Step 3 failing

[mkgreco]

Hi,

When I run Step 3 I get the following error:

Error: Domain failed. Please start back at Step 1. {"type":"urn:acme:error:badNonce","detail":"Unable to read/verify body :: JWS has invalid anti-replay nonce","status":400}

The console log shows:

[Error] Failed to load resource: the server responded with a status of 409 (HTTP/2.0 409) (new-reg, line 0)
[Error] Failed to load resource: the server responded with a status of 400 (HTTP/2.0 400) (new-authz, line 0)

console.log(JSON.stringify(ACCOUNT_PUBKEY));
console.log(JSON.stringify(CSR));
console.log(JSON.stringify(DOMAINS));
[Log] undefined
[Log] undefined
[Log] undefined

[diafygi]

Howdy, can you please copy and paste the Step 3 commands and their output into this bug? Thanks!

[diafygi]

Also, can you please paste the CSR you're using into this bug? Thanks!

[wtsarchive]

I have the same issue. My CSR:

-----BEGIN CERTIFICATE REQUEST-----
MIIEmjCCAoICAQAwADCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOl1
ycmpQGp7nE4TRKHbr18ZK395RAZbbBpTumv11939Crb6TsF/kwMC8E+zciqD714f
6vwgP3lHXJUi+agk+wVrVL2aChBzA750QNQKQlHk0fFJ6dsC7B/W+yKzliftHOcv
QZO9WM5mPKRqfqoQNFOQ6LHtkOYHytiDPiM7gGC2XQf4Wpw279TCGpbwk6KpWOD6
s96lbgSYYQXscqC6L7ZXC1Vq22NhC1bUz0/uThC13CpFYipx8cnrWVQnwcfIT+dh
aJ2LXj+eqv74KlJOQGzxfSQ3wskfr+4BAssm31pi3+4s1+dLcn0rLv6qb4WoavJu
e4Zq/PUbNQBnfZnxPxfNJkhjVEBYjPsbvXzEKu99txxbszMfHcNsntJyyK5nA4Rl
GINGG6Dq4T+VhBddGOp8eOwN3EX1CVTwpiuHg5L57aBtg45pzjMZayBZoRsMioBJ
guEzmQP/BPTaGlmsusMPDz2L/cDCFxP6ZIuuQzMuBCwcKy4iQapzu7zcHRorh6TN
/wmRtGBY/Q/CoRg8f77WkqMCejVVeWtap7lheOaODuOcEuwUTGQC1VutZLWb9sJ3
bmr61d9aIhNf8RD6zijJ9XORxNxubdeqAP5eWRvSZ9Nlqsg1NSkW7yvvlS5++Jbr
gL+/VKcVizbdIafqTWQysEDPPJJOUDR2K7L/lJYDAgMBAAGgVTBTBgkqhkiG9w0B
CQ4xRjBEMEIGA1UdEQQ7MDmCDnd0c2FyY2hpdmUuY29tghJ3d3cud3RzYXJjaGl2
ZS5jb22CE2NoYXQud3RzYXJjaGl2ZS5jb20wDQYJKoZIhvcNAQELBQADggIBAFC/
WceSKsL4iQ/mQqDPG57zQZq4I5L39dpp/C7/tgLWEU4bQch9Mj/IlpFsxfuP9wAR
HqAszMgXmNKZrxkydaeuofx1hPX+nz9kz8kBXbgABJI/MlPc+zIrEfOb8anjvYL/
hzKkP+bDoXVinOLwzGRtPZuxBfybXVE4vVe90PPL2by0UaySWmnb3QC9K98CdA8i
lFQXYRtmjGjnoBcMUFRQadE5JO2rRAOVDNdyWDzIA6UYzEGRVOUehnSatEodct4/
LaF2QI9bLMaZAFb+Oy6OXvRpVeZ6FZgAyTXAKhBBrvPTdUZ8IE6koOo6caQQ+myj
cWrZwXBkwPvOilxN9iKWbXNm9QmXt1nvnusAOvykbRR9oLX8tG6haWK+FXxh/Dhj
c6dhrsxOpicWGPBhPk34+hmn3PIr3eUcmn0SXeDaNMVQ/0ORDi6cVEVJk6afJ6Rp
OUF8BV6OYKsAMgb3dE5xzNM46M5f9QZucLf5HRkd1C3F9TH50VGZ2Nmwws7my79B
kqyMHy1zoCSXe+J65CqTDXK9kSf/wYRKzD+xUyXTndD0rh56nvnNykvckyootQXk
48sCTn+xf7e7dlKaIimqaHFRawtUKPdwnOndvSw0C4/HGVZKgws9817J1f2x7U5E
aFbCvSjkiE2aIL46IYv2wCcpmjPXOiQ/SdlMLsU8
-----END CERTIFICATE REQUEST-----

