How process invalid challenges

alurin · November 8, 2018, 2:36pm

Hello!

When validate order using DNS challenge (dns-01) we can got error about incorrect validation, because not all DNS servers got new information about TXT records (e.g. validation process on ACME is failed with error).

After this SSL certificate can not issued, because API returned invalid status on challenge validation (cached version) during unknown time (normal it’s 1 hour, but lately is’s large then 3 hour.).

How correct to handle this errors, e.g. validation errors. Retry after a certain time? Or another actions?

JuergenAuer · November 8, 2018, 2:44pm

Hi @alurin

ignore it and ignore this order. Start with a new order.

Check your protocol, there should be an order url, something like

https://acme-v02.api.letsencrypt.org/acme/order/yourAccountId/yourOrderId

Use your browser to check this url. The status of your order should be invalide. So you can't use this order.

system · December 8, 2018, 2:44pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Order status invalid even if correct DNS records are added Help	14	2666	March 14, 2022
How to handle an invalid DNS-Challenge Feature Requests	3	2223	February 15, 2018
'invalid' status for dns-01 challenge in custom acme-client Help	3	1765	May 21, 2019
Can someone please confirm a few behaviors of the spec regarding failed challenges for me? Client dev	4	729	March 13, 2020
No TXT record found at _acme-challenge Help	9	7591	April 7, 2020

How process invalid challenges

Related topics