[SOLVED] Staging (--test-cert) works fine, but 502 error with the real server


#1

I’ve been trying something like this with staging:

letsencrypt certonly \
    --test-cert \
    --non-interactive \
    --email joe@trusktr.io \
    --agree-tos \
    --standalone \
    --domain trusktr.io \
    --domain infamous.io \
    --domain sk8.earth \

which works fine, but when I remove the --test-cert flag, the command fails with this output to the log:

2016-04-04 17:06:18,371:DEBUG:letsencrypt.cli:Root logging level set at 30
2016-04-04 17:06:18,373:INFO:letsencrypt.cli:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2016-04-04 17:06:18,373:DEBUG:letsencrypt.cli:letsencrypt version: 0.4.2
2016-04-04 17:06:18,374:DEBUG:letsencrypt.cli:Arguments: ['--non-interactive', '--email', 'joe@trusktr.io', '--agree-tos', '--standalone', '--domain', 'trusktr.io', '--domain', 'infamous.io', '--domain', 'sk8.earth']
2016-04-04 17:06:18,374:DEBUG:letsencrypt.cli:Discovered plugins: PluginsRegistry(PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
2016-04-04 17:06:18,375:DEBUG:letsencrypt.cli:Requested authenticator standalone and installer None
2016-04-04 17:06:18,475:DEBUG:letsencrypt.display.ops:Single candidate plugin: * standalone
Description: Automatically use a temporary webserver
Interfaces: IAuthenticator, IPlugin
Entry point: standalone = letsencrypt.plugins.standalone:Authenticator
Initialized: <letsencrypt.plugins.standalone.Authenticator object at 0x7f0c114a2fd0>
Prep: True
2016-04-04 17:06:18,477:DEBUG:letsencrypt.cli:Selected authenticator <letsencrypt.plugins.standalone.Authenticator object at 0x7f0c114a2fd0> and installer None
2016-04-04 17:06:18,646:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/directory. args: (), kwargs: {}
2016-04-04 17:06:18,653:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-04-04 17:06:39,785:DEBUG:requests.packages.urllib3.connectionpool:"GET /directory HTTP/1.1" 502 1488
2016-04-04 17:06:39,791:DEBUG:root:Received <Response [502]>. Headers: {'Content-Length': '1488', 'Expires': 'Mon, 04 Apr 2016 17:18:36 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'ETag': '"55f255cc-5d0"', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Mon, 04 Apr 2016 17:18:36 GMT', 'Content-Type': 'text/html'}. Content: '<!DOCTYPE html>\n\n<html lang="en">\n<head>\n  <meta charset="utf-8">\n  <meta http-equiv="X-UA-Compatible" content="IE=edge">\n  <meta name="viewport" content=\n  "width=device-width, initial-scale=1">\n\n  <title>Maintenance</title>\n  <link href=\n  "//maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css"\n  rel="stylesheet" type="text/css">\n  <link href=\n  "//maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css"\n  rel="stylesheet" type="text/css">\n</head>\n\n<body>\n  <div class="container-fluid">\n    <div class="row">\n      <div class="col-md-6 text-right">\n\t<p style="font-size: 90px;">\n<i class="fa fa-coffee"></i></p>\n\t</div>\n\n      <div class="col-md-6 text-left">\n        <h1>502<br>\n        <small>Maintenance Time</small></h1>\n      </div>\n    </div>\n\n    <div class="row">\n      <div class="col-xs-12 text-center">\n        <p>Sorry! We\'re doing some cleanup at the moment. We\'ll be back shortly.</p>\n      </div>\n    </div>\n    <div class="row">\n      <div class="col-xs-4 col-xs-offset-2 text-center">\n        <p><a href="https://letsencrypt.status.io" title="Twitter">\n          <i class="fa fa-area-chart"></i>\n          Service Status (letsencrypt.status.io)\n        </a></p>\n      </div>\n      <div class="col-xs-4 text-center">\n        <p><a href="https://twitter.com/letsencrypt" title="Twitter">\n          <i class="fa fa-twitter"></i>\n          Check with us on Twitter\n        </a></p>\n      </div>\n    </div> <!-- row -->\n  </div>\n\n\n</body>\n</html>\n'
