Letsdebug Problem

Hi,

I am actually having a problem with too many pending authorizations. I used to use the tool letsdebug to clear out those pending authorizations, however, it seems the tool is not working properly now, it says I have 0 pending authorizations and the check runs too fast, it used to take few minutes to complete. Please could someone help me out with this?

4. Wait for each authz to be checked …

Please wait until we have found all of the pending authorizations.
Found 11991 unique authorizations in 54851 lines …
Checked 11991 of 11991 authorizations …
Found 0 pending authorizations.

Thanks!
Andre

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
www.notore.com.br

I ran this command:
sudo -S certbot certonly --webroot -w /mnt/nfs/stores/static/15505/ -d www.notore.com.br,notore.com.br --email suporte@dlojavirtual.com --agree-tos --no-eff-email --manual-public-ip-logging-ok --deploy-hook /etc/letsencrypt/renewal-hooks/deploy/deploy.sh --noninteractive

It produced this output:
{
“type”: “urn:acme:error:rateLimited”,
“detail”: “Error creating new authz :: too many currently pending authorizations: see https://letsencrypt.org/docs/rate-limits/”,
“status”: 429
}

My web server is (include version):
Apache/2.4.6

The operating system my web server runs on is (include version):
Centos 7

My hosting provider, if applicable, is:
None

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.25.1

Hi @afagund

first step: Update your certbot, that's too old. There are too much changes.

Second step: If you have pending authorizations, you start new orders instead of finishing existing orders -> that's wrong.

But with such an old Certbot, that may be the result.

You can create a new account. But that doesn't help if you don't fix the main problem -> update your certbot.

Sir, I understand your concern regarding my certbot version, however, the problem is that I have more than 5000 domains under this account. Actually, the pending authorizations are coming from the renew process, where there are domains from customers who left from our platform. I know this is something I have to fix. For now, I just need to clear those pending authorizations, so I can put my service back online, because my process have a integration with Letsencrypt. I would appreciate if you could help me with that, maybe making the letsdebug working as usual.

Thanks in advance!
Andre

Looks like you don't understand your problem.

If your certbot is so old, you use ACME-v1. That's deprecated, no new registrations are possible.

So you have to update your client to use ACME-v2.

That's

something you have to fix.

Letsdebug isn't from Letsencrypt, that's a completely different tool. And I don't think @_az will fix a problem with a certbot 0.25 and ACME-v1, that's a completely deprecated setup.

Switching to ACME-v2 -> you should have done that last year.

Ok got it!

Problem fixed upgrading certbot.

Thanks a lot!
Andre

I recently removed support for ACME v1 which is why the tool was unable to detect any pending authorizations.

@_az should we remove v1 logs prior using the tool again?

If you want. It doesn’t really matter, besides the speedup of scanning a significantly smaller number of authorizations.

For your ACME v1 needs, my old project might still work.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.