No longer getting expiration emails

OK, so after looking at some other products, I found the correct servers to use and patched them into my base script. Same error.

Twas then I found I had added a CA in each of the domain scripts, for some reason, and that was overriding my base entry apparently.

So now, I can get the script to run. and it generated a new account.key file.

However I have no idea if it actually registered an email address for the account.

They’re running periodic brownouts before November.

2 Likes

I took a quick look at the server logs for requests coming from what I believe is your IP address (ending in .251). Over the past 7d I can see a fair number of ACME v1 new registration requests that include a contact email but unfortunately none of them look to have succeeded.

One batch received replies like:

"Error":"409 :: malformed :: Registration key is already in use"

indicating that the ACME client is trying to create a new registration but using the same public key as an existing registration.

The other batch received replies like:

"Error":"403 :: unauthorized :: Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555. See https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430 for details."

As @mnordhoff mentioned (thanks!) that batch is a result of our rolling brownouts.

Can you perhaps try again now that the most recent brown-out has ended? I can check the logs again afterwards to confirm if there was a successful new account registration with an updated contact.

1 Like

@cpu I ran a bit earlier and it appears to have re-registered. Should have been a version 2 as I altered the script to point to a v2 CA.

Did not install the new cert. Did not get any email at the address I attempted to register. Perhaps not supposed to get a notice there upon registration?

1 Like

Hmm. You’ll have to help me out finding the logs in that case. I searched for issuances for www.nuckenfutz.com over the past 7d and only found the ACME v1 requests. Can you share the email address you used, or the egress IP address of the machine you ran the ACME client on?

That’s correct, there is no email sent to the contact address for new account creation.

1 Like

I’ll just wait to see if I get a notice and take it up again if I don’t.

1 Like

Sounds good. :crossed_fingers:

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.