coolaj86
/
greenlock.js-ARCHIVED
3
3
Fork 0
Code Issues 6 Pull Requests 1 Releases Activity

Error: self check does not pass #12

New Issue
Closed
opened 2018-05-18 04:37:43 +00:00 by Ghost · 7 comments
Ghost commented 2018-05-18 04:37:43 +00:00
Copy Link

Thanks for putting so much into this. Once I figure it out I know it will come in handy :-)

I keep getting the same error "Error: self check does not pass". I am using this example.

var staging = true;


/////////////////////
// SET USER PARAMS //
/////////////////////

var opts = {
  domains: [ 'myname.example.com' ]       // CHANGE EMAIL AND DOMAINS
, email: 'my@email.com'
, agreeTos: true                  // Accept Let's Encrypt v2 Agreement
, communityMember: true           // Help make Greenlock better by submitting
                                  // stats and getting updates
};


////////////////////
// INIT GREENLOCK //
////////////////////

var greenlock = require('greenlock').create({
  version: 'draft-11'
, server: 'https://acme-' + (staging ? 'staging-' : '') + 'v02.api.letsencrypt.org/directory'
, configDir: '/tmp/acme/etc'
});


///////////////////
// GET TLS CERTS //
///////////////////

greenlock.register(opts).then(function (certs) {
  console.log(certs);
  // privkey, cert, chain, expiresAt, issuedAt, subject, altnames
}, function (err) {
  console.error(err);
});

I don't know why I am getting this error. What id the self check? why is it failing? I am sure I am just missing some peice of info.

other notes.

I do not have port 80 or 443 available on this machine. It does have a public domain, and that much is working.

Any help would me much appreciated

Thanks

Todd

Thanks for putting so much into this. Once I figure it out I know it will come in handy :-) I keep getting the same error "Error: self check does not pass". I am using this example. ``` var staging = true; ///////////////////// // SET USER PARAMS // ///////////////////// var opts = { domains: [ 'myname.example.com' ] // CHANGE EMAIL AND DOMAINS , email: 'my@email.com' , agreeTos: true // Accept Let's Encrypt v2 Agreement , communityMember: true // Help make Greenlock better by submitting // stats and getting updates }; //////////////////// // INIT GREENLOCK // //////////////////// var greenlock = require('greenlock').create({ version: 'draft-11' , server: 'https://acme-' + (staging ? 'staging-' : '') + 'v02.api.letsencrypt.org/directory' , configDir: '/tmp/acme/etc' }); /////////////////// // GET TLS CERTS // /////////////////// greenlock.register(opts).then(function (certs) { console.log(certs); // privkey, cert, chain, expiresAt, issuedAt, subject, altnames }, function (err) { console.error(err); }); ``` I don't know why I am getting this error. What id the self check? why is it failing? I am sure I am just missing some peice of info. other notes. I do not have port 80 or 443 available on this machine. It does have a public domain, and that much is working. Any help would me much appreciated Thanks Todd
coolaj86 commented 2018-05-18 06:30:59 +00:00
Owner
Copy Link

In order to decrease the likelihood of being blocked for hitting bad request rate limits I implemented a "dry run" to catch errors before the real request is made to the ACME server.

I'll update that error message to be more helpful.

Anyway, it's most likely it's because you don't have port 80 available. Now, we've got a tool for that in the oven (stay tuned), but for right now I'd suggest using le-challenge-dns, which is interactive and dns-based, instead of the default le-challenge-fs, which requires port 80.

That will help you complete your first test and get your first set of certificates.

After that you'll need to take advantage of one of the DNS-01 challenge modules, which includes Cloudflare, Digital Ocean, and AWS Route53. We're also working on a DNS service - but at the moment it's missing that crucial last 10% of work that takes the other 90% of the time.

In order to decrease the likelihood of being blocked for hitting bad request rate limits I implemented a "dry run" to catch errors before the real request is made to the ACME server. I'll update that error message to be more helpful. Anyway, it's most likely it's because you don't have port 80 available. Now, we've got a tool for that in the oven (stay tuned), but for right now I'd suggest using `le-challenge-dns`, which is interactive and dns-based, instead of the default `le-challenge-fs`, which requires port 80. That will help you complete your first test and get your first set of certificates. After that you'll need to take advantage of one of the DNS-01 challenge modules, which includes Cloudflare, Digital Ocean, and AWS Route53. We're also working on a DNS service - but at the moment it's missing that crucial last 10% of work that takes the other 90% of the time.
Ghost commented 2018-05-18 12:00:16 +00:00
Author
Copy Link

Ok, thanks for the response. I am beginning to understand.

I shouldn't say that I don't have port 80 available, I do. It is just being controlled by a separate web server. ( not my choice ).

Do I just need to set the webroot to that sever? Would that let le-challenge-fs g through?

Todd

Ok, thanks for the response. I am beginning to understand. I shouldn't say that I don't have port 80 available, I do. It is just being controlled by a separate web server. ( not my choice ). Do I just need to set the webroot to that sever? Would that let `le-challenge-fs` g through? Todd
Ghost commented 2018-05-18 13:16:01 +00:00
Author
Copy Link

the answer to my question is "no".
:-(

the answer to my question is "no". :-(
coolaj86 commented 2018-05-18 15:51:29 +00:00
Owner
Copy Link

Actually, that’s the purpose of the webroot option, so the answe is a resounding “Yes!”

Also, I updated the error handling so if you rm -rf /opt/greenlock and reinstall the latest version is may be more helpful.

