Acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:malformed :: JWS verification error

Help
1

Please help me.

My domain is: orion.a-vsp.com

I ran this command: /usr/local/directadmin/scripts/letsencrypt.sh server_cert

It produced this output:
2024/08/07 10:06:54 info executing task task=action=ssl&force=true&value=server_acme
exec ["/usr/local/bin/lego" "--accept-tos" "--email=admin@server-188-68-249-220.da.direct" "--key-type=ec256" "--server=https://acme-v02.api.letsencrypt.org/directory" "--path=/usr/local/directadmin/data/.lego" "--http" "--http.webroot=/var/www/html" "--domains=orion.a-vsp.com" "--domains=server-188-68-249-220.da.direct" "run" "--no-bundle" "--preferred-chain=ISRG Root X1"]
2024/08/07 10:06:54 [INFO] [orion.a-vsp.com, server-188-68-249-220.da.direct] acme: Obtaining SAN certificate
2024/08/07 10:06:54 Could not obtain certificates:
acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:malformed :: JWS verification error
2024/08/07 10:06:55 info finished task duration=819.737943ms task=action=ssl&force=true&value=server_acme
exit status 1
Failed to issue new certificate

My web server is (include version): Apache 2.4.59

The operating system my web server runs on is (include version): Debian 11.9

My hosting provider, if applicable, is: a-vsp.com

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): DirectAdmin 1.665

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.12.0

Thanks for all advices.
Best regards, Marek

1 Like
2

Welcome @mwardas

I am not sure there is much we can do. But maybe another volunteer will offer help.

My suggestion is to work with the people who setup that DirectAdmin system you are using. That D/A system uses the ACME client lego to make a cert request. That request is faulty.

There are not many problems like that reported against lego. The only one I found was a damaged setup with mis-matched account and key files.

And, not sure why you said you had Certbot 1.12. Are you also using that? Because none of the other info you showed is related to Certbot. Is it possible you have linked your DirectAdmin account / files with a Certbot install? Because that would be wrong.

4 Likes
3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.