Just wondering if there has been any updates to letsyncrypt. My latest update is from Aug 14th and I am still getting this error:
(executed manually jsexec letsyncrypt --force)
Reading script from C:\sbbs\exec\letsyncrypt.js
C:\sbbs\exec\letsyncrypt.js compiled in 0.00 seconds
Getting directory.
Calling newOrder.
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
{
"type": "urn:ietf:params:acme:error:malformed",
"detail": "JWS verification error",
"status": 400
}
!JavaScript : uncaught exception: newOrder responded with 400 not 201
My letsyncrypt.ini is:
Host=acme-v02.api.letsencrypt.org
Directory=/directory
TOSAgreed=true
[Domains]
alleycat.synchro.net=/sbbs/etrucker
emptykeg.synchro.net=/sbbs/etrucker
[key_id] acme-v02.api.letsencrypt.org=https://acme-v02.api.letsencrypt.org/acme /acct/51915535
@MSGID: <5D62EC68.46053.sync_sys@vert.synchro.net>
@REPLY: <5D62841B.1225.dove-syncops@alleycat.synchro.net>
@TZ: c1e0
Re: Letsyncrypt
By: Mortifis to All on Sun Aug 25 2019 09:50 am
Just wondering if there has been any updates to letsyncrypt. My latest update is from Aug 14th and I am still getting this error:
(executed manually jsexec letsyncrypt --force)
Reading script from C:\sbbs\exec\letsyncrypt.js C:\sbbs\exec\letsyncrypt.js compiled in 0.00 seconds
Getting directory.
Calling newOrder.
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
{
"type": "urn:ietf:params:acme:error:malformed",
"detail": "JWS verification error",
"status": 400
}
!JavaScript : uncaught exception: newOrder responded with 400 not 201
My letsyncrypt.ini is:
Host=acme-v02.api.letsencrypt.org
Directory=/directory
TOSAgreed=true
[Domains]
alleycat.synchro.net=/sbbs/etrucker
emptykeg.synchro.net=/sbbs/etrucker
[key_id] acme-v02.api.letsencrypt.org=https://acme-v02.api.letsencrypt.org/acme /acct/51915535
Maybe try renaming or moving your ctrl/letsyncrypt.key file.
digital man
@MSGID: <5D62EC68.46053.sync_sys@vert.synchro.net>
@REPLY: <5D62841B.1225.dove-syncops@alleycat.synchro.net>
@TZ: c1e0
Re: Letsyncrypt
By: Mortifis to All on Sun Aug 25 2019 09:50 am
Just wondering if there has been any updates to letsyncrypt. My latest update is from Aug 14th and I am still getting this error:
(executed manually jsexec letsyncrypt --force)
Reading script from C:\sbbs\exec\letsyncrypt.js C:\sbbs\exec\letsyncrypt.js compiled in 0.00 seconds
Getting directory.
Calling newOrder.
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
{
"type": "urn:ietf:params:acme:error:malformed",
"detail": "JWS verification error",
"status": 400
}
!JavaScript : uncaught exception: newOrder responded with 400 not 201
My letsyncrypt.ini is:
Host=acme-v02.api.letsencrypt.org
Directory=/directory
TOSAgreed=true
[Domains]
alleycat.synchro.net=/sbbs/etrucker emptykeg.synchro.net=/sbbs/etrucker
[key_id] acme-v02.api.letsencrypt.org=https://acme-v02.api.letsencrypt.org/acme /acct/51915535
Maybe try renaming or moving your ctrl/letsyncrypt.key file.
That was the first thing I tried, also tried deleting the file and running the script again with the same results. alleycat is on port 81, could that be an issue?
non-standard TCP port. Anyone know? If there's no configuration setting, then perhaps you'll have to, at least temporarily, useThat was the first thing I tried, also tried deleting the file and running the script again with the same results. alleycat is on port 81, could that be an issue?
I don't see any method of telling letsencrypt to valid your domain using a
port 80 for your verification.
@VIA: ALTERANT
@MSGID: <5D645A6C.1168.dove-syncops@bbs.leenooks.net>
@REPLY: <5D6444D4.46070.sync_sys@vert.synchro.net>
@TZ: 1258
Re: Re: Letsyncrypt
By: Digital Man to Mortifis on Mon Aug 26 2019 01:45 pm
That was the first thing I tried, also tried deleting the file and running the script again with the same results. alleycat is on port 81, could that be an issue?
I don't see any method of telling letsencrypt to valid your domain using a non-standard TCP port. Anyone know? If there's no configuration setting, then perhaps you'll have to, at least temporarily, use
port 80 for your verification.
