Certificate renewal error

Hotelier · November 13, 2023, 10:36am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: hotelierapi3.co.za

I ran this command: Renew via TSPlus

It produced this output: Domain Validation : Error805

My web server is (include version):

The operating system my web server runs on is (include version): Windows Server 2012

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): I don't know

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):No, TsPlus

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

rg305 · November 13, 2023, 11:02am

Hi @Hotelier, and welcome to the LE community forum

Please detail the exact command or method used to initiate a renewal request.

This is NOT a command:

Hotelier · November 13, 2023, 11:17am

Hi Rudy, thanks for responding, the renewal is done via my TSPlus app, I am not sure what commands are used

Will this attached log file help.

Thank you very much
Tony Coelho

(Attachment CertificateManager.log is missing)

rg305 · November 13, 2023, 11:42am

The log file did not attach

Hotelier · November 13, 2023, 12:40pm

Hi, here is the content of the log file, many thanks

INFO [1] 2023-11-11 23:08:16,992 CertificateManager - === Start Certificate Manager ===
DEBUG [1] 2023-11-11 23:08:17,039 CertificateManager - Try adding TLS 1.2 support
DEBUG [1] 2023-11-11 23:08:17,164 CertificateManager - certPath=C:\Program Files (x86)\TSplus\UserDesktop\files\cert - Exists? True
DEBUG [1] 2023-11-11 23:08:17,164 CertificateManager - certIniPath=C:\Program Files (x86)\TSplus\UserDesktop\files\cert\FreeCertificateManager.ini - Exists? True
DEBUG [1] 2023-11-11 23:08:17,805 CertificateManager - Domains www.hotelierapi3.co.za are not all covered by current certificate www.hotelierapi3.co.za.pfx
ERROR [9] 2023-11-11 23:08:19,617 CertificateManager - Could not renew certificate
ERROR [9] 2023-11-11 23:08:19,617 CertificateManager - System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.Acme.AcmeHttpClient.<Get>d__12`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.AcmeContext.<GetDirectory>d__17.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.IAcmeContextExtensions.<GetResourceUri>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.Acme.AccountContext.<NewAccount>d__4.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.AcmeContext.<Account>d__14.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Renew>d__7.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Start>d__13.MoveNext()
INFO [1] 2023-11-12 03:06:24,913 CertificateManager - === Start Certificate Manager ===
DEBUG [1] 2023-11-12 03:06:24,960 CertificateManager - Try adding TLS 1.2 support
DEBUG [1] 2023-11-12 03:06:25,226 CertificateManager - certPath=C:\Program Files (x86)\TSplus\UserDesktop\files\cert - Exists? True
DEBUG [1] 2023-11-12 03:06:25,241 CertificateManager - certIniPath=C:\Program Files (x86)\TSplus\UserDesktop\files\cert\FreeCertificateManager.ini - Exists? True
DEBUG [1] 2023-11-12 03:06:26,436 CertificateManager - Domains www.hotelierapi3.co.za are not all covered by current certificate www.hotelierapi3.co.za.pfx
ERROR [8] 2023-11-12 03:06:28,363 CertificateManager - Could not renew certificate
ERROR [8] 2023-11-12 03:06:28,363 CertificateManager - System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.Acme.AcmeHttpClient.<Get>d__12`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.AcmeContext.<GetDirectory>d__17.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.IAcmeContextExtensions.<GetResourceUri>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.Acme.AccountContext.<NewAccount>d__4.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.AcmeContext.<Account>d__14.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Renew>d__7.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Start>d__13.MoveNext()
INFO [1] 2023-11-12 23:07:59,455 CertificateManager - === Start Certificate Manager ===
DEBUG [1] 2023-11-12 23:07:59,502 CertificateManager - Try adding TLS 1.2 support
DEBUG [1] 2023-11-12 23:07:59,627 CertificateManager - certPath=C:\Program Files (x86)\TSplus\UserDesktop\files\cert - Exists? True
DEBUG [1] 2023-11-12 23:07:59,627 CertificateManager - certIniPath=C:\Program Files (x86)\TSplus\UserDesktop\files\cert\FreeCertificateManager.ini - Exists? True
DEBUG [1] 2023-11-12 23:07:59,893 CertificateManager - Domains www.hotelierapi3.co.za are not all covered by current certificate www.hotelierapi3.co.za.pfx
ERROR [8] 2023-11-12 23:08:01,502 CertificateManager - Could not renew certificate
ERROR [8] 2023-11-12 23:08:01,502 CertificateManager - System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.Acme.AcmeHttpClient.<Get>d__12`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.AcmeContext.<GetDirectory>d__17.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.IAcmeContextExtensions.<GetResourceUri>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.Acme.AccountContext.<NewAccount>d__4.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.AcmeContext.<Account>d__14.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Renew>d__7.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Start>d__13.MoveNext()
INFO [1] 2023-11-13 03:06:38,492 CertificateManager - === Start Certificate Manager ===