If you’re still having trouble let’s get on Skype and spend a few minutes going through it together and perhaps you could help me update the documentation so that it’s more clear for others in your situation.

Actually, that’s the purpose of the webroot option, so the answe is a resounding “Yes!” Also, I updated the error handling so if you `rm -rf /opt/greenlock` and reinstall the latest version is may be more helpful. If you’re still having trouble let’s get on Skype and spend a few minutes going through it together and perhaps you could help me update the documentation so that it’s more clear for others in your situation.
coolaj86 commented 2018-05-18 15:53:53 +00:00
Owner
Copy Link

Oh, this is what you might want to look at for your use case:

https://git.coolaj86.com/coolaj86/greenlock-cli.js

Start there, which is already set up for webroot, and then work back to creating a custom solution with the raw greenlock APIs if you need to.

Oh, this is what you might want to look at for your use case: https://git.coolaj86.com/coolaj86/greenlock-cli.js Start there, which is already set up for webroot, and then work back to creating a custom solution with the raw greenlock APIs if you need to.
Ghost commented 2018-05-18 16:14:43 +00:00
Author
Copy Link

yup that is exactly what I want.

I tried it and it works. Now I just need it as a node module. I suppose I could just use child_process.exec() to wrap greenlock-cli. But that may be a little too much like the movie Inception.

I'll try to unwind it into a node module for doing the webroot option

Thanks :-)

yup that is exactly what I want. I tried it and it works. Now I just need it as a node module. I suppose I could just use child_process.exec() to wrap greenlock-cli. But that may be a little too much like the movie Inception. I'll try to unwind it into a node module for doing the webroot option Thanks :-)
Ghost closed this issue 2018-05-18 16:14:43 +00:00
coolaj86 commented 2018-05-18 16:23:00 +00:00
Owner
Copy Link

This right here is the node module.

That cli is just a way to pass the right arguments to the module.

https://git.coolaj86.com/coolaj86/greenlock-cli.js/src/branch/master/index.js#L27

https://git.coolaj86.com/coolaj86/greenlock-cli.js/src/branch/master/index.js#L38

https://git.coolaj86.com/coolaj86/greenlock-cli.js/src/branch/master/index.js#L61

This right here is the node module. That cli is just a way to pass the right arguments to the module. https://git.coolaj86.com/coolaj86/greenlock-cli.js/src/branch/master/index.js#L27 https://git.coolaj86.com/coolaj86/greenlock-cli.js/src/branch/master/index.js#L38 https://git.coolaj86.com/coolaj86/greenlock-cli.js/src/branch/master/index.js#L61
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
github
next
v4
npm
v3
wip
dns-challenge-regression-fix
v2.4
v2.5
v2.3
v2
v2.2
acmev2
v2.1
greenlock
v1
node-letsencrypt-python
v4.0.5
v4.0.4
v4.0.3
v4.0.2
v4.0.1
v4.0.0
v3.1.5
v3.1.4
v3.1.3
v3.0.25
v3.0.24
v3.0.23
v3.0.21
v3.0.20
v3.0.19
v3.0.18
v3.0.17
v3.0.16
v3.0.15
v3.0.12
v3.0.11
v3.0.10
v3.0.9
v3.0.7
v3.0.6
v3.0.5
v3.0.4
v3.0.3
v3.0.2
v3.0.1
v2.8.8
v2.8.7
v2.8.6
v2.8.5
v2.8.4
v2.8.3
v2.8.2
v2.8.1
v2.8.0
v2.7.23
v2.7.22
v2.7.21
v2.7.20
v2.7.19
v2.7.18
v2.7.17
v2.7.16
v2.7.15
v2.7.14
v2.7.13
v2.7.12
v2.7.11
v2.7.10
v2.7.9
v2.7.8
v2.7.7
v2.7.6
v2.7.5
v2.7.4
v2.7.3
v2.7.2
v2.7.1
v2.7.0
v2.6.10
v2.6.9
v2.6.8
v2.6.7
v2.6.6
v2.6.5
v2.6.4
v2.6.3
v2.6.2
v2.6.1
v2.6.0
v2.5.0
v2.4.10
v2.4.9
v2.4.8
v2.4.7
v2.4.2
v2.4.1
v2.4.0
v2.3.13
v2.3.12
v2.3.11
v2.3.10
v2.3.9
v2.3.8
v2.3.7
v2.3.6
v2.3.5
v2.3.4
v2.3.3
v2.3.2
v2.3.1
v2.3.0
v2.2.20
v2.2.19
v2.2.18
v2.2.17
v2.2.16
v2.2.15
v2.2.14
v2.2.13
v2.2.12
v2.2.11
v2.2.10
v2.2.8
v2.2.7
v2.2.6
v2.2.5
v2.2.4
v2.2.3
v2.2.2
v2.2.0
v2.1.19
v2.1.18
v2.1.17
v2.1.16
v2.1.15
v2.1.14
v2.1.13
v2.1.12
v2.1.11
v2.1.10
v2.1.9
v2.1.7
v2.1.6
v2.1.5
v2.1.4
v2.1.3
v2.1.2
v2.1.1
v2.1.0
v1.5.8
v2.0.5
v2.0.4
v1.5.7
v1.5.6
v1.5.5
v2.0.3
v2.0.2
v2.0.1
v2.0.0
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.0
v1.2.0
v1.1.0
v1.0.2
v1.0.0
v1.0.1
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: coolaj86/greenlock.js-ARCHIVED#12
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?