sindarina
commented
1 year ago Same problem, but with retry during authorization handling;
ERROR: Problem connecting to server (head for https://acme-v02.api.letsencrypt.org/acme/new-nonce; curl returned with 35)
! Request failed (badNonce), retrying request...Update: It looks like the retry logic works for the new-nonce action, but not for some of the other API calls. Here's another error;
ERROR: Problem connecting to server (post for https://acme-v02.api.letsencrypt.org/acme/authz-v3/201906708426; curl returned with 35)
EXPECTED value GOT EOFSame result, invalid PEM file. Curl version output;
$ curl -V
curl 7.87.0 (x86_64-apple-darwin22.1.0) libcurl/7.87.0 OpenSSL/3.0.8 zlib/1.2.13 brotli/1.0.9 zstd/1.5.2 libidn2/2.3.4 libpsl/0.21.2 (+libidn2/2.3.4) nghttp2/1.51.0
Release-Date: 2022-12-21
Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTPS-proxy IDN IPv6 Largefile libz NTLM NTLM_WB PSL SSL threadsafe TLS-SRP UnixSockets zstd
I suspect the error is an issue on the Let's Encrypt API side;
but dehydrated then leaves us with a PEM file that contains nothing except some script output;
This happens when using dehydrated with
--signcsr,--alias, and--outto write the file to a specific directory that also contains the CSR and the private key.The retry logic mentioned in #792 works well while handling authorizations, but fails here? Hoping this will clear up once the Let's Encrypt API resolves whatever is causing this, but it's probably a good idea to not write a PEM file in this situation?