<div dir="ltr"><div><div><div>Sorry, I wasn't clear in my earlier subject line.  This is related to the Lets Encrypt installation.<br><br></div>I tried to pull some more relevant items from the log below.  I don't actually see all of the elements of my FQDN (<a href="http://ipa-a.kkgpitt.org">ipa-a.kkgpitt.org</a>) only references to the host (ipa-a) in the log, but am not sure what a good log should include.<br><br></div>Thanks for any assistance,<br></div>Joe<br><br><div><div><div><div><div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Dec 6, 2016 at 4:15 PM, Joseph Flynn <span dir="ltr"><<a href="mailto:jjflynn22@gmail.com" target="_blank">jjflynn22@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div><div><div><div><div>Volunteers,<br><br>I moved over to a Fedora VM which was way more difficult than it should be.  All kinds of problems with Guest Additions and I ended up having to run server mode with no GUI.  Now I run an Ubuntu VM from which I ssh into my Fedora VM.  Anyway...<br><br></div>The install made it a further step than before.  I get a quick blue screen pop up at the end then an error saying:<br><img src="cid:ii_158d5f3a3c5374f1" alt="Inline image 1" width="530" height="294"><br><br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span style="background-color:rgb(255,255,0)">An unexpected error occurred:<br>The request message was malformed :: DNS name does not have enough labels<br>Please see the logfiles in /var/log/letsencrypt for more details.</span><br></blockquote><br></div></div>When I run the cert checker util I get this<br><a href="https://www.sslshopper.com/ssl-checker.html#hostname=ipa-a.kkgpitt.org" target="_blank">https://www.sslshopper.com/<wbr>ssl-checker.html#hostname=ipa-<wbr>a.kkgpitt.org</a> <br><br></div>Full log below.<br><br></div>Any suggestions?  Is it not pulling my proper hostname?<br><br></div>Thanks,<br></div>Joe<br><br><br><br><br><span style="background-color:rgb(217,210,233)"><br><span style="background-color:rgb(213,166,189)">[jjflynn22@ipa-a ~]$ cat /etc/hosts</span></span><br>192.168.1.211<span style="background-color:rgb(213,166,189)"> <a href="http://ipa-a.kkgpitt.org" target="_blank">ipa-a.kkgpitt.org</a> ipa-a</span><br>127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4<br>::1         localhost localhost.localdomain localhost6 localhost6.localdomain6<br><br><br><br><br><span style="background-color:rgb(213,166,189)">[jjfly<span></span>nn22@ipa-a ~]$ sudo cat /var/log/letsencrypt/<wbr>letsencrypt.log</span><br>[sudo] password for jjflynn22: <br>2016-12-06 20:57:43,982:DEBUG:certbot.<wbr>main:Root logging level set at 20<br>2016-12-06 20:57:43,983:INFO:certbot.<wbr>main:Saving debug log to /var/log/letsencrypt/<wbr>letsencrypt.log<br>2016-12-06 20:57:43,991:DEBUG:certbot.<wbr>main:certbot version: 0.9.3<br>2016-12-06 20:57:43,991:DEBUG:certbot.