TLS Handshake error?
Getting these errors when trying to deploy SCIM bridge (replaced key with XXXX for public post)
redicrypt: writing cert for key redicrypt/XXXX
2020/09/29 17:48:13 http: TLS handshake error from 192.168.128.0:63031: acme/autocert: unable to satisfy "https://acme-v02.api.letsencrypt.org/acme/authz-v3/7553912092" for domain "op-scim-bridge.company.com": no viable challenge type found
2020/09/29 17:48:13 http: TLS handshake error from 192.168.128.0:63032: acme/autocert: missing certificate
2020/09/29 17:48:13 http: TLS handshake error from 192.168.128.0:63034: acme/autocert: missing certificate
2020/09/29 17:48:13 http: TLS handshake error from 192.168.128.0:63033: acme/autocert: missing certificate
[LOG] [1.6.0] 2020/09/29 17:52:18 (INFO) Health Service Reports:
[LOG] [1.6.0] 2020/09/29 17:52:18 (INFO) [2020-09-29T17:52:18Z] RedisCache: healthy
[LOG] [1.6.0] 2020/09/29 17:52:18 (INFO) [2020-09-29T16:52:23Z] SCIMServer: unknown
[LOG] [1.6.0] 2020/09/29 17:52:18 (INFO) [2020-09-29T16:52:23Z] ChallengeServer: unknown
[LOG] [1.6.0] 2020/09/29 17:52:18 (INFO) [2020-09-29T16:52:23Z] ProvisionWatcher: unknown
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Comments
-
Hi @Vin,
I've edited your post to remove some identifying information.
The key to your issue lies in the error in the second line:
unable to satisfy "https://acme-v02.api.letsencrypt.org/acme/authz-v3/7553912092" for domain "op-scim-bridge.company.com": no viable challenge type foundSpecifically what this means is the the LetsEncrypt server is failing to complete the challenge in order to create a new TLS certificate. This usually means one of two things:
- Port 80 used by the challenge is close
- The given domain is incorrect.If neither of those seem accurate, let me know a bit more about your configuration, and I'd be happy to help further.
Graham
0
