Step 3. API Requests , JWS verification error

Question

Step 3. API Requests , JWS verification error

gunnarthor2 opened this issue 8 years ago · comments

I always get this error. I have tried to change browsers but no luck. Can anyone see what is wrong ?

Error: Account registration failed. Please start back at Step 1. {"type":"urn:acme:error:malformed","detail":"JWS verification error","status":400}

PRIV_KEY=./account.key; echo -n "eyJub25jZSI6ImVuS1M5b0VqQWtBNVNfTGZOV2VWSGRhQ3Ntb0hsY25JcTUyWXpLclhGQVkifQ.eyJyZXNvdXJjZSI6Im5ldy1yZWciLCJjb250YWN0IjpbIm1haWx0bzpndW5uYXJ0aEBmam9sbmV0LmlzIl0sImFncmVlbWVudCI6Imh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL2RvY3VtZW50cy9MRS1TQS12MS4wLjEtSnVseS0yNy0yMDE1LnBkZiJ9" | openssl dgst -sha256 -hex -sign $PRIV_KEY

(stdin)= 77c8c4ee077c19121ba724393a810145c59998e7fa539a55de9713ff1d06c55cf5560cd8e6757131bb955abca0cdf4754eb668a7d686de43df88ee1b8e36ae4124fe8c68226489558a89db9f077efcf10ea9437953638b90edada985e43f596ee66b23cd3481e4583f4cd8f6e23f2e9515bc33a1f74f386f1de5b1609c92f1695560cfd065647bd6250fba57c3cf8759f3d208f48f6d4c27235ba1ddab7df257b83f2dc174578f4e7e6b07370918777c8cf41e08b586b022aacaf0769db2da0939d8b82c37bb830321327ae22593c61c1b61f2b5ec1e6d8effd451d0279c35b528115091b97944d29c199be4ca2f063359566c469adfc795f4b28b7059dab85a

PRIV_KEY=./account.key; echo -n "eyJub25jZSI6IklyRE1TX3plR3ZOY1ZJYTZNaHM4QVV3Mkd3cE1NOVJiNlhKaVcyN2dSZ2cifQ.eyJyZXNvdXJjZSI6Im5ldy1hdXRoeiIsImlkZW50aWZpZXIiOnsidHlwZSI6ImRucyIsInZhbHVlIjoiZmpvbG5ldC5pcyJ9fQ" | openssl dgst -sha256 -hex -sign $PRIV_KEY

(stdin)= 14347b1a00f638a6fae1baacc195db9f4dcd531c884386d0734de946d48c6fa4546113be2e35d0086e655eb61efac799b4fa46dc30cf8a551e41aebfc27331be92bb62f133a4f342367b87aef44ea12b649d37b137da9a90061331d9321cdd2bc1404ee7ea801d2043af2b7c72f1d28551da2ddbe8785e43793e34416b41731d625867803bacb0049bad925ed53e64a4ac6f2d08f5e51c81a37125b274316d0bc7e34eceeeafd32f8479b1e84c20586fe76d8c4e837d52de55dc241fd961d970ed9d6e4d58e2fd112a9af6864502de8cc8346d2d87f557ce3aa603385e5f14c2142bbb43f04bcfdc8d4f6e098756f57d422e4e404ad5b31d2a68622da3d1b969