Commands and outputs:
PRIV_KEY=./account.key; echo -n "eyJub25jZSI6IkRFOC13bnBER20tYUhucFphRmoxRkNPUUUwdXQ2TkR6SUs4eXJYMXAxaTAifQ.eyJyZXNvdXJjZSI6Im5ldy1yZWciLCJjb250YWN0IjpbIm1haWx0bzp3dHNhcmNoaXZlQGdtYWlsLmNvbSJdLCJhZ3JlZW1lbnQiOiJodHRwczovL2xldHNlbmNyeXB0Lm9yZy9kb2N1bWVudHMvTEUtU0EtdjEuMC4xLUp1bHktMjctMjAxNS5wZGYifQ" | openssl dgst -sha256 -hex -sign $PRIV_KEY
042956acc07b1e2ed40fc2eb96a720df0d62f6d70e7a3fd47b67a04a21fcc1d60ffc4bbfa101c2efde5c7e04b23702b8b6dceeb1db65fb4efa88631b6aee896e1035c5e71dad066981a2b62f2151e416c3fb699c3919ccaa28848f5ca9e3e236fbf66658b6d39b258bb595d3f6e957ac699abdbc5af782bf7b06eb08f24ffc520ad86d2379a2194ef51966daadbd129d312f3627559138ee0010cb475a43295100a68e3b58e0b162cd19454aa89b3574f16436e8f85d772100d928ecf3d0888460d7e6c0d51b56d04a58c68bc63428db1a0c736d1595c9df3bb3ddcb229831a51ccc4a86e38d72ee5430232f6246456f88775dd0c8ea0a1c5a4f3999861629d50d9494746987248f02cdfbaa07aba7f0fdc4b7626df3ddf921101727fc113dd7ada891dff3c8f12642ec8b54020e75cea77ce427b4d83a529bce59dcee76adb7d5e44a7232d4581a6941820566092d7a5945db9b65198e23e10e3b5a1e28e8a05397ddbd170702b427a806f89d2a3f7c878b3e93d57bbf03813e2f382ded9a57701f70809c1a9f9cd1aef91ec71526a5d3545b106170a2964c0a464763fcaa03db28ed7c841eb935876b68ca6eb29f5f058a8d6f66856efdd8d5d24b00a2698ef8c5c8a470d18fd03eba8fead3dfd555b417d1bfe34ffd87629590619a9e7de3c8e8aae1454b3c8dea0266cadd184a3dcca54a3180a057180dc8baa7b484c23a

PRIV_KEY=./account.key; echo -n "eyJub25jZSI6IkRFOC13bnBER20tYUhucFphRmoxRkNPUUUwdXQ2TkR6SUs4eXJYMXAxaTAifQ.eyJyZXNvdXJjZSI6Im5ldy1hdXRoeiIsImlkZW50aWZpZXIiOnsidHlwZSI6ImRucyIsInZhbHVlIjoid3RzYXJjaGl2ZS5jb20ifX0" | openssl dgst -sha256 -hex -sign $PRIV_KEY
87e6b51b78d6d45fc096f83894d2467e845ebed224ececb9f39064aa1f61770a38f9504347aa41fb9fcbb6fb05118e517cffb244accfa3e032cc76ca78c624a0b1d44bbb4cb6a2c46627a9eb69c30150cddcfe4d519e994dc5d08189ab08f4ce361e7f8212dd8da857155f516ff281eac46a5f5358407219be2f76c7121c2ca724d75cd20dcb4bb20b8830a02e5f48c5a0e183c610585b694dd89ae3f46a5ec5de85436d1c2d68fb05ea7c627ffa24a563fc206c73d8d45e3ec0f63b7fddc8cf5a1512449511055760eca84a54a5c2f76a477044baf6f370283698d7c654d36e99ecdba144c0af86037b643c91bf1da39de007ad79b5c56b7e5fb59709e718e03dee767f932ab2d920bb1b30a1e543ebc851384234b679ab07ac2f132b94351fe48175efa5a19e583d28208f9879773820bfec265981c3d037722dd591fc7f4670446113b31c1a2b5f097bd336bf813cb44c8f1cd32dd45f9baed69e3457147a6faec53a7dd00373d843c77c627b24a71ed902d856fda0298b79423a271bd6ddfda651812ed00a794c031ce0ea3655c5caa382c176c190ed195c54359a1f70240b093eff66353b657a235aeb267d27d8bea188d642e906de4cd50959f0bb56049cff4a5cf22744a645e784d8f3aed6d2edfaeea008ead3903f054a1ec12153830f8989a8bbe88948d11c880e93beac16c8a3e15c467b1b24e4f13016940fd6fc

