You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[INFO] [2a0c:b641:2c0:110::21] acme: Trying to solve HTTP-01\n2024/09/23 22:06:14 [INFO] Skipping deactivating of valid auth: https://vault.unicornafk.fr:8200/v1/pki/acme/authorization/2784580b-b852-4fce-8ed3-3ab805c816f9\n2024/09/23 22:06:14 [INFO] Skipping deactivating of valid auth: https://vault.unicornafk.fr:8200/v1/pki/acme/authorization/55e91f06-fb6e-aec0-e303-7769a202817a\n2024/09/23 22:06:14 [INFO] Deactivating auth: https://vault.unicornafk.fr:8200/v1/pki/acme/authorization/7c59f2a2-b0bf-7e70-0d77-e5a50af70a8c\n2024/09/23 22:06:14 [INFO] Unable to deactivate the authorization: https://vault.unicornafk.fr:8200/v1/pki/acme/authorization/7c59f2a2-b0bf-7e70-0d77-e5a50af70a8c\n2024/09/23 22:06:14 Could not obtain certificates:\n\terror: one or more domains had a problem:\n[2a0c:b641:2c0:110::21] acme: error: 400 :: urn:ietf:params:acme:error:incorrectResponse :: Response received didn\'t match the challenge\'s requirements: error validating http-01 challenge 7c59f2a2-b0bf-7e70-0d77-e5a50af70a8c-http-01: http-01: failed to fetch path http://2a0c:b641:2c0:110::21/.well-known/acme-challenge/JJqdDgTEKYUUksBUhT9hWeo9eVkM: Get "http://2a0c:b641:2c0:110::21/.well-known/acme-challenge/JJqdDgTEKYUUksBUhT9hWeo9eVkM": dial tcp: lookup 2a0c:b641:2c0:110:: no such host; this may occur if the validation target was misconfigured: check that challenge responses are available at the required locations and retry.\n
To Reproduce
Steps to reproduce the behavior:
Configure pki with ACME
Try to get a certificate through vault ACME with lego (for example) with an IPv6 in the SAN.
Expected behavior
Vault should connect properly to my IPv6 webserver
Environment:
Vault Server Version (retrieve with vault status): 1.17.5
Vault CLI Version (retrieve with vault version):
Server Operating System/Architecture: Ubuntu 22.04 Server LTS
The text was updated successfully, but these errors were encountered:
Describe the bug
The HTTP-01 & challenge does not format properly domain when it's set to the IPv6 address must be enclosed in brackets.
https://github.com/hashicorp/vault/blob/main/builtin/logical/pki/acme_challenges.go#L126
Challenge fail with this error in lego
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Vault should connect properly to my IPv6 webserver
Environment:
vault status
): 1.17.5vault version
):The text was updated successfully, but these errors were encountered: