Renew: Failed to get registration by key


#1

Please fill out the fields below so we can help you better.

My domain is:
export.netques.com

I ran this command:
./certbot-auto renew --dry-run

It produced this output:

Processing /etc/letsencrypt/renewal/export.netques.com.conf

Cert not due for renewal, but simulating renewal for dry run
Renewing an existing certificate
Attempting to renew cert from /etc/letsencrypt/renewal/export.netques.com.conf p roduced an unexpected error: urn:acme:error:serverInternal :: The server experie nced an internal error :: Failed to get registration by key. Skipping.

My operating system is (include version):
Ubuntu 16.04 xenial

My web server is (include version):
Using --standalone certonly (I’m running a node server that was turned off at the moment of doing the above commands)

My hosting provider, if applicable, is:
Digital Ocean

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
nope, ssh.

The log produced this (I think this is all the applicable stuff):
2017-01-16 12:48:39,221:DEBUG:root:Sending POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz:
{
“header”: {
“alg”: “RS256”,
“jwk”: {
“e”: “AQAB”,
“kty”: “RSA”,
“n”: “qiDcHgq6uK_cMf7mCmLNRQM8BH9f8v9U3PEroUK_fmWRYHWmBsoZrFMnobDWt3jDXjEDIL_xcwTSs3MSv7c0QujIMwpWHQwR-APJ_bGVsM33AuIiE8nTIDiz9W3YMW_gJWgNUuQPNUcuIavnMlPAnTWsU7pFhRogpr2f_y_icPUa9LQX_VsWDSJCZsSJdRZLVG3laMB5ezCtgT-6F4DDO1_HOyooR8xL-WnlqQVI3VSA6aRfjjJWIow6V8Aczc85CsK7KX1TFiNaczoJzfKujJa_VLOkPySbsXAGhWImPCk-fALruv0AB0dzVo6vDgdBUd8vY4x1YNYzHmApW6fV_w”
}
},
“protected”: “eyJub25jZSI6ICJUNHQzdU9jQjE4MFIyTVRnZ3haTlJfTXhXUnNNSFgzYXdJdzRrTDVGTmdNIn0”,
“payload”: “ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAiZXhwb3J0Lm5ldHF1ZXMuY29tIgogIH0sIAogICJyZXNvdXJjZSI6ICJuZXctYXV0aHoiCn0”,
“signature”: “H8vLtRwIA64HrB_KT1CtafJapwy4jSKUn6duPCyNzV6c3iMnPnJXxbSiOCX9qRLvybbnYzwattVBf6SXoKqBxDTIS7Lqh1GJ7QDA3yBeLxxemiCpSH7-TP-7jkCewzt4Xt726ppQme4ae4-hnGufn7WUEq3Qdkal954MZD2GkqZ5Rc1ut3CvKWuFuQ1EdCiS-XSqx3JYWduJKm2iOTS9EZJgbcVbG0GdDE5cBoVihgg-zJr3OyVJBF5Zqt-Plbe0fzTPgq_gI-z6XgBSCVw1unCB9GtmrHdAhObrsaThLj3XpSBI6ANBRmaxk9aj13M_BQVQN1w2yShWwGl8i_0j0w”
}
2017-01-16 12:48:44,402:DEBUG:requests.packages.urllib3.connectionpool:https://acme-staging.api.letsencrypt.org:443 “POST /acme/new-authz HTTP/1.1” 500 111
2017-01-16 12:48:44,431:DEBUG:acme.client:Received response:
HTTP 500
Server: nginx
Content-Type: application/problem+json
Content-Length: 111
Boulder-Request-Id: XciBb-Uwu56lC_a_4u1BgMmIzC-rf5EIxdGQFsfhcEs
Replay-Nonce: fkNg-xB-7bzwmc4jw5EeO4Xy1uEl3dENGWZc7Y7asb0
Expires: Mon, 16 Jan 2017 12:48:44 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 16 Jan 2017 12:48:44 GMT
Connection: close

{
“type”: “urn:acme:error:serverInternal”,
“detail”: “Failed to get registration by key”,
“status”: 500
}
2017-01-16 12:48:44,432:DEBUG:acme.client:Storing nonce: fkNg-xB-7bzwmc4jw5EeO4Xy1uEl3dENGWZc7Y7asb0
2017-01-16 12:48:44,432:WARNING:certbot.renewal:Attempting to renew cert from /etc/letsencrypt/renewal/export.netques.com.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: Failed to get registration by key. Skipping.
2017-01-16 12:48:44,440:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File “/home/coo/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/renewal.py”, line 390, in handle_renewal_request
main.obtain_cert(lineage_config, plugins, renewal_candidate)
File “/home/coo/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py”, line 626, in obtain_cert
action, _ = _auth_from_available(le_client, config, domains, certname, lineage)
File “/home/coo/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py”, line 103, in _auth_from_available
renewal.renew_cert(config, domains, le_client, lineage)
File “/home/coo/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/renewal.py”, line 273, in renew_cert
new_certr, new_chain, new_key, _ = le_client.obtain_certificate(domains)
File “/home/coo/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py”, line 262, in obtain_certificate
self.config.allow_subset_of_names)
File “/home/coo/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/auth_handler.py”, line 68, in get_authorizations
domain, self.account.regr.new_authzr_uri)
File “/home/coo/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py”, line 216, in request_domain_challenges
typ=messages.IDENTIFIER_FQDN, value=domain), new_authzr_uri)
File “/home/coo/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py”, line 196, in request_challenges
new_authz)
File “/home/coo/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py”, line 667, in post
return self._check_response(response, content_type=content_type)
File “/home/coo/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py”, line 570, in _check_response
raise messages.Error.from_json(jobj)
Error: urn:acme:error:serverInternal :: The server experienced an internal error :: Failed to get registration by key


#2

Hi @coo,

Are you still receiving this error?


#3

Hey @cpu ,

Thanks for your response. I just retried and now the response is good. I assume there were some temporary issues?


Processing /etc/letsencrypt/renewal/export.netques.com.conf

Cert not due for renewal, but simulating renewal for dry run
Renewing an existing certificate
Performing the following challenges:
tls-sni-01 challenge for export.netques.com
Waiting for verification…
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/0001_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0001_csr-certbot.pem

Thanks for coming back to me!


#4

Hi @Coo,

I’m glad to hear its working again :tada:!

That error usually occurs when we’re having an outage or degraded service. Do you know approximately what time (ideally in UTC) that you originally saw the error?


#5

Yes, the times in the log excerpt are UTC. So this happened at 2017-01-16 12:48:39.


#6

Ah perfect! Thanks.

It looks like our staging environment was briefly unhappy at the same time frame as you saw this error. Our ops team is looking into the root cause.

Thanks! Apologies for the brief staging service interruption.


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.