Unhandled error on dns-01 challenge

[briceburg]

I'm using simp_le via the https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion to automatically give SSL to our https containers. This has worked fine until now.

From what I can tell, letsencrypt is responding with a 'dns-01' challenge, which simp_le is blowing up on. I believe it previously received a 'http-01' challenge as expected. I'm not sure what changed -- but is there a way to force a http-01 challenge? or to continue gracefully after receiving dns-01 and ask for a http-01 challenge?

I'll attach the full output of our container. The first line contains flags passed to the simp_le client.

2016-06-07 20:18:22,716:DEBUG:simp_le:1371: ['-f', 'account_key.json', '-f', 'key.pem', '-f', 'fullchain.pem', '-f', 'cert.pem', '-v', '-d', 'AAA.qa-1.blueacorn.net', '--email', 'devops+ssl@blueacorn.com', '--server=https://acme-v01.api.letsencrypt.org/directory', '--default_root', '/usr/share/nginx/html/'] parsed as Namespace(account_key_public_exponent=65537, account_key_size=4096, cert_key_size=4096, default_root='/usr/share/nginx/html/', email='devops+ssl@blueacorn.com', help=False, integration_test=False, ioplugins=['account_key.json', 'key.pem', 'fullchain.pem', 'cert.pem'], reuse_key=False, revoke=False, server='https://acme-v01.api.letsencrypt.org/directory', test=False, tos_sha256='33d233c8ab558ba6c8ebc370a509acdded8b80e5d587aa5d192193f35226540f', user_agent='simp_le/0', valid_min=2592000, verbose=True, version=False, vhosts=[Vhost(name='AAA.qa-1.blueacorn.net', root=None)])

towards the end we see the error:

machine-nginx-letsencrypt | 2016-06-07 20:18:26,773:DEBUG:acme.challenges:34: dns-01 was not recognized, full message: {u'status': u'pending', u'token': u'FyfOt3Q911U3IzBaFZ6HiWEsF0eQLNBJULg-cybGbHE', u'type': u'dns-01', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/oWaWiODe0SFi9uY9b8QpfaE6RumZAm2q-DlhN1nSfdE/114061731'}

below is the full output:

2016-06-07 20:18:22,716:DEBUG:simp_le:1371: ['-f', 'account_key.json', '-f', 'key.pem', '-f', 'fullchain.pem', '-f', 'cert.pem', '-v', '-d', 'AAA.qa-1.blueacorn.net', '--email', 'devops+ssl@blueacorn.com', '--server=https://acme-v01.api.letsencrypt.org/directory', '--default_root', '/usr/share/nginx/html/'] parsed as Namespace(account_key_public_exponent=65537, account_key_size=4096, cert_key_size=4096, default_root='/usr/share/nginx/html/', email='devops+ssl@blueacorn.com', help=False, integration_test=False, ioplugins=['account_key.json', 'key.pem', 'fullchain.pem', 'cert.pem'], reuse_key=False, revoke=False, server='https://acme-v01.api.letsencrypt.org/directory', test=False, tos_sha256='33d233c8ab558ba6c8ebc370a509acdded8b80e5d587aa5d192193f35226540f', user_agent='simp_le/0', valid_min=2592000, verbose=True, version=False, vhosts=[Vhost(name='AAA.qa-1.blueacorn.net', root=None)])
machine-nginx-letsencrypt | 2016-06-07 20:18:22,717:DEBUG:simp_le:367: Loading account_key.json
machine-nginx-letsencrypt | 2016-06-07 20:18:22,717:DEBUG:simp_le:367: Loading key.pem
machine-nginx-letsencrypt | 2016-06-07 20:18:22,717:DEBUG:simp_le:367: Loading fullchain.pem
machine-nginx-letsencrypt | 2016-06-07 20:18:22,717:DEBUG:simp_le:367: Loading cert.pem
machine-nginx-letsencrypt | 2016-06-07 20:18:22,717:DEBUG:simp_le:1280: Computed roots: {'AAA.qa-1.blueacorn.net': '/usr/share/nginx/html/'}
machine-nginx-letsencrypt | 2016-06-07 20:18:22,717:INFO:simp_le:1211: Generating new account key
machine-nginx-letsencrypt | 2016-06-07 20:18:23,679:DEBUG:root:605: Sending GET request to https://acme-v01.api.letsencrypt.org/directory. args: (), kwargs: {}
machine-nginx-letsencrypt | 2016-06-07 20:18:23,683:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
