LE renew of cert including alternate fails
Issue #734
new
Hi. Thought you might want to know.
mail.cloudnine.net.nz is the common name domain.
poste.cloudnine.net.nz is the only thing in alternate domains. If I remove it, the renew works.
--
Here’s a dump of the error:
There was error when issuing new Let's encrypt certificate
[2020-02-11 18:34:44] LEScript.INFO: Getting list of URLs for API
[2020-02-11 18:34:44] LEScript.INFO: Requesting new nonce for client communication
[2020-02-11 18:34:45] LEScript.INFO: Account already registered. Continuing.
[2020-02-11 18:34:45] LEScript.INFO: Sending registration to letsencrypt server
[2020-02-11 18:34:45] LEScript.INFO: Sending signed request to https://acme-v02.api.letsencrypt.org/acme/new-acct
[2020-02-11 18:34:46] LEScript.INFO: Account: https://acme-v02.api.letsencrypt.org/acme/acct/66556957
[2020-02-11 18:34:46] LEScript.INFO: Starting certificate generation process for domains
[2020-02-11 18:34:46] LEScript.INFO: Requesting challenge for mail.cloudnine.net.nz, poste.cloudnine.net.nz
[2020-02-11 18:34:46] LEScript.INFO: Sending signed request to https://acme-v02.api.letsencrypt.org/acme/new-order
[2020-02-11 18:34:46] LEScript.INFO: Sending signed request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/2720177349
[2020-02-11 18:34:47] LEScript.INFO: Got challenge token for mail.cloudnine.net.nz
[2020-02-11 18:34:47] LEScript.INFO: Token for mail.cloudnine.net.nz saved at /opt/www//.well-known/acme-challenge/bZcrGihPG9Xh9NJwOVGz6ENv5vQqd56p5s485vb-1ec and should be available at http://mail.cloudnine.net.nz/.well-known/acme-challenge/bZcrGihPG9Xh9NJwOVGz6ENv5vQqd56p5s485vb-1ec
[2020-02-11 18:34:47] LEScript.INFO: Sending request to challenge
[2020-02-11 18:34:47] LEScript.INFO: Sending signed request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/2720177349/tSnu_A
[2020-02-11 18:34:48] LEScript.INFO: Verification ended with status: valid
[2020-02-11 18:34:48] LEScript.INFO: Sending signed request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/2755610005
[2020-02-11 18:34:49] LEScript.INFO: Got challenge token for poste.cloudnine.net.nz
[2020-02-11 18:34:49] LEScript.INFO: Token for poste.cloudnine.net.nz saved at /opt/www//.well-known/acme-challenge/H_3BQo3kmm4I7gMyntIdvkXxFP8pk6T4qU0KBI4kQx8 and should be available at http://poste.cloudnine.net.nz/.well-known/acme-challenge/H_3BQo3kmm4I7gMyntIdvkXxFP8pk6T4qU0KBI4kQx8
[2020-02-11 18:34:49] LEScript.INFO: Sending request to challenge
[2020-02-11 18:34:49] LEScript.INFO: Sending signed request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/2755610005/n6INLA
[2020-02-11 18:34:49] LEScript.INFO: Verification pending, sleeping 1s
[2020-02-11 18:34:50] LEScript.INFO: Sending signed request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/2755610005/n6INLA
[2020-02-11 18:34:51] LEScript.INFO: Verification pending, sleeping 1s
[2020-02-11 18:34:52] LEScript.INFO: Sending signed request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/2755610005/n6INLA
[2020-02-11 18:34:53] LEScript.ERROR: 400 { "type": "urn:ietf:params:acme:error:malformed", "detail": "Unable to update challenge :: authorization must be pending", "status": 400 }
[2020-02-11 18:34:53] LEScript.ERROR: #0 /opt/admin/vendor/analogic/lescript/Lescript.php(544): Analogic\ACME\Client->curl('POST', 'https://acme-v0...', '{"protected":"e...')
[2020-02-11 18:34:53] LEScript.ERROR: #1 /opt/admin/vendor/analogic/lescript/Lescript.php(422): Analogic\ACME\Client->post('https://acme-v0...', '{"protected":"e...')
[2020-02-11 18:34:53] LEScript.ERROR: #2 /opt/admin/vendor/analogic/lescript/Lescript.php(165): Analogic\ACME\Lescript->signedRequest('https://acme-v0...', Array)
[2020-02-11 18:34:53] LEScript.ERROR: #3 /opt/admin/src/AppBundle/Handler/LeHandler.php(62): Analogic\ACME\Lescript->signDomains(Array)
[2020-02-11 18:34:53] LEScript.ERROR: #4 /opt/admin/src/AppBundle/Controller/LeController.php(71): AppBundle\Handler\LeHandler->renew(true)
[2020-02-11 18:34:53] LEScript.ERROR: #5 /opt/admin/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpKernel.php(151): AppBundle\Controller\LeController->issueAction(Object(Symfony\Component\HttpFoundation\Request))
[2020-02-11 18:34:53] LEScript.ERROR: #6 /opt/admin/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpKernel.php(68): Symfony\Component\HttpKernel\HttpKernel->handleRaw(Object(Symfony\Component\HttpFoundation\Request), 1)
[2020-02-11 18:34:53] LEScript.ERROR: #7 /opt/admin/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/Kernel.php(200): Symfony\Component\HttpKernel\HttpKernel->handle(Object(Symfony\Component\HttpFoundation\Request), 1, true)
[2020-02-11 18:34:53] LEScript.ERROR: #8 /opt/admin/web/app.php(16): Symfony\Component\HttpKernel\Kernel->handle(Object(Symfony\Component\HttpFoundation\Request))
[2020-02-11 18:34:53] LEScript.ERROR: #9 {main}
Comments (2)
-
repo owner
-
reporter
I checked it at the time, yes.
- Log in to comment
Are you sure that token was available at exact location as log says?