Server response (403) on Finalize order

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: helloinneryou,com
Please help me sort out this log entry and certificate renewal failure. It is failing on the last step after successful acme-challenges.

2024-07-14 22:30:51 [info] Sending request to challenge

2024-07-14 22:30:53 [info] Sending signed request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/377121777057/k3J0pg

2024-07-14 22:30:53 [info] Verification ended with status: 'VALID' for the domain helloinneryou.com

2024-07-14 22:30:53 [info] Sending request to challenge

2024-07-14 22:30:53 [info] Sending signed request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/377121777067/I8F-vQ

2024-07-14 22:30:53 [info] Verification ended with status: 'VALID' for the domain www.helloinneryou.com

2024-07-14 22:30:53 [info] Sending signed request to https://acme-v02.api.letsencrypt.org/acme/finalize/818647267/287360230457

2024-07-14 22:30:53 [error] Sorry, the Let's Encrypt™ server response (403) is unexpected. The complete server response is given below.

2024-07-14 22:30:53 [error]

Array(    [type] => urn:ietf:params:acme:error:orderNotReady    [detail] => Order's status ("valid") is not acceptable for finalization    [status] => 403)

2024-07-14 22:30:53 [error] Closing the connection

2024-07-14 22:30:53 [error] Invalid response code: 403, {"type":"urn:ietf:params:acme:error:orderNotReady","detail":"Order's status ("valid") is not acceptable for finalization","status":403}

@cmilitzer , welcome to the community!

You did not fill up all the detailes of the questioner, is it a custom ACME client that you are using?
The state of an order is "valid", when it is already finalized. It is not possible to finalize an order more than one time. An order can be finalized only if its state is "ready".

I was not sure how to answer all of it. I am using the Auto-Install Free SSL 4.0.0 Plugin on a WordPress site. I have renewed the SLL manually several times on this site and have done it with multiple sites using this plugin. This is the first time that after doing the Acme checks that it has now created the certificate and it is telling me to check the log for this error. How can I change this from Valid to Ready?

Maybe someone here will know something about that product but you are probably better off asking at that Auto-Install support forum. They will know best how to debug what has gone wrong. That program has sent an invalid API request and it is being rejected (as it should) by Let's Encrypt.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.