You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
An unexpected error is seen when attempting to request a certificate when the ACME server returns an Authorization object where the status is already valid when the Order is created. This can be the case when a requested domain has been pre-verified in the ACME account. In these cases g. the status of the Authorization will be valid without the ACME client needing to deploy a DNS secret to prove domain control.
To Reproduce
Steps to reproduce the behavior:
Establish an ACME account with an CA that support ACME pre-authorization or out-of-band domain verification
Request a certificate for a domain that has been pre-verified
Observe that the following error is raised:
Orchestrator function 'IssueCertificate' failed: The activity function 'Dns01Authorization' failed: "DNS-01 cannot be used for domains for which a certificate has already been issued using HTTP-01.". See the function execution logs for additional details.
Environment (please complete the following information):
Certificate Type: Sub-domain
Certificate Deploy Target: App Service
Additional context
Example JSON of a Authorization object response that triggers the error.
{"identifier":{"type":"dns","value":"test1.testcertificates.com"},"status":"valid","challenges":[],"wildcard":false}
The text was updated successfully, but these errors were encountered:
Thanks for the feedback. We were not aware of that case, we would like to review the PR and if it is not a problem, we would like to go through to the release.
Describe the bug
An unexpected error is seen when attempting to request a certificate when the ACME server returns an Authorization object where the status is already valid when the Order is created. This can be the case when a requested domain has been pre-verified in the ACME account. In these cases g. the status of the Authorization will be valid without the ACME client needing to deploy a DNS secret to prove domain control.
To Reproduce
Steps to reproduce the behavior:
Orchestrator function 'IssueCertificate' failed: The activity function 'Dns01Authorization' failed: "DNS-01 cannot be used for domains for which a certificate has already been issued using HTTP-01.". See the function execution logs for additional details.
Environment (please complete the following information):
Additional context
Example JSON of a Authorization object response that triggers the error.
{"identifier":{"type":"dns","value":"test1.testcertificates.com"},"status":"valid","challenges":[],"wildcard":false}
The text was updated successfully, but these errors were encountered: