PavelJ Posted February 24, 2019 Share Posted February 24, 2019 (edited) I'm running XRPL validator (public key: nHBmJuwMPRh2mLrYhUdFHNKrZ3cwXEkiGAKXESM4mDvQKMF8WAp7) based on Wietse's Wind docker rippled validator repo (https://github.com/WietseWind/docker-rippled-validator). It's up and running newest rippled version 1.2.0. Now I'm trying to validate my (sub)domain (again according to the instructions of Wietse - https://medium.com/@WietseWind/verify-your-ripple-validator-show-your-domain-da19de30b19bbut) with no success. I'm little bit desperate and really don't know what I'm doing wrong. Hope someone can help me. After a few attempts I ended up with following configuration: Server 1 (S1): web hosting with simple web presentation https://www.rippled.eu Server 2 (S2): with rippled validator running CentOS with webserver running and serving subdomain https://validator.rippled.eu I edited apache ssl configuration file (ssl.conf) with these parameters: ServerName validator.rippled.eu SSLCertificateFile /.../validator.rippled.eu/cert.pem SSLCertificateKeyFile /.../validator.rippled.eu/privkey.pem SSLCertificateChainFile /.../validator.rippled.eu/chain.pem Both servers has its own Let's Encrypt certificate (S1 *.rippled.eu, S2 validator.ripppled.eu). Certificates were generated using Certbot on S2. On S1 I uploaded thru administration control panel of my webhosting service. Web browsers displays that certificates are valid. S1 has DNS A record (validator.rippled.eu and *.validator.rippled.eu pointing to public IP of S2) In verification process I'm running following command: "docker run --rm -it -v /keystore/:/keystore/ -p 80:80 xrptipbot/verify-rippledvalidator" Next listing is as folows: Quote Welcome! This tool will help you verify your domain, so you can send some info to Ripple. This will allow you to list your domain next to your validator Tool by https://twitter.com/@WietseWind Please make sure: 1. You've added the IP of this host to your DNS config (for the domain you want to validate) 2. There is no other service on your host using port 80 3. You opened / mapped port 80 to this host in your firewall / router (if this is not a publicly accessible server) 4. You mapped port 80 to this docker container, using the flag: -p 80:80 Trying to determine your public IP. This may take a minute... > Found: your public IP is: 207.180.228.148 You will now be asked a few questions. This information is required to get a SSL certificate using LetsEncrypt. First... What is the hostname you want to validate? This hostname shoud be in your DNS config, pointing to 207.180.228.148 using a DNS A record. Hostname: validator.rippled.eu Checking the DNS config (using OpenDNS) Awesome! DNS configuration is OK! Found an existing certificate. We will use this certificate to continue signing stuff for Ripple, so they will be able to verify your validator Your certificate is stored in the keystore: validator.rippled.eu-privkey.pem If you don't want to sign using your existing certificate, remove the certificate mentioned above from the (mapped) keystore-folder and run this tool again. Signing public key using certificate. ------------------------------------------------------ (stdin)= SSL signature as 512B hash ------------------------------------------------------ Almost done! Two steps left. In your validator-keystore (the folder you mounted using the '-v' option) are two new files. These files are generated by this tool: - validation-data.txt - finish_signing The 'validation-data.txt' is the file containing everything for Ripple, AFTER you finish the signing. This step has to be executed IN the validator container. To do this, you have to execute the following command: docker exec rippledvalidator /keystore/finish_signing Please note: if you did not name your docker container 'rippledvalidator' insert your own validator container name in the command above. Thank you for using this script, happy validating! @WietseWind (aka pepperew on reddit and Discord) So I ran next command: docker exec rippledvalidator /keystore/finish_signing Quote OK! All set! Please send the output below to Ripple. ------------------------------------------------------ Go to: https://docs.google.com/forms/d/e/1FAIpQLScszfq7rRLAfArSZtvitCyl-VFA9cNcdnXLFjURsdCQ3gHW7w/viewform Domain: validator.rippled.eu #1 Validator public key: nHBmJuwMPRh2mLrYhUdFHNKrZ3cwXEkiGAKXESM4mDvQKMF8WAp7 #2 SSL Signature: (stdin)= SSL signature [512] #3 Domain signature for validator.rippled.eu: Domain signature [128] ------------------------------------------------------ In final step I inserted requested data into Google Docs "XRP Ledger Validator Domain Verification" document Email: my email Domain: validator.rippled.eu Validator public key: nHBmJuwMPRh2mLrYhUdFHNKrZ3cwXEkiGAKXESM4mDvQKMF8WAp7 SSL Signature: 512B long hash Domain Signature: 128B long hash Everytime I tried, I received email with following message: Quote Your domain for https://validator.rippled.eu for validator nHBmJuwMPRh2mLrYhUdFHNKrZ3cwXEkiGAKXESM4mDvQKMF8WAp7 was unable to be verified. The verification process reported the following error: 'missing SSL certificate' Could someone point me where I'm making mistake, what's wrong with my certificate or verification process? Why is verification process missing my certificate? Am I missing something in apache configuration files (https.conf, ssl.conf) or rippled config file (rippled.cfg)? I'll be glad for every suggestion or help. Thank you. Edited February 25, 2019 by PavelJ typo Link to comment Share on other sites More sharing options...
PavelJ Posted February 25, 2019 Author Share Posted February 25, 2019 Issue solved. My validator is now fully verified by Ripple. validator.rippled.eu cmbartley 1 Link to comment Share on other sites More sharing options...
Wolfy1060 Posted May 28, 2019 Share Posted May 28, 2019 Hi, I am having the same issue, "missing SSL certificate", how did you solve it? Thanks Link to comment Share on other sites More sharing options...
XRPWINS Posted September 6, 2020 Share Posted September 6, 2020 What was the solution? I have GoDaddy SSL - who holds your SSL Cert? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now