Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ACME API random errors since Dec 29 #29

Open
bago opened this issue Jan 2, 2024 · 7 comments
Open

ACME API random errors since Dec 29 #29

bago opened this issue Jan 2, 2024 · 7 comments

Comments

@bago
Copy link

bago commented Jan 2, 2024

See these reports:
acmesh-official/acme.sh#4937
@onlyscv
Copy link

onlyscv commented Jan 11, 2024

I also feel that,the REST API is unstable!
I hope fix it。

@gabriel-blankenship
Copy link

We've been seeing several errors as well:

Jan 11 20:05:34 scrubbed caddy[144972]: {"level":"error","ts":1705003534.1326756,"logger":"tls.obtain","msg":"will retry","error":"[scrubbed] Obtain: [scrubbed] solving challenges: authz https://acme.zerossl.com/v2/DV90/authz/e-scrubbed has unexpected status; order will fail: invalid (order=https://acme.zerossl.com/v2/DV90/order/scrubbed) (ca=https://acme.zerossl.com/v2/DV90)","attempt":2,"retrying_in":120,"elapsed":76.889301976,"max_duration":2592000}

@bago
Copy link
Author

bago commented Jan 12, 2024

In my case the main issue is an error try to renewing some certs since 29 december: other certs are renewing correctly or, when they fail, they are renewed at the next attempt, while 7 certs are stuck since 2 weeks!

Sounds like on dec 29th ZeroSSL failed creating the certs in the 30 retries (waittime) acme.sh does when renewing and somehow this left something stuck on zerossl side and the certs cannot be renewed anymore :-(

@felixgoldstein
Copy link

felixgoldstein commented Jan 14, 2024
edited
Loading

I'm experiencing same issue.
Their status page shows several disruptions over last days:
https://status.zerossl.com/

I hope they will fix it soon

Jan 14 14:41:38 xxx caddy[43061]: {"level":"error","ts":1705239698.8729653,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"xxxxx.com","issuer":"acme.zerossl.com-v2-DV90","error":"[xxxxx.com] solving challenges: authz https://acme.zerossl.com/v2/DV90/authz/xxxxx has unexpected status; order will fail: invalid (order=https://acme.zerossl.com/v2/DV90/order/xxxxx) (ca=https://acme.zerossl.com/v2/DV90)"}

@Pathfinder08
Copy link

Pathfinder08 commented Jan 15, 2024
edited
Loading

Same issues here, some Certificates renew normally and some throw Errors Like the could Not get nonce in the related issue on acme.sh.

I Hope this will be fixed soon.

Edit: Zerossl answered and Said the could not get nonce Error is NOT an issue on their end.

@eth-limo
Copy link

Same issue here using Caddy v2.7.6. A handful of certs are unable to be renewed due to the unexpected status error. This started for us some time around the beginning of the year. No other changes were made to our infrastructure.

@lynnpepin
Copy link

I'm here with the same problem with the snap Caddy v2.7.6 on Ubuntu.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@bago @felixgoldstein @lynnpepin @onlyscv @Pathfinder08 @eth-limo @gabriel-blankenship