urn:acme:error:unauthorized

[dbiers]

Getting this error that we're unauthorized for getting the verification from LetsEncrypt.

Error occurred: Status: 403, Detail: Error creating new cert :: Authorizations for these names not found or expired: domain.com, www.domain.com, Type: urn:acme:error:unauthorized 

A couple of things about the environment.

• open_basedir is currently active to prevent any out-side browsing of the users/accounts.
• suPHP/suExec is currently active as a security measure.
• mod_security is currently active (as we have many problems with attacks). I do not see any rules being triggered here.
• DNS for domain is pointed to server via Cloudflare. The web requests come from cloudflare IP address ranges, although we're able to see real IP's via mod_cloudflare (like that helps anything at all..).

I can see when the script runs, I'm watching the folders and files get created and everything gets the correct permissions (folder 755, file 644). There is no current htaccess file causing re-writes and I can access test files I create in the acme-challenge folder.

I'm not sure why the errors keep coming through as unauthorized, though.

[dbiers]

I can see the systems reaching the verification, but I don't know why it's failing. Maybe someone else has a clue?

66.133.109.36 - - [05/Jun/2016:23:52:10 -0400] "GET /.well-known/acme-challenge/z7SsZLN7kxTE******************************** HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"

[Prajithp]

@dbiers Please check this #41