<wbr>main:Arguments: ['--standalone', '--csr', '/root/ipa-le/httpd-csr.der', '--email', '<a href="mailto:xxxxx@gmail.com" target="_blank">xxxxx@gmail.com</a>', '--agree-tos']<br>2016-12-06 20:57:43,99<span style="background-color:rgb(255,217,102)"><span style=""></span></span>2:DEBUG:certbot.<wbr>main:Discovered plugins: PluginsRegistry(<wbr>PluginEntryPoint#webroot,<wbr>PluginEntryPoint#null,<wbr>PluginEntryPoint#manual,<wbr>PluginEntryPoint#standalone)<br>2016-12-06 20:57:43,995:DEBUG:certbot.<wbr>plugins.selection:Requested authenticator standalone and installer None<br>2016-12-06 20:57:44,019:DEBUG:certbot.<wbr>plugins.selection:Single candidate plugin: * standalone<br>Description: Spin up a temporary webserver<br>Interfaces: IAuthenticator, IPlugin<br>Entry point: standalone = certbot.plugins.standalone:<wbr>Authenticator<br>Initialized: <certbot.plugins.standalone.<wbr>Authenticator object at 0x7fc3dc6fccd0><br>Prep: True<br>2016-12-06 20:57:44,019:DEBUG:certbot.<wbr>plugins.selection:Selected authenticator <certbot.plugins.standalone.<wbr>Authenticator object at 0x7fc3dc6fccd0> and installer None<br>2016-12-06 20:57:44,115:DEBUG:certbot.<wbr>main:Picked account: <Account(<wbr>7446b15565eb5a2fc5850f3ad97dc6<wbr>dc)><br>2016-12-06 20:57:44,116:DEBUG:root:<wbr>Sending GET request to <a href="https://acme-v01.api.letsencrypt.org/directory" target="_blank">https://acme-v01.api.<wbr>letsencrypt.org/directory</a>. args: (), kwargs: {}<br>2016-12-06 20:57:44,119:INFO:requests.<wbr>packages.urllib3.<wbr>connectionpool:Starting new HTTPS connection (1): <a href="http://acme-v01.api.letsencrypt.org" target="_blank">acme-v01.api.letsencrypt.org</a><br>2016-12-06 20:57:44,500:DEBUG:requests.<wbr>packages.urllib3.<wbr>connectionpool:"GET /directory HTTP/1.1" 200 280<br>2016-12-06 20:57:44,506:DEBUG:root:<wbr>Received <Response [200]>. Headers: {'Content-Length': '280', 'Expires': 'Tue, 06 Dec 2016 20:57:46 GMT', 'Boulder-Request-Id': 'mqxztXHk-k5DDBqftS_<wbr>2vmB0sWVWVjS1twToXbIOdL0', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Tue, 06 Dec 2016 20:57:46 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'sz4mf6DlGO-<wbr>Iw1q8bOlAlisD3CKZlCZUA9JzmN3dc<wbr>Dk'}. Content: '{\n  "new-authz": "<a href="https://acme-v01.api.letsencrypt.org/acme/new-authz" target="_blank">https://acme-v01.api.<wbr>letsencrypt.org/acme/new-authz</a><wbr>",\n  "new-cert": "<a href="https://acme-v01.api.letsencrypt.org/acme/new-cert" target="_blank">https://acme-v01.api.<wbr>letsencrypt.org/acme/new-cert</a>"<wbr>,\n  "new-reg": "<a href="https://acme-v01.api.letsencrypt.org/acme/new-reg" target="_blank">https://acme-v01.api.<wbr>letsencrypt.org/acme/new-reg</a>",<wbr>\n  "revoke-cert": "<a href="https://acme-v01.api.letsencrypt.org/acme/revoke-cert" target="_blank">https://acme-v01.api.<wbr>letsencrypt.org/acme/revoke-<wbr>cert</a>"\n}'<br>2016-12-06 20:57:44,506:DEBUG:acme.