certbot SERVFAIL looking up A fordomain - amazon-ec2
I used certbot to generate a certificate for a domain, it worked great the first time.
After that I changed my amazon ec2 instance (amazon linux) for an other region. So I changed the A record for the subdomain and now i can't generate a certificate on the new instance because of DNS issue
certbot-auto certonly --debug --standalone -d dev.******.com
2016-07-19 17:03:29,603:DEBUG:certbot.main:Root logging level set at 30
2016-07-19 17:03:29,604:INFO:certbot.main:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2016-07-19 17:03:29,604:DEBUG:certbot.main:certbot version: 0.8.1
2016-07-19 17:03:29,604:DEBUG:certbot.main:Arguments: ['--debug', '--standalone', '-d', 'dev.********.com']
2016-07-19 17:03:29,605:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
2016-07-19 17:03:29,609:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer None
2016-07-19 17:03:29,804:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone
Description: Automatically use a temporary webserver
Interfaces: IAuthenticator, IPlugin
Entry point: standalone = certbot.plugins.standalone:Authenticator
Initialized: <certbot.plugins.standalone.Authenticator object at 0x7f0133b10d10>
Prep: True
2016-07-19 17:03:29,806:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.standalone.Authenticator object at 0x7f0133b10d10> and installer None
2016-07-19 17:03:29,942:DEBUG:certbot.main:Picked account: <Account(388bf562a96cea8013b7660447da660e)>
2016-07-19 17:03:29,943:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/directory. args: (), kwargs: {}
2016-07-19 17:03:29,946:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-07-19 17:03:30,132:DEBUG:requests.packages.urllib3.connectionpool:"GET /directory HTTP/1.1" 200 280
2016-07-19 17:03:30,133:DEBUG:root:Received <Response [200]>. Headers: {'Content-Length': '280', 'Expires': 'Tue, 19 Jul 2016 17:03:30 GMT', 'Boulder-Request-Id': 'A4t6LE9szTZDv0FuCE7bQnICx2zyVtRVeQacSWenKUE', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Tue, 19 Jul 2016 17:03:30 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'VLinxcmE9YznBxpdisr5YqFQqf9KFT3grGMLfwvD3Jg'}. Content: '{\n "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",\n "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",\n "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",\n "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"\n}'
2016-07-19 17:03:30,133:DEBUG:acme.client:Received response <Response [200]> (headers: {'Content-Length': '280', 'Expires': 'Tue, 19 Jul 2016 17:03:30 GMT', 'Boulder-Request-Id': 'A4t6LE9szTZDv0FuCE7bQnICx2zyVtRVeQacSWenKUE', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Tue, 19 Jul 2016 17:03:30 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'VLinxcmE9YznBxpdisr5YqFQqf9KFT3grGMLfwvD3Jg'}): '{\n "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",\n "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",\n "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",\n "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"\n}'
2016-07-19 17:03:30,134:DEBUG:root:Requesting fresh nonce
2016-07-19 17:03:30,134:DEBUG:root:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {}
2016-07-19 17:03:30,327:DEBUG:requests.packages.urllib3.connectionpool:"HEAD /acme/new-authz HTTP/1.1" 405 0
2016-07-19 17:03:30,328:DEBUG:root:Received <Response [405]>. Headers: {'Content-Length': '91', 'Pragma': 'no-cache', 'Boulder-Request-Id': 'zZzFamjI7WOmh85keAw4lLd8laZfe74W1TYq3HNR7mk', 'Expires': 'Tue, 19 Jul 2016 17:03:30 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'Allow': 'POST', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Tue, 19 Jul 2016 17:03:30 GMT', 'Content-Type': 'application/problem+json', 'Replay-Nonce': 'CgmdRQWWj5_PPfveAA7c1o50xkOk3entsaA27xlBwmA'}. Content: ''
2016-07-19 17:03:30,328:DEBUG:acme.client:Storing nonce: '\n\t\x9dE\x05\x96\x8f\x9f\xcf=\xfb\xde\x00\x0e\xdc\xd6\x8et\xc6C\xa4\xdd\xe9\xed\xb1\xa06\xef\x19A\xc2`'
2016-07-19 17:03:30,328:DEBUG:acme.jose.json_util:Omitted empty fields: combinations=None, challenges=None, expires=None, status=None
2016-07-19 17:03:30,329:DEBUG:acme.client:Serialized JSON: {"identifier": {"type": "dns", "value": "xxxxxxxxxxxxx.com"}, "resource": "new-authz"}
