Certbot/letsencrypt Failure; possibly resulting from erroneously mixing ACMEv1 & ACMEv2 requests?

My domain is:

~ 10 domains, all pointing to the same site:
seasoftsys.com, discsim.com, seasoft.org, calmsim.com, etc.

I ran this command:

sudo certbot certonly --standalone --server https://acme-v02.api.letsencrypt.org/directory --cert-name seasoft -d www.calmsim.com -d catsim.com

(~ 15 or so domains and sub-domains in that … list)

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
An unexpected error occurred:
Traceback (most recent call last):
File “/usr/local/Cellar/certbot/0.22.0/libexec/lib/python3.6/site-packages/josepy/json_util.py”, line 280, in fields_from_json
fields[slot] = field.decode(value)
File “/usr/local/Cellar/certbot/0.22.0/libexec/lib/python3.6/site-packages/josepy/json_util.py”, line 88, in decode
return self.fdec(value)
File “/usr/local/Cellar/certbot/0.22.0/libexec/lib/python3.6/site-packages/acme/messages.py”, line 123, in from_json
‘{0} not recognized’.format(cls.name))
josepy.errors.DeserializationError: Deserialization error: Status not recognized

During handling of the above exception, another exception occurred:

josepy.errors.DeserializationError: Deserialization error: Could not decode ‘status’ (‘ready’): Deserialization error: Status not recognized
Please see the logfiles in /var/log/letsencrypt for more details.

My web server is (include version):


httpd -v or /usr/local/apache/bin/httpd -v
Server version: Apache/2.4.28 (Unix)
Server built: Oct 29 2017 19:28:54

The operating system my web server runs on is (include version):

Mac OSx 10.12.6 (Sierra)

My hosting provider, if applicable, is:


I can login to a root shell on my machine (yes or no, or I don’t know):


I’m using a control panel to manage my site (no, or provide the name and version of the control panel):


The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

certbot --version

certbot 0.22.0

Brief History:

  1. I have a single cert serving several domains and subdomains. It was set up and working under the ACMEv1 protocol; My certbot version is 0.22; I believe 0.22 defaults to ACMEv1 unless told otherwise. The domains link to two separate IP numbers, but all domains point to a single web site; (the second IP is just a backup in case the first goes offline for a time & vice versa).

  2. I updated to ACMEv2 protocol back in Feb, 2020 with this invocation:

    sudo certbot renew --force-renewal --server https://acme-v02.api.letsencrypt.org/directory

Everything worked properly as best I could tell (apachectl configtest good, all pages and domains served up via https to both IPs; acme_v2 showing n letsencrypt logs, etc.)

  1. Some time later, I added another group of domains & subdomains to my cert with this invocation

certbot certonly --standalone --cert-name seasoft.org -d calmsim.com -d www.calmsim.com -d catsim.com -d www.catsim.com -d discsim.com -d www.discsim.com -d jacksim.com -d www.jacksim.com, etc.

Sadly, I forgot to include the “–server https://acme-v02.api.letsencrypt.org/directory” directive, so I presume certbot defaulted to the ACMEv1 protocol.

A week or so later I got a new ACMEv2 alert from letsencrypt about that June 1 deadline, which was the first indication I had goofed.

  1. An attempt to get a new certificate using the correct (?) ACMEv2 invocation created the error posted above.

So, it appears something has been corrupted and I can’t think of anything else to try. And, although everything is still functional at the moment, June 1 is not far away

Perhaps I should just nuke everything and start over? I’m not even sure how to do that. Just delete /etc/letsencrypt and go from there?

Can you get the latest version of Certbot from Homebrew? 0.22 is ancient.

The error about the ready status was fixed in 0.25, nearly 2 years ago.

I don’t think you need to delete /etc/letsencrypt. If you upgrade to a recent version and try again, everything should be good to go.


Thank you _az; I’m off to try that ASAP

Thank you, thank you, thank you. _az

The irony: I updated certbot a few months ago to try and solve a different issue; it did’t help that time and I reverted to my “tried and true” v 0.22 ! Color my face red :slight_smile:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.