Error: urn:acme:error:malformed when running for multiple domains


#1

Hi all. I was trying to run the ./certbot-auto certonly for multiple domains (20 more or less), but I am getting the following error
Error: urn:acme:error:malformed :: The request message was malformed :: Unable to update challenge :: Response does not complete challenge
I tried with the local webserver I’m running and with temporary webserver. The problem seems to happen after the 7th domain , if I try to run it for 6 domains everything works fine. I tried to run it for the first 10 domains, then for the remaining, and the problem persists. It’s like it will not accept more that 7 domains.

Anybody has an idea on how to solve the problem? Thank you.

Last log lines:

2016-05-26 15:19:52,396:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-05-26 15:19:52,653:DEBUG:requests.packages.urllib3.connectionpool:“POST /acme/challenge/2LzAoTaTeDECnFHsnA0KOhoTvZWaxZbommpRUJ6Pkeg/96249432 HTTP/1.1” 400 139
2016-05-26 15:19:52,673:DEBUG:root:Received <Response [400]>. Headers: {‘Content-Length’: ‘139’, ‘Expires’: ‘Thu, 26 May 2016 15:19:31 GMT’, ‘Server’: ‘nginx’, ‘Connection’: ‘close’, ‘Pragma’: ‘no-cache’, ‘Cache-Control’: ‘max-age=0, no-cache, no-sto
re’, ‘Date’: ‘Thu, 26 May 2016 15:19:31 GMT’, ‘Content-Type’: ‘application/problem+json’, ‘Replay-Nonce’: ‘ImsOTRCD8zCM1m9VmJW3e9Q6JNoInZMFjS08EuCsP2s’}. Content: '{\n “type”: “urn:acme:error:malformed”,\n “detail”: “Unable to update challenge :: R
esponse does not complete challenge”,\n “status”: 400\n}'
2016-05-26 15:19:52,689:DEBUG:acme.client:Storing nonce: '"k\x0eM\x10\x83\xf30\x8c\xd6oU\x98\x95\xb7{\xd4:$\xda\x08\x9d\x93\x05\x8d-<\x12\xe0\xac?k’
2016-05-26 15:19:52,705:DEBUG:acme.client:Received response <Response [400]> (headers: {‘Content-Length’: ‘139’, ‘Expires’: ‘Thu, 26 May 2016 15:19:31 GMT’, ‘Server’: ‘nginx’, ‘Connection’: ‘close’, ‘Pragma’: ‘no-cache’, ‘Cache-Control’: ‘max-age=0,
no-cache, no-store’, ‘Date’: ‘Thu, 26 May 2016 15:19:31 GMT’, ‘Content-Type’: ‘application/problem+json’, ‘Replay-Nonce’: ‘ImsOTRCD8zCM1m9VmJW3e9Q6JNoInZMFjS08EuCsP2s’}): '{\n “type”: “urn:acme:error:malformed”,\n “detail”: “Unable to update challe
nge :: Response does not complete challenge”,\n “status”: 400\n}'
2016-05-26 15:19:52,722:DEBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
File “/home/ubuntu/.local/share/letsencrypt/bin/letsencrypt”, line 11, in
sys.exit(main())
File “/home/ubuntu/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py”, line 693, in main
return config.func(config, plugins)
File “/home/ubuntu/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py”, line 509, in obtain_cert
_, action = _auth_from_domains(le_client, config, domains, lineage)
File “/home/ubuntu/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py”, line 93, in _auth_from_domains
lineage = le_client.obtain_and_enroll_certificate(domains)
File “/home/ubuntu/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py”, line 275, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File “/home/ubuntu/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py”, line 246, in obtain_certificate
self.config.allow_subset_of_names)
File “/home/ubuntu/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/auth_handler.py”, line 74, in get_authorizations
self._respond(resp, best_effort)
File “/home/ubuntu/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/auth_handler.py”, line 127, in _respond
resp, chall_update)
File “/home/ubuntu/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/auth_handler.py”, line 151, in _send_responses
self.acme.answer_challenge(achall.challb, resp)
File “/home/ubuntu/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py”, line 234, in answer_challenge
response = self.net.post(challb.uri, response)
File “/home/ubuntu/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py”, line 652, in post
return self._check_response(response, content_type=content_type)
File “/home/ubuntu/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py”, line 568, in _check_response
raise messages.Error.from_json(jobj)
Error: urn:acme:error:malformed :: The request message was malformed :: Unable to update challenge :: Response does not complete challenge


#2

My understanding is the ACME server recently updated it’s json implementation, which has a caused a few people to have similar errors you’re getting.

What client are you using? My suggestion would be to update your client and try again. That seems to have resolved the problem most people have been having with this.

If that doesn’t work, are you able to post what command you used? (The “malformed” error is most likely json related, but it might be as simple as a dash missing.)


#3

Hi Steve, thank a lot for your help. The command I was running is ./certbot-auto certonly. I was following the steps from the certbot homepage for nginx on Ubuntu 14. The command was failing always after the 7th domain, I tried picking random domains from the list in different order, and it was happening always after the 7th. However I managed to solve the problem using this command: ./certbot-auto certonly --webroot -w /var/www/dirtowebroot -d domani1 -d www.domain -d domain2 and so on for all the 20 domains prepending the - d parameters for each domain. Hope this will help other people. Thank you very much again. Sergiu.


Error on Requesting Certificate: The server could not connect to the client to verify the domain
#4

I’m glad you got it solved :slight_smile: (I used webroot authentication as well!)


#5

Thanks !
/certbot-auto certonly --webroot -w /var/www/dirtowebroot -d domani1
work perfectly :wink:


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.