PRIV_KEY=./account.key; echo -n "eyJub25jZSI6IkRFOC13bnBER20tYUhucFphRmoxRkNPUUUwdXQ2TkR6SUs4eXJYMXAxaTAifQ.eyJyZXNvdXJjZSI6Im5ldy1hdXRoeiIsImlkZW50aWZpZXIiOnsidHlwZSI6ImRucyIsInZhbHVlIjoid3d3Lnd0c2FyY2hpdmUuY29tIn19" | openssl dgst -sha256 -hex -sign $PRIV_KEY
59460ad1f3e0308b7a856722d52aa9e5196b62ccaa9a8a26637ba6c4e27b7802dc709cc2538bff55cf4dca156779c543f62fb4798cebb803ee6ca5c9c0d902116a5599c4f3c2f4e2a2dbb0be21a47962000228ad3394cd7994ddc7e4e7262f4bf40d6f601f7ba099a8af23aa6998b6a44488b2b445d718646bb6048a8baba1698d7288ebb9b304e8aeef0a208b4cc9bb2bc294593595c406d6f34df9e4ffa82791c930fe43f20d1a8d2aff65edd95f2becccba0d2d0ba23e587b43bab92a1b469daec2cc5aa7de15545371671471c867c1677093923ed85dd88474623eedb8427f1362e8f439fb16830c390d6a4ba6855142d58c8ee491f16486bef9c798a2d07cd36599afa39bb558dd433d72c2db50043b90d48c0c470df64d2ebfe2674036def34c2db539051e81c72f3933b015a86a515ca93a2c5ba41d9067ac87bfe0b62333f57e0e8dfa7c129833a956ab503e7a36f3ca158725f04d346ce932d7b1422a6129579c822650e6d30e787c752c7b21114a2501bb1dbc2346ca19facf5bc7236f0c7fca4904ba6fafc188eec40bb347df6acbf3d33347ff5c054d9a1f13ff62a2838501f32982b08162c303b5fa0d1fd3c911fbd25413d2393f08910a7c07450b917611a8ab3a29822860ba80786acddad1c85d78acc1426595a71d8bf4353240e12048d9304b5bfaf5b00422d78b76b9e4c5a6ccb4daa1606effd1eeec66

PRIV_KEY=./account.key; echo -n "eyJub25jZSI6IkRFOC13bnBER20tYUhucFphRmoxRkNPUUUwdXQ2TkR6SUs4eXJYMXAxaTAifQ.eyJyZXNvdXJjZSI6Im5ldy1hdXRoeiIsImlkZW50aWZpZXIiOnsidHlwZSI6ImRucyIsInZhbHVlIjoiY2hhdC53dHNhcmNoaXZlLmNvbSJ9fQ" | openssl dgst -sha256 -hex -sign $PRIV_KEY
7fe8e2a690afd48a3b8ecf77225a5d25c87128705d951bdd90ad27fc848a3838cbd36f901f15e20937e9a358ecc6d2b502bc275fbdb97dcbadf77941b62686024e60a1cb74dec447f479a96f95c9c2fa827acaa333f67443b20cfa3f6e272883b807e70d63d4cb1bff05012272a987db66c143a436603ced07e2c278c75f8deb3aa68d07bce7e3d469605a7dc61aba9a7d914e695fc4c9164f251ae84ae87af6ac8473543aeca77df11fb855c675ee738fce6afd2d7f60e8935a2d30e2f1868db60fe65149fa42f5a41220ba116648e78e0cda35f41bb97a93ecc176b15997541ac7bdef0dba27e527e151ae30eb4fe2c7c11f03de33307f3b11c5d0db504bcb8e82fc46349972d783a9b14b493a7ed32f48ea163040fc7e7375db81cf4df4a977ffc6de89eae7f63cc2b855ef914da3363e7164edf0ad74e7a258b23fc858e576cdd65303c27057e255173ee76173ea016a03a926e4316c121707a25ccbd5f73c045a5290dce3caa2be4fbd145f08f3146745642f4604b88c18cde4504263f4f429c3ed1564150c068ceab05d42cc4dc10da6435a213836269f621fca286c57b0bc2bf3e372a7ef943c864290b6faf4de18c8bb5c008fe3b8aca55068ae7208b7b0b5a88a58ddf7ef02625b731f51a4db267c302087d3bf063eb678303e46f22183a94de909439cd6f92be35ead22f8dbe96b2bb60955f58a892def5e071375

PRIV_KEY=./account.key; echo -n "eyJub25jZSI6IkRFOC13bnBER20tYUhucFphRmoxRkNPUUUwdXQ2TkR6SUs4eXJYMXAxaTAifQ.eyJyZXNvdXJjZSI6Im5ldy1jZXJ0IiwiY3NyIjoiTUlJRW1qQ0NBb0lDQVFBd0FEQ0NBaUl3RFFZSktvWklodmNOQVFFQkJRQURnZ0lQQURDQ0Fnb0NnZ0lCQU9sMXljbXBRR3A3bkU0VFJLSGJyMThaSzM5NVJBWmJiQnBUdW12MTE5MzlDcmI2VHNGX2t3TUM4RS16Y2lxRDcxNGY2dndnUDNsSFhKVWktYWdrLXdWclZMMmFDaEJ6QTc1MFFOUUtRbEhrMGZGSjZkc0M3Ql9XLXlLemxpZnRIT2N2UVpPOVdNNW1QS1JxZnFvUU5GT1E2TEh0a09ZSHl0aURQaU03Z0dDMlhRZjRXcHcyNzlUQ0dwYndrNktwV09ENnM5NmxiZ1NZWVFYc2NxQzZMN1pYQzFWcTIyTmhDMWJVejBfdVRoQzEzQ3BGWWlweDhjbnJXVlFud2NmSVQtZGhhSjJMWGotZXF2NzRLbEpPUUd6eGZTUTN3c2tmci00QkFzc20zMXBpMy00czEtZExjbjByTHY2cWI0V29hdkp1ZTRacV9QVWJOUUJuZlpueFB4Zk5Ka2hqVkVCWWpQc2J2WHpFS3U5OXR4eGJzek1mSGNOc250Snl5SzVuQTRSbEdJTkdHNkRxNFQtVmhCZGRHT3A4ZU93TjNFWDFDVlR3cGl1SGc1TDU3YUJ0ZzQ1cHpqTVpheUJab1JzTWlvQkpndUV6bVFQX0JQVGFHbG1zdXNNUER6MkxfY0RDRnhQNlpJdXVRek11QkN3Y0t5NGlRYXB6dTd6Y0hSb3JoNlROX3dtUnRHQllfUV9Db1JnOGY3N1drcU1DZWpWVmVXdGFwN2xoZU9hT0R1T2NFdXdVVEdRQzFWdXRaTFdiOXNKM2JtcjYxZDlhSWhOZjhSRDZ6aWpKOVhPUnhOeHViZGVxQVA1ZVdSdlNaOU5scXNnMU5Ta1c3eXZ2bFM1LS1KYnJnTC1fVktjVml6YmRJYWZxVFdReXNFRFBQSkpPVURSMks3TF9sSllEQWdNQkFBR2dWVEJUQmdrcWhraUc5dzBCQ1E0eFJqQkVNRUlHQTFVZEVRUTdNRG1DRG5kMGMyRnlZMmhwZG1VdVkyOXRnaEozZDNjdWQzUnpZWEpqYUdsMlpTNWpiMjJDRTJOb1lYUXVkM1J6WVhKamFHbDJaUzVqYjIwd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dJQkFGQ19XY2VTS3NMNGlRX21RcURQRzU3elFacTRJNUwzOWRwcF9DN190Z0xXRVU0YlFjaDlNal9JbHBGc3hmdVA5d0FSSHFBc3pNZ1htTktacnhreWRhZXVvZngxaFBYLW56OWt6OGtCWGJnQUJKSV9NbFBjLXpJckVmT2I4YW5qdllMX2h6S2tQLWJEb1hWaW5PTHd6R1J0UFp1eEJmeWJYVkU0dlZlOTBQUEwyYnkwVWF5U1dtbmIzUUM5Szk4Q2RBOGlsRlFYWVJ0bWpHam5vQmNNVUZSUWFkRTVKTzJyUkFPVkROZHlXRHpJQTZVWXpFR1JWT1VlaG5TYXRFb2RjdDRfTGFGMlFJOWJMTWFaQUZiLU95Nk9YdlJwVmVaNkZaZ0F5VFhBS2hCQnJ2UFRkVVo4SUU2a29PbzZjYVFRLW15amNXclp3WEJrd1B2T2lseE45aUtXYlhObTlRbVh0MW52bnVzQU92eWtiUlI5b0xYOHRHNmhhV0stRlh4aF9EaGpjNmRocnN4T3BpY1dHUEJoUGszNC1obW4zUElyM2VVY21uMFNYZURhTk1WUV8wT1JEaTZjVkVWSms2YWZKNlJwT1VGOEJWNk9ZS3NBTWdiM2RFNXh6Tk00Nk01ZjlRWnVjTGY1SFJrZDFDM0Y5VEg1MFZHWjJObXd3czdteTc5QmtxeU1IeTF6b0NTWGUtSjY1Q3FURFhLOWtTZl93WVJLekQteFV5WFRuZEQwcmg1Nm52bk55a3Zja3lvb3RRWGs0OHNDVG4teGY3ZTdkbEthSWltcWFIRlJhd3RVS1Bkd25PbmR2U3cwQzRfSEdWWktnd3M5ODE3SjFmMng3VTVFYUZiQ3ZTamtpRTJhSUw0NklZdjJ3Q2NwbWpQWE9pUV9TZGxNTHNVOCJ9" | openssl