DEBUG [1] 2023-11-13 03:06:38,539 CertificateManager - Try adding TLS 1.2 support
DEBUG [1] 2023-11-13 03:06:38,898 CertificateManager - certPath=C:\Program Files (x86)\TSplus\UserDesktop\files\cert - Exists? True
DEBUG [1] 2023-11-13 03:06:38,929 CertificateManager - certIniPath=C:\Program Files (x86)\TSplus\UserDesktop\files\cert\FreeCertificateManager.ini - Exists? True
DEBUG [1] 2023-11-13 03:06:39,757 CertificateManager - Domains www.hotelierapi3.co.za are not all covered by current certificate www.hotelierapi3.co.za.pfx
ERROR [8] 2023-11-13 03:06:41,869 CertificateManager - Could not renew certificate
ERROR [8] 2023-11-13 03:06:41,869 CertificateManager - System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
at System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
at System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.Acme.AcmeHttpClient.<Get>d__12`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.AcmeContext.<GetDirectory>d__17.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.IAcmeContextExtensions.<GetResourceUri>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.Acme.AccountContext.<NewAccount>d__4.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.AcmeContext.<Account>d__14.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Renew>d__7.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Start>d__13.MoveNext()
INFO [1] 2023-11-13 12:12:20,145 CertificateManager - === Start Certificate Manager ===
DEBUG [1] 2023-11-13 12:12:20,208 CertificateManager - Try adding TLS 1.2 support
DEBUG [1] 2023-11-13 12:12:20,364 CertificateManager - certPath=C:\Program Files (x86)\TSplus\UserDesktop\files\cert - Exists? True
DEBUG [1] 2023-11-13 12:12:20,364 CertificateManager - certIniPath=C:\Program Files (x86)\TSplus\UserDesktop\files\cert\FreeCertificateManager.ini - Exists? True
DEBUG [1] 2023-11-13 12:12:20,849 CertificateManager - Certificate expiration date: 01/12/2023 09:48:36
DEBUG [8] 2023-11-13 12:12:26,177 CertificateManager - ACME account retrieved
DEBUG [9] 2023-11-13 12:12:28,943 CertificateManager - HTTP Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283374752506/W1iCVw](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283374752506/W1iCVw)
DEBUG [9] 2023-11-13 12:12:28,943 CertificateManager - HTTP Challenge type: http-01
DEBUG [9] 2023-11-13 12:12:28,943 CertificateManager - HTTP Challenge status: Pending
DEBUG [9] 2023-11-13 12:12:28,959 CertificateManager - Web Root Path: C:\Program Files (x86)\TSplus\Clients\www
DEBUG [9] 2023-11-13 12:12:28,959 CertificateManager - Using path: C:\Program Files (x86)\TSplus\Clients\www\.well-known\acme-challenge
DEBUG [9] 2023-11-13 12:12:28,959 CertificateManager - Using token name: HzfWeoAuvemC9keNGbRxJXYjauNtBCwZJ8Ty0caSPBU
DEBUG [9] 2023-11-13 12:12:28,990 CertificateManager - Writing Key Auth: HzfWeoAuvemC9keNGbRxJXYjauNtBCwZJ8Ty0caSPBU.rXJq4Mwx51_pP3v6QIaKvIvcnL_T883Kg9gORKIPzQE
DEBUG [8] 2023-11-13 12:12:29,646 CertificateManager - Domain Validation URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283374752506/W1iCVw](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283374752506/W1iCVw)
DEBUG [8] 2023-11-13 12:12:29,646 CertificateManager - Domain Validation type: http-01
DEBUG [8] 2023-11-13 12:12:29,646 CertificateManager - Domain Validation status: Pending
DEBUG [5] 2023-11-13 12:12:50,898 CertificateManager - Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283374752506/W1iCVw](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283374752506/W1iCVw)
DEBUG [5] 2023-11-13 12:12:50,898 CertificateManager - Challenge type: http-01
DEBUG [5] 2023-11-13 12:12:50,898 CertificateManager - Challenge status: Valid
DEBUG [12] 2023-11-13 12:12:52,945 CertificateManager - Order has been finalized.
DEBUG [12] 2023-11-13 12:12:54,148 CertificateManager - Order has been downloaded.
ERROR [12] 2023-11-13 12:12:54,367 CertificateManager - Could not renew certificate
ERROR [12] 2023-11-13 12:12:54,367 CertificateManager - Certes.AcmeException: Can not find issuer 'C=US,O=Internet Security Research Group,CN=ISRG Root X1' for certificate 'C=US,O=Let's Encrypt,CN=R3'.
at Certes.Pkcs.CertificateStore.GetIssuers(Byte[] der)
at Certes.CertificateChainExtensions.ToPem(CertificateChain certificateChain, IKey certKey)
at CertificateManager.CertificateManager.<Renew>d__7.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Start>d__13.MoveNext()
INFO [1] 2023-11-13 12:13:43,871 CertificateManager - === Start Certificate Manager ===
DEBUG [1] 2023-11-13 12:13:43,886 CertificateManager - Try adding TLS 1.2 support
DEBUG [1] 2023-11-13 12:13:43,933 CertificateManager - certPath=C:\Program Files (x86)\TSplus\UserDesktop\files\cert - Exists? True
DEBUG [1] 2023-11-13 12:13:43,933 CertificateManager - certIniPath=C:\Program Files (x86)\TSplus\UserDesktop\files\cert\FreeCertificateManager.ini - Exists? True
DEBUG [1] 2023-11-13 12:13:44,074 CertificateManager - Certificate expiration date: 01/12/2023 09:48:36
DEBUG [11] 2023-11-13 12:13:47,902 CertificateManager - ACME account retrieved
DEBUG [9] 2023-11-13 12:13:50,715 CertificateManager - HTTP Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283374752506/W1iCVw](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283374752506/W1iCVw)
DEBUG [9] 2023-11-13 12:13:50,715 CertificateManager - HTTP Challenge type: http-01
DEBUG [9] 2023-11-13 12:13:50,715 CertificateManager - HTTP Challenge status: Valid
DEBUG [9] 2023-11-13 12:13:50,715 CertificateManager - Web Root Path: C:\Program Files (x86)\TSplus\Clients\www
DEBUG [9] 2023-11-13 12:13:50,715 CertificateManager - Using path: C:\Program Files (x86)\TSplus\Clients\www\.well-known\acme-challenge
DEBUG [9] 2023-11-13 12:13:50,715 CertificateManager - Using token name: HzfWeoAuvemC9keNGbRxJXYjauNtBCwZJ8Ty0caSPBU
DEBUG [9] 2023-11-13 12:13:50,715 CertificateManager - Writing Key Auth: HzfWeoAuvemC9keNGbRxJXYjauNtBCwZJ8Ty0caSPBU.rXJq4Mwx51_pP3v6QIaKvIvcnL_T883Kg9gORKIPzQE
DEBUG [9] 2023-11-13 12:13:51,324 CertificateManager - Domain Validation URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283374752506/W1iCVw](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283374752506/W1iCVw)
DEBUG [9] 2023-11-13 12:13:51,324 CertificateManager - Domain Validation type: http-01
DEBUG [9] 2023-11-13 12:13:51,324 CertificateManager - Domain Validation status: Valid
DEBUG [5] 2023-11-13 12:14:01,919 CertificateManager - Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283374752506/W1iCVw](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283374752506/W1iCVw)
DEBUG [5] 2023-11-13 12:14:01,919 CertificateManager - Challenge type: http-01
DEBUG [5] 2023-11-13 12:14:01,919 CertificateManager - Challenge status: Valid
DEBUG [9] 2023-11-13 12:14:03,700 CertificateManager - Order has been finalized.
DEBUG [10] 2023-11-13 12:14:05,029 CertificateManager - Order has been downloaded.
ERROR [10] 2023-11-13 12:14:05,075 CertificateManager - Could not renew certificate
ERROR [10] 2023-11-13 12:14:05,075 CertificateManager - Certes.AcmeException: Can not find issuer 'C=US,O=Internet Security Research Group,CN=ISRG Root X1' for certificate 'C=US,O=Let's Encrypt,CN=R3'.
at Certes.Pkcs.CertificateStore.GetIssuers(Byte[] der)
at Certes.CertificateChainExtensions.ToPem(CertificateChain certificateChain, IKey certKey)
at CertificateManager.CertificateManager.<Renew>d__7.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Start>d__13.MoveNext()
INFO [1] 2023-11-13 12:17:39,670 CertificateManager - === Start Certificate Manager ===
DEBUG [1] 2023-11-13 12:17:39,717 CertificateManager - Try adding TLS 1.2 support
DEBUG [8] 2023-11-13 12:17:44,764 CertificateManager - ACME account created using email: admin@hotelier.co.za
DEBUG [3] 2023-11-13 12:17:45,405 CertificateManager - Accout has aggreed the terms of service
DEBUG [3] 2023-11-13 12:17:48,093 CertificateManager - HTTP Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283375948536/QTBA7w](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283375948536/QTBA7w)
DEBUG [3] 2023-11-13 12:17:48,093 CertificateManager - HTTP Challenge type: http-01
DEBUG [3] 2023-11-13 12:17:48,093 CertificateManager - HTTP Challenge status: Pending
DEBUG [3] 2023-11-13 12:17:48,108 CertificateManager - Web Root Path: C:\Program Files (x86)\TSplus\Clients\www
DEBUG [3] 2023-11-13 12:17:48,108 CertificateManager - Using path: C:\Program Files (x86)\TSplus\Clients\www\.well-known\acme-challenge
DEBUG [3] 2023-11-13 12:17:48,108 CertificateManager - Using token name: 9IS46jmqHOhIAwBBVvt2r0A-UA2eTxPeYeIgJX1SSJo
DEBUG [3] 2023-11-13 12:17:48,108 CertificateManager - Writing Key Auth: 9IS46jmqHOhIAwBBVvt2r0A-UA2eTxPeYeIgJX1SSJo.VvfSirjnhYy6yWztDnK9FRTb1-USvY3eHflh2_mRmho
DEBUG [8] 2023-11-13 12:17:48,733 CertificateManager - Domain Validation URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283375948536/QTBA7w](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283375948536/QTBA7w)
DEBUG [8] 2023-11-13 12:17:48,733 CertificateManager - Domain Validation type: http-01
DEBUG [8] 2023-11-13 12:17:48,733 CertificateManager - Domain Validation status: Pending
DEBUG [10] 2023-11-13 12:18:10,016 CertificateManager - Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283375948536/QTBA7w](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283375948536/QTBA7w)
DEBUG [10] 2023-11-13 12:18:10,016 CertificateManager - Challenge type: http-01
DEBUG [10] 2023-11-13 12:18:10,016 CertificateManager - Challenge status: Valid
DEBUG [12] 2023-11-13 12:18:11,876 CertificateManager - Order has been finalized.
DEBUG [12] 2023-11-13 12:18:13,110 CertificateManager - Order has been downloaded.
ERROR [12] 2023-11-13 12:18:13,298 CertificateManager - Could not create certificate
ERROR [12] 2023-11-13 12:18:13,298 CertificateManager - Certes.AcmeException: Can not find issuer 'C=US,O=Internet Security Research Group,CN=ISRG Root X1' for certificate 'C=US,O=Let's Encrypt,CN=R3'.
at Certes.Pkcs.CertificateStore.GetIssuers(Byte[] der)
at Certes.CertificateChainExtensions.ToPem(CertificateChain certificateChain, IKey certKey)
at CertificateManager.CertificateManager.<Create>d__6.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Start>d__13.MoveNext()
INFO [1] 2023-11-13 12:18:41,394 CertificateManager - === Start Certificate Manager ===
DEBUG [1] 2023-11-13 12:18:41,456 CertificateManager - Try adding TLS 1.2 support
DEBUG [9] 2023-11-13 12:18:46,660 CertificateManager - ACME account created using email: admin@hotelier.co.za
DEBUG [8] 2023-11-13 12:18:47,316 CertificateManager - Accout has aggreed the terms of service
