Step #3 failing about gethttpsforfree HOT 9 CLOSED

@giotec
For MS-Windows the Command for step 3.1 - 3.3 is:
echo|set /p=ey...iJ9 | openssl dgst -sha256 -hex -sign %PRIV_KEY%
with the ey...iJ9 replaced by the check-string out of the Linux-Command (without quots).

But also with this right commands I finshed Step 3 with:
Error: Account registration failed. Please start back at Step 1. { "type": "urn:acme:error:malformed", "detail": "JWS verification error", "status": 400 }
In the moment I belive, that the reason for that is,;
a) the port-noumber (e.g. 45456) in the domain name for which I requested the certifikat or
b) the password protection of the domain.
I tryed to generate a certificat for my router, which do NOT allow a standard port number nor no Password. The routers is named FRITZ!BOX. It uses a service wich is named "myfritz" to allow the access form the internet with a dynamic IP-Adress.

from gethttpsforfree.

Seems like a bug in OpenSSL for Windows - worked on OpenSSL 1.0.1e-fips on a Linux box.

EDIT: It was actually Windows echo syntax adding an extra break/new line and the quotes.

from gethttpsforfree.

Does echo work on Windows? Also, it may be that echo is adding a line break at the end of the output, which inadvertently gets included in the signature body.

from gethttpsforfree.

Echo works on Windows, but you are correct: by default, it adds a line break - and it does not require quotes around the digest message, otherwise it outputs the quotes too.

For Windows, the correct command line would be something like

set PRIV_KEY=account.key
echo|set /p=deadbeef... | openssl ... %PRIV_KEY%

Tested and seems to work - got the same hash output as of my Linux box

from gethttpsforfree.

How would you use this correct command line in windows?

from gethttpsforfree.

@giotec the command syntax is summarized on my post just above your question:

set PRIV_KEY=account.key
echo|set /p=deadbeef... | openssl ... %PRIV_KEY%

All you need to do is replace the missing gaps with the information provided on the GetHTTPSForFree web page at the moment you are creating your certificate -- "deadbeef..." by the long base64 string, "openssl ..." with the OpenSSL parameters for each step of signing and hashing.

Last but not least, you still need to download and install a copy of OpenSSL for Windows.

If you can't figure out what to replace and where to replaced on each step, then - don't get me wrong - I'm afraid you need to follow the official, Linux-based steps on a Linux-based console for further assistance. AFAIK Windows is not officially supported.

from gethttpsforfree.

@HQuest
What is the purpose of "deadbeef" in the cammand?

I've installed OpenSSL already

from gethttpsforfree.

On windows it's correct:
set PRIV_KEY=account.key
echo|set /p=deadbeef... | openssl ... %PRIV_KEY%
But remove spaces:
set PRIV_KEY=account.key
echo|set /p=deadbeef...|openssl ... %PRIV_KEY%

from gethttpsforfree.

In My Case I use Git for window to generate the stuff but was stuck with same problem. So I head to sslforfree.com to save myself from much wahala, Along the line I encounter same error at the last stop. It was then I figured out the am using wildcard which LE does not support yet so I remove the wildcard(ed) domain and it then work (on sslforfree.com actually I trust those guys sha )

from gethttpsforfree.