"pending" means you have not completed all - or failed any - ACME challenges.
Why that happened? I don't know. No one will be able to help you, because you failed to disclose any of the required information you were asked to provide.
You did not send the required information. You left most fields blank. Most importantly, you did not specify what program, library, or ACME client you are using.
There are hundreds, if not thousands, of ACME clients and libraries. The raw code you pasted could be from any one of them.
No one will be able to troubleshoot your problem based on the information you provided.
@_az Hi, thanks for answer.
public class AcmeHelper
{
private static Logger logger = LogManager.GetCurrentClassLogger();
public static async Task<X509Certificate2> GenerateCert(string dns)
{
AcmeHost challengeResponder = null;
try
{
//Checking port
if (NetworkingHelper.IsPortInUse(80))
{
throw new Exception("Port 80 is currently in use, cannot start the ACME challenge responder. Certificate request will be canceled");
}
#if DEBUG
logger.Warn("Running in debug mode, will use the LetsEncrypt Staging server!");
Uri letsEncryptUri = WellKnownServers.LetsEncryptStagingV2; #else
Uri letsEncryptUri = WellKnownServers.LetsEncryptV2; #endif
{
var acme = new AcmeContext(letsEncryptUri);
var account = await acme.NewAccount("mlopesbjj@gmail.com", true);
var tos = acme.TermsOfService();
var order = await acme.NewOrder(new[] { dns });
var authz = (await order.Authorizations()).First();
var httpChallenge = await authz.Http();
var keyAuthz = httpChallenge.KeyAuthz;
var token = httpChallenge.Token;
challengeResponder = new AcmeHost(token, dns);
try
{
challengeResponder.StartWebApiHost();
AcmeResponderController.KeyAuthorization = keyAuthz;
}
catch (Exception ex)
{
logger.Error(ex, "Error while starting the ACME responder service, canceling certificare request");
try { challengeResponder.StopWebApiHost(); } catch { }
throw;
}
await httpChallenge.Validate();
logger.Info("11 - httpChallenge: " + httpChallenge.Location);
var res = await authz.Resource();
logger.Info("12 - res: " + res);
var privateKey = KeyFactory.NewKey(KeyAlgorithm.RS256);
var cert = await order.Generate(new CsrInfo
{
CommonName = dns,
}, privateKey);
return x509cert;
}
}
catch (Exception ex)
{
logger.Error(ex, "An exception occurred while requesting certificates: " + ex.Message);
throw ex;
}
finally
{
//Close the web api responder
try { challengeResponder.StopWebApiHost(); } catch { }
}
}
}
Certes' documentaton does not explain this, but after you call Validate on a challenge, you need to poll and wait until the authorizations transition to either the valid or invalid state.
If you don't wait after calling Validate, then sometimes it will work, and sometimes it won't (depending how fast the Let's Encrypt server checks the challenge). You don't want to do that.
If you take a look at this test case in Certes' source code, you can see how the author has created a polling loop where they wait for each authorization to be in either the invalid or valid state.
If you do that, then you will be able to safely call order.Generate without encountering this "order pending" error. (Though I recommend using a much longer delay than the 100ms that code uses).
@_az Thank you very much for the help.
I adjusted the program and managed to get the correct return.
Now it is returning me as "invalid", but I believe that this problem is already an infrastructure problem that this machine is not the machine that responds to the request address.
