I’m currently going through the process of acquiring a new Let’s Encrypt free SSL Certificate against a new domain I registered. For a great overview of what Let’s Encrypt is and what is can do for you, head over to Luca Dell’Oca’s blog here. I was following Luca’s instructions for getting the new domain authorised for use with the Let’s Encrypt service via a DNS challenge when I ran into the following.
After running the PowerShell command to generate the challenge, it was not returning the Handler Message as expected form the direct output…well obviously anyway.
|
1 2 3 4 5 6 7 8 9 10 11 |
PS C:\> Complete-ACMEChallenge vcd -ChallengeType dns-01 -Handler manual IdentifierPart : ACMESharp.Messages.IdentifierPart IdentifierType : dns Identifier : vcloud.sliemalabs.com Uri : https://acme-v01.api.letsencrypt.org/acme/authz/4tDJyu********Abf7spqzvbe7i1Cpqcus4Do Status : pending Expires : 7/4/2018 4:10:34 AM Challenges : {manual, } Combinations : {1, 0} |
After scratching my head for a bit, I checked to see if the data was contained withing the returned PowerShell command.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 |
PS C:\Windows\system32> (Get-ACMEIdentifier vcd).Challenges ChallengePart : ACMESharp.Messages.ChallengePart Challenge : ACMESharp.ACME.DnsChallenge Type : dns-01 Uri : https://acme-v01.api.letsencrypt.org/acme/challenge/4tDJyuv*******f7spqzvbe7i1Cpqcus4Do/5324479144 Token : 7n4k7t4M3-Vw7UeU2Zdqf****Lqo-xnqje7QeB4k Status : pending OldChallengeAnswer : [, ] ChallengeAnswerMessage : HandlerName : manual HandlerHandleDate : 6/27/2018 12:11:04 AM HandlerHandleMessage : == Manual Challenge Handler - DNS == * Handle Time: [6/27/2018 12:11:04 AM] * Challenge Token: [7n4k7t4M3-Vw7UeU2Zdqf8JmR37BLqo-xnqje7QeB4k] To complete this Challenge please create a new Resource Record (RR) with the following characteristics: * RR Type: [TXT] * RR Name: [_acme-challenge.vcloud.sliemalabs.com] * RR Value: [gmd84QnQW9N5kwrv******OQ84LwxEkXeKs] ------------------------------------ HandlerCleanUpDate : HandlerCleanUpMessage : SubmitDate : 6/27/2018 12:18:12 AM SubmitResponse : {StatusCode, Headers, Links, RawContent...} ChallengePart : ACMESharp.Messages.ChallengePart Challenge : Type : http-01 Uri : https://acme-v01.api.letsencrypt.org/acme/challenge/4tDJyuv********spqzvbe7i1Cpqcus4Do/5324479145 Token : nxIjZaoag_cJbfrFCt4****MLEoPgIii9eO3cNjyFk Status : pending OldChallengeAnswer : [, ] ChallengeAnswerMessage : HandlerName : HandlerHandleDate : HandlerHandleMessage : HandlerCleanUpDate : HandlerCleanUpMessage : SubmitDate : SubmitResponse : |
From here I was able to create the DNS TXT entry and complete the challenge.
Just in case it wasn’t obvious this very quick post will save you a bit of time.