PRIV_KEY=./account.key; echo -n "eyJub25jZSI6IlptbWhjaC1UcWpxU1ZfemZoV2ZBQlY5c3pVM2ZTTlpraTJpMG9yOU9GZU0ifQ.eyJyZXNvdXJjZSI6Im5ldy1jZXJ0IiwiY3NyIjoiTUlJQzV6Q0NBYzhDQVFBd2dZa3hFekFSQmdOVkJBTU1DbVpxYjJ4dVpYUXVhWE14RlRBVEJnTlZCQWdNREZOcllXZGhabXB2Y21SMWNqRVVNQklHQTFVRUNnd0xSbXB2Ykc1bGRDQmxhR1l4Q3pBSkJnTlZCQVlUQWtsVE1TRXdId1lKS29aSWh2Y05BUWtCRmhKbWFtOXNibVYwUUdacWIyeHVaWFF1YVhNeEZUQVRCZ05WQkFjTURGTmhkV1JoY210eWIydDFjakNDQVNJd0RRWUpLb1pJaHZjTkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFLWl8xaGFEOEZDYmVJSDMzWkNfcWIyN01nUGh2aDZzUnNTc1AxbjM3NEpKYUpCWVcxRUpBY1Z1VDdkR3U5Q0hpcVhTVXRIUkVhdG1sQ0Z5ZVQwbVZIQjh3b0lCS2lwalpVMU1lZzY4U29uNEV0T3I4Z0dvVllxMlBqUFFWWDVTRFdFMVNSZzZDMlItZ0MtVFNORDZQWXA4Yi1zcFdJWFN6Tkw0M1pjdUFKVzVVTUV1VzRDeFYxbmwxS1dMcHFPcFgwN045XzZybThWekxtaURMZzh5UlVyb0FJRzJPa2ZYdkxMODVvc04xTHRsU0RHM1Ewbjk1STI2NXRQb051QmVHbTkyR2taZlRwMkVQcktKY1B0OXg0MW5kbGNOSEhWdDFudFpCb2JFTHozb1Zaak5BZnBCVUZUWnd3NlVQT0N1VVlrNGlrbkxSQ3ota0V3aTI3V1FqYWtDQXdFQUFhQVlNQllHQ1NxR1NJYjNEUUVKQnpFSkRBZEdhbTlzTVRJek1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQS00b3UtZUZrNFhMS3A4cmZQSV9ILVM2Z3lJWVMwLWNOX0djN2E5NS16UTdFaDBwZm5DZWl6emVFc1l5aTNMaFhLYTJ3UGZlS1BDSUVDVFhKUEdwNnJQNWlWRjc3WUxOWFF5UV9zQkliV0xIX2RhYUV0VG1FZDZMRTFkaVRTcjZockpWeWhMT3QzSllaUkJaSjNPVFJKX0xKejU4ZWRDVmlIT3NGb2RyZkQ0MmF4QV9EZXBEczFxa3paYlY3NnV1dmtUTUN2UzFMZUlJU2V6d2dDR3BxLXI4TVZ3bUYweEFmVC1hSHQ0b0ZRbHhZejM1N1hGYVVsUmM2WmZuZ0VxaXFSUVRSamhMU3Frcl92QnlOREM2Z3FJZmJiWTRSazBOSjlaMFMzN0tPejVpVHdsWkkzT2JXMHRROGJINEJKekE0d0xwV1diakpUVUxxYUNhQk4wLTc3In0" | openssl dgst -sha256 -hex -sign $PRIV_KEY

(stdin)= 86349c1f6395c19970176dab01269c99708a91e878691f26f58844c7dacc58030551107e9b06622f03b283ced3b735cb5218ff60f3b025737b2863a9cec9fee0abd8184c6d5e97fcd5d0f8a1447b25182d7284fa03f389dc51c7e6c4e415ad55015df631fe6e9f2d369c648bb5159e42c4667bde8a1e4e5399b3c605767490e26b331962aad5296e14d5ecdc563b805950102b0c3d23f9439aea5d2da659927f826d0f395a281773583c90e4a1c9f33638341d2287d3625ccc0de334fc5ffec892eb9a245570d8238da81f3c1346a79adeebea6d08dfe981792f4705d7a31c18ff8f23627697308c9725fd45b58f6ac7b1ee7823009d22befb3705f2273a84a4

Daniel Heitmann · Answer 1 · Wed May 04 2016 09:04:25 GMT+0800 (China Standard Time)

Having the exact same issue.

Sachin Hallad · Answer 2 · Tue Jun 07 2016 11:50:45 GMT+0800 (China Standard Time)

Any update on this issue ?

