A few of us (working on Caddy) have run into trouble accessing the staging endpoint:
[INFO][test25.finerpixels.com] acme: Obtaining bundled SAN certificate
2018/02/14 18:27:55 [INFO][test25.finerpixels.com] AuthURL: https://acme-staging.api.letsencrypt.org/acme/authz/NZEckExunMT0y6dIjAYUOaVKlfIT2YHh6-s4T2B5jKc
2018/02/14 18:27:55 [INFO][test25.finerpixels.com] acme: Could not find solver for: dns-01
2018/02/14 18:27:55 [INFO][test25.finerpixels.com] acme: Trying to solve HTTP-01
2018/02/14 18:27:55 [INFO][test25.finerpixels.com] Served key authentication
2018/02/14 18:27:55 [INFO][test25.finerpixels.com] Served key authentication
2018/02/14 18:27:56 [INFO][test25.finerpixels.com] Served key authentication
2018/02/14 18:27:56 [INFO][test25.finerpixels.com] Served key authentication
2018/02/14 18:27:56 [INFO][test25.finerpixels.com] The server validated our request
2018/02/14 18:27:56 [INFO][test25.finerpixels.com] acme: Validations succeeded; requesting certificates
2018/02/14 18:28:13 [test25.finerpixels.com] failed to get certificate: Failed to HTTP POST to https://acme-staging.api.letsencrypt.org/acme/new-cert -> Post https://acme-staging.api.letsencrypt.org/acme/new-cert: net/http: timeout awaiting response headers
exit status 1
We haven’t changed our ACME client code recently, and this is reliably being reproduced over and over again by multiple machines. Is staging having an issue currently?
(To preempt the predictable first question – yes, the client code we’re using is quite stable and was working earlier today.)
It still happened for me about 8 hours ago when I went to sleep. However I just tried again and it worked fine. The outage seemed to be the ACME server hanging when actually issuing the certificate; other kinds of requests to the staging server succeeded in getting some sort of response. Just getting the actual certificate was hanging for too long.
Maybe something to look into – hopefully this kind of thing won’t crop up on the production endpoint. If you look for my domain in your logs maybe that will be revealing, I dunno.
Also confirm, just restarted Caddy and staging is working again. It is a bit concerning that staging being down did not trigger any alerts or notifications. I’m guessing the checks don’t actually try making a certificate request, they just check the API endpoint is up.