You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
tls-alpn-01 challenge is currently failing with fhe following error.
challenge invalid: tls-alpn-01: invalid: Incorrect validation certificate for tls-alpn-01 challenge.
Requested <domain> from <letsencrypt_ip>:443. Received 1 certificate(s), first certificate had names ""
The error is basically that it could not get any of the DNS Subject Alternetive Names. Boulder expects exactly one DNS SAN with the same name as the domain name.
When you look at the golang crypto/x509 code, the dns names will be parsed only if the version is 3.
We are not setting any version in tls-alpn-01.lua. Which means the version is 1. Setting the version as 3 might fix this issue
When you use openssl, you can clearly see the DNS SANs.
tls-alpn-01
challenge is currently failing with fhe following error.The error location seems to be this in boulder:
The error is basically that it could not get any of the DNS Subject Alternetive Names. Boulder expects exactly one DNS SAN with the same name as the domain name.
When you look at the golang crypto/x509 code, the dns names will be parsed only if the version is 3.
We are not setting any version in
tls-alpn-01.lua
. Which means the version is 1. Setting the version as 3 might fix this issueWhen you use openssl, you can clearly see the DNS SANs.
The text was updated successfully, but these errors were encountered: