search

anchordotdev / cli

MIT License
297 stars 6 forks source link

Error: acme/autocert: certificate is not valid yet #22

Closed lhgiahuy closed 2 months ago

lhgiahuy commented 4 months ago

Are there any additional details you would like to share?

Command: anchor lcl Executable: C:\Program Files\Anchor CLI\anchor.exe Version: 0.0.38 (windows/amd64) Commit: 38a58bce9066abd76402b4acf560bfce5c03ec94 BuildDate: 2024-06-25T19:20:43Z Arguments: [] Flags: [] Timestamp: 2024-06-28T13:16:30.8030419Z Stdout:

| Let's set up fast and totally free lcl.host HTTPS!
# Setup lcl.host HTTPS Local Development Environment `anchor lcl`
    | After setup, you can use HTTPS locally in your browsers and other programs.
# Audit lcl.host HTTPS Local Development Environment `anchor lcl audit`
    | We'll begin by checking your system to determine what you need for your setup.
    - Checked resources on Anchor.dev: no provisioning needed.
    - Compared local and expected CA certificates: need to install 2 missing certificates.
# Configure System for lcl.host HTTPS Local Development `anchor lcl config`
    | Before issuing HTTPS certificates, we need to configure your browsers
    | and OS to trust your personal certificates.
    |
    | We'll start a local diagnostic web server to guide you through the process.
    - Entered hi-lhgiahuy.lcl.host domain for lcl.host diagnostic certificate.
    - Resolved hi-lhgiahuy.lcl.host domain: success!
    | Now we'll provision Anchor.dev resources and HTTPS certificates for you.
    - Creating hi-lhgiahuy [hi-lhgiahuy.lcl.host, hi-lhgiahuy.localhost] diagnostic resources on Anchor.dev… ⠋
geemus commented 4 months ago

@lhgiahuy - Hey, sorry to hear you are having problems.

After some investigation it looks like the most likely cause is clock drift. In particular, it seems likely that either your computer or the server was far enough out of sync that the certificate that ended up being created would fail in this way.

Could you ensure your systems clock is updated to be accurate and try again?

benburkert commented 4 months ago

hi @lhgiahuy, we recently deployed a change to backdate new certificates by 1 minute when provisioned from the CLI. This should avoid most issues with clock drift, please give this another try and let us know if you're still experiencing problems.

geemus commented 2 months ago

We believe this issue should now be fixed, so we are closing this, but do let us know if you need any further assistance.