2016-07-19 17:03:30,330:DEBUG:acme.jose.json_util:Omitted empty fields: kid=None, x5c=(), crit=(), jwk=None, typ=None, jku=None, cty=None, x5tS256=None, x5u=None, alg=None, x5t=None
2016-07-19 17:03:30,332:DEBUG:acme.jose.json_util:Omitted empty fields: kid=None, x5c=(), crit=(), typ=None, jku=None, cty=None, x5tS256=None, x5u=None, x5t=None, nonce=None
2016-07-19 17:03:30,332:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "rKDIxM9XKqEZ69kyTl7L6l1OZuEaJRJdSje2z4VC8pJt0sxRJXu32BVy5zC7uKLDmj-pUxcR2N5zAZTD4hJC-CwavEp9IT4zsQacQK1E9aGQOewmAF54_qUJQrZal167BOmMIENKcQ-sbVz1OLAhz85oByCAXwW6T8v5qoXCPYIX7pmgp4IuI4WNBcWeBqFv3Joj78oSReZXCuJId8RqsP5DeYRNpetvqUHijj3JGiQnclnUW2iTRUuiilAkqswDqk4J4uAraLylprTt2iQYA4wLZDaC2Con_u3c62aLpYpK5J2D5ZVoGJANjAzzNfkQAhsun3h3LsXLgfZ0Z2n2aw"}}, "protected": "eyJub25jZSI6ICJDZ21kUlFXV2o1X1BQZnZlQUE3YzFvNTB4a09rM2VudHNhQTI3eGxCd21BIn0", "payload": "eyJpZGVudGlmaWVyIjogeyJ0eXBlIjogImRucyIsICJ2YWx1ZSI6ICJkZXYuZGlhZ25ldHdvcmsuY29tIn0sICJyZXNvdXJjZSI6ICJuZXctYXV0aHoifQ", "signature": "lQjyTE1QljLHo1CxV6T94yrPb76ruaGDNd5ZthPI-9-rUDULu8VnCVHqO0v2ZYlfKlZUza80U6-ZFRmw4lGFaB1gK0w_jV7ONIg0dzjkTu8NEdKZ6PcMUuRdZuCbwsln9coIjy_7f5tQ7ukzSbQJXEbz6MTQ-5UALr5ft_JkSLTifwJFGtejzveY3KrpeP4WaI-hGzwLLOxjnFh_tn3Z2NdOqrTWJzGn_rqvlwX0OlG-GvcV6k9a9eK9aSK4T13Vs0N5ZYqX1IbVNHcqbgvoJ50LVUYlWWTDsihrZ4ttQl_onpmy5jRDKuQSeS8B3hVRKhgdmOh4fI9OYLjpd13Ddg"}'}
2016-07-19 17:03:30,629:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/new-authz HTTP/1.1" 201 1004
2016-07-19 17:03:30,629:DEBUG:root:Received <Response [201]>. Headers: {'Content-Length': '1004', 'Expires': 'Tue, 19 Jul 2016 17:03:30 GMT', 'Boulder-Request-Id': 'PknRp_fwf5o0vaHUpy_53-SwSKCN0Qwk0kBnm15EexI', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0', 'Pragma': 'no-cache', 'Boulder-Requester': '2692481', 'Date': 'Tue, 19 Jul 2016 17:03:30 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'B_6L7ZtDh3CzsQtRO_e8vceSEcbZGihWBGntNZ6h_G0'}. Content: '{\n "identifier": {\n "type": "dns",\n "value": "xxxxxxxxxxxxxxx.com"\n },\n "status": "pending",\n "expires": "2016-07-26T17:03:30.455575285Z",\n "challenges": [\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466859",\n "token": "6Z6vCV4zSvxn5U6WxpUcf2imTMT5kLj7rbRN5fmF9GI"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466860",\n "token": "bZjyeq34-f_T4bUcy1DVhPbnv_CanSu1c5PUezrhjqI"\n },\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466861",\n "token": "G581_pOSgF203q69BWk8tmHt1YH8lMLAidtBBQ90vnQ"\n }\n ],\n "combinations": [\n [\n 0\n ],\n [\n 2\n ],\n [\n 1\n ]\n ]\n}'
2016-07-19 17:03:30,629:DEBUG:acme.client:Storing nonce: '\x07\xfe\x8b\xed\x9bC\x87p\xb3\xb1\x0bQ;\xf7\xbc\xbd\xc7\x92\x11\xc6\xd9\x1a(V\x04i\xed5\x9e\xa1\xfcm'
2016-07-19 17:03:30,630:DEBUG:acme.client:Received response <Response [201]> (headers: {'Content-Length': '1004', 'Expires': 'Tue, 19 Jul 2016 17:03:30 GMT', 'Boulder-Request-Id': 'PknRp_fwf5o0vaHUpy_53-SwSKCN0Qwk0kBnm15EexI', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0', 'Pragma': 'no-cache', 'Boulder-Requester': '2692481', 'Date': 'Tue, 19 Jul 2016 17:03:30 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'B_6L7ZtDh3CzsQtRO_e8vceSEcbZGihWBGntNZ6h_G0'}): '{\n "identifier": {\n "type": "dns",\n "value": "xxxxxxxxxxxxxxxxxxxx.com"\n },\n "status": "pending",\n "expires": "2016-07-26T17:03:30.455575285Z",\n "challenges": [\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466859",\n "token": "6Z6vCV4zSvxn5U6WxpUcf2imTMT5kLj7rbRN5fmF9GI"\n },\n {\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466860",\n "token": "bZjyeq34-f_T4bUcy1DVhPbnv_CanSu1c5PUezrhjqI"\n },\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466861",\n "token": "G581_pOSgF203q69BWk8tmHt1YH8lMLAidtBBQ90vnQ"\n }\n ],\n "combinations": [\n [\n 0\n ],\n [\n 2\n ],\n [\n 1\n ]\n ]\n}'
2016-07-19 17:03:30,630:DEBUG:acme.challenges:dns-01 was not recognized, full message: {u'status': u'pending', u'token': u'6Z6vCV4zSvxn5U6WxpUcf2imTMT5kLj7rbRN5fmF9GI', u'type': u'dns-01', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466859'}
2016-07-19 17:03:30,630:INFO:certbot.auth_handler:Performing the following challenges:
2016-07-19 17:03:30,631:INFO:certbot.auth_handler:tls-sni-01 challenge for xxxxxxxxxxxxxxxxxxxx.com
2016-07-19 17:03:30,643:INFO:certbot.auth_handler:Waiting for verification...
