Hi there,
When trying to get new SSL certificates today I get this response:
User let’s encrypt key has been found, but not registered. Registering…
HTTP/1.1 400 Bad Request
{https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf ] does not match current agreement URL [https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf ]”,
What exactly does this mean?
Thanks.
cpu
November 16, 2017, 1:43pm
2
Hi @jerrixbe ,
What ACME client/program are you using to request a certificate?
We changed the subscriber agreement yesterday and your client has a bug (It probably hardcodes the old URL).
Some clients (Dehydrated, simp_le) have fixed the bug and you may be able to update your client to the newest version to fix this.
I’m using the DirectAdmin control pane on my CentOS box with Let’s Encrypt plugin on it.
Looking into DirectAdmin forums then, will probably just have to run a buildupdate then.
Thought it was a problem on the Let’s Encrypt side of things.
Jeroen
1 Like
cpu
November 16, 2017, 1:56pm
4
Aha. You'll have to open a support ticket with DirectAdmin and the folks responsible for maintaining the Let's Encrypt plugin.
In the short-term they will need to update the subscriber agreement URL to the current value.
In the future I'd recommend that they investigate updating their ACME client code to not require hardcoding the URL. The protocol itself provides two ways for clients to learn the current URL and using one of these instead of hardcoding will prevent this bug from happening again in the future.
Best of luck,
1 Like
Thanks for your prompt responses.
Jeroen
cpu
November 16, 2017, 1:58pm
6
Happy to help! Have a great day.
system
December 16, 2017, 1:58pm
7
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.