DEBUG [8] 2023-11-13 12:18:50,035 CertificateManager - HTTP Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283376169296/skI33Q](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283376169296/skI33Q)
DEBUG [8] 2023-11-13 12:18:50,035 CertificateManager - HTTP Challenge type: http-01
DEBUG [8] 2023-11-13 12:18:50,035 CertificateManager - HTTP Challenge status: Pending
DEBUG [8] 2023-11-13 12:18:50,051 CertificateManager - Web Root Path: C:\Program Files (x86)\TSplus\Clients\www
DEBUG [8] 2023-11-13 12:18:50,051 CertificateManager - Using path: C:\Program Files (x86)\TSplus\Clients\www\.well-known\acme-challenge
DEBUG [8] 2023-11-13 12:18:50,051 CertificateManager - Using token name: Pao7jo8Dp1H3zgiCcHbLxRxunOO1mkrLCCvQmyBKEBA
DEBUG [8] 2023-11-13 12:18:50,051 CertificateManager - Writing Key Auth: Pao7jo8Dp1H3zgiCcHbLxRxunOO1mkrLCCvQmyBKEBA.GirPYiNWz58oC2Ktzk8Ko1pGeUGCdntlXC5UWkX7cB0
DEBUG [9] 2023-11-13 12:18:50,676 CertificateManager - Domain Validation URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283376169296/skI33Q](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283376169296/skI33Q)
DEBUG [9] 2023-11-13 12:18:50,676 CertificateManager - Domain Validation type: http-01
DEBUG [9] 2023-11-13 12:18:50,676 CertificateManager - Domain Validation status: Pending
DEBUG [5] 2023-11-13 12:19:22,569 CertificateManager - Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283376169296/skI33Q](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283376169296/skI33Q)
DEBUG [5] 2023-11-13 12:19:22,569 CertificateManager - Challenge type: http-01
DEBUG [5] 2023-11-13 12:19:22,569 CertificateManager - Challenge status: Valid
DEBUG [12] 2023-11-13 12:19:24,444 CertificateManager - Order has been finalized.
DEBUG [12] 2023-11-13 12:19:25,710 CertificateManager - Order has been downloaded.
ERROR [12] 2023-11-13 12:19:25,866 CertificateManager - Could not create certificate
ERROR [12] 2023-11-13 12:19:25,866 CertificateManager - Certes.AcmeException: Can not find issuer 'C=US,O=Internet Security Research Group,CN=ISRG Root X1' for certificate 'C=US,O=Let's Encrypt,CN=R3'.
at Certes.Pkcs.CertificateStore.GetIssuers(Byte[] der)
at Certes.CertificateChainExtensions.ToPem(CertificateChain certificateChain, IKey certKey)
at CertificateManager.CertificateManager.<Create>d__6.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Start>d__13.MoveNext()
INFO [1] 2023-11-13 12:19:41,820 CertificateManager - === Start Certificate Manager ===
DEBUG [1] 2023-11-13 12:19:41,867 CertificateManager - Try adding TLS 1.2 support
DEBUG [9] 2023-11-13 12:19:45,946 CertificateManager - ACME account created using email: andrea@hotelier.co.za
DEBUG [8] 2023-11-13 12:19:46,664 CertificateManager - Accout has aggreed the terms of service
DEBUG [8] 2023-11-13 12:19:49,336 CertificateManager - HTTP Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283376373356/PERA0Q](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283376373356/PERA0Q)
DEBUG [8] 2023-11-13 12:19:49,336 CertificateManager - HTTP Challenge type: http-01
DEBUG [8] 2023-11-13 12:19:49,352 CertificateManager - HTTP Challenge status: Pending
DEBUG [8] 2023-11-13 12:19:49,352 CertificateManager - Web Root Path: C:\Program Files (x86)\TSplus\Clients\www
DEBUG [8] 2023-11-13 12:19:49,352 CertificateManager - Using path: C:\Program Files (x86)\TSplus\Clients\www\.well-known\acme-challenge
DEBUG [8] 2023-11-13 12:19:49,352 CertificateManager - Using token name: FhUqH6YcHp0WHoiOa5Lldo4YEspzD1YOt1mR7mB5Z9g
DEBUG [8] 2023-11-13 12:19:49,352 CertificateManager - Writing Key Auth: FhUqH6YcHp0WHoiOa5Lldo4YEspzD1YOt1mR7mB5Z9g.puxmJUd0bhGUkARFUzmoMTy-yYcS3mZPjXrLSkq4oA4
DEBUG [9] 2023-11-13 12:19:49,993 CertificateManager - Domain Validation URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283376373356/PERA0Q](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283376373356/PERA0Q)
DEBUG [9] 2023-11-13 12:19:49,993 CertificateManager - Domain Validation type: http-01
DEBUG [9] 2023-11-13 12:19:49,993 CertificateManager - Domain Validation status: Pending
DEBUG [5] 2023-11-13 12:20:11,260 CertificateManager - Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283376373356/PERA0Q](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283376373356/PERA0Q)
DEBUG [5] 2023-11-13 12:20:11,260 CertificateManager - Challenge type: http-01
DEBUG [5] 2023-11-13 12:20:11,260 CertificateManager - Challenge status: Valid
DEBUG [8] 2023-11-13 12:20:13,245 CertificateManager - Order has been finalized.
DEBUG [8] 2023-11-13 12:20:14,495 CertificateManager - Order has been downloaded.
ERROR [8] 2023-11-13 12:20:14,729 CertificateManager - Could not create certificate
ERROR [8] 2023-11-13 12:20:14,729 CertificateManager - Certes.AcmeException: Can not find issuer 'C=US,O=Internet Security Research Group,CN=ISRG Root X1' for certificate 'C=US,O=Let's Encrypt,CN=R3'.
at Certes.Pkcs.CertificateStore.GetIssuers(Byte[] der)
at Certes.CertificateChainExtensions.ToPem(CertificateChain certificateChain, IKey certKey)
at CertificateManager.CertificateManager.<Create>d__6.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Start>d__13.MoveNext()
INFO [1] 2023-11-13 12:24:15,729 CertificateManager - === Start Certificate Manager ===
DEBUG [1] 2023-11-13 12:24:15,792 CertificateManager - Try adding TLS 1.2 support