<wbr>client:Received response <Response [200]> (headers: {'Content-Length': '280', 'Expires': 'Tue, 06 Dec 2016 20:57:46 GMT', 'Boulder-Request-Id': 'mqxztXHk-k5DDBqftS_<wbr>2vmB0sWVWVjS1twToXbIOdL0', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Tue, 06 Dec 2016 20:57:46 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'sz4mf6DlGO-<wbr>Iw1q8bOlAlisD3CKZlCZUA9JzmN3dc<wbr>Dk'}): '{\n  "new-authz": "<a href="https://acme-v01.api.letsencrypt.org/acme/new-authz" target="_blank">https://acme-v01.api.<wbr>letsencrypt.org/acme/new-authz</a><wbr>",\n  "new-cert": "<a href="https://acme-v01.api.letsencrypt.org/acme/new-cert" target="_blank">https://acme-v01.api.<wbr>letsencrypt.org/acme/new-cert</a>"<wbr>,\n  "new-reg": "<a href="https://acme-v01.api.letsencrypt.org/acme/new-reg" target="_blank">https://acme-v01.api.<wbr>letsencrypt.org/acme/new-reg</a>",<wbr>\n  "revoke-cert": "<a href="https://acme-v01.api.letsencrypt.org/acme/revoke-cert" target="_blank">https://acme-v01.api.<wbr>letsencrypt.org/acme/revoke-<wbr>cert</a>"\n}'<br>2016-12-06 20:57:44,506:DEBUG:certbot.<wbr>client:CSR: CSR(file='/root/ipa-le/httpd-<wbr>csr.der', data='0\x82\x02x0\x82\x01`\<wbr>x02\x01\x000\x101\x0e0\x0c\<wbr>x06\x03U\x04\x03\x13\x05<span style="background-color:rgb(255,217,102)">ipa-</span><wbr><span style="background-color:rgb(255,217,102)">a</span>0\x82\x01"0\r\x06\t*\x86H\<wbr>x86\xf7\r\x01\x01\x01\x05\x00\<wbr>x03\x82\x01\x0f\x000\x82\x01\<wbr>n\x02\x82\x01\x01\x00\xdau1L\<wbr>xa6T\xc8\x93\xc0P\x93\xb3\xd2\<wbr>xcb \xe2PU\xf0\x94=\x1c\n\x1e\xe5\<wbr>xfe\xed<\xfa\xb1d-\x92\xebeD\<wbr>xb1\x0eq9\xf1\xfa\xb5p\xdc\<wbr>x12qN\x96\x0b\x1f\x13\xab\xae<br><br>.......<br><br>99\xc0\xb0\x07N\xdd5\x9e1\xb8\<wbr>xdc\x8c\xc1N\xc1\x04\xa1\xd0\<wbr>xfc\xc2$f\x84e\xd4\xf7i\x1a\<wbr>x1c~,\x80\xea/~j\xea\xa2\xf3\<wbr>xe9\x96\xfe5j\xa4\xb4X\x12L\<wbr>xd5\xe5\xb0\x99|\xb8\xd1\xed\<wbr>xa3\xf2\xd5\xf0\x94\xc3"\xe8\<wbr>x9dT\x17\xcf\x12$oVE\x83\xd1\<wbr>x96\xac\xa1\xf9F\xd2mO\xe9$\<wbr>xa7\x00_\xaa\xc6\xa3j\xa1\<wbr>xbaX8\xa43K\x18os\xe1\xf4L(\<wbr>xf9\xac\'\xc5\x9a\xdc\xf5s\<wbr>xc6`\x97\xe6\xea\xf8\xcc\xfa\<wbr>xe1U_\xff\x86\xf0\x82\xab\xaf\<wbr>xb9\x92q\x06\x0f\xa5}]\x9c\<wbr>xb1\x84b\x85<\xed\x92,g\x0e\<wbr>xeaoAi|\xc5\n\x92', form='der'), domains: [u'<span style="background-color:rgb(255,217,102)">ipa-a</span>']<br>2016-12-06 20:57:44,507:DEBUG:root:<wbr>Requesting fresh nonce<br>2016-12-06 20:57:44,507:DEBUG:root:<wbr>Sending HEAD request to <a href="https://acme-v01.api.letsencrypt.org/acme/new-authz" target="_blank">https://acme-v01.api.<wbr>letsencrypt.org/acme/new-authz</a><wbr>. args: (), kwargs: {}<br>2016-12-06 20:57:44,608:DEBUG:requests.<wbr>packages.urllib3.<wbr>connectionpool:"HEAD /acme/new-authz HTTP/1.1" 405 0<br>2016-12-06 20:57:44,609:DEBUG:root:<wbr>Received <Response [405]>. Headers: {'Content-Length': '91', 'Pragma': 'no-cache', 'Boulder-Request-Id': '<wbr>c2cMPhHqlO5kTv8xJ5dfIs4NCD2KMq<wbr>n8X-IxPzutDAI', 'Expires': 'Tue, 06 Dec 2016 20:57:46 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'Allow': 'POST', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Tue, 06 Dec 2016 20:57:46 GMT', 'Content-Type': 'application/problem+json', 'Replay-Nonce': '3fq9edUYLFJwQKDU-<wbr>oaLVpQdUglFemQpGNbwZ-AtmfI'}. Content: ''<br>2016-12-06 20:57:44,609:DEBUG:acme.