machine-nginx-letsencrypt | 2016-06-07 20:18:23,949:DEBUG:requests.packages.urllib3.connectionpool:387: "GET /directory HTTP/1.1" 200 280
machine-nginx-letsencrypt | 2016-06-07 20:18:23,952:DEBUG:root:611: Received <Response [200]>. Headers: {'Content-Length': '280', 'Expires': 'Tue, 07 Jun 2016 20:16:48 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Tue, 07 Jun 2016 20:16:48 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': '5o6YG0PcrI0Be5LqYWnThivGyrVr3NCys5CrCmQqc_Q'}. Content: '{\n  "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",\n  "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",\n  "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",\n  "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"\n}'
machine-nginx-letsencrypt | 2016-06-07 20:18:23,953:DEBUG:acme.client:551: Received response <Response [200]> (headers: {'Content-Length': '280', 'Expires': 'Tue, 07 Jun 2016 20:16:48 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Tue, 07 Jun 2016 20:16:48 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': '5o6YG0PcrI0Be5LqYWnThivGyrVr3NCys5CrCmQqc_Q'}): '{\n  "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",\n  "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",\n  "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",\n  "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"\n}'
machine-nginx-letsencrypt | 2016-06-07 20:18:23,953:DEBUG:root:643: Requesting fresh nonce
machine-nginx-letsencrypt | 2016-06-07 20:18:23,953:DEBUG:root:605: Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-reg. args: (), kwargs: {}
machine-nginx-letsencrypt | 2016-06-07 20:18:23,955:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
machine-nginx-letsencrypt | 2016-06-07 20:18:24,250:DEBUG:requests.packages.urllib3.connectionpool:387: "HEAD /acme/new-reg HTTP/1.1" 405 0
machine-nginx-letsencrypt | 2016-06-07 20:18:24,253:DEBUG:root:611: Received <Response [405]>. Headers: {'Content-Length': '91', 'Pragma': 'no-cache', 'Expires': 'Tue, 07 Jun 2016 20:16:48 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'Allow': 'POST', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Tue, 07 Jun 2016 20:16:48 GMT', 'Content-Type': 'application/problem+json', 'Replay-Nonce': 'hF6JGzEFAXxeZM306ZukruFAjpVp5R9jnBispaFh288'}. Content: ''
machine-nginx-letsencrypt | 2016-06-07 20:18:24,253:DEBUG:acme.client:636: Storing nonce: '\x84^\x89\x1b1\x05\x01|^d\xcd\xf4\xe9\x9b\xa4\xae\xe1@\x8e\x95i\xe5\x1fc\x9c\x18\xac\xa5\xa1a\xdb\xcf'
machine-nginx-letsencrypt | 2016-06-07 20:18:24,254:DEBUG:acme.jose.json_util:259: Omitted empty fields: certificates=None, key=None, agreement=None, authorizations=None
machine-nginx-letsencrypt | 2016-06-07 20:18:24,254:DEBUG:acme.client:527: Serialized JSON: {"contact": ["mailto:devops+ssl@blueacorn.com"], "resource": "new-reg"}
machine-nginx-letsencrypt | 2016-06-07 20:18:24,259:DEBUG:acme.jose.json_util:259: Omitted empty fields: x5c=(), jku=None, x5t=None, x5tS256=None, alg=None, typ=None, jwk=None, crit=(), x5u=None, kid=None, cty=None
machine-nginx-letsencrypt | 2016-06-07 20:18:24,280:DEBUG:acme.jose.json_util:259: Omitted empty fields: x5c=(), jku=None, nonce=None, x5tS256=None, crit=(), x5t=None, typ=None, x5u=None, kid=None, cty=None
