mardi 8 mars 2016

Commands you must know for ACMESharp

To complete the QuickStart from https://github.com/ebekker/ACMESharp/wiki/Quick-Start you may encounter some troubles. Among them:

----- I -----
The given key was not present in the dictionary

The solution is given by one of the issue.

This his formally an extract/copy from https://github.com/ebekker/ACMESharp/issues/101. From this link one can read:

There are a few bookkeeping cmdlets you can run to make sure the parameters to the Complete-* cmdlet are valid:
  • Get-ACMEIdentifier -- with no arguments, this cmdlet will list all the current Identifiers you have in the Vault; if you give it an Identifier reference (e.g. sequence number, Alias or GUID) it will give you more details about that particular Identifier
  • Get-ACMEChallengeHandlerProfile -ListChallengeTypes -- this will return the list of all Challenge Types that are currently registered and available in the current PS session, e.g. dns-01, http-01
  • Get-ACMEChallengeHandlerProfile -ListChallengeHandlers -- this will return the list of all Challenge Handlers that are currently registered and available in the current PS session, e.g. manual, iis, awsRoute53, awsS3
  • Get-ACMEChallengeHandlerProfile -GetChallengeHandler iis -ParametersOnly -- this form of the cmdlet will list details about the parameters that must or may be specified for the named Challenge Handler type
With these cmdlets you can ensure that the parameters to your Complete-ACMEChallenge call are all correct, for example that the Identifier reference is valid. If you run these and everything seems to be specified correctly and you still get this error, then there might be a bug somewhere and we can trace through that.

----- II -----
Stuck in the pending status

The solution can be found here: http://stackoverflow.com/questions/35302044/letsencrypt-acmesharp-client-challenge-in-pending-state-for-over-an-hour

In short using the following command : (Update-ACMEIdentifier dns1 -ChallengeType http-01).Challenges should exhibit that one among three of the challenges is valid.

----- III -----
Cannot export PKCS12; Issuer certificate hasn't been resolved

The solution can be found here: https://github.com/ebekker/ACMESharp/issues/87.

In short an Update-ACMECertificate certAlias solves the problem.