Hi @mcr,
Can you run the following curl with Akamai headers please?
curl -vv -6 -H "Pragma: akamai-x-get-cache-key, akamai-x-cache-on, akamai-x-cache-remote-on, akamai-x-get-true-cache-key, akamai-x-get-extracted-values, akamai-x-check-cacheable, akamai-x-get-request-id, akamai-x-serial-no, akamai-x-get-ssl-client-session-id, akamai-x-feo-trace" https://acme-v02.api.letsencrypt.org/directory
Here’s a working example from a random VPS provider.
$ curl -vv -6 -H "Pragma: akamai-x-get-cache-key, akamai-x-cache-on, akamai-x-cache-remote-on, akamai-x-get-true-cache-key, akamai-x-get-extracted-values, akamai-x-check-cacheable, akamai-x-get-request-id, akamai-x-serial-no, akamai-x-get-ssl-client-session-id, akamai-x-feo-trace" https://acme-v02.api.letsencrypt.org/directory
* About to connect() to acme-v02.api.letsencrypt.org port 443 (#0)
* Trying 2600:141b:13:29a::3a8e...
* Connected to acme-v02.api.letsencrypt.org (2600:141b:13:29a::3a8e) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
* subject: CN=acme-v02.api.letsencrypt.org
* start date: May 10 04:39:46 2019 GMT
* expire date: Aug 08 04:39:46 2019 GMT
* common name: acme-v02.api.letsencrypt.org
* issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US
> GET /directory HTTP/1.1
> User-Agent: curl/7.29.0
> Host: acme-v02.api.letsencrypt.org
> Accept: */*
> Pragma: akamai-x-get-cache-key, akamai-x-cache-on, akamai-x-cache-remote-on, akamai-x-get-true-cache-key, akamai-x-get-extracted-values, akamai-x-check-cacheable, akamai-x-get-request-id, akamai-x-serial-no, akamai-x-get-ssl-client-session-id, akamai-x-feo-trace
>
< HTTP/1.1 200 OK
< Server: nginx
< Content-Type: application/json
< Content-Length: 658
< X-Frame-Options: DENY
< Strict-Transport-Security: max-age=604800
< X-Akamai-SSL-Client-Sid: vmLKV9bNXbc/Rz2Qr8Aw0A==
< X-Check-Cacheable: NO
< X-Akamai-Request-ID: 917613.6a3e6f0
< Expires: Mon, 24 Jun 2019 14:44:49 GMT
< Cache-Control: max-age=0, no-cache, no-store
< Pragma: no-cache
< Date: Mon, 24 Jun 2019 14:44:49 GMT
< X-Cache: TCP_MISS from a23-215-131-111.deploy.akamaitechnologies.com (AkamaiGHost/9.7.0.2-26040364) (-)
< X-Cache-Key: S/D/14990/432721/000/origin-4j9188P5RUymhQWhT.api.letsencrypt.org/directory
< X-Cache-Key-Extended-Internal-Use-Only: S/D/14990/432721/000/origin-4j9188P5RUymhQWhT.api.letsencrypt.org/directory vcd=10106
< X-True-Cache-Key: /D/000/origin-4j9188P5RUymhQWhT.api.letsencrypt.org/directory vcd=10106
< X-Akamai-Session-Info: name=ANS_PEARL_VERSION; value=0.11.0
< X-Akamai-Session-Info: name=SEC_XFF_ASNUM_MASK_SIZE; value=64
< X-Akamai-Session-Info: name=AKA_PM_SR_ENABLED; value=false
< X-Akamai-Session-Info: name=HEADER_NAMES; value=User-Agent%3aHost%3aAccept%3aPragma; full_location_id=
< X-Akamai-Session-Info: name=ENABLE_SD_POC; value=yes
< X-Akamai-Session-Info: name=AKA_PM_NETSTORAGE_ROOT; value=
< X-Akamai-Session-Info: name=PMUSER_IP_HASH; value=618
< X-Akamai-Session-Info: name=FASTTCP_RENO_FALLBACK_DISABLE_OPTOUT; value=on
< X-Akamai-Session-Info: name=AKA_PM_PREFETCH_ON; value=true
< X-Akamai-Session-Info: name=TAP_GUID; value=
< X-Akamai-Session-Info: name=OVERRIDE_HTTPS_IE_CACHE_BUST; value=all
< X-Akamai-Session-Info: name=AKA_PM_TD_ENABLED; value=false
< X-Akamai-Session-Info: name=AKA_PM_BASEDIR; value=
< X-Akamai-Session-Info: name=TAP_KEY_ID; value=
< X-Akamai-Session-Info: name=SEC_CLIENT_IP_ASNUM_MASK_SIZE; value=128
< X-Akamai-Session-Info: name=AKA_PM_CACHEABLE_OBJECT; value=false
< X-Akamai-Session-Info: name=TCP_OPT_APPLIED; value=medium
< X-Akamai-Session-Info: name=AKA_PM_FWD_URL; value=/directory
< X-Akamai-Session-Info: name=AKA_PM_TD_MAP_PREFIX; value=ch2
< X-Serial: 14990
< X-Akamai-SSL-Client-Sid: 7+JC2zXwm3LQigzGdy1aQw==
< Connection: keep-alive
< X-Cache-Remote: TCP_MISS from a72-247-10-202.deploy.akamaitechnologies.com (AkamaiGHost/9.7.0.3-26197600) (-)
<
{
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"n84uhuP07Fo": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
* Connection #0 to host acme-v02.api.letsencrypt.org left intact