machine-nginx-letsencrypt | 2016-06-07 20:18:24,280:DEBUG:root:605: Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-reg. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "x0-YLfJ5ckH8msE5Q9etNCEsOPD30jFwu1PEt3Civm-57IrNp5HwJ7wUlonsQ89rfHCVuKvtvNqiWeyg4usPj7nCx9lz5JOJkt3eeJrER0lVExe6HajbE-Scr54ROrO_W3OHnmJg1jUyxKcNqOTsn3cPVB7GWK7KjlSqM5BVGN5FUzrA5ffT16zeNb1KbtyVFqfQ9CeZ9mWGhptDByjsG7QlMTWzbkRbrPRBprjnbKTc8hBYUk_HzuJIXMeRVEa6doXgPTCqRXwv6t44Bl5DaHTCe3X-rRlOnq_px4T3cg1tUEhfEzxEpbszIaxZQJt-T6T_aSctjsjXCQiwcDiVbCSHdjUkYDvE-VC-h5rXg70CymmveVJT649NKfRTV_KlEATRInoRBj1LcNNEZP85ilH4Yqlb_Wpu8FCnmzWGO7M4GKYYTlup1Eyo7EHvlEDu0VpWa-U_eUF7Tq7YaQmf24WCexXd2NqEOCMu6ox5jVmf8Zj_mlHzTM4nMHY5mGX3c2ip8lFOB2Kyo0h0LJ6egbGWHDotz1m8l5DXGN9Zbvy58GxTs17Xy-T7f70fqbvEvfugzbpsCatnp-eWPhs5WqAg9bje2WSVm02VH-bB2fPwxcg6twS5yID9Jez_3wrDow-Y76J8EYCcgZN9X1_d9GdiqojbmP75PEVwlqTX_l8"}}, "protected": "eyJub25jZSI6ICJoRjZKR3pFRkFYeGVaTTMwNlp1a3J1RkFqcFZwNVI5am5CaXNwYUZoMjg4In0", "payload": "eyJjb250YWN0IjogWyJtYWlsdG86ZGV2b3BzK3NzbEBibHVlYWNvcm4uY29tIl0sICJyZXNvdXJjZSI6ICJuZXctcmVnIn0", "signature": "RiOPO7UVaatmbx_K70IXglOG_iOgXCOipMlb8Ekm8ApIcmGVBTR2OMY2cnoxrvJZ7rQOc6bFHmf-8EgrU5LaxWudapo-KrhXnSRYxpCbQBlm3vShfh9ayh0qo79FAynYNj1GsClb5cvZrPWUGqcAR16zQGn0XeWzi4Mlm7ZgJmDKptzUq8lC3D0EMKRFKgBLfBaTLRU7hoFihT4-iCwUSjYgEKHJws3zXInFUbkcTEn7KEZS4FNA9XA8IFhCVGIy-vL6zKLOuocyZ3Pa_ZdtQrdQz9vOYDFsbDFk1huRYKCB38CEB6v1gTLD_JXAXHWlXT7Z6Tjct-eYovEKsXJV1emvMSJSIRccLy8kEp7Idw-GTW4IDWPLJqFvolp4OPprhlkBfNUbyCaHnsvq23hODT1Ec9JN9RAziBmOpcKg-zCua6W9GZ7bwgboSr1V8Xf1543O6ckNxfie98AaPrJxkHPtSDR4wIA-WGTI0sPk5GJCos1PngmLeLCfCTWyoCWMzfFfV9yO-Us7009wgrMABEDELi5hdBfjIKWiGcMwqf1grXHDNrm8Qu0EEB37vo37_t7gbIPsEWSWkH0VkxZtn76-WHdGXLaTqU3tQH-6VVUFg8RhwPwyMGdG4cUd6iB4DdN3GcxZ-obLbawDLtJCKvqoSpIg09sp9eTdw8zU2Zg"}'}
machine-nginx-letsencrypt | 2016-06-07 20:18:24,282:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
machine-nginx-letsencrypt | 2016-06-07 20:18:24,743:DEBUG:requests.packages.urllib3.connectionpool:387: "POST /acme/new-reg HTTP/1.1" 201 904
machine-nginx-letsencrypt | 2016-06-07 20:18:24,747:DEBUG:root:611: Received <Response [201]>. Headers: {'Content-Length': '904', 'Expires': 'Tue, 07 Jun 2016 20:16:49 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-authz>;rel="next", <https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf>;rel="terms-of-service"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/reg/2106899', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Tue, 07 Jun 2016 20:16:49 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'bXhrZaZHN_JILFgzaNFWF_JRgkPW7VTndJLFtbR7hN0'}. Content: '{\n  "id": 2106899,\n  "key": {\n    "kty": "RSA",\n    "n": "x0-YLfJ5ckH8msE5Q9etNCEsOPD30jFwu1PEt3Civm-57IrNp5HwJ7wUlonsQ89rfHCVuKvtvNqiWeyg4usPj7nCx9lz5JOJkt3eeJrER0lVExe6HajbE-Scr54ROrO_W3OHnmJg1jUyxKcNqOTsn3cPVB7GWK7KjlSqM5BVGN5FUzrA5ffT16zeNb1KbtyVFqfQ9CeZ9mWGhptDByjsG7QlMTWzbkRbrPRBprjnbKTc8hBYUk_HzuJIXMeRVEa6doXgPTCqRXwv6t44Bl5DaHTCe3X-rRlOnq_px4T3cg1tUEhfEzxEpbszIaxZQJt-T6T_aSctjsjXCQiwcDiVbCSHdjUkYDvE-VC-h5rXg70CymmveVJT649NKfRTV_KlEATRInoRBj1LcNNEZP85ilH4Yqlb_Wpu8FCnmzWGO7M4GKYYTlup1Eyo7EHvlEDu0VpWa-U_eUF7Tq7YaQmf24WCexXd2NqEOCMu6ox5jVmf8Zj_mlHzTM4nMHY5mGX3c2ip8lFOB2Kyo0h0LJ6egbGWHDotz1m8l5DXGN9Zbvy58GxTs17Xy-T7f70fqbvEvfugzbpsCatnp-eWPhs5WqAg9bje2WSVm02VH-bB2fPwxcg6twS5yID9Jez_3wrDow-Y76J8EYCcgZN9X1_d9GdiqojbmP75PEVwlqTX_l8",\n    "e": "AQAB"\n  },\n  "contact": [\n    "mailto:devops+ssl@blueacorn.com"\n  ],\n  "initialIp": "66.49.116.181",\n  "createdAt": "2016-06-07T20:16:49.054933433Z"\n}'
machine-nginx-letsencrypt | 2016-06-07 20:18:24,747:DEBUG:acme.client:636: Storing nonce: 'mxke\xa6G7\xf2H,X3h\xd1V\x17\xf2Q\x82C\xd6\xedT\xe7t\x92\xc5\xb5\xb4{\x84\xdd'