2016-07-19 17:03:30,643:DEBUG:acme.client:Serialized JSON: {"keyAuthorization": "bZjyeq34-f_T4bUcy1DVhPbnv_CanSu1c5PUezrhjqI.B7zuU4v6Umg0TGs8jOHl_ihptyLw9pPsE1dRzUZoOu0", "type": "tls-sni-01", "resource": "challenge"}
2016-07-19 17:03:30,644:DEBUG:acme.jose.json_util:Omitted empty fields: kid=None, x5c=(), crit=(), jwk=None, typ=None, jku=None, cty=None, x5tS256=None, x5u=None, alg=None, x5t=None
2016-07-19 17:03:30,646:DEBUG:acme.jose.json_util:Omitted empty fields: kid=None, x5c=(), crit=(), typ=None, jku=None, cty=None, x5tS256=None, x5u=None, x5t=None, nonce=None
2016-07-19 17:03:30,646:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466860. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "rKDIxM9XKqEZ69kyTl7L6l1OZuEaJRJdSje2z4VC8pJt0sxRJXu32BVy5zC7uKLDmj-pUxcR2N5zAZTD4hJC-CwavEp9IT4zsQacQK1E9aGQOewmAF54_qUJQrZal167BOmMIENKcQ-sbVz1OLAhz85oByCAXwW6T8v5qoXCPYIX7pmgp4IuI4WNBcWeBqFv3Joj78oSReZXCuJId8RqsP5DeYRNpetvqUHijj3JGiQnclnUW2iTRUuiilAkqswDqk4J4uAraLylprTt2iQYA4wLZDaC2Con_u3c62aLpYpK5J2D5ZVoGJANjAzzNfkQAhsun3h3LsXLgfZ0Z2n2aw"}}, "protected": "eyJub25jZSI6ICJCXzZMN1p0RGgzQ3pzUXRST19lOHZjZVNFY2JaR2loV0JHbnROWjZoX0cwIn0", "payload": "eyJrZXlBdXRob3JpemF0aW9uIjogImJaanllcTM0LWZfVDRiVWN5MURWaFBibnZfQ2FuU3UxYzVQVWV6cmhqcUkuQjd6dVU0djZVbWcwVEdzOGpPSGxfaWhwdHlMdzlwUHNFMWRSelVab091MCIsICJ0eXBlIjogInRscy1zbmktMDEiLCAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIn0", "signature": "kZkv-CFLZH31z3kZ1naF7g41XcslUbVBPH42wptZzlov3_rWom-N8appf_eaLQ2P7lMVE89-gyM7fHmoWHl0Gpmkk4Xgmer9L4QdQyVixn60mm-1q6QMsWXT35e7Z7zokfUsOYkXQiEImIwZ0sxBc59dzxGIX7LhDFePZfyeZvH4_P0nUgpCgRqqXTni-O32stAM0i00GxLdg0kikc3UVD09iCU6sUpKpXc3kQHNLlkIkfiNN6zAngBnWDAgSMhquYKas2kk0hxnJw1UguyY9Ieu8Kd6vExi3U-yjGVOL2hVP3LkU46GS8eqvphC1mlndILGM-3VD1UYtwNAIsQt_A"}'}
2016-07-19 17:03:30,902:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466860 HTTP/1.1" 202 338
2016-07-19 17:03:30,902:DEBUG:root:Received <Response [202]>. Headers: {'Content-Length': '338', 'Boulder-Request-Id': 'qq5g3DMMDllSKoWuHRIRSY5oy9RNvpHZ9uF_zzYEeuk', 'Expires': 'Tue, 19 Jul 2016 17:03:30 GMT', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/authz/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0>;rel="up"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466860', 'Pragma': 'no-cache', 'Boulder-Requester': '2692481', 'Date': 'Tue, 19 Jul 2016 17:03:30 GMT', 'Content-Type': 'application/json', 'Replay-Nonce': 'VHPW9aR8jmuShp8pFrFuxFiQapbdip6SYQNzBaC-b7Y'}. Content: '{\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466860",\n "token": "bZjyeq34-f_T4bUcy1DVhPbnv_CanSu1c5PUezrhjqI",\n "keyAuthorization": "bZjyeq34-f_T4bUcy1DVhPbnv_CanSu1c5PUezrhjqI.B7zuU4v6Umg0TGs8jOHl_ihptyLw9pPsE1dRzUZoOu0"\n}'
2016-07-19 17:03:30,903:DEBUG:acme.client:Storing nonce: 'Ts\xd6\xf5\xa4|\x8ek\x92\x86\x9f)\x16\xb1n\xc4X\x90j\x96\xdd\x8a\x9e\x92a\x03s\x05\xa0\xbeo\xb6'
2016-07-19 17:03:30,903:DEBUG:acme.client:Received response <Response [202]> (headers: {'Content-Length': '338', 'Boulder-Request-Id': 'qq5g3DMMDllSKoWuHRIRSY5oy9RNvpHZ9uF_zzYEeuk', 'Expires': 'Tue, 19 Jul 2016 17:03:30 GMT', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/authz/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0>;rel="up"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466860', 'Pragma': 'no-cache', 'Boulder-Requester': '2692481', 'Date': 'Tue, 19 Jul 2016 17:03:30 GMT', 'Content-Type': 'application/json', 'Replay-Nonce': 'VHPW9aR8jmuShp8pFrFuxFiQapbdip6SYQNzBaC-b7Y'}): '{\n "type": "tls-sni-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466860",\n "token": "bZjyeq34-f_T4bUcy1DVhPbnv_CanSu1c5PUezrhjqI",\n "keyAuthorization": "bZjyeq34-f_T4bUcy1DVhPbnv_CanSu1c5PUezrhjqI.B7zuU4v6Umg0TGs8jOHl_ihptyLw9pPsE1dRzUZoOu0"\n}'
2016-07-19 17:03:33,906:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0. args: (), kwargs: {}
2016-07-19 17:03:34,184:DEBUG:requests.packages.urllib3.connectionpool:"GET /acme/authz/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0 HTTP/1.1" 200 1473
2016-07-19 17:03:34,185:DEBUG:root:Received <Response [200]>. Headers: {'Content-Length': '1473', 'Expires': 'Tue, 19 Jul 2016 17:03:34 GMT', 'Boulder-Request-Id': 'kbximz8gXN1-tbWUpkkxA5s9PyXQMnZ3DM2mztNnv00', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Tue, 19 Jul 2016 17:03:34 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': '9rCskcPn_HaHylVaCH-VViSBt78YdDh-I10sX5UlXak'}. Content: '{\n "identifier": {\n "type": "dns",\n "value": "xxxxxxxxxxxxxxxxxxxx.com"\n },\n "status": "invalid",\n "expires": "2016-07-26T17:03:30Z",\n "challenges": [\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466859",\n "token": "6Z6vCV4zSvxn5U6WxpUcf2imTMT5kLj7rbRN5fmF9GI"\n },\n {\n "type": "tls-sni-01",\n "status": "invalid",\n "error": {\n "type": "urn:acme:error:connection",\n "detail": "DNS problem: SERVFAIL looking up A for xxxxxxxxxxxxxxxxxxxx.com",\n "status": 400\n },\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466860",\n "token": "bZjyeq34-f_T4bUcy1DVhPbnv_CanSu1c5PUezrhjqI",\n "keyAuthorization": "bZjyeq34-f_T4bUcy1DVhPbnv_CanSu1c5PUezrhjqI.B7zuU4v6Umg0TGs8jOHl_ihptyLw9pPsE1dRzUZoOu0",\n "validationRecord": [\n {\n "hostname": "xxxxxxxxxxxxxxxxxxxx.com",\n "port": "",\n "addressesResolved": null,\n "addressUsed": ""\n }\n ]\n },\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466861",\n "token": "G581_pOSgF203q69BWk8tmHt1YH8lMLAidtBBQ90vnQ"\n }\n ],\n "combinations": [\n [\n 0\n ],\n [\n 2\n ],\n [\n 1\n ]\n ]\n}'
