ACMEv2 order always in "pending" but the authz is "invalid"

Client dev
1

Process as follows:

First Run:

  1. new order with domain set A(a,b,c)!
  2. For authz domain a, it has http-01 and dns-01 challenge, then trigger the dns-01 (Do not create a TXT record), the authz status switch to “invalid”, the dns-01 challenage status switch to “invalid”;
  3. process end!

Second Run:

  1. new order with the SAME domain set A(a,b,c);
  2. order status is “pending”, but the a’s authz is “invalid”;
  3. the process failed.

Eaxmple:
ORDER json:
{“status”:“pending”,“expires”:“2018-02-08T23:51:48.353368304Z”,“identifiers”:[{“type”:“dns”,“value”:“aaa.verip.org”},{“type”:“dns”,“value”:“bbb.verip.org”},{“type”:“dns”,“value”:“ccc.verip.org”}],“authorizations”:[“https://acme-staging-v02.api.letsencrypt.org/acme/authz/eSbOd17m4pBbDlLTElTz9D-9wijscV8StSettfraEGE",“https://acme-staging-v02.api.letsencrypt.org/acme/authz/uj5289VpN81xOj2PdTvBMtT-BuKeY1-zIfVCfCoB52U”,“https://acme-staging-v02.api.letsencrypt.org/acme/authz/vYebir0BH9pdbX06nZZPKX7EQbS4xXsWd28Ihv1R6_8”],“finalize”:"https://acme-staging-v02.api.letsencrypt.org/acme/order/5360227/3780/finalize-order”}

AUTHz URL:
https://acme-staging-v02.api.letsencrypt.org/acme/authz/eSbOd17m4pBbDlLTElTz9D-9wijscV8StSettfraEGE

This process can be repeated!

It sames to issue:
ACMEv2 - Errors during finalization leave order stuck processing. #3403


2

Hi @ylbjudge,

You are correct - this is issue #3403 and #3333 - the latter has been fixed in master and should be deployed to staging on Tuesday. The former will probably be fixed the following week.

Thanks for your patience,

3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.