine. > > > > I then thought perhaps a firewall issue. So I "systemctl stop firewalld", > > redid the getssl -u -a -q command above - and I get the same error. > > > > How do I see/tell what its not liking ? > > > > Thanks, > > > > Jerry > > > > I took off the -q as requested - doesnt say much more. > > > Redirecting to /bin/systemctl stop httpd.service > Check all certificates > MY_NAME: no certificate obtained from host > Registering account > Verify each domain > Verifying MY_NAME > copying challenge token to > > /var/www/html/.well-known/acme-challenge/lL_ublhWh3fnmbXhhh3BR3bdnjHoMFAgTimTvZUTLQM > getssl: for some reason could not reach > > http://MY_NAME/.well-known/acme-challenge/lL_ublhWh3fnmbXhhh3BR3bdnjHoMFAgTimTvZUTLQM > - please check it manually > Redirecting to /bin/systemctl start httpd.service > > > > I thought the -u does the automatic upgrade - > > getssl -v > getssl V2.36 > > I would check the getssl.cfg file and see if it is asking for version 1 acme certs. [ I do not use this software and am just going from https://github.com/srvrco/getssl where it has the certificate server it wants to use in the latest version to be CA="https://acme-v02.api.letsencrypt.org" -- Stephen J Smoogen. I've seen things you people wouldn't believe. Flame wars in sci.astro.orion. I have seen SPAM filters overload because of Godwin's Law. All those moments will be lost in time... like posts on BBS... time to reboot.