2016-07-19 17:03:34,185:DEBUG:acme.client:Received response <Response [200]> (headers: {'Content-Length': '1473', 'Expires': 'Tue, 19 Jul 2016 17:03:34 GMT', 'Boulder-Request-Id': 'kbximz8gXN1-tbWUpkkxA5s9PyXQMnZ3DM2mztNnv00', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Tue, 19 Jul 2016 17:03:34 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': '9rCskcPn_HaHylVaCH-VViSBt78YdDh-I10sX5UlXak'}): '{\n "identifier": {\n "type": "dns",\n "value": "xxxxxxxxxxxxxxxxxxxx.com"\n },\n "status": "invalid",\n "expires": "2016-07-26T17:03:30Z",\n "challenges": [\n {\n "type": "dns-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466859",\n "token": "6Z6vCV4zSvxn5U6WxpUcf2imTMT5kLj7rbRN5fmF9GI"\n },\n {\n "type": "tls-sni-01",\n "status": "invalid",\n "error": {\n "type": "urn:acme:error:connection",\n "detail": "DNS problem: SERVFAIL looking up A for xxxxxxxxxxxxxxxxxxxx.com",\n "status": 400\n },\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466860",\n "token": "bZjyeq34-f_T4bUcy1DVhPbnv_CanSu1c5PUezrhjqI",\n "keyAuthorization": "bZjyeq34-f_T4bUcy1DVhPbnv_CanSu1c5PUezrhjqI.B7zuU4v6Umg0TGs8jOHl_ihptyLw9pPsE1dRzUZoOu0",\n "validationRecord": [\n {\n "hostname": "xxxxxxxxxxxxxxxxxxxx.com",\n "port": "",\n "addressesResolved": null,\n "addressUsed": ""\n }\n ]\n },\n {\n "type": "http-01",\n "status": "pending",\n "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466861",\n "token": "G581_pOSgF203q69BWk8tmHt1YH8lMLAidtBBQ90vnQ"\n }\n ],\n "combinations": [\n [\n 0\n ],\n [\n 2\n ],\n [\n 1\n ]\n ]\n}'
2016-07-19 17:03:34,186:DEBUG:acme.challenges:dns-01 was not recognized, full message: {u'status': u'pending', u'token': u'6Z6vCV4zSvxn5U6WxpUcf2imTMT5kLj7rbRN5fmF9GI', u'type': u'dns-01', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/C8A3Age_Z-MjpcLCotd2af-iWSl02mOqRcBgpacQSw0/184466859'}
2016-07-19 17:03:34,186:INFO:certbot.reporter:Reporting to user: The following errors were reported by the server:
Domain: xxxxxxxxxxxxxxxxxxxx.com
Type: connection
Detail: DNS problem: SERVFAIL looking up A for xxxxxxxxxxxxxxxxxxxx.com
To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2016-07-19 17:03:34,186:INFO:certbot.auth_handler:Cleaning up challenges
2016-07-19 17:03:34,187:DEBUG:certbot.plugins.standalone:Stopping server at 0.0.0.0:443...
2016-07-19 17:03:34,646:DEBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
File "/home/ec2-user/.local/share/letsencrypt/bin/letsencrypt", line 11, in <module>
sys.exit(main())
File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/certbot/main.py", line 744, in main
return config.func(config, plugins)
File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/certbot/main.py", line 555, in obtain_cert
_, action = _auth_from_domains(le_client, config, domains, lineage)
File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/certbot/main.py", line 94, in _auth_from_domains
lineage = le_client.obtain_and_enroll_certificate(domains)
File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/certbot/client.py", line 276, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/certbot/client.py", line 247, in obtain_certificate
self.config.allow_subset_of_names)
File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/certbot/auth_handler.py", line 74, in get_authorizations
self._respond(resp, best_effort)
File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/certbot/auth_handler.py", line 131, in _respond
self._poll_challenges(chall_update, best_effort)
File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/certbot/auth_handler.py", line 195, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. xxxxxxxxxxxxxxxxxxxx.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: DNS problem: SERVFAIL looking up A for xxxxxxxxxxxxxxxxxxxx.com
If you have an idea.... I'm completly lost
The issue was due to DNSSEC.
DNSSEC was activated on the domain because my first registrar could support this option. When I change my registrar for Amazon Route 53, DNSSEC was still activated but Amazon Route 53 don't support this option. Instead of remove the option or a clear warning, Amazon put this information in a tooltip of a lost page... "DNSSEC is activated but not yet supported by Route 53"
UI is not their best skill.
Thanks for your help anyway !
Two things can happened to result in such error:
- You domain DNS records are too new and not listed on all DNS servers yet. If the problem is this, it would be soled by itself if you give it some time such as 2days.
