LettuceEncrypt icon indicating copy to clipboard operation
LettuceEncrypt copied to clipboard
verified publisher icon natemcmaster

Failed to validate ownership of domainName

Open patolax opened this issue 1 year ago • 2 comments

Describe the bug Sample application thorws Failed to validate ownership of domainName when testing with ngrok.

I am using the LettuceEncrypt sample application together with ngrok (ngrok http 80) to test Lets Encrypt certificate creation.

fail: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
      Failed to validate ownership of domainName 't79b-149-167-20-95.ngrok-free.app'. Reason: urn:ietf:params:acme:error:tls: x.xxxx:Xxx:Xx: remote error: tls: no application protocol, Code = BadRequest
trce: LettuceEncrypt.Internal.TlsAlpnChallengeResponder[0]
      Clearing ALPN cert for t79b-149-167-20-95.ngrok-free.app
dbug: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
      Validation with TlsAlpn01DomainValidator failed with error: Failed to validate ownership of domainName 't79b-149-167-20-95.ngrok-free.app'
      System.InvalidOperationException: Failed to validate ownership of domainName 't79b-149-167-20-95.ngrok-free.app'
         at LettuceEncrypt.Internal.DomainOwnershipValidator.WaitForChallengeResultAsync(IAuthorizationContext authorizationContext, CancellationToken cancellationToken) in C:\Users\Desktop\LettuceEncrypt-main\src\LettuceEncrypt\Internal\DomainOwnershipValidator.cs:line 56
my question is how to test the sample application.

To Reproduce Steps to reproduce the behavior:

  1. Use sample web project
  2. RUN ngrok http 80 and get the domain url
  3. Update appsettings
  4. Run the code
  5. Error shown on console

Expected behavior Get certificate

Screenshots If applicable, add screenshots to help explain your problem.

Additional context Add any other context about the problem here.

patolax avatar May 07 '24 06:05 patolax

Because you did not add DnsChallengeProvider For example: services.AddLettuceEncrypt().PersistDataToDirectory(new DirectoryInfo(AppContext.BaseDirectory), "abc123456"); services.AddxxxxxxxDnsChallengeProvider();

andywu188 avatar May 17 '24 14:05 andywu188

It has been a long time since I tried playing with ngrok to test this. https://github.com/natemcmaster/LettuceEncrypt/blob/49e2c62ed9107294aca992f128ef37a7efc16b76/test/Integration/README.md contains some instructions which I haven't tried several years. Can you give those steps a try?

natemcmaster avatar May 20 '24 00:05 natemcmaster