"LetsEncrypt request successful" but contains error message for non-success


Enter Your Query:
Use '%' for wildcards and quotes for "exact phrases"


Top Level » SSL » Let's Encrypt

"LetsEncrypt request successful" but contains error message for non-successLast Modified: Jun 13, 2019, 5:28 pm
We had a few reports where Debian systems were returning a success message for LetsEncrypt calls, while the message itself contained errors, eg:

Subject: LetsEncrypt request successful

Requesting new certificate order...
Processing authorization for fakedomain.com...
Error: http://fakedomain.com/.well-known/acme-challenge/letsencrypt_1560468322 is not reachable. Aborting the script.
dig output for fakedomain.com:
Please make sure /.well-known alias is setup in WWW server.

The message itself isn't relevant, as the domains in question does not exist.

The issue was that the subject was reporting success, when the letsencrypt.sh script was returning an error code.

Debugging the issue found that /bin/dash (the Debian shell) to be the cause, in that it was returning code 0, when the script it was calling was returning code 1.

Simple solution: Use bash.

  1. Install bash on your system, if it's not present:

    apt-get install bash

    and confirm the binary exists at:

    ls -la /bin/bash

  2. /bin/bash is present, change /bin/sh to use it:

    ln -sf bash /bin/sh

    which changes the old "/bin/sh -> dash" link to point to the properly behaving bash binary.

© 2018 JBMC Software, Suite 173  3-11 Bellerose Drive, St Albert, AB  T8N 1P7  Canada.  Mon-Fri 9AM-5PM MST