NetTalk Central

Author Topic: Let's Encrypt error - No Key ID in JWS header  (Read 5175 times)

CaseyR

  • Sr. Member
  • ****
  • Posts: 448
    • View Profile
    • Email
Let's Encrypt error - No Key ID in JWS header
« on: December 20, 2019, 05:57:58 PM »
Hi Bruce

Thanks again for the information on Netacme and the challenges of certificates for LANs in last user group meeting.  I was able to create a process for forcing a self-signed certificate for a fully qualified domain using the netacme methods as they are.

After successfully testing this process, I cleared out the certificates folder and tried to get a new Let's Encrypt certificate for the test domain.  No luck. The Challenge token was not created.

The debug output is attached. I tried in Testing and live mode and updated NT to 11.28 from 11.24 all without success. The test domain reaches the NT server.

Any suggestions.  Thanks.

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11250
    • View Profile
Re: Let's Encrypt error - No Key ID in JWS header
« Reply #1 on: January 05, 2020, 10:39:03 PM »
what NetTalk build are you using?

CaseyR

  • Sr. Member
  • ****
  • Posts: 448
    • View Profile
    • Email
Re: Let's Encrypt error - No Key ID in JWS header
« Reply #2 on: January 08, 2020, 09:33:06 AM »
11.28

I should add that for a brief period at the end of December it started to work again, but now its back with the same error.


Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11250
    • View Profile
Re: Let's Encrypt error - No Key ID in JWS header
« Reply #3 on: January 08, 2020, 11:31:54 PM »
send me an email - I'll have to TeamViewer in and take a look at what you are doing.

CaseyR

  • Sr. Member
  • ****
  • Posts: 448
    • View Profile
    • Email
Re: Let's Encrypt error - No Key ID in JWS header
« Reply #4 on: March 02, 2020, 01:27:06 PM »
Hi, Bruce

I thought the problem might be related to the 30 day renewal so I left the issue.  Now with 25 days left, I see it is still a problem.  I tried my test LE certificate in the Always TLS (9) example and the certificate work fine (though untrusted) but it won't renew.   The debug output with the example app was less than the last time, though.

I have attached the latest debug output and screen shot of the settings on the example app.  Happy to set up a teamviewer session if needed.  I can leave the AlwaysTLS app running on the resschedtest.com domain sometime if you want to confirm anything on the certificate or the app.

Using NT 11.30

Thanks.




Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11250
    • View Profile
Re: Let's Encrypt error - No Key ID in JWS header
« Reply #5 on: March 02, 2020, 10:10:12 PM »
send me an email - I'll have to TeamViewer in and take a look at what you are doing.