- DS record stops your domain from being validated. This was my case and one of my .eu domains couldn't go through Let's Encrypt certbot. I wasn't aware that there is a DS record among my DNS records for this domain.
As soon as I removed it, my domain get verified ad installed SSL Certs using certbot.
To check for this problem login to your domain panel. Go to DNS Zone File. Look for DS record. Remove and save your Zone File if there is any record there.
If this is difficult for you, try to register your domain at cloudflare.com. If your domain has DS record Cloudflare will email you about it.
I hope it helps you.
Related
Why does changing maxResults cause the total number of results to change in Google API / Gmail API?
Why does changing the maxResults parameter cause the resultSizeEstimate to drastically change when calling gmail.users.messages.list()?
The Google API docs lists resultSizeEstimate as: Estimated total number of results.
... which means this final result set should not change just by altering the number of items returned per page.
Example A: maxResults: 1 ... resultSizeEstimate: 8
{
"config": {
"url": "https://www.googleapis.com/gmail/v1/users/me/messages?q=before%3A2021%2F1%2F9&maxResults=1",
"method": "GET",
"headers": {
"Accept-Encoding": "gzip",
"User-Agent": "google-api-nodejs-client/0.7.2 (gzip)",
"Authorization": "Bearer [snip]",
"Accept": "application/json"
},
"params": {
"q": "before:2021/1/9",
"maxResults": 1
},
"responseType": "json"
},
"data": {
"messages": [ ... ],
"nextPageToken": "14911817971227869758",
"resultSizeEstimate": 8
},
"headers": {
"alt-svc": "h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"",
"cache-control": "private",
"connection": "close",
"content-encoding": "gzip",
"content-type": "application/json; charset=UTF-8",
"date": "Sun, 09 Jan 2022 12:59:48 GMT",
"server": "ESF",
"transfer-encoding": "chunked",
"vary": "Origin, X-Origin, Referer",
"x-content-type-options": "nosniff",
"x-frame-options": "SAMEORIGIN",
"x-xss-protection": "0"
},
"status": 200,
"statusText": "OK"
}
Example B: maxResults: 2 ... resultSizeEstimate: 12
{
"config": {
"url": "https://www.googleapis.com/gmail/v1/users/me/messages?q=before%3A2021%2F1%2F9&maxResults=2",
"method": "GET",
"headers": {
"Accept-Encoding": "gzip",
"User-Agent": "google-api-nodejs-client/0.7.2 (gzip)",
"Authorization": "Bearer [snip]",
"Accept": "application/json"
},
"params": {
"q": "before:2021/1/9",
"maxResults": 2
},
"responseType": "json"
},
"data": {
"messages": [ ... ],
"nextPageToken": "16903415066875011466",
"resultSizeEstimate": 12
},
"headers": {
"alt-svc": "h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"",
"cache-control": "private",
"connection": "close",
"content-encoding": "gzip",
"content-type": "application/json; charset=UTF-8",
"date": "Sun, 09 Jan 2022 13:10:48 GMT",
"server": "ESF",
"transfer-encoding": "chunked",
"vary": "Origin, X-Origin, Referer",
"x-content-type-options": "nosniff",
"x-frame-options": "SAMEORIGIN",
"x-xss-protection": "0"
},
"status": 200,
"statusText": "OK"
}
Example C: maxResults: (not set) ... resultSizeEstimate: 412
{
"config": {
"url": "https://www.googleapis.com/gmail/v1/users/me/messages?q=before%3A2021%2F1%2F9",
"method": "GET",
"headers": {
"Accept-Encoding": "gzip",
"User-Agent": "google-api-nodejs-client/0.7.2 (gzip)",
"Authorization": "Bearer [snip]",
"Accept": "application/json"
},
"params": {
"q": "before:2021/1/9"
},
"responseType": "json"
},
"data": {
"messages": [ ... ],
"nextPageToken": "16942818266524948378",
"resultSizeEstimate": 412
},
"headers": {
"alt-svc": "h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"",
"cache-control": "private",
"connection": "close",
"content-encoding": "gzip",
"content-type": "application/json; charset=UTF-8",
"date": "Sun, 09 Jan 2022 13:09:05 GMT",
"server": "ESF",
"transfer-encoding": "chunked",
"vary": "Origin, X-Origin, Referer",
"x-content-type-options": "nosniff",
"x-frame-options": "SAMEORIGIN",
"x-xss-protection": "0"
},
"status": 200,
"statusText": "OK"
}
This was previously reported in Issue Tracker and was considered to be intended behavior by Google, since resultSizeEstimate is not expected to be exact; it's an "estimate": the reason why resultSizeEstimate shows differents values is due to its estimation. As mentioned in the documentation resultSizeEstimate is just an estimated total number of results but not the exact number of results. Reference: users.messages.list method returns different amount of messages when using “maxResults” parameter
Error message from API when sending POST with Cypress
I try to send an API request with cy.request but there seems to be something wrong with the data format. My code looks as follows:
cy.request({
url: Cypress.env("RtmApiUrl") + "/test-plan/",
method: "POST",
headers: {
"Authorization": "Bearer " + Cypress.env('RtmApiToken'),
"content-type": "application/json",
body: {
"projectKey": "QAIR",
"summary": "API Test Regression",
"description": "Full regression",
"parentTestKey": "F-QAIR-TP-8",
"priority": {
"id": 3,
"name": "Medium"
},
"status": {
"id": 10005,
"name": "Backlog"
},
"includedTestCases": []
},
},
});
And the console output from Cypress Test Runner:
CypressError: `cy.request()` failed on:
https://rtm-api.hexygen.com/api/test-plan/
The response we received from your web server was:
> 400: Bad Request
This was considered a failure because the status code was not `2xx` or `3xx`.
