Getting bad nonce error on acme Certificate generation

ehmd96 · December 31, 2020, 11:10am

Hello everybody, as I am trying to generate a certificate, I am encountering the following problem:

Found wildcard domain name and http challenge type, switching to dns-01 validation. 

2020/12/31 10:23:02 [INFO] [*.[sunudecath.com](http://sunudecath.com/)] acme: Obtaining SAN certificate 
2020/12/31 10:23:03 [INFO] [*.[sunudecath.com](http://sunudecath.com/)] AuthURL: [https://acme-v02.api.letsencrypt.org/acme/authz-v3/9712867913 
2020/12/31](https://acme-v02.api.letsencrypt.org/acme/authz-v3/9712867913%0D2020/12/31) 10:23:03 [INFO] [*.[sunudecath.com](http://sunudecath.com/)] acme: use dns-01 solver 
2020/12/31 10:23:03 [INFO] [*.[sunudecath.com](http://sunudecath.com/)] acme: Preparing to solve DNS-01 
2020/12/31 10:23:03 [INFO] [*.[sunudecath.com](http://sunudecath.com/)] acme: Trying to solve DNS-01 
2020/12/31 10:23:03 [INFO] [*.[sunudecath.com](http://sunudecath.com/)] acme: Checking DNS record propagation using [[8.8.8.8:53](http://8.8.8.8:53/)] 
2020/12/31 10:23:08 [INFO] Wait for propagation [timeout: 5m0s, interval: 5s] 2020/12/31 10:23:08 [INFO] [*.[sunudecath.com](http://sunudecath.com/)] acme: Waiting for DNS record propagation. 
2020/12/31 10:23:13 [INFO] [*.[sunudecath.com](http://sunudecath.com/)] acme: Waiting for DNS record propagation. 
2020/12/31 10:23:18 [INFO] [*.[sunudecath.com](http://sunudecath.com/)] acme: Waiting for DNS record propagation.
                                                            **...**
2020/12/31 10:28:05 [INFO] [*.[sunudecath.com](http://sunudecath.com/)] acme: Waiting for DNS record propagation.

2020/12/31 10:28:10 [INFO] [*.[sunudecath.com](http://sunudecath.com/)] acme: Cleaning DNS-01 challenge

2020/12/31 10:28:10 [INFO] **retry due to: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/authz-v3/9712867913 :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: "0104e1oGyjjLtUYHHISode-XmCZcoshWtOQRz_Aag06PgcU", url:** 

2020/12/31 10:28:11 [INFO] Deactivating auth: [https://acme-v02.api.letsencrypt.org/acme/authz-v3/9712867913](https://acme-v02.api.letsencrypt.org/acme/authz-v3/9712867913%0D2020/12/31)

[2020/12/31](https://acme-v02.api.letsencrypt.org/acme/authz-v3/9712867913%0D2020/12/31) 10:28:11 **Could not obtain certificates: error: one or more domains had a problem**: [*.[sunudecath.com](http://sunudecath.com/)] time limit exceeded: last error: NS [ns112.ovh.net](http://ns112.ovh.net/). **returned NXDOMAIN for _[acme-challenge.sunudecath.com](http://acme-challenge.sunudecath.com/). Certificate generation failed.**

I am in an urgent situation and would really appreciate your help. Thank you !

sahsanu · December 31, 2020, 11:31am

Hello @ehmd96,

I'm closing this post because there is a previous one asking the same question.

Cheers,
sahsanu

Topic		Replies	Views
Error when creating SSL for domain :: JWS has an invalid anti-replay nonce Help	2	1130	January 30, 2021
Error: one or more domains had a problem Help	7	1490	November 10, 2023
Dns-01 challenge failure / wildcard certificate Client dev	3	2173	June 15, 2018
_acme-challenges mismatch from dns-rfc2136 Help	7	1266	April 12, 2020
I cannot create a wild card certificate for self-hosted bare metal server Help	11	1009	June 1, 2020

Getting bad nonce error on acme Certificate generation

Related topics