From jaime at snowmoon.com  Mon May 21 19:25:04 2018
From: jaime at snowmoon.com (Jaime)
Date: Mon, 21 May 2018 19:25:04 -0400
Subject: [CDBUG-talk] Let's Encrypt on apache/FreeBSD
Message-ID: <CA+dYCinVf-qLV2jqDDNX2UiSyEhW4y8aOVwuBoJyQy5qV3b9mg@mail.gmail.com>

I thought that I got Let's Encrypt and acme-client running on a FreeBSD
system a couple of months ago.  Now I realize that the certificate isn't
renewing.  When I try to run it manually, I get this:

root at its1# /usr/local/bin/acme-client -vvvNn its1.cairodurham.org
acme-client: /usr/local/etc/acme/privkey.pem: account key exists (not creating)
acme-client: /usr/local/etc/ssl/acme/private/privkey.pem: domain key
exists (not creating)
acme-client: /usr/local/etc/ssl/acme/private/privkey.pem: loading domain key
acme-client: /usr/local/etc/acme/privkey.pem: loading RSA account
keyacme-client: /usr/local/etc/ssl/acme/private/privkey.pem: loaded
RSA domain key

acme-client: https://acme-v01.api.letsencrypt.org/directory: directories
acme-client: acme-v01.api.letsencrypt.org: DNS: 23.206.173.42
acme-client: acme-v01.api.letsencrypt.org: DNS: 2600:141b:13:29a::3a8e
acme-client: acme-v01.api.letsencrypt.org: DNS: 2600:141b:13:289::3a8e
acme-client: transfer buffer: [{ "key-change":
"https://acme-v01.api.letsencrypt.org/acme/key-change", "meta": {
"caaIdentities": [ "letsencrypt.org" ], "terms-of-service":
"https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org" }, "new-authz":
"https://acme-v01.api.letsencrypt.org/acme/new-authz", "new-cert":
"https://acme-v01.api.letsencrypt.org/acme/new-cert", "new-reg":
"https://acme-v01.api.letsencrypt.org/acme/new-reg", "revoke-cert":
"https://acme-v01.api.letsencrypt.org/acme/revoke-cert",
"w2AgMO86vBg": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417"
}] (658 bytes)
acme-client: https://acme-v01.api.letsencrypt.org/acme/new-authz:
req-auth: its1.cairodurham.org
acme-client: acme-v01.api.letsencrypt.org: cached
acme-client: acme-v01.api.letsencrypt.org: cached
acme-client: https://acme-v01.api.letsencrypt.org/acme/new-authz: bad HTTP: 403
acme-client: transfer buffer: [{ "type":
"urn:acme:error:unauthorized", "detail": "No registration exists
matching provided key", "status": 403 }] (120 bytes)
acme-client: bad exit: netproc(98832): 1


Any idea what I got wrong?

Thanks in advance for any help you can provide.

Jaime
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nycbug.org/pipermail/cdbug-talk/attachments/20180521/260ecdfa/attachment.html>