Closed thusitha-cs closed 5 months ago
Currenly experiencing the same issue. If i look in the webjobs i see that the job for renewing the certificate all of a sudden fails at 22-02-2024 with the following stack trace:
Microsoft.Azure.WebJobs.Host.FunctionInvocationException: Microsoft.Azure.WebJobs.Host.FunctionInvocationException : Exception while executing function: Functions.RenewCertificate ---> Certes.AcmeException : Can not find issuer 'C=US,O=Internet Security Research Group,CN=ISRG Root X1' for certificate 'C=US,O=Let's Encrypt,CN=R3'. at Certes.Pkcs.CertificateStore.GetIssuers(Byte[] der) at Certes.CertificateChainExtensions.ToPem(CertificateChain certificateChain,IKey certKey) at async LetsEncrypt.Azure.Core.Services.AcmeService.RequestCertificate() at D:\a\1\s\LetsEncrypt.SiteExtension.Core\Services\AcmeService.cs : 61 at async LetsEncrypt.Azure.Core.CertificateManager.RequestInternalAsync(IAcmeConfig config) at D:\a\1\s\LetsEncrypt.SiteExtension.Core\CertificateManager.cs : 210 at async LetsEncrypt.Azure.Core.CertificateManager.RequestAndInstallInternalAsync(IAcmeConfig config) at D:\a\1\s\LetsEncrypt.SiteExtension.Core\CertificateManager.cs : 234 at async LetsEncrypt.Azure.Core.CertificateManager.RenewCertificate(Boolean skipInstallCertificate,Int32 renewXNumberOfDaysBeforeExpiration) at D:\a\1\s\LetsEncrypt.SiteExtension.Core\CertificateManager.cs : 176 at async LetsEncrypt.SiteExtension.Functions.RenewCertificate(TimerInfo timerInfo) at D:\a\1\s\LetsEncrypt.SiteExtension.WebJob\Functions.cs : 68 at async Microsoft.Azure.WebJobs.Host.Executors.VoidTaskMethodInvoker`2.InvokeAsync[TReflected,TReturnType](TReflected instance,Object[] arguments) at async Microsoft.Azure.WebJobs.Host.Executors.FunctionInvoker`2.InvokeAsync[TReflected,TReturnValue](Object instance,Object[] arguments) at async Microsoft.Azure.WebJobs.Host.Executors.FunctionExecutor.InvokeAsync(IFunctionInvoker invoker,ParameterHelper parameterHelper,CancellationTokenSource timeoutTokenSource,CancellationTokenSource functionCancellationTokenSource,Boolean throwOnTimeout,TimeSpan timerInterval,IFunctionInstance instance) at async Microsoft.Azure.WebJobs.Host.Executors.FunctionExecutor.ExecuteWithWatchersAsync(IFunctionInstance instance,ParameterHelper parameterHelper,TraceWriter traceWriter,CancellationTokenSource functionCancellationTokenSource) at async Microsoft.Azure.WebJobs.Host.Executors.FunctionExecutor.ExecuteWithLoggingAsync(??) at async Microsoft.Azure.WebJobs.Host.Executors.FunctionExecutor.ExecuteWithLoggingAsync(??) End of inner exception at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at async Microsoft.Azure.WebJobs.Host.Executors.FunctionExecutor.ExecuteWithLoggingAsync(??) at async Microsoft.Azure.WebJobs.Host.Executors.FunctionExecutor.TryExecuteAsync(IFunctionInstance functionInstance,CancellationToken cancellationToken)
As for me I gave up using this extension. Azure itself provides with security certificates now, and using that seems quite easy.
Yap hitting same issue, was using this for years in my personal websites.
Is the azure one free?
