we are experiencing random connection problems to acme-v02.api.letsencrypt.org/directory endpoint on CentoOS 6/7 machines since 24th September (00:00).
Hosts setup are as follows:
curl-7.29.0-54.el7.x86_64 (stock) and curl 7.65.1
Curl trace shows different errors for IPv4 and IPV6 type of connections.
IPv4 - NSS error -5961 (PR_CONNECT_RESET_ERROR)
IPv6 - NSS error -5938 (PR_END_OF_FILE_ERROR)
cURL trace link
I have already tried force cURL resolve IPv4 and IPv6 address only, explicitly set --tlsv1.2 and also newer version than stock. But no luck so far. Error shows pure randomly - several times per day and host. But it is kinda weird that when testing connection in loop outside dehydrated, no problem encountered (so far).
Is it possible that we are hitting some rate limit? I have read that there is 40/r per second for /directory endpoint. Is is per IP? If so, I would assume some message in response, not killing connection.
I appreciate any help. Thank you.