I think I've been here before, and no, as far as I can remember you cannot use anything other than http (port 80) for validation - if you choose that validation method.
Alterantively, you can use DNS validation, where a token needs to be populated in DNS, and letsencrypt validates that its been updated by a DNS query. I use that process for wildcards, using cloudflare DNS (they have an API that enables you to automate it).
@VIA: ALTERANT
@MSGID: <5D645A6C.1168.dove-syncops@bbs.leenooks.net>
@REPLY: <5D6444D4.46070.sync_sys@vert.synchro.net>
@TZ: 1258
Re: Re: Letsyncrypt
By: Digital Man to Mortifis on Mon Aug 26 2019 01:45 pm
That was the first thing I tried, also tried deleting the file and running the script again with the same results. alleycat is on port 81, could that be an issue?
I don't see any method of telling letsencrypt to valid your domain using a non-standard TCP port. Anyone know? If there's no configuration setting, then perhaps you'll have to, at least temporarily, use
port 80 for your verification.
I think I've been here before, and no, as far as I can remember you cannot use anything other than http (port 80) for validation - if you choose that validation method.
Alterantively, you can use DNS validation, where a token needs to be populated in DNS, and letsencrypt validates that its been updated by a DNS query. I use that process for wildcards, using cloudflare DNS (they have an API that enables you to automate it).
A viable option, however, in this instance, I am not going to ask DM and/or our devs to add TXT record support to dyndns.js nor WebHops and Redirects to accommodate non-standard ports. I had tried to add a virtualhost and a redirect to my Apache that resides on a separate system which has SSL/TLS encryption but SBBS Web Server still failed. No worries I appreciate the info
Re: Re: Letsyncrypt
By: Mortifis to Alterego on Tue Aug 27 2019 10:26 am
@VIA: ALTERANT
@MSGID: <5D645A6C.1168.dove-syncops@bbs.leenooks.net>
@REPLY: <5D6444D4.46070.sync_sys@vert.synchro.net>
@TZ: 1258
Re: Re: Letsyncrypt
By: Digital Man to Mortifis on Mon Aug 26 2019 01:45 pm
That was the first thing I tried, also tried deleting the file and running the script again with the same results. alleycat is on port 81, could that be an issue?
I don't see any method of telling letsencrypt to valid your domain using a non-standard TCP port. Anyone know? If there's no configuration setting, then perhaps you'll have to, at least temporarily, use
port 80 for your verification.
I think I've been here before, and no, as far as I can remember you cannot use anything other than http (port 80) for validation - if you choose that validation method.
Alterantively, you can use DNS validation, where a token needs to be populated in DNS, and letsencrypt validates that its been updated by a DNS query. I use that process for wildcards, using cloudflare DNS (they have an API that enables you to automate it).
A viable option, however, in this instance, I am not going to ask DM and/or our devs to add TXT record support to dyndns.js nor WebHops and Redirects to accommodate non-standard ports. I had tried to add a virtualhost and a redirect to my Apache that resides on a separate system which has SSL/TLS encryption but SBBS Web Server still failed. No worries I appreciate the info
I'll look into adding TXT record support.
@MSGID: <5D655C76.46076.sync_sys@vert.synchro.net>
@REPLY: <5D6558C0.46075.sync_sys@vert.synchro.net>
@TZ: c1e0
Re: Re: Letsyncrypt
By: Digital Man to Mortifis on Tue Aug 27 2019 09:22 am
I'll look into adding TXT record support.
Get the latest dyndns.js from CVS and then add a "TXT" value to the [dyndns] section of your ctrl/modopts.ini file. Let me know how that works for ya,
digital man
@MSGID: <5D655C76.46076.sync_sys@vert.synchro.net>
@REPLY: <5D6558C0.46075.sync_sys@vert.synchro.net>
@TZ: c1e0
Re: Re: Letsyncrypt
By: Digital Man to Mortifis on Tue Aug 27 2019 09:22 am
I'll look into adding TXT record support.
Get the latest dyndns.js from CVS and then add a "TXT" value to the [dyndns] section of your ctrl/modopts.ini file. Let me know how that works for ya,
digital man
I updated my dyndns.js but am not sure what keys=values to put in modopts.ini [dyndns] (I assume I have to add [dyndns] to modopts.ini)
or how
to tell letsyncrypt.js that it should use DNS Validation instead of http :/
I updated my dyndns.js but am not sure what keys=values to put in modopts.ini [dyndns] (I assume I have to add [dyndns] to modopts.ini)
Yes, you'd have to add that section to modopts.ini, like this:
[dyndns]
txt=some text
wildcard=true
or how
to tell letsyncrypt.js that it should use DNS Validation instead of http :/
That, I don't know. There's been some doubt about whether or not letsencrypt will actually follow a CNAME as well (which is how the wildcards are supported), so I am curious for someone to try that out.
