Can't create certificates

Sadragos · October 31, 2016, 7:35am

Please fill out the fields below so we can help you better.

My domain is: fehlemann.eu

I ran this command: ./certbot-auto --apache

It produced this output:

2016-10-31 07:27:18,653:DEBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
File "/root/.local/share/letsencrypt/bin/letsencrypt", line 11, in
sys.exit(main())
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 776, in main
return config.func(config, plugins)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 563, in obtain_cert
action, _ = _auth_from_domains(le_client, config, domains, lineage)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 100, in _auth_from_domains
lineage = le_client.obtain_and_enroll_certificate(domains)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py", line 281, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py", line 253, in obtain_certificate
self.config.allow_subset_of_names)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 68, in get_authorizations
domain, self.account.regr.new_authzr_uri)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py", line 210, in request_domain_challenges
typ=messages.IDENTIFIER_FQDN, value=domain), new_authzr_uri)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py", line 190, in request_challenges
new_authz)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py", line 649, in post
return self._check_response(response, content_type=content_type)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py", line 565, in _check_response
raise messages.Error.from_json(jobj)
Error: urn:acme:error:serverInternal :: The server experienced an internal error

My operating system is (include version): Raspbian GNU/Linux 8 (jessie)

My web server is (include version): apache 2.4.10-10+deb8u7

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

I hope you can help me,
Sadragos

ideadx · October 31, 2016, 9:41am

having same issue dude, please help!

serverco · October 31, 2016, 9:47am

Please see the letsencrypt status page - https://letsencrypt.status.io/

Incident Status Partial Service Disruption : acme-v01.api.letsencrypt.org (Production)
October 31, 2016 5:44AM UTC[Investigating] We are looking into a problem causing some users to experience errors when attempting to issue a certificate.

fas · October 31, 2016, 11:16am

Me too. Renewal daemon at 06:26 GMT and also when tried again manually just now. I’m also on Raspian, but using the letsencrypt.sh client, which says:
{
“type”: “urn:acme:error:serverInternal”,
“status”: 500
}

One thing that changed yesterday is the UK (and presumably lots of other places) changed to winter time. Could it be a timezone problem?

phpony · October 31, 2016, 11:32am

No, it’s not country specific.

Today I’ve tried to create certificates from 3 different servers hosted in Russia and runing Debian 8 and Debian 7 using official certbot.

All I got is:

Error: urn:acme:error:serverInternal :: The server experienced an internal error

And also sometimes this:

Error: urn:acme:error:serverInternal :: The server experienced an internal error :: Error creating new cert

Tried 5-6 times from all 3 different servers having different IP and requesting certs for different domains (subdomains).

Also I tried with parameter --server https://acme-staging.api.letsencrypt.org/directory and succesfully achieved testing certificate. So, the problem is not in my request.

phpony · October 31, 2016, 11:43am

It worked now!

Can you test?

fas · October 31, 2016, 11:48am

Yes, also now working for me. Thanks.

phpony · October 31, 2016, 12:01pm

It’s not 100% working. Because I still need 3 certs, I started with first server, and successfully got it at first attempt.

Second one gave me same errors on first and second runs, but than succeeded on third run.

Probably, some things are happening and staff working right now

phpony · October 31, 2016, 12:52pm

Okay, here is another error:

Error: urn:acme:error:malformed :: The request message was malformed :: No such challenge

This can happen on servers damaged by previous error. Deleting defected account from “/etc/letsencrypt/” resolves this. But you must know what you do - don’t delete anything, if you have another certificates with auto-renew configured and not sure which account are they using

phpony · October 31, 2016, 1:11pm

And finally:

Error: urn:acme:error:serverInternal :: The server experienced an internal error :: The service is down for maintenance or had an internal error. Check https://letsencrypt.status.io/ for more details.

This error message tells you all you need to know

Huge thanks to the staff for fast reaction and all your hard work! Hope you’ll work this out soon!

system · November 30, 2016, 1:11pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.