dgst -sha256 -hex -sign $PRIV_KEY
ac7f6c96ada7d6f3a7183c461728f399fa4d83216c951ef972dae69e5c06d6be1ecba5af30f26159de9e96df8e8c6e410fdbbab685889cd0720268ce6188c0f5254a860aaf87f18a1a7ab6972043bca4194b6236c026177bd04774c6429269f2ad75c01a02afec2e1e51c4f59b1bfc5076ed271d022e3b4dccfc489f58ea1d0ccc59ccdc03798119b4b4c90e781a1b3305512e788227d084db5a1a9cb3d0604af70d70dc307b47f8b4a4cc4c54a8a65c5dd8a2cfddd41633391a9be419cd235ca239dae8a2ef65f3aced02c7b42a084ef5f9c8e7a7e10ca175396ca61ef4937a553339c0612d05d13dc8dae5a7b5395b83a99bb6d4f13ccfb937d8b4ac16b092c8dbc0dad5065e6bcc8154f9466850b5aaa36aa24bf8d9b813082288540fc3e8bf56395f5d793c8a65ebd4f1f5dc517f063b6f125a3e7d723d891496438cca25fb72a91eaf2f3e46f3dec8a1d6146ecd5f9fc9d3b8c3810871584f81738cce6960887011a0da479f2bd8662933072a7873d4615d4a1eff26eb1d374b24b7f71ac073b331a50d5447bd71571c67f60c86b27d69b56026f02ca59f271a505a59d199cb07897f23401a8ae87a528af1e7af566169ee0992cfb1e3bf49616060c01c1d0136c2940596acbd6f15259de115e185c055615b3b294aed352dbc7fe55da70b77a0e2a747c48683f37f10ead58162e985895bfc94003374b96835e163d86e

[diafygi]

Howdy, you have the same nonce for all of these, so I think your browser is aggressively caching the requests for the anti-replay nonces. I just added a cachebuster to fix this. Can you please refresh and try again?

[wtsarchive]

@diafygi Yes, it works now! Thanks.

[licaon-kter]

Here at steps 3 it yields:
Error: Account registration failed. Please start back at Step 1. {"type":"urn:acme:error:malformed","detail":"Unable to read/verify body :: JWS verification error","status":400}

Console says:
POST XHR https://acme-v01.api.letsencrypt.org/acme/new-reg [HTTP/2.0 400 Bad Request 208ms]

/LE: NVM, works under a clean profile browser now.