tylerlemieux
commented
3 years ago I started getting the same issue today with my site. In my investigation so far it seems like the internal HttpClient call to acme is failing with SSL issues. Maybe a certificate updated or something changed on the acme side recently?
Edit: let's encrypts website talks about the certs expiring yesterday, looks like that's the problem https://letsencrypt.org/2021/10/01/cert-chaining-help.html
Cappi1998
Tratcher
Help, I don't know what it could be, it was working normally for months, and now I'm getting this error, I can't find the problem, if anyone has a tip I'm grateful
################ Log ERROR ################
info: LettuceEncrypt.Internal.AcmeClient[0] Using certificate authority https://acme-v02.api.letsencrypt.org/directory fail: LettuceEncrypt.Internal.AcmeStates.ServerStartupState[0] Failed to automatically create a certificate for brasilskins.com.br System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: NotTimeValid at System.Net.Security.SslStream.SendAuthResetSignal(ProtocolToken message, ExceptionDispatchInfo exception) at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm) at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Boolean async, Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken) --- End of inner exception stack trace --- at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Boolean async, Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.GetHttpConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken) at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpClient.SendAsyncCore(HttpRequestMessage request, HttpCompletionOption completionOption, Boolean async, Boolean emitTelemetryStartStop, CancellationToken cancellationToken) at Certes.Acme.AcmeHttpClient.Get[T](Uri uri) at Certes.AcmeContext.GetDirectory() at Certes.IAcmeContextExtensions.TermsOfService(IAcmeContext context) at LettuceEncrypt.Internal.AcmeClient.GetTermsOfServiceAsync() at LettuceEncrypt.Internal.AcmeCertificateFactory.CreateAccount(CancellationToken cancellationToken) at LettuceEncrypt.Internal.AcmeCertificateFactory.GetOrCreateAccountAsync(CancellationToken cancellationToken) at LettuceEncrypt.Internal.AcmeStates.BeginCertificateCreationState.MoveNextAsync(CancellationToken cancellationToken) fail: LettuceEncrypt.Internal.AcmeCertificateLoader[0] ACME state machine encountered unhandled error System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: NotTimeValid at System.Net.Security.SslStream.SendAuthResetSignal(ProtocolToken message, ExceptionDispatchInfo exception) at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](TIOAdapter adapter, Boolean receiveFirst, Byte[] reAuthenticationData, Boolean isApm) at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Boolean async, Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken) --- End of inner exception stack trace --- at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Boolean async, Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.GetHttpConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken) at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpClient.SendAsyncCore(HttpRequestMessage request, HttpCompletionOption completionOption, Boolean async, Boolean emitTelemetryStartStop, CancellationToken cancellationToken) at Certes.Acme.AcmeHttpClient.Get[T](Uri uri) at Certes.AcmeContext.GetDirectory() at Certes.IAcmeContextExtensions.TermsOfService(IAcmeContext context) at LettuceEncrypt.Internal.AcmeClient.GetTermsOfServiceAsync() at LettuceEncrypt.Internal.AcmeCertificateFactory.CreateAccount(CancellationToken cancellationToken) at LettuceEncrypt.Internal.AcmeCertificateFactory.GetOrCreateAccountAsync(CancellationToken cancellationToken) at LettuceEncrypt.Internal.AcmeStates.BeginCertificateCreationState.MoveNextAsync(CancellationToken cancellationToken) at LettuceEncrypt.Internal.AcmeCertificateLoader.ExecuteAsync(CancellationToken stoppingToken)
################ END Log ERROR ################