Also have the same issue... ours started end of Feb 2024
Microsoft.Azure.WebJobs.Host.FunctionInvocationException: Microsoft.Azure.WebJobs.Host.FunctionInvocationException : Exception while executing function: Functions.RenewCertificate ---> Certes.AcmeException : Can not find issuer 'C=US,O=Internet Security Research Group,CN=ISRG Root X1' for certificate 'C=US,O=Let's Encrypt,CN=R3'.
at Certes.Pkcs.CertificateStore.GetIssuers(Byte[] der)
at Certes.CertificateChainExtensions.ToPem(CertificateChain certificateChain,IKey certKey)
at async LetsEncrypt.Azure.Core.Services.AcmeService.RequestCertificate() at D:\a\1\s\LetsEncrypt.SiteExtension.Core\Services\AcmeService.cs : 61
at async LetsEncrypt.Azure.Core.CertificateManager.RequestInternalAsync(IAcmeConfig config) at D:\a\1\s\LetsEncrypt.SiteExtension.Core\CertificateManager.cs : 210
at async LetsEncrypt.Azure.Core.CertificateManager.RequestAndInstallInternalAsync(IAcmeConfig config) at D:\a\1\s\LetsEncrypt.SiteExtension.Core\CertificateManager.cs : 234
at async LetsEncrypt.Azure.Core.CertificateManager.RenewCertificate(Boolean skipInstallCertificate,Int32 renewXNumberOfDaysBeforeExpiration) at D:\a\1\s\LetsEncrypt.SiteExtension.Core\CertificateManager.cs : 176
at async LetsEncrypt.SiteExtension.Functions.RenewCertificate(TimerInfo timerInfo) at D:\a\1\s\LetsEncrypt.SiteExtension.WebJob\Functions.cs : 68
at async Microsoft.Azure.WebJobs.Host.Executors.VoidTaskMethodInvoker`2.InvokeAsync[TReflected,TReturnType](TReflected instance,Object[] arguments)
at async Microsoft.Azure.WebJobs.Host.Executors.FunctionInvoker`2.InvokeAsync[TReflected,TReturnValue](Object instance,Object[] arguments)
at async Microsoft.Azure.WebJobs.Host.Executors.FunctionExecutor.InvokeAsync(IFunctionInvoker invoker,ParameterHelper parameterHelper,CancellationTokenSource timeoutTokenSource,CancellationTokenSource functionCancellationTokenSource,Boolean throwOnTimeout,TimeSpan timerInterval,IFunctionInstance instance)
at async Microsoft.Azure.WebJobs.Host.Executors.FunctionExecutor.ExecuteWithWatchersAsync(IFunctionInstance instance,ParameterHelper parameterHelper,TraceWriter traceWriter,CancellationTokenSource functionCancellationTokenSource)
at async Microsoft.Azure.WebJobs.Host.Executors.FunctionExecutor.ExecuteWithLoggingAsync(??)
at async Microsoft.Azure.WebJobs.Host.Executors.FunctionExecutor.ExecuteWithLoggingAsync(??)
End of inner exception
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at async Microsoft.Azure.WebJobs.Host.Executors.FunctionExecutor.ExecuteWithLoggingAsync(??)
at async Microsoft.Azure.WebJobs.Host.Executors.FunctionExecutor.TryExecuteAsync(IFunctionInstance functionInstance,CancellationToken cancellationToken)
i've also switched to the managed certificates for webapps, its free and easy to configure: https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-certificate?tabs=subdomain#create-a-free-managed-certificate
Well, this extension is no more. This is right there in the main page of this project.
We're using Azure Let's Encrypt (1.0.6) in most of our Azure web apps. Suddenly we're getting a duplicate rate limit error for one of our apps. The error goes like below:
Fail to load resource from 'https://acme-v02.api.letsencrypt.org/acme/new-order'. urn:ietf:params:acme:error:rateLimited: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours:, retry after 2024-03-15T10:49:58Z: see https://letsencrypt.org/docs/duplicate-certificate-limit/
Any idea why we're getting this all of the sudden? We've never had it before and the plugin was doing its work quite nicely. Appreciate if you could look into.
Note: I can share the domain name privately if that's possible.