Error: During secondary validation: Remote PerformValidation RPC failed

Can't run:
sudo certbot renew --dry-run

I have the following configuration:
1

Output:
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: XXXX
Type: serverInternal
Detail: During secondary validation: Remote PerformValidation RPC failed

Domain: XXXX
Type: serverInternal
Detail: During secondary validation: Remote PerformValidation RPC failed

Hi, we do too have the same problem

certbot 1.29.0

Domain: skupaut-gdansk.com
Type: serverInternal
Detail: During secondary validation: Remote PerformValidation RPC failed

This problem applies to many domains we tried today - one above it's just an exmaple.

Not only we've tried renewing but also issuing new certificates. We've also tried both with --preferred-challenges=http and --preferred-challenges=dns. With or without manual authentication it's the same outcome.

3 Likes

Hmm… People were having the same issue a few weeks ago and it was caused by some changes on the Let's Encrypt side.

@lestaff, sending this one your way.

7 Likes

I can confirm we have been facing this too for a while now. Appreciate any quick help on this

4 Likes

same problem here:

uacme: version 1.7 starting on Tue, 12 Jul 2022 14:51:06 +0200
uacme: fetching directory at https://acme-staging-v02.api.letsencrypt.org/directory
uacme: retrieving account at https://acme-staging-v02.api.letsencrypt.org/acme/new-acct
uacme: account location: https://acme-staging-v02.api.letsencrypt.org/acme/acct/60526044
uacme: creating new order at https://acme-staging-v02.api.letsencrypt.org/acme/new-order
uacme: order location: https://acme-staging-v02.api.letsencrypt.org/acme/order/60526044/3154128824
uacme: retrieving authorization at https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/2984752594
uacme: starting challenge at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: polling challenge status at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: polling challenge status at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: polling challenge status at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: polling challenge status at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: polling challenge status at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: polling challenge status at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: polling challenge status at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: polling challenge status at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: polling challenge status at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: polling challenge status at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: polling challenge status at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: polling challenge status at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: polling challenge status at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: polling challenge status at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: polling challenge status at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: polling challenge status at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: polling challenge status at https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw
uacme: challenge https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2984752594/RS54gw failed with status invalid
uacme: the server reported the following error:
{
    "type": "urn:ietf:params:acme:error:serverInternal",
    "detail": "During secondary validation: Remote PerformValidation RPC failed",
    "status": 500
}
3 Likes

@lestaff staging failures seem to be occurring everywhere right now #3

7 Likes

Same for me. I can see the file created and Let's Encrypt verify the file in the server logs. :frowning:

3 Likes

So the good news is- it's not me. I will wait and try again. :wink:

3 Likes

I think I fixed it! Please let me know if problems are persisting.

8 Likes

I confirm it is working now.

6 Likes

It works on our side too, thanks mate :slight_smile:

1 Like

That fix worked. Any specific reason why that happened? please share if possible.

It didn't work for me when you said you'd fixed it, but it is working now. Thanks :slight_smile:

2 Likes

A software upgrade changed how our networking configuration was interpreted in AWS when a new instance starts, where we run parts of our "secondary validation" infrastructure. Autoscaling up and down based on load automatically replaces instances on demand. Overnight, all the instances ended up getting replaced as load scaled up and down, but the new instances weren't able to reach the internet. We only alert on our staging instance during business hours, so staging was down for a few hours until we fixed it in the morning.

9 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.