ACMEv2 order always in "pending" but the authz is "invalid"

Process as follows:

First Run:

  1. new order with domain set A(a,b,c)!
  2. For authz domain a, it has http-01 and dns-01 challenge, then trigger the dns-01 (Do not create a TXT record), the authz status switch to “invalid”, the dns-01 challenage status switch to “invalid”;
  3. process end!

Second Run:

  1. new order with the SAME domain set A(a,b,c);
  2. order status is “pending”, but the a’s authz is “invalid”;
  3. the process failed.

Eaxmple:
ORDER json:
{“status”:“pending”,“expires”:“2018-02-08T23:51:48.353368304Z”,“identifiers”:[{“type”:“dns”,“value”:“aaa.verip.org”},{“type”:“dns”,“value”:“bbb.verip.org”},{“type”:“dns”,“value”:“ccc.verip.org”}],“authorizations”:[“https://acme-staging-v02.api.letsencrypt.org/acme/authz/eSbOd17m4pBbDlLTElTz9D-9wijscV8StSettfraEGE",“https://acme-staging-v02.api.letsencrypt.org/acme/authz/uj5289VpN81xOj2PdTvBMtT-BuKeY1-zIfVCfCoB52U”,“https://acme-staging-v02.api.letsencrypt.org/acme/authz/vYebir0BH9pdbX06nZZPKX7EQbS4xXsWd28Ihv1R6_8”],“finalize”:"https://acme-staging-v02.api.letsencrypt.org/acme/order/5360227/3780/finalize-order”}

AUTHz URL:
https://acme-staging-v02.api.letsencrypt.org/acme/authz/eSbOd17m4pBbDlLTElTz9D-9wijscV8StSettfraEGE

This process can be repeated!

It sames to issue:
ACMEv2 - Errors during finalization leave order stuck processing. #3403


Hi @ylbjudge,

You are correct - this is issue #3403 and #3333 - the latter has been fixed in master and should be deployed to staging on Tuesday. The former will probably be fixed the following week.

Thanks for your patience,

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.