DEBUG [8] 2023-11-13 12:24:20,745 CertificateManager - ACME account created using email: admin@hotelier.co.za
DEBUG [9] 2023-11-13 12:24:21,355 CertificateManager - Accout has aggreed the terms of service
DEBUG [8] 2023-11-13 12:24:23,933 CertificateManager - HTTP Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283377436836/FB0kpA](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283377436836/FB0kpA)
DEBUG [8] 2023-11-13 12:24:23,933 CertificateManager - HTTP Challenge type: http-01
DEBUG [8] 2023-11-13 12:24:23,933 CertificateManager - HTTP Challenge status: Pending
DEBUG [8] 2023-11-13 12:24:23,949 CertificateManager - Web Root Path: C:\Program Files (x86)\TSplus\Clients\www
DEBUG [8] 2023-11-13 12:24:23,949 CertificateManager - Using path: C:\Program Files (x86)\TSplus\Clients\www\.well-known\acme-challenge
DEBUG [8] 2023-11-13 12:24:23,949 CertificateManager - Using token name: 9zQNqhTW3Rp6wvMquUtF-qsD-KgX3EjaEEsEEPkIyMA
DEBUG [8] 2023-11-13 12:24:23,949 CertificateManager - Writing Key Auth: 9zQNqhTW3Rp6wvMquUtF-qsD-KgX3EjaEEsEEPkIyMA.3yD0gzJgK7R1sOE8RH6OoihNrewD5TGZDdwvxGaP3-g
DEBUG [9] 2023-11-13 12:24:24,527 CertificateManager - Domain Validation URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283377436836/FB0kpA](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283377436836/FB0kpA)
DEBUG [9] 2023-11-13 12:24:24,527 CertificateManager - Domain Validation type: http-01
DEBUG [9] 2023-11-13 12:24:24,527 CertificateManager - Domain Validation status: Pending
DEBUG [5] 2023-11-13 12:24:45,654 CertificateManager - Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283377436836/FB0kpA](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283377436836/FB0kpA)
DEBUG [5] 2023-11-13 12:24:45,654 CertificateManager - Challenge type: http-01
DEBUG [5] 2023-11-13 12:24:45,654 CertificateManager - Challenge status: Valid
DEBUG [12] 2023-11-13 12:24:47,732 CertificateManager - Order has been finalized.
DEBUG [12] 2023-11-13 12:24:48,888 CertificateManager - Order has been downloaded.
ERROR [12] 2023-11-13 12:24:49,091 CertificateManager - Could not create certificate
ERROR [12] 2023-11-13 12:24:49,091 CertificateManager - Certes.AcmeException: Can not find issuer 'C=US,O=Internet Security Research Group,CN=ISRG Root X1' for certificate 'C=US,O=Let's Encrypt,CN=R3'.
at Certes.Pkcs.CertificateStore.GetIssuers(Byte[] der)
at Certes.CertificateChainExtensions.ToPem(CertificateChain certificateChain, IKey certKey)
at CertificateManager.CertificateManager.<Create>d__6.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Start>d__13.MoveNext()
INFO [1] 2023-11-13 12:31:00,337 CertificateManager - === Start Certificate Manager ===
DEBUG [1] 2023-11-13 12:31:00,399 CertificateManager - Try adding TLS 1.2 support
DEBUG [9] 2023-11-13 12:31:05,587 CertificateManager - ACME account created using email: admin@hotelier.co.za
DEBUG [8] 2023-11-13 12:31:06,228 CertificateManager - Accout has aggreed the terms of service
DEBUG [9] 2023-11-13 12:31:08,931 CertificateManager - HTTP Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283378896466/NpOhIw](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283378896466/NpOhIw)
DEBUG [9] 2023-11-13 12:31:08,931 CertificateManager - HTTP Challenge type: http-01
DEBUG [9] 2023-11-13 12:31:08,931 CertificateManager - HTTP Challenge status: Pending
DEBUG [9] 2023-11-13 12:31:08,947 CertificateManager - Web Root Path: C:\Program Files (x86)\TSplus\Clients\www
DEBUG [9] 2023-11-13 12:31:08,947 CertificateManager - Using path: C:\Program Files (x86)\TSplus\Clients\www\.well-known\acme-challenge
DEBUG [9] 2023-11-13 12:31:08,947 CertificateManager - Using token name: tfXlooroqNA9rqQMIQlsSldMd1JCMExfl9UPhmjcblU
DEBUG [9] 2023-11-13 12:31:08,947 CertificateManager - Writing Key Auth: tfXlooroqNA9rqQMIQlsSldMd1JCMExfl9UPhmjcblU.21GPviiFr1ekyN6HhUTfOWulBt7CDBPyD-evCTz_5c0
DEBUG [8] 2023-11-13 12:31:09,556 CertificateManager - Domain Validation URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283378896466/NpOhIw](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283378896466/NpOhIw)
DEBUG [8] 2023-11-13 12:31:09,556 CertificateManager - Domain Validation type: http-01
DEBUG [8] 2023-11-13 12:31:09,556 CertificateManager - Domain Validation status: Pending
DEBUG [6] 2023-11-13 12:31:30,777 CertificateManager - Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283378896466/NpOhIw](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283378896466/NpOhIw)
DEBUG [6] 2023-11-13 12:31:30,777 CertificateManager - Challenge type: http-01
DEBUG [6] 2023-11-13 12:31:30,777 CertificateManager - Challenge status: Valid
DEBUG [12] 2023-11-13 12:31:33,105 CertificateManager - Order has been finalized.
DEBUG [9] 2023-11-13 12:31:34,324 CertificateManager - Order has been downloaded.
ERROR [9] 2023-11-13 12:31:34,527 CertificateManager - Could not create certificate
ERROR [9] 2023-11-13 12:31:34,527 CertificateManager - Certes.AcmeException: Can not find issuer 'C=US,O=Internet Security Research Group,CN=ISRG Root X1' for certificate 'C=US,O=Let's Encrypt,CN=R3'.
at Certes.Pkcs.CertificateStore.GetIssuers(Byte[] der)
at Certes.CertificateChainExtensions.ToPem(CertificateChain certificateChain, IKey certKey)
at CertificateManager.CertificateManager.<Create>d__6.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Start>d__13.MoveNext()