If you do not want status codes to cause failures pass the option: `failOnStatusCode: false`
-----------------------------------------------------------
The request we sent was:
Method: POST
URL: https://rtm-api.hexygen.com/api/test-plan/
Headers: {
"Connection": "keep-alive",
"Authorization": "Bearer <some Token>",
"content-type": "application/json",
"body": {
"projectKey": "QAIR",
"summary": "API Test Regression",
"description": "Full regression",
"parentTestKey": "F-QAIR-TP-8",
"priority": {
"id": 3,
"name": "Medium"
},
"status": {
"id": 10005,
"name": "Backlog"
},
"includedTestCases": []
},
"user-agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36",
"accept": "*/*",
"accept-encoding": "gzip, deflate",
"content-length": 0
}
-----------------------------------------------------------
The response we got was:
Status: 400 - Bad Request
Headers: {
"server": "Cowboy",
"connection": "keep-alive",
"x-content-type-options": "nosniff",
"x-xss-protection": "1; mode=block",
"cache-control": "no-cache, no-store, max-age=0, must-revalidate",
"pragma": "no-cache",
"expires": "0",
"strict-transport-security": "max-age=31536000 ; includeSubDomains",
"x-frame-options": "DENY",
"content-type": "application/json",
"content-length": "69",
"date": "Tue, 13 Jul 2021 07:32:36 GMT",
"via": "1.1 vegur"
}
Body: {
"errorMessages": [
"No content to map to Object due to end of input"
]
}
I already tried the same combination of header and body with Postman and curl and it worked. Is there something I missed?
Any help is appreciated. Thanks in advance.
Folks, I missed a bracket at the end of the headers block. So this was a real classic layer 8 issue...
cy.request({
url: Cypress.env("RtmApiUrl") + "/test-plan/",
method: "POST",
headers: {
"Authorization": "Bearer " + Cypress.env('RtmApiToken'),
"content-type": "application/json"
},
body: {
"projectKey": "QAIR",
"summary": "API Test Regression",
"description": "Full regression",
"parentTestKey": "F-QAIR-TP-8",
"priority": {
"id": 3,
"name": "Medium"
},
"status": {
"id": 10005,
"name": "Backlog"
},
"includedTestCases": []
},
},
});
Multiple Set-Cookie headers ignored by API Gateway in combination with Lambda integration and CloudFront
My setup looks like this:
|––––––––––––| |–––––––––––––| |–––––––––––––––––|
| | <- origin 1 -> | API Gateway | <-> | Lambda function |
| | |–––––––––––––| |–––––––––––––––––|
| CloudFront |
| | |–––––––––––––|
| | <- origin 2 -> | S3 bucket |
|––––––––––––| |–––––––––––––|
I need CloudFront in front of the API Gateway to get automatic http->https redirection.
I'm using a custom login.example.com subdomain w/ CloudFront.
API Gateway's generated URL is the origin 1 for CloudFront distribution.
This all works as expected.
I can even return one Set-Cookie header from the lambda function and it will get passed on until it reaches the browser.
{
"statusCode": 302,
"body": "",
"headers": {
"location": "/test",
"surrogate-control": "no-store",
"cache-control": "no-store, no-cache, must-revalidate, proxy-revalidate",
"pragma": "no-cache",
"expires": "0",
"content-length": "0",
"date": "Fri, 19 Feb 2021 17:25:56 GMT",
"connection": "keep-alive",
"set-cookie": "cookie1=68abcdbefbef7d84c26e68; Max-Age=2592000; Domain=example.com; Path=/; HttpOnly; Secure; SameSite=Strict"
},
"isBase64Encoded": false
}
Adding another one isn't working - as expected when you look at the docs:
https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-lambda-proxy-integrations.html#apigateway-multivalue-headers-and-parameters
https://aws.amazon.com/blogs/compute/support-for-multi-value-parameters-in-amazon-api-gateway/
{
"statusCode": 302,
"headers": {
"location": "/test",
"set-cookie": [
"cookie1=68abcdbefbef7d84c26e68; Max-Age=2592000; Domain=example.com; Path=/; HttpOnly; Secure; SameSite=Strict",
"cookie2-login=; Max-Age=0; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; Secure"
],
"surrogate-control": "no-store",
"cache-control": "no-store, no-cache, must-revalidate, proxy-revalidate",
"pragma": "no-cache",
"expires": "0",
"content-length": "0"
}
}
Both of these will be ignored/removed.
But even when I'm using the multiValueHeaders object to return more than one of the same kind like this:
{
"statusCode": 302,
"body": "",
"headers": {
"location": "/test",
"surrogate-control": "no-store",
"cache-control": "no-store, no-cache, must-revalidate, proxy-revalidate",
"pragma": "no-cache",
"expires": "0",
"content-length": "0",
"date": "Fri, 19 Feb 2021 17:25:56 GMT",
"connection": "keep-alive"
},
"isBase64Encoded": false,
"multiValueHeaders": {
"Set-Cookie": [
"cookie1=68abcdbefbef7d84c26e68; Max-Age=2592000; Domain=example.com; Path=/; HttpOnly; Secure; SameSite=Strict",
"cookie2-login=; Max-Age=0; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; Secure"
]
}
}
the API Gateway removes/ignores them from the response it passes on to CloudFront.
What am I doing wrong?
Do I have to map something in the API Gateway when using the multiValueHeaders?
Normal headers['set-cookie'] is passed on automatically but multiValueHeaders not?
Are the additional attributes a problem?
Is it a problem that I'm trying to set the cookie for the root-domain and not the login.example.com domain?
Not sure how Philipp missed this, as it was on the same page he cited:
To customize the response, your Lambda function should return a response with the following format.
{
"cookies" : ["cookie1", "cookie2"],
"isBase64Encoded": true|false,
"statusCode": httpStatusCode,
"headers": { "headername": "headervalue", ... },
"body": "Hello from Lambda!"