<wbr>client:Storing nonce: '\xdd\xfa\xbdy\xd5\x18,Rp@\<wbr>xa0\xd4\xfa\x86\x8bV\x94\x1dR\<wbr>tEzd)\x18\xd6\xf0g\xe0-\x99\<wbr>xf2'<br>2016-12-06 20:57:44,610:DEBUG:acme.jose.<wbr>json_util:Omitted empty fields: combinations=None, challenges=None, expires=None, status=None<br>2016-12-06 20:57:44,610:DEBUG:acme.<wbr>client:Serialized JSON: {"identifier": {"type": "dns", "value": "<span style="background-color:rgb(255,217,102)">ipa-a</span>"}, "resource": "new-authz"}<br>2016-12-06 20:57:44,610:DEBUG:acme.jose.<wbr>json_util:Omitted empty fields: kid=None, x5c=(), crit=(), jwk=None, typ=None, jku=None, cty=None, x5tS256=None, x5u=None, alg=None, x5t=None<br>2016-12-06 20:57:44,612:DEBUG:acme.jose.<wbr>json_util:Omitted empty fields: kid=None, x5c=(), crit=(), typ=None, jku=None, cty=None, x5tS256=None, x5u=None, x5t=None, nonce=None<br>2016-12-06 20:57:44,612:DEBUG:root:<wbr>Sending POST request to <a href="https://acme-v01.api.letsencrypt.org/acme/new-authz" target="_blank">https://acme-v01.api.<wbr>letsencrypt.org/acme/new-authz</a><wbr>. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "vmM8XoN-WDCdPcaMNxu9zlLEJBBN-<wbr>W_pIkG-<wbr>Afw5uawBBXWHbWyzUeb06LypMM94Lc<wbr>Ti0drWTf00Fdv5SiVKMAwwAoqH-<wbr>Xzv5LHBwYmqNFGr-<wbr>W6cphQjNTP21IP87NKxG87OdvvOMjE<wbr>--<wbr>oMuJJMYWbyAAcOZNhIobWp969EMGu9<wbr>Oi5JeQI1bLqIHS317xWDPD_<wbr>EMTmhnVxZGBuS5gs_ObYejnJmGyu4_<wbr>Bn1yLIDlBuphYsHg0pWoAgjZQAr3NI<wbr>4N7oVrB-LiW21-k9I-LH3dijxVLBe_<wbr>7jfKsIsVTJyzMzl-<wbr>g2iAeogYHfRngkhnQVXfhSleeZbfHw<wbr>KXPs5FdmnHBw"}}, "protected": "<wbr>eyJub25jZSI6ICIzZnE5ZWRVWUxGSn<wbr>dRS0RVLW9hTFZwUWRVZ2xGZW1RcEdO<wbr>YndaLUF0bWZJIn0", "payload": "<wbr>eyJpZGVudGlmaWVyIjogeyJ0eXBlIj<wbr>ogImRucyIsICJ2YWx1ZSI6ICJpcGEt<wbr>YSJ9LCAicmVzb3VyY2UiOiAibmV3LW<wbr>F1dGh6In0", "signature": "<wbr>sDGSJkUMIFVRr7YGU33exEVslJFZlZ<wbr>oTuyv74F_<wbr>XtloybjzZFg81r8ONbCUXtU6Q1COsA<wbr>1M9df_<wbr>vpL1b8Pz2bhfgEkG7taiaHDEyK-<wbr>PGx5cn9U4vgSp3uZMNfVGFK-<wbr>0gSYxLIsI0AgEIV8rTVKVw5kHVhn8O<wbr>b7gCuBgz1QkGr8WefqAcJ6vxycvbPB<wbr>Xh3GlpHylKDNTEsH5kbdKtfg5bKJu8<wbr>RDLFBhAZCFub61EwkeT7HfvhsWkaXJ<wbr>QhoolWiFn_<wbr>3PjAZCEZzPL5igCOW0V65OEp6O3wdn<wbr>C4FwS0BwxE0CxB2QA2mXMdvX4SILRf<wbr>5mhzhTOmdTL0gLYXffI1XErbvg"}'}<br>2016-12-06 20:57:44,728:DEBUG:requests.<wbr>packages.urllib3.<wbr>connectionpool:"POST /acme/new-authz HTTP/1.1" 400 109<br>2016-12-06 20:57:44,730:DEBUG:root:<wbr>Received <Response [400]>. Headers: {'Content-Length': '109', 'Boulder-Request-Id': 'z34CxBq8_<wbr>BBQbE6zM00YjU8c08FeXh24WHyCG1x<wbr>AYJE', 'Expires': 'Tue, 06 Dec 2016 20:57:46 GMT', 'Server': 'nginx', 'Connection': 'close', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Pragma': 'no-cache', 'Boulder-Requester': '6994631', 'Date': 'Tue, 06 Dec 2016 20:57:46 GMT', 'Content-Type': 'application/problem+json', 'Replay-Nonce': '<wbr>YoSNpLT1RJSN5tUVEWujrxjZ4LxoU-<wbr>jKncsn1aN9HFI'}. <span style="background-color:rgb(255,255,0)">Content: '{\n  "type": "urn:acme:error:malformed",\n  "detail": "DNS name does not have enough labels",\n  "status": 400\n}'</span><br>2016-12-06 20:57:44,730:DEBUG:acme.