INFO [1] 2023-11-13 12:46:32,863 CertificateManager - === Start Certificate Manager ===
DEBUG [1] 2023-11-13 12:46:32,910 CertificateManager - Try adding TLS 1.2 support
DEBUG [3] 2023-11-13 12:46:37,957 CertificateManager - ACME account created using email: admin@hotelier.co.za
DEBUG [10] 2023-11-13 12:46:38,582 CertificateManager - Accout has aggreed the terms of service
DEBUG [10] 2023-11-13 12:46:41,364 CertificateManager - HTTP Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283382351406/keuRZQ](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283382351406/keuRZQ)
DEBUG [10] 2023-11-13 12:46:41,364 CertificateManager - HTTP Challenge type: http-01
DEBUG [10] 2023-11-13 12:46:41,364 CertificateManager - HTTP Challenge status: Pending
DEBUG [10] 2023-11-13 12:46:41,380 CertificateManager - Web Root Path: C:\Program Files (x86)\TSplus\Clients\www
DEBUG [10] 2023-11-13 12:46:41,380 CertificateManager - Using path: C:\Program Files (x86)\TSplus\Clients\www\.well-known\acme-challenge
DEBUG [10] 2023-11-13 12:46:41,380 CertificateManager - Using token name: kZ4pJbnyaWA_HM7wvOjxU04U2D7mBv0U8t6wrQYC6Qo
DEBUG [10] 2023-11-13 12:46:41,380 CertificateManager - Writing Key Auth: kZ4pJbnyaWA_HM7wvOjxU04U2D7mBv0U8t6wrQYC6Qo.Na2LPCWXxCSze0foMokMOPvKIjyQ3ZnzmQng6XSibK4
DEBUG [3] 2023-11-13 12:46:41,989 CertificateManager - Domain Validation URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283382351406/keuRZQ](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283382351406/keuRZQ)
DEBUG [3] 2023-11-13 12:46:41,989 CertificateManager - Domain Validation type: http-01
DEBUG [3] 2023-11-13 12:46:41,989 CertificateManager - Domain Validation status: Pending
DEBUG [11] 2023-11-13 12:47:03,194 CertificateManager - Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283382351406/keuRZQ](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283382351406/keuRZQ)
DEBUG [11] 2023-11-13 12:47:03,194 CertificateManager - Challenge type: http-01
DEBUG [11] 2023-11-13 12:47:03,194 CertificateManager - Challenge status: Valid
DEBUG [9] 2023-11-13 12:47:04,381 CertificateManager - HTTP Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283382351416/g5Dvnw](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283382351416/g5Dvnw)
DEBUG [9] 2023-11-13 12:47:04,381 CertificateManager - HTTP Challenge type: http-01
DEBUG [9] 2023-11-13 12:47:04,381 CertificateManager - HTTP Challenge status: Pending
DEBUG [9] 2023-11-13 12:47:04,381 CertificateManager - Web Root Path: C:\Program Files (x86)\TSplus\Clients\www
DEBUG [9] 2023-11-13 12:47:04,381 CertificateManager - Using path: C:\Program Files (x86)\TSplus\Clients\www\.well-known\acme-challenge
DEBUG [9] 2023-11-13 12:47:04,381 CertificateManager - Using token name: OIU5ijZL-xsbvSAHGOHqMyL-EdYkwMW4RJamavwOX1w
DEBUG [9] 2023-11-13 12:47:04,381 CertificateManager - Writing Key Auth: OIU5ijZL-xsbvSAHGOHqMyL-EdYkwMW4RJamavwOX1w.Na2LPCWXxCSze0foMokMOPvKIjyQ3ZnzmQng6XSibK4
DEBUG [10] 2023-11-13 12:47:04,991 CertificateManager - Domain Validation URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283382351416/g5Dvnw](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283382351416/g5Dvnw)
DEBUG [10] 2023-11-13 12:47:04,991 CertificateManager - Domain Validation type: http-01
DEBUG [10] 2023-11-13 12:47:04,991 CertificateManager - Domain Validation status: Pending
DEBUG [12] 2023-11-13 12:47:26,211 CertificateManager - Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283382351416/g5Dvnw](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283382351416/g5Dvnw)
DEBUG [12] 2023-11-13 12:47:26,211 CertificateManager - Challenge type: http-01
DEBUG [12] 2023-11-13 12:47:26,211 CertificateManager - Challenge status: Valid
DEBUG [13] 2023-11-13 12:47:28,368 CertificateManager - Order has been finalized.
DEBUG [13] 2023-11-13 12:47:29,571 CertificateManager - Order has been downloaded.
ERROR [13] 2023-11-13 12:47:29,758 CertificateManager - Could not create certificate
ERROR [13] 2023-11-13 12:47:29,758 CertificateManager - Certes.AcmeException: Can not find issuer 'C=US,O=Internet Security Research Group,CN=ISRG Root X1' for certificate 'C=US,O=Let's Encrypt,CN=R3'.
at Certes.Pkcs.CertificateStore.GetIssuers(Byte[] der)
at Certes.CertificateChainExtensions.ToPem(CertificateChain certificateChain, IKey certKey)
at CertificateManager.CertificateManager.<Create>d__6.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Start>d__13.MoveNext()
INFO [1] 2023-11-13 12:59:39,820 CertificateManager - === Start Certificate Manager ===
DEBUG [1] 2023-11-13 12:59:39,882 CertificateManager - Try adding TLS 1.2 support
DEBUG [8] 2023-11-13 12:59:45,070 CertificateManager - ACME account created using email: admin@hotelier.co.za
DEBUG [8] 2023-11-13 12:59:45,726 CertificateManager - Accout has aggreed the terms of service
DEBUG [8] 2023-11-13 12:59:48,649 CertificateManager - HTTP Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283385180346/qfQ8HQ](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283385180346/qfQ8HQ)
DEBUG [8] 2023-11-13 12:59:48,649 CertificateManager - HTTP Challenge type: http-01
DEBUG [8] 2023-11-13 12:59:48,649 CertificateManager - HTTP Challenge status: Pending
DEBUG [8] 2023-11-13 12:59:48,664 CertificateManager - Web Root Path: C:\Program Files (x86)\TSplus\Clients\www
