> Am 11.03.2021 um 09:41 schrieb Clausen, Jörn <joern.clau...@uni-bielefeld.de>:
>
> "detail": "Starting challenges for domains"
> "detail": "Setting up challenge 'dns-01' for domain foo"
> "detail": "Setting up challenge 'dns-01' for domain bar"
> "detail": "Monitoring challenge status for foo"
> "detail": "Monitoring challenge status for foo: domain authorization
> for foo is valid"
> "detail": "Monitoring challenge status for foo: domain authorization
> for bar failed with state 3"
> "detail": "domain authorization for bar failed with state 3"
This says that the dns-01 setup worked for domain 'foo', but Let's Encrypt
could not verify the dns challenge for 'bar'. This tells me:
a) your script was run for domain 'foo' and did the right thing, LE saw the DNS
entry and was satisfied.
b) your script, when called immediately afterwards 'foo' for 'bar', did not
achieve the same
In mod_md, when executing the MDChallengeDns01 command, two things will be
logged at level
ERROR: when the script was unable to be executed, which will probably not be
resolved by retrying
INFO: when the script returned != 0 and the setup failed, which is retried as a
failure might depend on external services that can be unavailable temporarily
That nothing was logged indicates to me that the script run and returned exit
code 0.
I would advise the following:
- configure 'LogLevel md:trace2' to see all the details the module does until
you have analyzed it
- remove the "staging/foo+bar" folder with the failed attempt
- reload your server
mod_md will pick up that foo+bar needs renewal and you will see in the log when
your script is called and what it returned.
Hope this helps,
Stefan
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