}
So just return cookies: ['name=value', 'name=value']
Source: https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html#http-api-develop-integrations-lambda.v2
Finally found the answer myself: The new payload format (2.0) does not support multiValueHeaders. Working with AWS Lambda proxy integrations for HTTP APIs [...] Format 2.0 doesn't have multiValueHeaders or multiValueQueryStringParameters fields. Duplicate headers are combined with commas and included in the headers field. Duplicate query strings are combined with commas and included in the queryStringParameters field. [...] https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html So I'm rewriting the set-cookie headers to different spellings: Set-cookie sEt-cookie seT-cookie That was the way you had to do it before there were multiValueHeaders - but it seems it is still the only when you're using the new payload format :(
IBM App Connect Enterprise - Aggregate Group Node Results
I'm using the Group Nodes in App Connect ACE 11 to call a service multiple times and trying to aggregate the the responses. Everything works fine and the below is the result of InputRoot.ComIbmGroupCompleteNode.Group.
{
"msg": {
"GroupProperties": {
"GroupId": "010000000000000000000000000000001000000000000000",
"GroupName": "TSTGRP",
"GroupCreationTime": 1593669682652,
"GroupCommitTime": 1593669682707,
"GroupCompleteTime": 1593669682806,
"GroupOutputTime": 1593669682806,
"GroupStatus": "Completed"
},
"Context": {
"HTTP": {
"RequestIdentifier": "45564854000000000e000000db851d0ecc11000000000000"
},
"RouterList": {}
},
"Replies": {
"FLDR": {
"ReplyId": "534f41503000000067e55223146300000400000000000000",
"RequestSendTime": 1593669682674,
"ReplyReceiptTime": 1593669682706,
"Reply": {
"Root": {
"HTTPResponseHeader": {
"X-Original-HTTP-Status-Line": "HTTP/1.1 200 OK",
"X-Original-HTTP-Status-Code": 200,
"Date": "Thu, 02 Jul 2020 06:01:17 GMT",
"Content-Type": "application/json; charset=utf-8",
"Content-Length": "83",
"Connection": "keep-alive",
"Set-Cookie": "__cfduid=dfbd2cc294d944ed4cfdf6b72a343f8dc1593669677; expires=Sat, 01-Aug-20 06:01:17 GMT; path=/; domain=.typicode.com; HttpOnly; SameSite=Lax",
"X-Powered-By": "Express",
"X-Ratelimit-Limit": "10000",
"X-Ratelimit-Remaining": "9999",
"X-Ratelimit-Reset": "1592660247",
"Vary": "Origin, Accept-Encoding",
"Access-Control-Allow-Credentials": "true",
"Cache-Control": "max-age=43200",
"Pragma": "no-cache",
"Expires": "-1",
"X-Content-Type-Options": "nosniff",
"Etag": "W/\"53-hfEnumeNh6YirfjyjaujcOPPT+s\"",
"Via": "1.1 vegur",
"CF-Cache-Status": "HIT",
"Age": "15242",
"Accept-Ranges": "bytes",
"cf-request-id": "03afb689ec00007f11da290200000001",
"Server": "cloudflare",
"CF-RAY": "5ac626bcaa097f11-CMB"
},
"JSON": {
"Data": {
"userId": 1,
"id": 1,
"title": "delectus aut autem",
"completed": false
}
}
}
}
},
"FLDR": {
"ReplyId": "534f415031000000273b5323146300000400000000000000",
"RequestSendTime": 1593669682707,
"ReplyReceiptTime": 1593669682737,
"Reply": {
"Root": {
"HTTPResponseHeader": {
"X-Original-HTTP-Status-Line": "HTTP/1.1 200 OK",
"X-Original-HTTP-Status-Code": 200,
"Date": "Thu, 02 Jul 2020 06:01:17 GMT",
"Content-Type": "application/json; charset=utf-8",
"Content-Length": "99",
"Connection": "keep-alive",
"Set-Cookie": "__cfduid=debd2bf084ee690942fb5d3439e41fa331593669677; expires=Sat, 01-Aug-20 06:01:17 GMT; path=/; domain=.typicode.com; HttpOnly; SameSite=Lax",
"X-Powered-By": "Express",
"X-Ratelimit-Limit": "500",
"X-Ratelimit-Remaining": "497",
"X-Ratelimit-Reset": "1593684076",
"Vary": "Origin, Accept-Encoding",
"Access-Control-Allow-Credentials": "true",
"Cache-Control": "max-age=43200",
"Pragma": "no-cache",
"Expires": "-1",
"X-Content-Type-Options": "nosniff",
"Etag": "W/\"63-+s0zIP5ZEQN9hypVJUneLybJ+L0\"",
"Via": "1.1 vegur",
"CF-Cache-Status": "HIT",
"Age": "8713",
"Accept-Ranges": "bytes",
"cf-request-id": "03afb68a0900007f29ad07c200000001",
"Server": "cloudflare",
"CF-RAY": "5ac626bcdc137f29-CMB"
},
"JSON": {
"Data": {
"userId": 1,
"id": 2,
"title": "quis ut nam facilis et officia qui",
"completed": false
}
}
}
}
},
"FLDR": {
"ReplyId": "534f4150320000000bbb5323146300000400000000000000",
"RequestSendTime": 1593669682707,
"ReplyReceiptTime": 1593669682737,
"Reply": {
"Root": {
"HTTPResponseHeader": {
"X-Original-HTTP-Status-Line": "HTTP/1.1 200 OK",
"X-Original-HTTP-Status-Code": 200,
"Date": "Thu, 02 Jul 2020 06:01:17 GMT",
"Content-Type": "application/json; charset=utf-8",
"Content-Length": "84",
"Connection": "keep-alive",
"Set-Cookie": "__cfduid=dfbd2cc294d944ed4cfdf6b72a343f8dc1593669677; expires=Sat, 01-Aug-20 06:01:17 GMT; path=/; domain=.typicode.com; HttpOnly; SameSite=Lax",
"X-Powered-By": "Express",
"X-Ratelimit-Limit": "500",
"X-Ratelimit-Remaining": "499",
"X-Ratelimit-Reset": "1593684076",
"Vary": "Origin, Accept-Encoding",
"Access-Control-Allow-Credentials": "true",
"Cache-Control": "max-age=43200",
"Pragma": "no-cache",
"Expires": "-1",
"X-Content-Type-Options": "nosniff",
"Etag": "W/\"54-J3JtLgWuXjgj1OZdyAcKAqOaKHo\"",
"Via": "1.1 vegur",
"CF-Cache-Status": "HIT",
"Age": "8713",
"Accept-Ranges": "bytes",
"cf-request-id": "03afb68a0c00007f11da291200000001",
"Server": "cloudflare",
"CF-RAY": "5ac626bcea187f11-CMB"
},
"JSON": {
"Data": {
"userId": 1,
"id": 3,
"title": "fugiat veniam minus",
"completed": false
}
}
}
}
}
}
}
}
My question is how can I access the 3 JSON.Data elements and create a combined response. I know this is not a valid JSON and FLDR is a repeating key. Also this is not an array. How can I access these elements and create a combined response like this?
