Problem with renew certificates - The request message was malformed :: Method not allowed

This problem affects you because your version of Certbot is too old. You'll need to upgrade it. Having two certs isn't a problem :slight_smile:

4 Likes

Same problem here. certbot renew --dry-run and also certbot certonly --webroot -w /bla/bla/webroot -d somedomain.com --dry-run gives following error:

Attempting to renew cert from/etc/letsencrypt/renewal/somedomain.com.conf produced an unexpected error: urn:ietf:params:acme:error:malformed :: The request message was malformed :: Method not allowed. Skipping.

This happens for 11 sites on the server.
Centos 7, nginx and varnish on the server.
Certbot version: certbot 0.36.0
We need a solution ASAP as one certificate is expiring in 6 hours!!! @JuergenAuer any ideas?

From the logs:

Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/certbot/renewal.py", line 449, in handle_renewal_request
    main.renew_cert(lineage_config, plugins, renewal_candidate)
  File "/usr/lib/python2.7/site-packages/certbot/main.py", line 1207, in renew_cert
    renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage)
  File "/usr/lib/python2.7/site-packages/certbot/main.py", line 115, in _get_and_save_cert
    renewal.renew_cert(config, domains, le_client, lineage)
  File "/usr/lib/python2.7/site-packages/certbot/renewal.py", line 307, in renew_cert
    new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
  File "/usr/lib/python2.7/site-packages/certbot/client.py", line 365, in obtain_certificate
    cert, chain = self.obtain_certificate_from_csr(csr, orderr)
  File "/usr/lib/python2.7/site-packages/certbot/client.py", line 297, in obtain_certificate_from_csr
    orderr = self.acme.finalize_order(orderr, deadline)
  File "/usr/lib/python2.7/site-packages/acme/client.py", line 908, in finalize_order
    return self.client.finalize_order(orderr, deadline)
  File "/usr/lib/python2.7/site-packages/acme/client.py", line 743, in finalize_order
    content_type=DER_CONTENT_TYPE).text
  File "/usr/lib/python2.7/site-packages/acme/client.py", line 791, in _post_as_get
    return self.net.get(*args, **kwargs)
  File "/usr/lib/python2.7/site-packages/acme/client.py", line 1152, in get
    self._send_request('GET', url, **kwargs), content_type=content_type)
  File "/usr/lib/python2.7/site-packages/acme/client.py", line 1054, in _check_response
    raise messages.Error.from_json(jobj)
Error: urn:ietf:params:acme:error:malformed :: The request message was malformed :: Method not allowed
2019-12-11 10:03:45,614:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
  File "/bin/certbot", line 9, in <module>
    load_entry_point('certbot==0.36.0', 'console_scripts', 'certbot')()
  File "/usr/lib/python2.7/site-packages/certbot/main.py", line 1381, in main
    return config.func(config, plugins)
  File "/usr/lib/python2.7/site-packages/certbot/main.py", line 1286, in renew

Having same issue as well. Unfortunately ubuntu PPA doesn’t include newer versions.

sudo certbot certonly --webroot --webroot-path=/var/www/html -d example.com --dry-run

Looks like we’re F!#$%^, boys.

1 Like

The fix for this issue is in the Ubuntu PPA.

Make sure you have upgraded python-acme to 0.31.0-2 from the PPA.

3 Likes

I solved the isssue updated the package python-acme on centos7
Thanks a lot!

3 Likes

Is python-acme package is not installed by default? Cuz I don’t have it now. Should I be installing this package manually?

I followed the official docs to install certbot.

Check python3-acme instead.

The python-acme package can still be installed if you want to use it, but the current Certbot packages use Python 3, so they depend on the equivalent python3-acme package instead.

1 Like

Thanks alot _az ! - by upgrading to 0.31.0-2 like this:
sudo apt update && apt install --only-upgrade python3-acme

It worked! jihaa :grinning:

5 Likes

A post was split to a new topic: Certbot not making challenge request

ouch. I have overrun rate limits and am fighting with getting the correct configurations for a complex docker build. And now I find out that this error occurs when I use staging. So I can not use staging?

I guess I will run into rate limiting soon again :frowning:

Probleme resolved by reinstall certbot :

~$ sudo apt-get install certbot python-certbot-apache

Now Im in :

    ~$ certbot --version
    certbot 0.31.0

the renw work correctly

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.