DEBUG [8] 2023-11-13 12:59:48,664 CertificateManager - Using path: C:\Program Files (x86)\TSplus\Clients\www\.well-known\acme-challenge
DEBUG [8] 2023-11-13 12:59:48,664 CertificateManager - Using token name: ebnT-EB_BvA5GzPVTW_88F6EOf5vqOUJpqHQay2nMKk
DEBUG [8] 2023-11-13 12:59:48,664 CertificateManager - Writing Key Auth: ebnT-EB_BvA5GzPVTW_88F6EOf5vqOUJpqHQay2nMKk.diFY2LzyooqpKjbfVHYMW27OEIpz_qUwewZb3zqzs4M
DEBUG [9] 2023-11-13 12:59:49,289 CertificateManager - Domain Validation URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283385180346/qfQ8HQ](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283385180346/qfQ8HQ)
DEBUG [9] 2023-11-13 12:59:49,289 CertificateManager - Domain Validation type: http-01
DEBUG [9] 2023-11-13 12:59:49,289 CertificateManager - Domain Validation status: Pending
DEBUG [11] 2023-11-13 13:00:10,510 CertificateManager - Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283385180346/qfQ8HQ](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283385180346/qfQ8HQ)
DEBUG [11] 2023-11-13 13:00:10,510 CertificateManager - Challenge type: http-01
DEBUG [11] 2023-11-13 13:00:10,510 CertificateManager - Challenge status: Valid
DEBUG [9] 2023-11-13 13:00:11,713 CertificateManager - HTTP Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283385180356/VyYzDA](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283385180356/VyYzDA)
DEBUG [9] 2023-11-13 13:00:11,713 CertificateManager - HTTP Challenge type: http-01
DEBUG [9] 2023-11-13 13:00:11,713 CertificateManager - HTTP Challenge status: Pending
DEBUG [9] 2023-11-13 13:00:11,713 CertificateManager - Web Root Path: C:\Program Files (x86)\TSplus\Clients\www
DEBUG [9] 2023-11-13 13:00:11,713 CertificateManager - Using path: C:\Program Files (x86)\TSplus\Clients\www\.well-known\acme-challenge
DEBUG [9] 2023-11-13 13:00:11,713 CertificateManager - Using token name: XwVGV771QBitPyxfhFga37PAJrdub-R2RRzN7qkRunM
DEBUG [9] 2023-11-13 13:00:11,713 CertificateManager - Writing Key Auth: XwVGV771QBitPyxfhFga37PAJrdub-R2RRzN7qkRunM.diFY2LzyooqpKjbfVHYMW27OEIpz_qUwewZb3zqzs4M
DEBUG [8] 2023-11-13 13:00:12,322 CertificateManager - Domain Validation URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283385180356/VyYzDA](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283385180356/VyYzDA)
DEBUG [8] 2023-11-13 13:00:12,322 CertificateManager - Domain Validation type: http-01
DEBUG [8] 2023-11-13 13:00:12,322 CertificateManager - Domain Validation status: Pending
DEBUG [10] 2023-11-13 13:00:22,995 CertificateManager - Challenge URL: [https://acme-v02.api.letsencrypt.org/acme/chall-v3/283385180356/VyYzDA](https://acme-v02.api.letsencrypt.org/acme/chall-v3/283385180356/VyYzDA)
DEBUG [10] 2023-11-13 13:00:22,995 CertificateManager - Challenge type: http-01
DEBUG [10] 2023-11-13 13:00:22,995 CertificateManager - Challenge status: Invalid
DEBUG [10] 2023-11-13 13:00:22,995 CertificateManager - Challenge Error Identifier:
DEBUG [10] 2023-11-13 13:00:23,042 CertificateManager - Challenge Error Status: BadRequest
DEBUG [10] 2023-11-13 13:00:23,042 CertificateManager - Challenge Error Type: urn:ietf:params:acme:error:dns
DEBUG [10] 2023-11-13 13:00:23,042 CertificateManager - Challenge Error Detail: DNS problem: NXDOMAIN looking up A for hotelierapie.co.za - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for hotelierapie.co.za - check that a DNS record exists for this domain
ERROR [10] 2023-11-13 13:00:23,042 CertificateManager - Could not create certificate
ERROR [10] 2023-11-13 13:00:23,042 CertificateManager - System.ApplicationException: Could not validate HTTP challenge for domain/email = hotelierapi3.co.za,www.hotelierapi3.co.za,hotelierapie.co.za/admin@hotelier.co.za: DNS problem: NXDOMAIN looking up A for hotelierapie.co.za - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for hotelierapie.co.za - check that a DNS record exists for this domain
at CertificateManager.CertificateManager.<Create>d__6.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Start>d__13.MoveNext()
INFO [1] 2023-11-13 13:01:21,073 CertificateManager - === Start Certificate Manager ===
DEBUG [1] 2023-11-13 13:01:21,120 CertificateManager - Try adding TLS 1.2 support
DEBUG [9] 2023-11-13 13:01:26,527 CertificateManager - ACME account created using email: admin@hotelier.co.za
DEBUG [9] 2023-11-13 13:01:27,152 CertificateManager - Accout has aggreed the terms of service
ERROR [8] 2023-11-13 13:01:27,933 CertificateManager - Could not create certificate
ERROR [8] 2023-11-13 13:01:27,933 CertificateManager - Certes.AcmeRequestException: Fail to load resource from '[https://acme-v02.api.letsencrypt.org/acme/new-order'](https://acme-v02.api.letsencrypt.org/acme/new-order').
urn:ietf:params:acme:error:rateLimited: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: hotelierapi3.co.za, retry after 2023-11-14T19:07:31Z: see [https://letsencrypt.org/docs/duplicate-certificate-limit/](https://letsencrypt.org/docs/duplicate-certificate-limit/)
at Certes.Acme.IAcmeHttpClientExtensions.<Post>d__0`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.AcmeContext.<NewOrder>d__19.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Create>d__6.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.<Start>d__13.MoveNext()