{
"result1": {
"userId": 1,
"id": 1,
"title": "delectus aut autem",
"completed": false
},
"result2": {
"userId": 1,
"id": 2,
"title": "quis ut nam facilis et officia qui",
"completed": false
},
"result3": {
"userId": 1,
"id": 3,
"title": "fugiat veniam minus",
"completed": false
}
}
Any help would be very much appreciated.
If you have a message tree containing that structure then you can access any part of it - regardless of whether it would be a valid JSON document. Have you tried writing a normal FOR loop in ESQL to iterate over the occurrences of FLDR? Note: this code is completely un-tested and probably contains syntax errors and defects... DECLARE index INTEGER 1; FOR refFLDR AS InputRoot.ComIbmGroupCompleteNode.Group.msg.Replies.FLDR[] DO DECLARE fieldName 'Result' || index; CREATE LASTCHILD OF OutputRoot.JSON.Data TYPE Name NAME fieldName FROM refFLDR; SET index = index + 1; END FOR;
Facebook analytics doesn't recognize platform
I have FB analytics configured for iOS and android app. It does recognize iOS platform when viewing events correctly. But for android it only qualifies it as android about 30% of all.
Here's how those events are shown in FB analytics debugging screen: ('inne wartości' stands for 'other')
I wonder how FB does the recognition? By advertising id? Read docs through but didn't find info about this anywhere.
Here's a FB response that gets recognized as android: (obfuscated few details):
{
"req": {
"method": "POST",
"url": "https://graph.facebook.com/v2.6/000000000/activities",
"data": {
"advertiser_id": "2e9ab235-84c0-4b22-8421-xxxxxxxxxxxxx",
"advertiser_tracking_enabled": 1,
"application_tracking_enabled": 1,
"bundle_id": "com.myapp",
"bundle_short_version": "1.7.0",
"event": "CUSTOM_APP_EVENTS",
"custom_events": [
{
"_appVersion": "1.7.0",
"_eventName": "App Launched",
"_logTime": 1476295031,
"fb_currency": "USD"
}
]
},
"headers": {
"user-agent": "Segment.io/1.0",
"content-type": "application/json"
}
},
"header": {
"access-control-allow-origin": "*",
"pragma": "no-cache",
"cache-control": "private, no-cache, no-store, must-revalidate",
"facebook-api-version": "v2.6",
"expires": "Sat, 01 Jan 2000 00:00:00 GMT",
"content-type": "text/javascript; charset=UTF-8",
"x-fb-trace-id": "BH4kXNYDDL+",
"x-fb-rev": "2617769",
"x-fb-debug": "eNcBCpuFfVirTkclVvZ0WeYh60r+2tBIqg6lKPCrWNtGASVULq6jrVwQxqYulMUyCI3ZaBhZRQ64xdxdXOQg2w==",
"date": "Wed, 12 Oct 2016 17:57:24 GMT",
"connection": "close",
"content-length": "16"
},
"status": 200,
"text": "{\"success\":true}"
}
And this one is not recognized as android:
{
"req": {
"method": "POST",
"url": "https://graph.facebook.com/v2.6/000000000000/activities",
"data": {
"advertiser_id": "88697a4d-f658-41d3-84db-xxxxxxxxxx",
"advertiser_tracking_enabled": 1,
"application_tracking_enabled": 1,
"bundle_id": "com.myapp",
"bundle_short_version": "1.7.0",
"event": "CUSTOM_APP_EVENTS",
"custom_events": [
{
"_appVersion": "1.7.0",
"_eventName": "App Launched",
"_logTime": 1476206487,
"fb_currency": "USD"
}
]
},
"headers": {
"user-agent": "Segment.io/1.0",
"content-type": "application/json"
}
},
"header": {
"access-control-allow-origin": "*",
"pragma": "no-cache",
"cache-control": "private, no-cache, no-store, must-revalidate",
"facebook-api-version": "v2.6",
"expires": "Sat, 01 Jan 2000 00:00:00 GMT",
"content-type": "text/javascript; charset=UTF-8",
"x-fb-trace-id": "AqASb9qsUSx",
"x-fb-rev": "2613995",
"x-fb-debug": "aDLUDoC+7vmlVY28UsEtusYgzdkmxK8qVrn4gCo29ovLw9Us27Gh/Iy1163dfTDF5rKg/JWiv3xsfq3hugijlg==",
"date": "Tue, 11 Oct 2016 17:21:37 GMT",
"connection": "close",
"content-length": "16"
},
"status": 200,
"text": "{\"success\":true}"
}
I can't see any interesting changes that that would point to an android platform.
Update
As advised by Ramkumar, I tried posting events with FB sdk and it indeed worked. I'd really like to keep using segment, so keeping this as solution is not possible in my app.
I wonder what's missing from the params that segment sends to FB. Is this because of session_id which is in there when using FB SDK but is absent in segment request? See gist with dump from adb logcat when using FB SDK
From your post, it looks like you are using segment.io to send events to our servers. If you use the FB SDK to send events you will not see this problem - could you please give that a try?