machine-nginx-letsencrypt | 2016-06-07 20:18:24,747:DEBUG:acme.client:551: Received response <Response [201]> (headers: {'Content-Length': '904', 'Expires': 'Tue, 07 Jun 2016 20:16:49 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-authz>;rel="next", <https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf>;rel="terms-of-service"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/reg/2106899', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Tue, 07 Jun 2016 20:16:49 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'bXhrZaZHN_JILFgzaNFWF_JRgkPW7VTndJLFtbR7hN0'}): '{\n  "id": 2106899,\n  "key": {\n    "kty": "RSA",\n    "n": "x0-YLfJ5ckH8msE5Q9etNCEsOPD30jFwu1PEt3Civm-57IrNp5HwJ7wUlonsQ89rfHCVuKvtvNqiWeyg4usPj7nCx9lz5JOJkt3eeJrER0lVExe6HajbE-Scr54ROrO_W3OHnmJg1jUyxKcNqOTsn3cPVB7GWK7KjlSqM5BVGN5FUzrA5ffT16zeNb1KbtyVFqfQ9CeZ9mWGhptDByjsG7QlMTWzbkRbrPRBprjnbKTc8hBYUk_HzuJIXMeRVEa6doXgPTCqRXwv6t44Bl5DaHTCe3X-rRlOnq_px4T3cg1tUEhfEzxEpbszIaxZQJt-T6T_aSctjsjXCQiwcDiVbCSHdjUkYDvE-VC-h5rXg70CymmveVJT649NKfRTV_KlEATRInoRBj1LcNNEZP85ilH4Yqlb_Wpu8FCnmzWGO7M4GKYYTlup1Eyo7EHvlEDu0VpWa-U_eUF7Tq7YaQmf24WCexXd2NqEOCMu6ox5jVmf8Zj_mlHzTM4nMHY5mGX3c2ip8lFOB2Kyo0h0LJ6egbGWHDotz1m8l5DXGN9Zbvy58GxTs17Xy-T7f70fqbvEvfugzbpsCatnp-eWPhs5WqAg9bje2WSVm02VH-bB2fPwxcg6twS5yID9Jez_3wrDow-Y76J8EYCcgZN9X1_d9GdiqojbmP75PEVwlqTX_l8",\n    "e": "AQAB"\n  },\n  "contact": [\n    "mailto:devops+ssl@blueacorn.com"\n  ],\n  "initialIp": "66.49.116.181",\n  "createdAt": "2016-06-07T20:16:49.054933433Z"\n}'
machine-nginx-letsencrypt | 2016-06-07 20:18:24,755:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): letsencrypt.org
machine-nginx-letsencrypt | 2016-06-07 20:18:24,968:DEBUG:requests.packages.urllib3.connectionpool:387: "GET /documents/LE-SA-v1.0.1-July-27-2015.pdf HTTP/1.1" 200 126016
machine-nginx-letsencrypt | 2016-06-07 20:18:25,307:DEBUG:simp_le:1237: TOS hash: 33d233c8ab558ba6c8ebc370a509acdded8b80e5d587aa5d192193f35226540f
machine-nginx-letsencrypt | 2016-06-07 20:18:25,308:DEBUG:acme.jose.json_util:259: Omitted empty fields: certificates=None, authorizations=None
machine-nginx-letsencrypt | 2016-06-07 20:18:25,308:DEBUG:acme.client:527: Serialized JSON: {"contact": ["mailto:devops+ssl@blueacorn.com"], "resource": "reg", "agreement": "https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf", "key": {"e": "AQAB", "kty": "RSA", "n": "x0-YLfJ5ckH8msE5Q9etNCEsOPD30jFwu1PEt3Civm-57IrNp5HwJ7wUlonsQ89rfHCVuKvtvNqiWeyg4usPj7nCx9lz5JOJkt3eeJrER0lVExe6HajbE-Scr54ROrO_W3OHnmJg1jUyxKcNqOTsn3cPVB7GWK7KjlSqM5BVGN5FUzrA5ffT16zeNb1KbtyVFqfQ9CeZ9mWGhptDByjsG7QlMTWzbkRbrPRBprjnbKTc8hBYUk_HzuJIXMeRVEa6doXgPTCqRXwv6t44Bl5DaHTCe3X-rRlOnq_px4T3cg1tUEhfEzxEpbszIaxZQJt-T6T_aSctjsjXCQiwcDiVbCSHdjUkYDvE-VC-h5rXg70CymmveVJT649NKfRTV_KlEATRInoRBj1LcNNEZP85ilH4Yqlb_Wpu8FCnmzWGO7M4GKYYTlup1Eyo7EHvlEDu0VpWa-U_eUF7Tq7YaQmf24WCexXd2NqEOCMu6ox5jVmf8Zj_mlHzTM4nMHY5mGX3c2ip8lFOB2Kyo0h0LJ6egbGWHDotz1m8l5DXGN9Zbvy58GxTs17Xy-T7f70fqbvEvfugzbpsCatnp-eWPhs5WqAg9bje2WSVm02VH-bB2fPwxcg6twS5yID9Jez_3wrDow-Y76J8EYCcgZN9X1_d9GdiqojbmP75PEVwlqTX_l8"}}
machine-nginx-letsencrypt | 2016-06-07 20:18:25,310:DEBUG:acme.jose.json_util:259: Omitted empty fields: x5c=(), jku=None, x5t=None, x5tS256=None, alg=None, typ=None, jwk=None, crit=(), x5u=None, kid=None, cty=None
machine-nginx-letsencrypt | 2016-06-07 20:18:25,320:DEBUG:acme.jose.json_util:259: Omitted empty fields: x5c=(), jku=None, nonce=None, x5tS256=None, crit=(), x5t=None, typ=None, x5u=None, kid=None, cty=None
machine-nginx-letsencrypt | 2016-06-07 20:18:25,320:DEBUG:root:605: Sending POST request to https://acme-v01.api.letsencrypt.org/acme/reg/2106899. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "x0-YLfJ5ckH8msE5Q9etNCEsOPD30jFwu1PEt3Civm-57IrNp5HwJ7wUlonsQ89rfHCVuKvtvNqiWeyg4usPj7nCx9lz5JOJkt3eeJrER0lVExe6HajbE-Scr54ROrO_W3OHnmJg1jUyxKcNqOTsn3cPVB7GWK7KjlSqM5BVGN5FUzrA5ffT16zeNb1KbtyVFqfQ9CeZ9mWGhptDByjsG7QlMTWzbkRbrPRBprjnbKTc8hBYUk_HzuJIXMeRVEa6doXgPTCqRXwv6t44Bl5DaHTCe3X-rRlOnq_px4T3cg1tUEhfEzxEpbszIaxZQJt-T6T_aSctjsjXCQiwcDiVbCSHdjUkYDvE-VC-h5rXg70CymmveVJT649NKfRTV_KlEATRInoRBj1LcNNEZP85ilH4Yqlb_Wpu8FCnmzWGO7M4GKYYTlup1Eyo7EHvlEDu0VpWa-U_eUF7Tq7YaQmf24WCexXd2NqEOCMu6ox5jVmf8Zj_mlHzTM4nMHY5mGX3c2ip8lFOB2Kyo0h0LJ6egbGWHDotz1m8l5DXGN9Zbvy58GxTs17Xy-T7f70fqbvEvfugzbpsCatnp-eWPhs5WqAg9bje2WSVm02VH-bB2fPwxcg6twS5yID9Jez_3wrDow-Y76J8EYCcgZN9X1_d9GdiqojbmP75PEVwlqTX_l8"}}, "protected": "eyJub25jZSI6ICJiWGhyWmFaSE5fSklMRmd6YU5GV0ZfSlJna1BXN1ZUbmRKTEZ0YlI3aE4wIn0", "payload": "eyJjb250YWN0IjogWyJtYWlsdG86ZGV2b3BzK3NzbEBibHVlYWNvcm4uY29tIl0sICJyZXNvdXJjZSI6ICJyZWciLCAiYWdyZWVtZW50IjogImh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL2RvY3VtZW50cy9MRS1TQS12MS4wLjEtSnVseS0yNy0yMDE1LnBkZiIsICJrZXkiOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAieDAtWUxmSjVja0g4bXNFNVE5ZXROQ0VzT1BEMzBqRnd1MVBFdDNDaXZtLTU3SXJOcDVId0o3d1Vsb25zUTg5cmZIQ1Z1S3Z0dk5xaVdleWc0dXNQajduQ3g5bHo1Sk9Ka3QzZWVKckVSMGxWRXhlNkhhamJFLVNjcjU0Uk9yT19XM09Ibm1KZzFqVXl4S2NOcU9Uc24zY1BWQjdHV0s3S2psU3FNNUJWR041RlV6ckE1ZmZUMTZ6ZU5iMUtidHlWRnFmUTlDZVo5bVdHaHB0REJ5anNHN1FsTVRXemJrUmJyUFJCcHJqbmJLVGM4aEJZVWtfSHp1SklYTWVSVkVhNmRvWGdQVENxUlh3djZ0NDRCbDVEYUhUQ2UzWC1yUmxPbnFfcHg0VDNjZzF0VUVoZkV6eEVwYnN6SWF4WlFKdC1UNlRfYVNjdGpzalhDUWl3Y0RpVmJDU0hkalVrWUR2RS1WQy1oNXJYZzcwQ3ltbXZlVkpUNjQ5TktmUlRWX0tsRUFUUklub1JCajFMY05ORVpQODVpbEg0WXFsYl9XcHU4RkNubXpXR083TTRHS1lZVGx1cDFFeW83RUh2bEVEdTBWcFdhLVVfZVVGN1RxN1lhUW1mMjRXQ2V4WGQyTnFFT0NNdTZveDVqVm1mOFpqX21sSHpUTTRuTUhZNW1HWDNjMmlwOGxGT0IyS3lvMGgwTEo2ZWdiR1dIRG90ejFtOGw1RFhHTjlaYnZ5NThHeFRzMTdYeS1UN2Y3MGZxYnZFdmZ1Z3picHNDYXRucC1lV1BoczVXcUFnOWJqZTJXU1ZtMDJWSC1iQjJmUHd4Y2c2dHdTNXlJRDlKZXpfM3dyRG93LVk3Nko4RVlDY2daTjlYMV9kOUdkaXFvamJtUDc1UEVWd2xxVFhfbDgifX0", "signature": "ayXNoNFf5l7xX_SJd8PI7ISaAGjCv0GgyrcnmJeQJegvH42SuzcOS626B7kJQf2b7Ny0HwnAS_VFyKo0swBMTkRLg1z0adsVoPNRJC2pFFJqLTAFSdT-5oTUOuIlM1iTpApOYcWeLM2hHD9IXvQKXlq1ZVsqSctRs3pJAm75yIEmZtb7b-KwFtzKTL43eZM7KDP9yt2mrXGvvI4b6incpIvMiMmD9Uw-VNDNdzpNgrZubgaa0e3nXWnahm2JxIQevF46Rs6fjiSRKgRLMjHxRBqbgZ5bkARO6MW-JE0DM3DgvbqNg7xadGlkOXS-1HzUsQK-Q7nLq-DFJrCb1htw0b-3cJ1vci5IhuTfzlpZrjvzAwlQZFTXUhBeWxZGyXfOS2pzcfBLKMgh_6Q8ZidUMxGqxf_Zr1nM8Apo67dsAIwLYnH55SjYdM6PtdDnQqPezR5ZBkG5UidmD-2ZLDTBS6A1qPtf6B_AnAaYlKTTPkiMQ8q2q9dT0IKVYGYHwjPA9DI--DPIO6FwoJ6ViGooLWEAwT5yF4jjhwq_Q6Mc_0pyHobWNq0FBV7sR8Clm_f8aGtbeUK0AfWTK_dP5Gz89jGZ7dWbJrRkMRWRL9BoI-7Qk-UpB-igw9y-W4gjy3VRR0lf286qZkSWH7BnYALdnBPtbzS-ueS3QYbul3cKcHw"}'}
machine-nginx-letsencrypt | 2016-06-07 20:18:25,321:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
machine-nginx-letsencrypt | 2016-06-07 20:18:26,095:DEBUG:requests.packages.urllib3.connectionpool:387: "POST /acme/reg/2106899 HTTP/1.1" 202 976
machine-nginx-letsencrypt | 2016-06-07 20:18:26,099:DEBUG:root:611: Received <Response [202]>. Headers: {'Content-Length': '976', 'Expires': 'Tue, 07 Jun 2016 20:16:50 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-authz>;rel="next", <https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf>;rel="terms-of-service"', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Tue, 07 Jun 2016 20:16:50 GMT', 'Content-Type': 'application/json', 'Replay-Nonce': 'fFrR4Uwscup7dT0XrdTzuFzvmUw3qWuCHMYoeWAQCHk'}. Content: '{\n  "id": 2106899,\n  "key": {\n    "kty": "RSA",\n    "n": "x0-YLfJ5ckH8msE5Q9etNCEsOPD30jFwu1PEt3Civm-57IrNp5HwJ7wUlonsQ89rfHCVuKvtvNqiWeyg4usPj7nCx9lz5JOJkt3eeJrER0lVExe6HajbE-Scr54ROrO_W3OHnmJg1jUyxKcNqOTsn3cPVB7GWK7KjlSqM5BVGN5FUzrA5ffT16zeNb1KbtyVFqfQ9CeZ9mWGhptDByjsG7QlMTWzbkRbrPRBprjnbKTc8hBYUk_HzuJIXMeRVEa6doXgPTCqRXwv6t44Bl5DaHTCe3X-rRlOnq_px4T3cg1tUEhfEzxEpbszIaxZQJt-T6T_aSctjsjXCQiwcDiVbCSHdjUkYDvE-VC-h5rXg70CymmveVJT649NKfRTV_KlEATRInoRBj1LcNNEZP85ilH4Yqlb_Wpu8FCnmzWGO7M4GKYYTlup1Eyo7EHvlEDu0VpWa-U_eUF7Tq7YaQmf24WCexXd2NqEOCMu6ox5jVmf8Zj_mlHzTM4nMHY5mGX3c2ip8lFOB2Kyo0h0LJ6egbGWHDotz1m8l5DXGN9Zbvy58GxTs17Xy-T7f70fqbvEvfugzbpsCatnp-eWPhs5WqAg9bje2WSVm02VH-bB2fPwxcg6twS5yID9Jez_3wrDow-Y76J8EYCcgZN9X1_d9GdiqojbmP75PEVwlqTX_l8",\n    "e": "AQAB"\n  },\n  "contact": [\n    "mailto:devops+ssl@blueacorn.com"\n  ],\n  "agreement": "https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf",\n  "initialIp": "66.49.116.181",\n  "createdAt": "2016-06-07T20:16:49Z"\n}'