<wbr>client:Storing nonce: "b\x84\x8d\xa4\xb4\xf5D\x94\<wbr>x8d\xe6\xd5\x15\x11k\xa3\xaf\<wbr>x18\xd9\xe0\xbchS\xe8\xca\x9d\<wbr>xcb'\xd5\xa3}\x1cR"<br>2016-12-06 20:57:44,730:DEBUG:acme.<wbr>client:Received response <Response [400]> (headers: {'Content-Length': '109', 'Boulder-Request-Id': 'z34CxBq8_<wbr>BBQbE6zM00YjU8c08FeXh24WHyCG1x<wbr>AYJE', 'Expires': 'Tue, 06 Dec 2016 20:57:46 GMT', 'Server': 'nginx', 'Connection': 'close', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Pragma': 'no-cache', 'Boulder-Requester': '6994631', 'Date': 'Tue, 06 Dec 2016 20:57:46 GMT', 'Content-Type': 'application/problem+json', 'Replay-Nonce': '<wbr>YoSNpLT1RJSN5tUVEWujrxjZ4LxoU-<wbr>jKncsn1aN9HFI'}): '{\n  "type": "urn:acme:error:malformed",\n  "detail": "DNS name does not have enough labels",\n  "status": 400\n}'<br>2016-12-06 20:57:44,735:DEBUG:certbot.<wbr>main:Exiting abnormally:<br>Traceback (most recent call last):<br>  File "/usr/bin/letsencrypt", line 9, in <module><br>    load_entry_point('certbot==0.<wbr>9.3', 'console_scripts', 'certbot')()<br>  File "/usr/lib/python2.7/site-<wbr>packages/certbot/main.py", line 776, in main<br>    return config.func(config, plugins)<br>  File "/usr/lib/python2.7/site-<wbr>packages/certbot/main.py", line 566, in obtain_cert<br>    _csr_obtain_cert(config, le_client)<br>  File "/usr/lib/python2.7/site-<wbr>packages/certbot/main.py", line 535, in _csr_obtain_cert<br>    certr, chain = le_client.obtain_certificate_<wbr>from_csr(config.domains, csr, typ)<br>  File "/usr/lib/python2.7/site-<wbr>packages/certbot/client.py", line 229, in obtain_certificate_from_csr<br>    authzr = self.auth_handler.get_<wbr>authorizations(domains)<br>  File "/usr/lib/python2.7/site-<wbr>packages/certbot/auth_handler.<wbr>py", line 68, in get_authorizations<br>    domain, self.account.regr.new_authzr_<wbr>uri)<br>  File "/usr/lib/python2.7/site-<wbr>packages/acme/client.py", line 210, in request_domain_challenges<br>    typ=messages.IDENTIFIER_FQDN, value=domain), new_authzr_uri)<br>  File "/usr/lib/python2.7/site-<wbr>packages/acme/client.py", line 190, in request_challenges<br>    new_authz)<br>  File "/usr/lib/python2.7/site-<wbr>packages/acme/client.py", line 649, in post<br>    return self._check_response(response, content_type=content_type)<br>  File "/usr/lib/python2.7/site-<wbr>packages/acme/client.py", line 565, in _check_response<br>    raise messages.Error.from_json(jobj)<br>Error: urn:acme:error:malformed :: The request message was malformed :: DNS name does not have enough labels<br><br><span style="background-color:rgb(255,255,0)"></span><br><br><div><div><div><div><div><div><br></div></div></div></div></div></div></div>
</blockquote></div><br></div></div></div></div></div></div></div>