Saúl de León Guerrero · Answer 3 · Fri Jun 10 2016 17:08:16 GMT+0800 (China Standard Time)

Another one here with the same issue!

Daniel Roesler · Answer 4 · Sat Jun 11 2016 00:45:11 GMT+0800 (China Standard Time)

Can you please use debug mode and post the output of your console, thanks!

https://gethttpsforfree.com/?debug=1

Saúl de León Guerrero · Answer 5 · Mon Aug 08 2016 16:47:57 GMT+0800 (China Standard Time)

In my case it was totally my fault. I was using the full chain pem file, instead of the simply one. Thats the reason I had it duplicated...
Sorry, totally my bad :(

Thanks for the given support!

Venkatasubramaniam (Venkat) Ramakrishnan · Answer 6 · Sat Sep 24 2016 13:50:11 GMT+0800 (China Standard Time)

diafygi, I face the same issue.

I did try the debug mode by using the link with debug that you have pointed to,
but I am not seeing any extra debug output apart from the error that I saw before.

Is there anything else that I can do to help you debug the issue? Thanks.

Dylan Myers · Answer 7 · Fri Sep 30 2016 01:16:06 GMT+0800 (China Standard Time)

Hi,

I get a similar error. I get this right at the 5th step. See screenshot:

Acme challenge is accessible by browser. All dgst's signed with my account key. This is debug version.

Dahlia Witt · Answer 8 · Wed Nov 02 2016 04:28:51 GMT+0800 (China Standard Time)

+1 Same error

Mariano · Answer 9 · Wed Nov 02 2016 19:29:46 GMT+0800 (China Standard Time)

Same error here.

Any clue will be awesome.
Thanks

jamie-pate · Answer 10 · Tue Nov 08 2016 06:58:42 GMT+0800 (China Standard Time)

Having the same problem,

Interestingly, when I put in a breakpoint at

account_xhr.open("POST", CA + "/acme/new-reg");
    account_xhr.send(JSON.stringify({
...

the step 3 worked!

This suggests that this may be a timing issue?

TLM · Answer 11 · Sat Jan 07 2017 08:44:37 GMT+0800 (China Standard Time)

and 0 help .. figures

Greg Kochaniak · Answer 12 · Wed Feb 08 2017 05:23:40 GMT+0800 (China Standard Time)

No luck here either, exactly the same cryptic error message "Error: Account registration failed. Please start back at Step 1. { "type": "urn:acme:error:malformed", "detail": "JWS verification error", "status": 400 }" Adding a breakpoint at account_xhr.open(...) as @jamie-pate mentioned did not help me. Whole afternoon wasted.

TLM · Answer 13 · Sat Mar 04 2017 15:04:43 GMT+0800 (China Standard Time)

wow still nothing at all. this can't be support.

Dylan Myers · Answer 14 · Wed Mar 08 2017 08:25:32 GMT+0800 (China Standard Time)

@diafygi if you've given up with this project, please ask for someone else to take over

TLM · Answer 15 · Wed Mar 08 2017 10:19:49 GMT+0800 (China Standard Time)

It's pay certs for me. No time for this shit.

Daniel Roesler · Answer 16 · Thu Mar 09 2017 03:01:40 GMT+0800 (China Standard Time)

@TLMcode You get what you pay for, I guess. This is just a side project for me, so if you want to use something more supported, please use https://certbot.eff.org/ and donate to that project.

@dylmye I am still maintaining the website. I just tested the website and it still works. Most of these Step 3 issues are usually related to linebreaks/whitespace on Windows (which I can't test, since I don't have Windows).

I will get around to answering issues when I have time, but that hasn't been for a while.

Daniel Roesler · Answer 17 · Wed Apr 03 2019 20:57:34 GMT+0800 (China Standard Time)

I suspect most of these issues are now obsolete with v2. Closing this issue and please open new issues if you are still seeing errors with v2.