Vincem
July 8, 2024, 11:51pm
1
My domain is:leah.majer.fr
I ran this command:dehydrated -c
It produced this output:https://acme-v02.api.letsencrypt.org/acme/new-nonce ; curl returned with 35)
Details:https://acme-v02.api.letsencrypt.org/directory ;rel="index"
{
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:ovh
I can login to a root shell on my machine (yes or no, or I don't know):yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):Dehydrated version: 0.7.0
Vincem
July 9, 2024, 12:05am
2
i've tried again and i've got another error
`Processing leah.majer.fr
Details:https://acme-v02.api.letsencrypt.org/directory ;rel="index"
{
EXPECTED value GOT EOF
Could you try updating to 0.7.1? Might fix known problem in 0.7.0
# Change Log
This file contains a log of major changes in dehydrated
## [x.x.x] - xxxx-xx-xx
...
## [0.7.1] - 2022-10-31
## Changed
- `--force` no longer forces domain name revalidation by default, a new argument `--force-validation` has been added for that
- Added support for EC secp521r1 algorithm (works with e.g. zerossl)
- `EC PARAMETERS` are no longer written to privkey.pem (didn't seem necessary and was causing issues with various software)
## Fixed
- Requests resulting in `badNonce` errors are now automatically retried (fixes operation with LE staging servers)
- Deprecated `egrep` usage has been removed
## Added
- Implemented EC for account keys
- Domain list now also read from domains.txt.d subdirectory (behaviour might change, see docs)
- Implemented RFC 8738 (validating/signing certificates for IP addresses instead of domain names) support (this will not work with most public CAs, if any!)
show original
4 Likes
Vincem
July 9, 2024, 12:32am
4
unfortunately, the package 0.7.1 is not available on debian repository for bullseye !
Should i use certbot instead ?
Vincem
July 9, 2024, 12:34am
5
strange ! i retried a last time, and it worked.
Hard to know. Looks like older dehydrated did not properly retry requests. So, if you get similar errors in future it will fail again.
Isn't it just a bash script? Can't you just download it from its github and replace yours?
4 Likes
Looks like there may be something on Let's Encrypt side causing more frequent connection problems than normal. Is being investigated after several other comms failures reported.
Follow status below. Still, would not hurt to upgrade your dehydrated to get improved retry.
4 Likes
I'll look at it for the upgrade of dehydrated. It's a production server and usually i stick with debian repositories for installs / upgrades.
We've had some reports of network trouble from some users reaching Let's Encrypt. We saw a small dip in traffic, but it has since recovered.
Can you let us know if you're still seeing this problem after about 14:20 UTC, about 1 hour ago?
3 Likes
system
August 8, 2024, 3:37pm
10
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.