2016-04-04 17:06:39,791:DEBUG:acme.client:Received response <Response [502]> (headers: {'Content-Length': '1488', 'Expires': 'Mon, 04 Apr 2016 17:18:36 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'ETag': '"55f255cc-5d0"', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Mon, 04 Apr 2016 17:18:36 GMT', 'Content-Type': 'text/html'}): '<!DOCTYPE html>\n\n<html lang="en">\n<head>\n  <meta charset="utf-8">\n  <meta http-equiv="X-UA-Compatible" content="IE=edge">\n  <meta name="viewport" content=\n  "width=device-width, initial-scale=1">\n\n  <title>Maintenance</title>\n  <link href=\n  "//maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css"\n  rel="stylesheet" type="text/css">\n  <link href=\n  "//maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css"\n  rel="stylesheet" type="text/css">\n</head>\n\n<body>\n  <div class="container-fluid">\n    <div class="row">\n      <div class="col-md-6 text-right">\n\t<p style="font-size: 90px;">\n<i class="fa fa-coffee"></i></p>\n\t</div>\n\n      <div class="col-md-6 text-left">\n        <h1>502<br>\n        <small>Maintenance Time</small></h1>\n      </div>\n    </div>\n\n    <div class="row">\n      <div class="col-xs-12 text-center">\n        <p>Sorry! We\'re doing some cleanup at the moment. We\'ll be back shortly.</p>\n      </div>\n    </div>\n    <div class="row">\n      <div class="col-xs-4 col-xs-offset-2 text-center">\n        <p><a href="https://letsencrypt.status.io" title="Twitter">\n          <i class="fa fa-area-chart"></i>\n          Service Status (letsencrypt.status.io)\n        </a></p>\n      </div>\n      <div class="col-xs-4 text-center">\n        <p><a href="https://twitter.com/letsencrypt" title="Twitter">\n          <i class="fa fa-twitter"></i>\n          Check with us on Twitter\n        </a></p>\n      </div>\n    </div> <!-- row -->\n  </div>\n\n\n</body>\n</html>\n'
2016-04-04 17:06:39,793:DEBUG:letsencrypt.cli:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/letsencrypt", line 9, in <module>
    load_entry_point('letsencrypt==0.4.2', 'console_scripts', 'letsencrypt')()
  File "/usr/lib/python2.7/site-packages/letsencrypt/cli.py", line 1993, in main
    return config.func(config, plugins)
  File "/usr/lib/python2.7/site-packages/letsencrypt/cli.py", line 690, in obtain_cert
    le_client = _init_le_client(config, authenticator, installer)
  File "/usr/lib/python2.7/site-packages/letsencrypt/cli.py", line 207, in _init_le_client
    acc, acme = _determine_account(config)
  File "/usr/lib/python2.7/site-packages/letsencrypt/cli.py", line 192, in _determine_account
    config, account_storage, tos_cb=_tos_cb)
  File "/usr/lib/python2.7/site-packages/letsencrypt/client.py", line 116, in register
    acme = acme_from_config_key(config, key)
  File "/usr/lib/python2.7/site-packages/letsencrypt/client.py", line 41, in acme_from_config_key
    return acme_client.Client(config.server, key=key, net=net)
  File "/usr/lib/python2.7/site-packages/acme/client.py", line 63, in __init__
    self.net.get(directory).json())
  File "/usr/lib/python2.7/site-packages/acme/client.py", line 627, in get
    self._send_request('GET', url, **kwargs), content_type=content_type)
  File "/usr/lib/python2.7/site-packages/acme/client.py", line 574, in _check_response
    raise errors.ClientError(response)
ClientError: <Response [502]>

#2

I don’t know if perhaps this has anything to do with it, but the output shows a time of 17:06:39, while my according to my server the time was 10:06. My server time seems to be 14 minutes behind actual time too. Could that cause problems?


#3

Let’s Encrypt is currently performing network maintenance, see https://letsencrypt.status.io/.