machine-nginx-letsencrypt | 2016-06-07 20:18:26,099:DEBUG:acme.client:636: Storing nonce: '|Z\xd1\xe1L,r\xea{u=\x17\xad\xd4\xf3\xb8\\\xef\x99L7\xa9k\x82\x1c\xc6(y`\x10\x08y'
machine-nginx-letsencrypt | 2016-06-07 20:18:26,099:DEBUG:acme.client:551: Received response <Response [202]> (headers: {'Content-Length': '976', 'Expires': 'Tue, 07 Jun 2016 20:16:50 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-authz>;rel="next", <https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf>;rel="terms-of-service"', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Tue, 07 Jun 2016 20:16:50 GMT', 'Content-Type': 'application/json', 'Replay-Nonce': 'fFrR4Uwscup7dT0XrdTzuFzvmUw3qWuCHMYoeWAQCHk'}): '{\n  "id": 2106899,\n  "key": {\n    "kty": "RSA",\n    "n": "x0-YLfJ5ckH8msE5Q9etNCEsOPD30jFwu1PEt3Civm-57IrNp5HwJ7wUlonsQ89rfHCVuKvtvNqiWeyg4usPj7nCx9lz5JOJkt3eeJrER0lVExe6HajbE-Scr54ROrO_W3OHnmJg1jUyxKcNqOTsn3cPVB7GWK7KjlSqM5BVGN5FUzrA5ffT16zeNb1KbtyVFqfQ9CeZ9mWGhptDByjsG7QlMTWzbkRbrPRBprjnbKTc8hBYUk_HzuJIXMeRVEa6doXgPTCqRXwv6t44Bl5DaHTCe3X-rRlOnq_px4T3cg1tUEhfEzxEpbszIaxZQJt-T6T_aSctjsjXCQiwcDiVbCSHdjUkYDvE-VC-h5rXg70CymmveVJT649NKfRTV_KlEATRInoRBj1LcNNEZP85ilH4Yqlb_Wpu8FCnmzWGO7M4GKYYTlup1Eyo7EHvlEDu0VpWa-U_eUF7Tq7YaQmf24WCexXd2NqEOCMu6ox5jVmf8Zj_mlHzTM4nMHY5mGX3c2ip8lFOB2Kyo0h0LJ6egbGWHDotz1m8l5DXGN9Zbvy58GxTs17Xy-T7f70fqbvEvfugzbpsCatnp-eWPhs5WqAg9bje2WSVm02VH-bB2fPwxcg6twS5yID9Jez_3wrDow-Y76J8EYCcgZN9X1_d9GdiqojbmP75PEVwlqTX_l8",\n    "e": "AQAB"\n  },\n  "contact": [\n    "mailto:devops+ssl@blueacorn.com"\n  ],\n  "agreement": "https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf",\n  "initialIp": "66.49.116.181",\n  "createdAt": "2016-06-07T20:16:49Z"\n}'
machine-nginx-letsencrypt | 2016-06-07 20:18:26,101:DEBUG:acme.jose.json_util:259: Omitted empty fields: expires=None, status=None, combinations=None, challenges=None
machine-nginx-letsencrypt | 2016-06-07 20:18:26,101:DEBUG:acme.client:527: Serialized JSON: {"identifier": {"type": "dns", "value": "AAA.qa-1.blueacorn.net"}, "resource": "new-authz"}
machine-nginx-letsencrypt | 2016-06-07 20:18:26,106:DEBUG:acme.jose.json_util:259: Omitted empty fields: x5c=(), jku=None, x5t=None, x5tS256=None, alg=None, typ=None, jwk=None, crit=(), x5u=None, kid=None, cty=None
machine-nginx-letsencrypt | 2016-06-07 20:18:26,124:DEBUG:acme.jose.json_util:259: Omitted empty fields: x5c=(), jku=None, nonce=None, x5tS256=None, crit=(), x5t=None, typ=None, x5u=None, kid=None, cty=None
machine-nginx-letsencrypt | 2016-06-07 20:18:26,124:DEBUG:root:605: Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "x0-YLfJ5ckH8msE5Q9etNCEsOPD30jFwu1PEt3Civm-57IrNp5HwJ7wUlonsQ89rfHCVuKvtvNqiWeyg4usPj7nCx9lz5JOJkt3eeJrER0lVExe6HajbE-Scr54ROrO_W3OHnmJg1jUyxKcNqOTsn3cPVB7GWK7KjlSqM5BVGN5FUzrA5ffT16zeNb1KbtyVFqfQ9CeZ9mWGhptDByjsG7QlMTWzbkRbrPRBprjnbKTc8hBYUk_HzuJIXMeRVEa6doXgPTCqRXwv6t44Bl5DaHTCe3X-rRlOnq_px4T3cg1tUEhfEzxEpbszIaxZQJt-T6T_aSctjsjXCQiwcDiVbCSHdjUkYDvE-VC-h5rXg70CymmveVJT649NKfRTV_KlEATRInoRBj1LcNNEZP85ilH4Yqlb_Wpu8FCnmzWGO7M4GKYYTlup1Eyo7EHvlEDu0VpWa-U_eUF7Tq7YaQmf24WCexXd2NqEOCMu6ox5jVmf8Zj_mlHzTM4nMHY5mGX3c2ip8lFOB2Kyo0h0LJ6egbGWHDotz1m8l5DXGN9Zbvy58GxTs17Xy-T7f70fqbvEvfugzbpsCatnp-eWPhs5WqAg9bje2WSVm02VH-bB2fPwxcg6twS5yID9Jez_3wrDow-Y76J8EYCcgZN9X1_d9GdiqojbmP75PEVwlqTX_l8"}}, "protected": "eyJub25jZSI6ICJmRnJSNFV3c2N1cDdkVDBYcmRUenVGenZtVXczcVd1Q0hNWW9lV0FRQ0hrIn0", "payload": "eyJpZGVudGlmaWVyIjogeyJ0eXBlIjogImRucyIsICJ2YWx1ZSI6ICJBQUEucWEtMS5ibHVlYWNvcm4ubmV0In0sICJyZXNvdXJjZSI6ICJuZXctYXV0aHoifQ", "signature": "lXa1UeNB10M6bavDxwEethi7jt9DXlQq90QSbEZhGejR70pPE2_0XqMTRsPs_A_065AfytLJzwbPC1slPCsrtMk1HN2z7NNtQqC48-eFw1hzKUpTrJEwGG4v4mqs9fwCD9cSp6IFSaEp1bMcdnwp9swuWe3p45ROSfZQgEpl5uWtRbL5zwYUvqs6JNDFf8iEaixypzEpJFCARAkhZ1v-yOlOY95PpScHpnoprNAWj-WHtOrcAtMXTbywNyu7T2GO-VqS600NmXKkBWNvMVEC_Q_1FkwHZdwqqujGDO3nR_Ybq2h3wYeXnKI6bl4Zy9j3rdEV635aFDA6ZdU7xR2LvBVNPHd-WkpB6frxPDg6wUYIpL0APwRHE3Q5wML0Kz8uCFQ8-9X914JJYgpEH8oYOq8f5vKQ_QONQMGy6n8i-UjX_fM7S8Mj0j8n39EbF6EkKjXCmr97SmRCED5G3irBG1kL8QuWZHIr3vg6X8skUyWv6v6AmbfnsFfXXIVgMDvrtEwxA2toLG6bsDJUinlJAZfHqS4ANgN8qmfOoHCmtgwWzM6jq__fMQEbNVYcfj93y6pPOPoC4TEWExiDv1uJXDKKQtQtiykJuZiOnQiNyRZ7LCETVWuNoGvomzxYQ_cSNepY7db3-4FwT4GJuLHZgVQ1MMTCTnTDb-uoz9pCM_w"}'}
machine-nginx-letsencrypt | 2016-06-07 20:18:26,126:INFO:requests.packages.urllib3.connectionpool:756: Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
machine-nginx-letsencrypt | 2016-06-07 20:18:26,768:DEBUG:requests.packages.urllib3.connectionpool:387: "POST /acme/new-authz HTTP/1.1" 201 1007
machine-nginx-letsencrypt | 2016-06-07 20:18:26,771:DEBUG:root:611: Received <Response [201]>. Headers: {'Content-Length': '1007', 'Expires': 'Tue, 07 Jun 2016 20:16:51 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/oWaWiODe0SFi9uY9b8QpfaE6RumZAm2q-DlhN1nSfdE', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Tue, 07 Jun 2016 20:16:51 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'AKwkOzC4mtI3TDVRh3oPG6SaaD_zwQElhh_vdRjxJ-A'}. Content: '{\n  "identifier": {\n    "type": "dns",\n    "value": "aaa.qa-1.blueacorn.net"\n  },\n  "status": "pending",\n  "expires": "2016-06-14T20:16:50.773055189Z",\n  "challenges": [\n    {\n      "type": "dns-01",\n      "status": "pending",\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/oWaWiODe0SFi9uY9b8QpfaE6RumZAm2q-DlhN1nSfdE/114061731",\n      "token": "FyfOt3Q911U3IzBaFZ6HiWEsF0eQLNBJULg-cybGbHE"\n    },\n    {\n      "type": "http-01",\n      "status": "pending",\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/oWaWiODe0SFi9uY9b8QpfaE6RumZAm2q-DlhN1nSfdE/114061732",\n      "token": "C69-yopJIvQ2luYDBgyHP16RqWKYoWBEWNcjwFjYNSI"\n    },\n    {\n      "type": "tls-sni-01",\n      "status": "pending",\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/oWaWiODe0SFi9uY9b8QpfaE6RumZAm2q-DlhN1nSfdE/114061733",\n      "token": "sDUQoE4bX6n-rA-vdGmKmH6bZhYbcsq3vbRCu3u1QSk"\n    }\n  ],\n  "combinations": [\n    [\n      1\n    ],\n    [\n      2\n    ],\n    [\n      0\n    ]\n  ]\n}'
machine-nginx-letsencrypt | 2016-06-07 20:18:26,772:DEBUG:acme.client:636: Storing nonce: "\x00\xac$;0\xb8\x9a\xd27L5Q\x87z\x0f\x1b\xa4\x9ah?\xf3\xc1\x01%\x86\x1f\xefu\x18\xf1'\xe0"
machine-nginx-letsencrypt | 2016-06-07 20:18:26,772:DEBUG:acme.client:551: Received response <Response [201]> (headers: {'Content-Length': '1007', 'Expires': 'Tue, 07 Jun 2016 20:16:51 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': '<https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/oWaWiODe0SFi9uY9b8QpfaE6RumZAm2q-DlhN1nSfdE', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Tue, 07 Jun 2016 20:16:51 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'AKwkOzC4mtI3TDVRh3oPG6SaaD_zwQElhh_vdRjxJ-A'}): '{\n  "identifier": {\n    "type": "dns",\n    "value": "aaa.qa-1.blueacorn.net"\n  },\n  "status": "pending",\n  "expires": "2016-06-14T20:16:50.773055189Z",\n  "challenges": [\n    {\n      "type": "dns-01",\n      "status": "pending",\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/oWaWiODe0SFi9uY9b8QpfaE6RumZAm2q-DlhN1nSfdE/114061731",\n      "token": "FyfOt3Q911U3IzBaFZ6HiWEsF0eQLNBJULg-cybGbHE"\n    },\n    {\n      "type": "http-01",\n      "status": "pending",\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/oWaWiODe0SFi9uY9b8QpfaE6RumZAm2q-DlhN1nSfdE/114061732",\n      "token": "C69-yopJIvQ2luYDBgyHP16RqWKYoWBEWNcjwFjYNSI"\n    },\n    {\n      "type": "tls-sni-01",\n      "status": "pending",\n      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/oWaWiODe0SFi9uY9b8QpfaE6RumZAm2q-DlhN1nSfdE/114061733",\n      "token": "sDUQoE4bX6n-rA-vdGmKmH6bZhYbcsq3vbRCu3u1QSk"\n    }\n  ],\n  "combinations": [\n    [\n      1\n    ],\n    [\n      2\n    ],\n    [\n      0\n    ]\n  ]\n}'
