acme/autocert: missing server name

[1722393429]

2022/03/02 20:26:18 http: TLS handshake error from 138.246.253.24:41988: acme/autocert: missing server name

[tcwalther]

While this issue has little information about the problem, I can confirm that letsencrypt integration seems to be broken. It used to work flawlessly less than a year ago, but when I run ssl-proxy with -domain=example.com now, I get the same error message. Using a manual cert+key pair (created via certbot) works fine.

[suyashkumar]

Thanks for reporting this folks! I'll take a look at this this weekend. Out of curiosity, does this happen with the prebuilt binaries and also when you build from source?

[grischard]

Hi! This happens to me both when I build from source (linux, aarm64) and with the pre-built binaries (darwin, amd64).

I run:

./ssl-proxy-darwin-amd64 -from [::]:443 -to 127.0.0.1:8000 -domain reasonableexcuse.stereo.lu

The logs say:

2022/03/08 19:51:03 http: TLS handshake error from [2001:470:1f07:63c:8cc:74b8:1f3:1009]:52731: acme/autocert: unable to satisfy "https://acme-v02.api.letsencrypt.org/acme/authz-v3/85721842810" for domain "reasonableexcuse.stereo.lu": no viable challenge type found
2022/03/08 19:51:04 http: TLS handshake error from [2001:470:1f07:63c:8cc:74b8:1f3:1009]:52734: acme/autocert: missing certificate

[suyashkumar]

Thanks folks! I think that I've been able to repro and fix the error in a limited test environment, simply by updating the golang crypto dependencies. Sending a PR here: #37 that should be merged soon. Thanks for reporting, and if you get a chance to test it let me know if it worked in your usage. Thanks!

[suyashkumar]

This should be addressed with #37, and I've also published an updated release with prebuilt binaries here: https://github.com/suyashkumar/ssl-proxy/releases/tag/v0.2.7

You can easily pull down the latest release at the command line with

wget -qO- "https://getbin.io/suyashkumar/ssl-proxy" | tar xvz 

Give them a try and let me know if you still have issues. Thanks!

[Jipok]

Fixed for me.

[suyashkumar]

Great! I'll close this out then. If anyone else has similar issues feel free to comment and reopen. Thanks!

[mxbfnk]

Heyja, I think the problem is present again with newest version 0.5.2.

Connecting from WIN Agent to Linux Proxy.

-selfcert works fine!

[grischard]

@mxbfnk Since this issue is two years old and the original cause of that problem got resolved, can I suggest opening a new issue?

[mxbfnk]

sure. ;) I thought here because of the last comment from @suyashkumar