TLS Handshake error?

Vin
Vin
Community Member
edited November 2020 in SCIM Bridge

Getting these errors when trying to deploy SCIM bridge (replaced key with XXXX for public post)

redicrypt: writing cert for key redicrypt/XXXX
2020/09/29 17:48:13 http: TLS handshake error from 192.168.128.0:63031: acme/autocert: unable to satisfy "https://acme-v02.api.letsencrypt.org/acme/authz-v3/7553912092" for domain "op-scim-bridge.company.com": no viable challenge type found
2020/09/29 17:48:13 http: TLS handshake error from 192.168.128.0:63032: acme/autocert: missing certificate
2020/09/29 17:48:13 http: TLS handshake error from 192.168.128.0:63034: acme/autocert: missing certificate
2020/09/29 17:48:13 http: TLS handshake error from 192.168.128.0:63033: acme/autocert: missing certificate
[LOG] [1.6.0] 2020/09/29 17:52:18 (INFO) Health Service Reports:
[LOG] [1.6.0] 2020/09/29 17:52:18 (INFO) [2020-09-29T17:52:18Z] RedisCache: healthy
[LOG] [1.6.0] 2020/09/29 17:52:18 (INFO) [2020-09-29T16:52:23Z] SCIMServer: unknown
[LOG] [1.6.0] 2020/09/29 17:52:18 (INFO) [2020-09-29T16:52:23Z] ChallengeServer: unknown
[LOG] [1.6.0] 2020/09/29 17:52:18 (INFO) [2020-09-29T16:52:23Z] ProvisionWatcher: unknown


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Hi @Vin,

    I've edited your post to remove some identifying information.

    The key to your issue lies in the error in the second line: unable to satisfy "https://acme-v02.api.letsencrypt.org/acme/authz-v3/7553912092" for domain "op-scim-bridge.company.com": no viable challenge type found

    Specifically what this means is the the LetsEncrypt server is failing to complete the challenge in order to create a new TLS certificate. This usually means one of two things:
    - Port 80 used by the challenge is close
    - The given domain is incorrect.

    If neither of those seem accurate, let me know a bit more about your configuration, and I'd be happy to help further.

    Graham

This discussion has been closed.