Error for Renewal 2018-07-23 20:27 GMT Let’s Encrypt: POST to https://acme-v01.api.letsencrypt.org/acme/new-cert failed

sakrpa · July 24, 2018, 1:17am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

I am trying to renew one of our existing certificate with LE. The validation has finished but API call to get the certificate fails. The last failed attempt was today “2018-07-23 20:27 GMT Let’s Encrypt: POST to https://acme-v01.api.letsencrypt.org/acme/new-cert failed.” The request is for .mil domain. Is there a new restriction on these domains recently? We were able to renew similar domain last week.

_az · July 24, 2018, 1:26am

There’s no current restriction on .mil.

More detailed logs are required from the ACME client, “POST to … failed” could be caused by practically anything.

cpu · July 24, 2018, 12:57pm

Agreed (Thanks @_az!). You may find some historical mention of a .mil restriction from when Let's Encrypt originally launched but that restriction was lifted over a year ago (if memory serves me).

sakrpa · July 27, 2018, 2:18pm

@cpu @_az We were reached out by a different team at LE regarding this timeouts. It appears it was an issue with CAA query timeouts.

system · August 26, 2018, 2:18pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.