61922 – mod_md: Add upstream validation issue message to logs

Bug 61922 - mod_md: Add upstream validation issue message to logs

Summary: mod_md: Add upstream validation issue message to logs

Status:	NEW

Alias:	None

Product:	Apache httpd-2
Classification:	Unclassified
Component:	mod_md (show other bugs)
Version:	2.4.29
Hardware:	PC All

Importance:	P2 normal (vote)
Target Milestone:	---
Assignee:	Apache HTTPD Bugs Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2017-12-20 13:55 UTC by Bernard Spil
Modified:	2018-03-24 14:20 UTC (History)
CC List:	0 users

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Bernard Spil 2017-12-20 13:55:06 UTC

Was trying to verify that my segfault from https://github.com/icing/mod_md/issues/68 was actually fixed...

I could not get a certificate issuance to succeed. 

> [md_acme_drive.c:317 err][22(Invalid argument)] beastie.csc.warwick.ac.uk: unexpected AUTHZ state 3 at https://acme-v01.api.letsencrypt.org/acme/authz/

After a few tries I looked at the URL that's reported by a2md and noticed that the validation call from LetsEncrypt had timed out

> "challenges": [
>  {
>    "type": "http-01",
>    "status": "invalid",
>    "error": {
>      "type": "urn:acme:error:connection",
>      "detail": "Fetching http://beastie.csc.warwick.ac.uk/.well-known/<snip>: Timeout",
>      "status": 400

seems to make sense to add this kind of error report to the log output to speed up figuring out what's going on. The actual issue seems to be in this case that LetsEncrypt is having issues validating over IPv6.