Error: serverInternal :: Error creating new authz


#1

If you receive an error like this:

Error: serverInternal :: The server experienced an internal error :: Error creating new authz

Right now practically all of these are caused by a DNS lookup timeout while validating your domain. The operations team is looking into it, and landing some additional metrics to pin down where the slowness is…

This class of error – Error creating new authz – doesn’t count against any of the rate limits, and it is safe to re-try. Chances are good that after a couple of retries that your certificate will issue successfully.

We’ll post back to this topic as we make progress nailing this down before General Availability. Thanks for your patience!


Letsencrypt & FreeBSD
#2

It would be nice if someone could go through and spend some time cleaning up the display of the various error messages.


#3

Yes, I also receive this error and can’t generate my certificate. :confused:


#4

Hello, i have the same error for my .eu domain. My .de works fine.


#5

Tried a good few times with my whitelisted co.uk domains - keep getting the ‘Error: serverInternal :: The server experienced an internal error :: Error creating new authz’ error


#6

I’m experiencing the same problem with my white-listed com domain. I suspect it’s because I have the authority DNS in China, but there should be a longer timeout than (what I counted) 3 seconds…


#7

i’m not getting this error any longer and my certs generated! :smile:

So yea if you are getting this error try again…


#8

I’m still getting this error. My authority DNS is in Iceland.


#9

How about falling back to DNS over TCP in case of a timeout? Package could have been lost on the way because of UDP.


#10

Mine is located in the USA (NameCheap) and I also get the error.
I guess we’ll just have to wait a bit!


#11

I have getting this error with my .space domain,my authority DNS is in China


#12

Thanks everyone for your patience on this. We’ve added more metrics and each failure is helpful in nailing down correlations.


#13

Got the same error on my Ubuntu 14.04.3…

2015-11-05 13:23:12,548:DEBUG:acme.client:Received response <Response [500]> (headers: {'Content-Length': '76', 'Expires': 'Thu, 05 Nov 2015 13:21:52 GMT', 'Server': 'nginx', 'Connection': 'close', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Thu, 05 Nov 2015 13:21:52 GMT', 'Content-Type': 'application/problem+json', 'Replay-Nonce': 'aH8FNbpfbgtXK0D2YN3RvSqgr1Jbf_Ud8Bp4blz_Vck'}): '{"type":"urn:acme:error:serverInternal","detail":"Error creating new authz"}'

#14

My domain name is not added to the whitelist?
Or my IP is blacklisted?

2015-11-05 14:55:22,062:DEBUG:root:Received <Response [500]>. Headers: {‘Content-Length’: ‘76’, ‘Expires’: ‘Thu, 05 Nov 2015 14:55:21 GMT’, ‘Server’: ‘nginx’, ‘Connection’: ‘close’, ‘Pragma’: ‘no-cache’, ‘Cache-Control’: ‘max-age=0, no-cache, no-store’, ‘Date’: ‘Thu, 05 Nov 2015 14:55:21 GMT’, ‘Content-Type’: ‘application/problem+json’, ‘Replay-Nonce’: ‘Zw52rnA3BBcdCVhmE0-nDZESnBp98wsGzyqG6ADUB0U’}. Content: '{“type”:“urn:acme:error:serverInternal”,“detail”:“Error creating new authz”}'
2015-11-05 14:55:22,063:DEBUG:acme.client:Storing nonce: 'g\x0ev\xaep7\x04\x17\x1d\tXf\x13O\xa7\r\x91\x12\x9c\x1a}\xf3\x0b\x06\xcf*\x86\xe8\x00\xd4\x07E’
2015-11-05 14:55:22,063:DEBUG:acme.client:Received response <Response [500]> (headers: {‘Content-Length’: ‘76’, ‘Expires’: ‘Thu, 05 Nov 2015 14:55:21 GMT’, ‘Server’: ‘nginx’, ‘Connection’: ‘close’, ‘Pragma’: ‘no-cache’, ‘Cache-Control’: ‘max-age=0, no-cache, no-store’, ‘Date’: ‘Thu, 05 Nov 2015 14:55:21 GMT’, ‘Content-Type’: ‘application/problem+json’, ‘Replay-Nonce’: ‘Zw52rnA3BBcdCVhmE0-nDZESnBp98wsGzyqG6ADUB0U’}): '{“type”:“urn:acme:error:serverInternal”,“detail”:“Error creating new authz”}'
2015-11-05 14:55:22,068:DEBUG:letsencrypt.cli:Exiting abnormally:
Traceback (most recent call last):

Thank you


#15

1 day, a dozen attempts and several variations later - still no variation in the error message “Error: serverInternal :: The server experienced an internal error :: Error creating new authz

Tested DNS lookup using several different servers and I get a quick response in every instance.

Tried mv /etc/letsencrypt/accounts{,.bak} and re-running ./letsencrypt-auto --agree-dev-preview --server https://acme-v01.api.letsencrypt.org/directory auth
Also tried removing all letsencrypt and restarting the process.

./letsencrypt-auto certonly -t --agree-tos --email someone@somewhere.tld --domains www.somewhere.tld -d somewhere.tld which does work (but is the happy hacker CA cert).

Debian Jessie, python 2.7.9, all logs have been kept - what info (if any) should be blanked in them before posting?

My DNS servers are in the USA.

If there something else I can try - or better, a means of determining whether the problem is at my end or not.


#16

It is still the case.

(:frowning:


#17

Update: After trying many DNS services, it seems that Amazon Route 53 is the best free way that would never cause this error… If you got this error, please try switch DNS to Route 53 and try again.
Update: Seems Linode and CloudFlare also works fine, but please remember, name server change needs about 6 hours to take effect.


#18

Switched to Amazon route 53, and am still getting the error.


#19

DNS change needs about 6 hours to take effect.


#20

I know, I switched ~40 hours ago.