digital man
[dyndns]
txt=some text
wildcard=true
I updated my dyndns.js but am not sure what keys=values to put in modopts.ini [dyndns] (I assume I have to add [dyndns] to modopts.ini)
Yes, you'd have to add that section to modopts.ini, like this:
[dyndns]
txt=some text
wildcard=true
or how
to tell letsyncrypt.js that it should use DNS Validation instead of http :/
That, I don't know. There's been some doubt about whether or not letsencrypt will actually follow a CNAME as well (which is how the wildcards are supported), so I am curious for someone to try that out.
digital man
If I am understanding correctly, the dns provider (I assume it is vert.synchro.net) needs to have a CNAME or NS record that is used in DNS-01 Validation. I personally would not expect either you, Duece or EC revamp or create an entire API that stores the TXT records for each *.synchro.net subdomain, but we will keep looking at work arounds :-/
I suppose one solution would be to somehow make the ssl.cert less self-signed then we wouldn't need letsencrypt or certbot :)
[dyndns]
txt=some text
wildcard=true
I ran jsexec dyndns.js <qwk-pass> and noticed that there is also an RX ttl? so I added that to my modopts.ini
how's this look and what does dyndns.synchro.net expect and do with the TX(s)?
[dyndns]
ip =
ip6 =
ttl =84600
mx = alleycat.synchro.net
txt = AlleyCat BBS
loc = vert.synchro.net IN LOC 33 55 46.493 N 117 33 18.323 W 190m 10m 100m 10m
wildcard = true
port = 81
tlsport = 443
I used the loc of Norco, CA lol since I believe it is asking the location of your dyndns server :-)
[dyndns]
loc = vert.synchro.net IN LOC 33 55 46.493 N 117 33 18.323 W 190m 10m 100m 10m
The syntax of that "loc" value is wrong.
[dyndns]
loc = vert.synchro.net IN LOC 33 55 46.493 N 117 33 18.323 W 190m 10m 100m 10m
The syntax of that "loc" value is wrong.
What is the proper usage? I followed the link on the wiki:
loc = LOC records alleycat.synchro.net IN LOC 44 44 44.184 N 63 22 59.951 W 49m 10m 100m 10m
is that correct?
@MSGID: <5D6F1DDF.46225.sync_sys@vert.synchro.net>
@REPLY: <5D6F12CE.1402.dove-syncops@alleycat.synchro.net>
@TZ: c1e0
Re: Re: Letsyncrypt
By: Mortifis to Digital Man on Tue Sep 03 2019 10:26 pm
[dyndns]
loc = vert.synchro.net IN LOC 33 55 46.493 N 117 33 18.323 W 190m 10m 100m 10m
The syntax of that "loc" value is wrong.
What is the proper usage? I followed the link on the wiki:
loc = LOC records alleycat.synchro.net IN LOC 44 44 44.184 N 63 22 59.951 W 49m 10m 100m 10m
is that correct?
No, it would be more like this:
loc = 33 54 18.602 N 117 31 28.933 W 289.00m 10m 100m 10m
Thu Dec 5 22:45:40 2019 havens.synchronetbbs.org
evnt SYNCRYPT Web root for TOSAgreed is not a directory (true)
What am I doing wrong?
evnt SYNCRYPT Web root for TOSAgreed is not a directory (true)
What am I doing wrong?
what does your ctrl/letsyncrypt.ini look like?
Re: Re: Letsyncrypt
By: Mortifis to HusTler on Sat Dec 07 2019 08:17 am
evnt SYNCRYPT Web root for TOSAgreed is not a directory (true)
What am I doing wrong?
what does your ctrl/letsyncrypt.ini look like?
[Domains]
synchronetbbs.org = /sbbs/webv4/root
TOSAgreed=true
what does your ctrl/letsyncrypt.ini look like?
[Domains]
synchronetbbs.org = /sbbs/webv4/root
TOSAgreed=true
Re: Re: Letsyncrypt
By: HusTler to Mortifis on Sat Dec 07 2019 09:51:50
what does your ctrl/letsyncrypt.ini look like?
[Domains]
synchronetbbs.org = /sbbs/webv4/root
TOSAgreed=true
Shouldn't that be havens.synchronetbbs.org?
Sysop: | Zazz |
---|---|
Location: | Mesquite, Tx |
Users: | 7 |
Nodes: | 4 (0 / 4) |
Uptime: | 14:21:29 |
Calls: | 157 |
Files: | 2,103 |
Messages: | 144,386 |