Error 500 on a specific domain

Issuance Tech
1

Hello,

I’m running several domains on a CentOS 7 installation with DirectAdmin.

When i request a certificate for a domain (goldseeds.nl), i get a Internal Server Error.

I changed the account within DirectAdmin, but the problem still exists.

This is the response from the request:

{
“type”: “urn:ietf:params:acme:error:serverInternal”,
“detail”: “Error finalizing order”,
“status”: 500
}

Can somebody tell me what to do?

Thanks in advance!

Daniel van der Wal

1 Like
2

Hi,

That error seems to be an internal error from let’s encrypt validation server…

Can you try to run the process again by now?

Thank you

2 Likes
3

Thank you for your reply.

I just tried it a couple a minutes ago.. but still the same results :frowning:

Maybe this is somewhat helpfull if a Boulder developer sees it:

Boulder-Requester: 37449428

2 Likes
4

True...

@lestaff

Thank you

3 Likes
5

Let’s ping a Boulder engineer… @cpu : does @DanielvdWal needs to open an issue on https://github.com/letsencrypt/boulder/issues ?

1 Like
6

Thank you @tdelmas! The problem doesn’t “fix” on his own…

The error is still there :cry:

1 Like
7

Did you generate your own CSR? Could you share it? (it is not sensitive material)

2 Likes
8

I use the letsencrypt.sh script provided bij DirectAdmin. I use this script for almost 2000 domains and never had a problem with it…

I didn’t generate a CSR seperate. So I think that provided DirectAdmin script will do it for me? Sorry for the ignorance… :nerd_face:

But the error mentioned before will only show on that domain only…

1 Like
9

@lestaff, is there any known reason for this 500 error?

3 Likes
10

I’m taking a look, thanks.

2 Likes
11

I’m afraid there’s a race condition here that has made your authorization for this domain (https://acme-v01.api.letsencrypt.org/acme/authz/7LHBMcrS0xz6stgh9RM4FPu6M9LvH78FlXvA2QsiuJ0) error out when used for issuance. We’ll work on a fix. Your best option for now is to deactivate that authz, if your client supports it, then attempt issuance again.

You could also wait for that authorization to expire on August 26th, but that only gives you one day before the certificate expired (August 27th), so that’s riskier.

4 Likes
12

@jsha I was able to request a new certificate today!

Sorry for the late response, i was on a holiday for the last 2 weeks. :+1:

1 Like
13

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.