Jump to content

XRPL validator domain verification problem


PavelJ

Recommended Posts

I'm running XRPL validator (public key: nHBmJuwMPRh2mLrYhUdFHNKrZ3cwXEkiGAKXESM4mDvQKMF8WAp7) based on Wietse's Wind docker rippled validator repo (https://github.com/WietseWind/docker-rippled-validator). It's up and running newest rippled version 1.2.0.
Now I'm trying to validate my (sub)domain (again according to the instructions of Wietse - https://medium.com/@WietseWind/verify-your-ripple-validator-show-your-domain-da19de30b19bbut) with no success. 

I'm little bit desperate and really don't know what I'm doing wrong. Hope someone can help me.

After a few attempts I ended up with following configuration:


Server 1 (S1): web hosting with simple web presentation
              https://www.rippled.eu

Server 2 (S2): with rippled validator running
               CentOS  with webserver running and serving subdomain https://validator.rippled.eu
               I edited apache ssl configuration file (ssl.conf) with these parameters:
               
               ServerName validator.rippled.eu
               SSLCertificateFile /.../validator.rippled.eu/cert.pem
               SSLCertificateKeyFile /.../validator.rippled.eu/privkey.pem 
               SSLCertificateChainFile /.../validator.rippled.eu/chain.pem
               
Both servers has its own Let's Encrypt certificate (S1 *.rippled.eu, S2 validator.ripppled.eu). Certificates were generated using Certbot on S2. On S1 I uploaded thru administration control panel of my webhosting service. Web browsers displays that certificates are valid.
S1 has DNS A record (validator.rippled.eu and *.validator.rippled.eu pointing to public IP of S2)           

In verification process I'm running following command: "docker run --rm -it -v /keystore/:/keystore/ -p 80:80 xrptipbot/verify-rippledvalidator"
Next listing is as folows:

Quote

     Welcome! This tool will help you verify
     your domain, so you can send some info
     to Ripple. This will allow you to list
     your domain next to your validator :)
     
     Tool by https://twitter.com/@WietseWind
     
     Please make sure:
     1. You've added the IP of this host
        to your DNS config (for the domain
        you want to validate)
     2. There is no other service on your
        host using port 80
     3. You opened / mapped port 80 to this
        host in your firewall / router (if
        this is not a publicly accessible
        server)
     4. You mapped port 80 to this docker
        container, using the flag:
           -p 80:80
     
     Trying to determine your public IP.
     This may take a minute...
     
     > Found: your public IP is:
     207.180.228.148
     
     You will now be asked a few questions.
     This information is required to get a
     SSL certificate using LetsEncrypt.
     
     First... What is the hostname you want
     to validate? This hostname shoud be in
     your DNS config, pointing to 207.180.228.148
     using a DNS A record.
     
     Hostname: validator.rippled.eu

     Checking the DNS config (using OpenDNS)
     Awesome! DNS configuration is OK!
     
     Found an existing certificate.
     We will use this certificate to continue
     signing stuff for Ripple, so they will be
     able to verify your validator :)
     
     Your certificate is stored in the keystore:
     validator.rippled.eu-privkey.pem
     
     If you don't want to sign using your existing
     certificate, remove the certificate mentioned
     above from the (mapped) keystore-folder and
     run this tool again.
     
     Signing public key using certificate.
     ------------------------------------------------------
     (stdin)= SSL signature as 512B hash
     ------------------------------------------------------

     Almost done! Two steps left.
     
     In your validator-keystore (the folder you
     mounted using the '-v' option) are two new
     files. These files are generated by this tool:
     
     - validation-data.txt
     - finish_signing
     
     The 'validation-data.txt' is the file containing
     everything for Ripple, AFTER you finish the
     signing. This step has to be executed IN the
     validator container. To do this, you have to
     execute the following command:
     
     docker exec rippledvalidator /keystore/finish_signing
     
     Please note: if you did not name your docker container
     'rippledvalidator'
     insert your own validator container name in the
     command above.
     
     Thank you for using this script, happy validating!
     @WietseWind (aka pepperew on reddit and Discord)

So I ran next command:
     docker exec rippledvalidator /keystore/finish_signing

Quote

     OK! All set! Please send the output below to Ripple.
     
     ------------------------------------------------------
     
     Go to:
    https://docs.google.com/forms/d/e/1FAIpQLScszfq7rRLAfArSZtvitCyl-VFA9cNcdnXLFjURsdCQ3gHW7w/viewform
     
     Domain: validator.rippled.eu
     
     #1 Validator public key: nHBmJuwMPRh2mLrYhUdFHNKrZ3cwXEkiGAKXESM4mDvQKMF8WAp7
     
     #2 SSL Signature:
     (stdin)= SSL signature [512]
     
     #3 Domain signature for validator.rippled.eu:
     Domain signature [128]
     
     ------------------------------------------------------

 

In final step I inserted requested data into Google Docs "XRP Ledger Validator Domain Verification" document
     Email: my email
     Domain: validator.rippled.eu
     Validator public key: nHBmJuwMPRh2mLrYhUdFHNKrZ3cwXEkiGAKXESM4mDvQKMF8WAp7
     SSL Signature: 512B long hash
     Domain Signature: 128B long hash 
 
Everytime I tried, I received email with following message:     

Quote

          Your domain for https://validator.rippled.eu for validator nHBmJuwMPRh2mLrYhUdFHNKrZ3cwXEkiGAKXESM4mDvQKMF8WAp7 was unable to be verified.
          The verification process reported the following error: 'missing SSL certificate'

Could someone point me where I'm making mistake, what's wrong with my certificate or verification process?
Why is verification process missing my certificate? 
Am I missing something in apache configuration files (https.conf, ssl.conf) or rippled config file (rippled.cfg)?
     
I'll be glad for every suggestion or help.
Thank you. 

Edited by PavelJ
typo
Link to comment
Share on other sites

  • 3 months later...
  • 1 year later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...