machine-nginx-letsencrypt | 2016-06-07 20:18:26,773:DEBUG:acme.challenges:34: dns-01 was not recognized, full message: {u'status': u'pending', u'token': u'FyfOt3Q911U3IzBaFZ6HiWEsF0eQLNBJULg-cybGbHE', u'type': u'dns-01', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/oWaWiODe0SFi9uY9b8QpfaE6RumZAm2q-DlhN1nSfdE/114061731'}
machine-nginx-letsencrypt | Traceback (most recent call last):
machine-nginx-letsencrypt |   File "build/bdist.linux-x86_64/egg/simp_le.py", line 1401, in main
machine-nginx-letsencrypt |     return main_with_exceptions(cli_args)
machine-nginx-letsencrypt |   File "build/bdist.linux-x86_64/egg/simp_le.py", line 1386, in main_with_exceptions
machine-nginx-letsencrypt |     persist_new_data(args, existing_data)
machine-nginx-letsencrypt |   File "build/bdist.linux-x86_64/egg/simp_le.py", line 1287, in persist_new_data
machine-nginx-letsencrypt |     for vhost in args.vhosts
machine-nginx-letsencrypt |   File "build/bdist.linux-x86_64/egg/simp_le.py", line 1287, in <genexpr>
machine-nginx-letsencrypt |     for vhost in args.vhosts
machine-nginx-letsencrypt |   File "build/bdist.linux-x86_64/egg/acme/client.py", line 217, in request_domain_challenges
machine-nginx-letsencrypt |     typ=messages.IDENTIFIER_FQDN, value=domain), new_authzr_uri)
machine-nginx-letsencrypt |   File "build/bdist.linux-x86_64/egg/acme/client.py", line 200, in request_challenges
machine-nginx-letsencrypt |     return self._authzr_from_response(response, identifier)
machine-nginx-letsencrypt |   File "build/bdist.linux-x86_64/egg/acme/client.py", line 180, in _authzr_from_response
machine-nginx-letsencrypt |     raise errors.UnexpectedUpdate(authzr)
machine-nginx-letsencrypt | UnexpectedUpdate: AuthorizationResource(body=Authorization(status=Status(pending), challenges=(ChallengeBody(chall=UnrecognizedChallenge(), status=Status(pending), validated=None, uri=u'https://acme-v01.api.letsencrypt.org/acme/challenge/oWaWiODe0SFi9uY9b8QpfaE6RumZAm2q-DlhN1nSfdE/114061731', error=None), ChallengeBody(chall=HTTP01(token='\x0b\xaf~\xca\x8aI"\xf46\x96\xe6\x03\x06\x0c\x87?^\x91\xa9b\x98\xa1`DX\xd7#\xc0X\xd85"'), status=Status(pending), validated=None, uri=u'https://acme-v01.api.letsencrypt.org/acme/challenge/oWaWiODe0SFi9uY9b8QpfaE6RumZAm2q-DlhN1nSfdE/114061732', error=None), ChallengeBody(chall=TLSSNI01(token='\xb05\x10\xa0N\x1b_\xa9\xfe\xac\x0f\xafti\x8a\x98~\x9bf\x16\x1br\xca\xb7\xbd\xb4B\xbb{\xb5A)'), status=Status(pending), validated=None, uri=u'https://acme-v01.api.letsencrypt.org/acme/challenge/oWaWiODe0SFi9uY9b8QpfaE6RumZAm2q-DlhN1nSfdE/114061733', error=None)), identifier=Identifier(typ=IdentifierType(dns), value=u'aaa.qa-1.blueacorn.net'), expires=datetime.datetime(2016, 6, 14, 20, 16, 50, 773055, tzinfo=<UTC>), combinations=((1,), (2,), (0,))), new_cert_uri='https://acme-v01.api.letsencrypt.org/acme/new-cert', uri='https://acme-v01.api.letsencrypt.org/acme/authz/oWaWiODe0SFi9uY9b8QpfaE6RumZAm2q-DlhN1nSfdE')
machine-nginx-letsencrypt | 
machine-nginx-letsencrypt | Unhandled error has happened, traceback is above

[briceburg]

so as an update -- this only happens if the domain contains uppercase characters. E.g. our example of AAA.qa-1.blueacorn.net' works when it is replaced with aaa.qa-1.blueacorn.net. I'll see if I can submit a patch.