-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathTODO.txt
More file actions
47 lines (44 loc) · 2.12 KB
/
TODO.txt
File metadata and controls
47 lines (44 loc) · 2.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
## Add a way to prule all txt records/challenges on startup in challenge_stores.
- [x] This is important
## Fix the ssl warning in nginx
Chatgpt says that when obtaining cert, there is alternate link that contains the fullchain certificate.
Link: <https://acme-v02.api.letsencrypt.org/acme/cert/XYZ>;rel="alternate"
- [x] The response already had fullchain cert, it was issue on the keystore part
- [ ] But still the warning is error log for missing OSP signature related to sll_stapling.
## Did not request certificate
- [x] This appears to be case only when bad nonce error occurs. Retry logic is failed to include correct payload
Valid configuration Id:4329b56b0bba nginx-external_configs-1
- wss://photos.bhattarai.me:80/
-> http://172.31.7.3:2283
[CertificateOrSelfSign] Checking domains: photos.bhattarai.me
Request [400] : POST https://acme-v02.api.letsencrypt.org/acme/new-order step=Acme request:newOrder
Server nginx
Date Thu, 03 Jul 2025 04:56:29 GMT
Content-Type application/problem+json
Content-Length 203
Connection keep-alive
Boulder-Requester 2501318181
Cache-Control public, max-age=0, no-cache
Link <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce Qgju4q6iolL2XSMDGnSxVa2ZIyKZAklsFjuS7bYLIalpmafoeZY
Response: {
"type": "urn:ietf:params:acme:error:badNonce",
"detail": "Unable to validate JWS :: JWS has an invalid anti-replay nonce: \"Qgju4q6ihf7VlW_phfxyRvf6ArZVd_2xGEWZb44-n1_d6d9VpRw\"",
"status": 400
}
Request [204] : GET https://acme-v02.api.letsencrypt.org/acme/new-nonce step=Acme request:newOrder > Fetch new Nonce
Request [400] : POST https://acme-v02.api.letsencrypt.org/acme/new-order step=Acme request:newOrder
Server nginx
Date Thu, 03 Jul 2025 04:56:33 GMT
Content-Type application/problem+json
Content-Length 133
Connection keep-alive
Boulder-Requester 2501318181
Cache-Control public, max-age=0, no-cache
Link <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce hFKQ31G5VJC8d8iQqoUvyB4jBXjFCL066sLcT6yxDjVQkeo_XD8
Response: {
"type": "urn:ietf:params:acme:error:malformed",
"detail": "NewOrder request did not specify any identifiers",
"status": 400
}