Order not valid on staging

[LoranRendel]

There is an error with any domain:

06-04-2020 15:42:41, function LEClient __construct:
LEClient finished constructing

06-04-2020 15:42:44, function getCertificate:
Order for 'domain.tld' not valid. Cannot retrieve certificate.

A part of the code:

$client = new LEClient([$email], $use_stage, LEClient::LOG_STATUS, $certificate_keys, $account_keys);

$order = $client->getOrCreateOrder($domain, [$domain, "*.$domain"]);
if ($order->allAuthorizationsValid()) {
    if (!$order->isFinalized()) {
        $order->finalizeOrder();
    }
    if ($order->isFinalized()) {
        $order->getCertificate();
    }
}

[yourivw]

Have you tried setting LEClient::LOG_DEBUG? It will supply some more information, I cannot help with it now. Do you do the authorizations? Have they all been completed successfully?

[LoranRendel]

10-04-2020 15:05:27, function __construct (function post):
Array
(
    [request] => POST https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/45953788
    [header] => HTTP/1.1 100 Continue

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Apr 2020 12:05:27 GMT
Content-Type: application/json
Content-Length: 458
Connection: keep-alive
Boulder-Requester: 6955225
Cache-Control: public, max-age=0, no-cache
Link: ;rel="index"
Replay-Nonce: 0001xEjHXJmRyVQaTMEN-IvzL3mZzhYvE-J6hUuzuML8OuM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

    [status] => 200
    [body] => Array
        (
            [identifier] => Array
                (
                    [type] => dns
                    [value] => alterrum.ru
                )

            [status] => valid
            [expires] => 2020-04-27T08:16:59Z
            [challenges] => Array
                (
                    [0] => Array
                        (
                            [type] => dns-01
                            [status] => valid
                            [url] => https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/45953788/lTzVRQ
                            [token] => JIeVRY_7f-52dPvQRfoauI6-cYu-R8Hm7wnX3AReV4c
                            [validationRecord] => Array
                                (
                                    [0] => Array
                                        (
                                            [hostname] => alterrum.ru
                                        )

                                )

                        )

                )

        )

)

10-04-2020 15:05:27, function getCertificate:
Order for 'alterrum.ru' not valid. Cannot retrieve certificate.

[yourivw]

Is this all information that was logged? I'm still missing quite some info, about the client construction and the order itself. This authorization is valid, that looks okay. I see in your first post that you make an order with a domain and its wildcard. That means you get two authorizations which you need to verify, for the same domain. Only when both are verified, the order is valid. Could that be the problem?

[rusynergy]

Same problem. All authorizations valid, but Order for *** not valid. Cannot retrieve certificate.

[rusynergy]

Downgrade to 1.1.11, everything became good)

[yourivw]

This problem has probably started when I merged a faulty PR changing the behavior in the order status logic. I could not recreate the problem on my system, but I'm fairly sure this would fix the problem. Version 1.2.2 is released now, which changes this logic.

Can you please try again, using LEClient::LOG_DEBUG for complete logging, and send ALL logging information to me? If you don't want to post that, you can email it to me as well.

[LoranRendel]

All works fine. Do you still need my debug info?

[yourivw]

In that case I'm confident the problem is solved. If you run into a similar problem again, let me know.