rg305 · November 13, 2023, 6:37pm

I see three different errors.

Is there an inline proxy?

ERROR [9] 2023-11-11 23:08:19,617 CertificateManager - System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

DNS error:

ERROR [10] 2023-11-13 13:00:23,042 CertificateManager - System.ApplicationException: Could not validate HTTP challenge for domain/email = hotelierapi3.co.za,www.hotelierapi3.co.za,hotelierapie.co.za/admin@hotelier.co.za: DNS problem: NXDOMAIN looking up A for hotelierapie.co.za - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for hotelierapie.co.za - check that a DNS record exists for this domain
at CertificateManager.CertificateManager.<Create>d__6.MoveNext()

Too many certs already issued:

ERROR [8] 2023-11-13 13:01:27,933 CertificateManager - Certes.AcmeRequestException: Fail to load resource from '[https://acme-v02.api.letsencrypt.org/acme/new-order'](https://acme-v02.api.letsencrypt.org/acme/new-order').
urn:ietf:params:acme:error:rateLimited: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: hotelierapi3.co.za, retry after 2023-11-14T19:07:31Z: see [https://letsencrypt.org/docs/duplicate-certificate-limit/](https://letsencrypt.org/docs/duplicate-certificate-limit/)
at Certes.Acme.IAcmeHttpClientExtensions.<Post>d__0`1.MoveNext()

Hotelier · November 13, 2023, 7:16pm

Hi Rudy

Are you familiar with TSPlus, it is the RDP program we use on our servers (instead on Microsoft RDP)

It has a facility to get a certificate (and automatically renews every 90 days), it’s been running for years

Just now it has stopped, giving us error 805

We do not know the details of how it obtains the certificate, and hence what the error means, also don’t know what an inline proxy is.

I cleared the log file and retried, same error, below is the log. I see the ‘too many certificates issued, try tomorrow’ message, but I am still at a loss as to why it was not renewed at the beginning of this month automatically. We have 3 almost identical servers, only this one is giving the error (although the other 2 are Server 2016, this one is Server 2012)

Any other pointers you could give would be most appreciated, I can give you log on credentials to the server if you would be able to log on if that would help?

In the full log there is also a reference to hotelierapie.co.za I don’t know what that is, our url is hotelierapi3.co.za

Thank you, much appreciated.
Tony

INFO [1] 2023-11-13 21:05:33,203 CertificateManager - === Start Certificate Manager ===
DEBUG [1] 2023-11-13 21:05:33,234 CertificateManager - Try adding TLS 1.2 support
DEBUG [8] 2023-11-13 21:05:37,985 CertificateManager - ACME account created using email: admin@hotelier.co.za
DEBUG [9] 2023-11-13 21:05:38,626 CertificateManager - Accout has aggreed the terms of service
ERROR [8] 2023-11-13 21:05:39,376 CertificateManager - Could not create certificate
ERROR [8] 2023-11-13 21:05:39,376 CertificateManager - Certes.AcmeRequestException: Fail to load resource from 'https://acme-v02.api.letsencrypt.org/acme/new-order'.
urn:ietf:params:acme:error:rateLimited: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: hotelierapi3.co.za, retry after 2023-11-14T19:07:31Z: see https://letsencrypt.org/docs/duplicate-certificate-limit/
at Certes.Acme.IAcmeHttpClientExtensions.d__0`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certes.AcmeContext.d__19.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.d__6.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at CertificateManager.CertificateManager.d__13.MoveNext()

rg305 · November 13, 2023, 7:43pm

I'm not 100% certain... But this may be due to an LE production issue that is currently being investigated.
See: Production environment we are getting exception when processing Orders

rg305 · November 13, 2023, 7:51pm

That said, even if that is the problem at it gets corrected immediately, you won't be able to issue a new cert for the single name "hotelierapi3.co.za" until "2023-11-20":

That said, you can still issue a cert for the combined names "hotelierapi3.co.za | www.hotelierapi3.co.za" OR the single name "www.hotelierapi3.co.za".
But you must be very careful with doing that.
The TSPlus system is getting new certs but is unable to use them and then loses them.
If you continue down that path you will exhaust that cert as well.
So... don't try to renew more than once a day.
When does the current cert expire?

Hotelier · November 13, 2023, 8:16pm

Unfortunately I pressed a ‘reset domain’ button, so there is currently no certificate

https://hotelierapi3.co.za

rg305 · November 13, 2023, 9:49pm

Try [just once] getting a cert for the "www" name.

Hotelier · November 13, 2023, 10:15pm

Just tried now, looks like it was successful ???

rg305 · November 13, 2023, 11:54pm

It seems like that it did renew successfully.
You can check in that folder to see if the leaf cert is dated from today.

I think this was the fix:

webprofusion · November 14, 2023, 1:59am

Hotelier:

Could not create certificate
ERROR [13] 2023-11-13 12:47:29,758 CertificateManager - Certes.AcmeException: Can not find issuer 'C=US,O=Internet Security Research Group,CN=ISRG Root X1' for certificate 'C=US,O=Let's Encrypt,CN=R3'.

This is the root cause of the failure. Certes (the library used for the ACME conversation and certificate download) needs the root certificate to already be known in order to build the final certificate (as a PFX) and old versions won't know ISRG Root X1, some apps that use Certes also look to the local machine certificate store (Trusted Root Certification Authorities), some don't.

This showed up because Let's Encrypt accidentally started serving the newer chain by default, which uses ISRG Root X1 as the root. Shortening the Let's Encrypt Chain of Trust - #2 by aarongable and it has gone away because they fixed that, but your software will fail to renew when they make that change permanent.

TSPlus could optionally use our Anvil fork of Certes if they like, it's primarily used by Certify The Web (which I develop): GitHub - webprofusion/anvil: A client implementation for the Automated Certificate Management Environment (ACME) protocol - it can build the PFX for any root rather than only using known ones. It's also actively maintained and has hundreds of thousands of users.

system · December 14, 2023, 1:59am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
I cannot renew my SSL certificate Help	19	510	June 4, 2024
Unable to renew Help	6	344	August 3, 2024
Error renewing certificate Help	11	445	June 26, 2022
Certificate renewal Help	10	627	March 7, 2021
SSL Renew Issue Help	15	646	January 19, 2023

Certificate renewal error

Related topics