There have been several post about pending authorizations and having to wait 7 days.
Part of the challenge is that this is done without user being aware as to the root cause and currently there are no ways of fixing the problems
Could this have been a github issue - yes, but I think there are lots of learnings which might be beneficial
I am hoping to present the problem space in a way that can be beneficial to all clients (not just certbot)
A) Research
B) Inducing Fail Conditions
C) Learnings from Fail Conditions
D) Building a Challenge List
E) Deactivating Challenges
F) Integrating with Certbot
A) Where are these authz been generated
B) Who keeps the score
So in order to figure these things out. Let’s induce some fail conditions aka throw some spanners in the works (and i have to confess this is the best part of the job )
A) If we give certbot a couple of commands with the same domain is it smart enough to not ask for new authz
B) Where in the chain do authz come from and how do we break this
Lets run it twice but not let certbot submit the challenges
A) The first set of challenges are ignored. Certbot submits the authz requests however after we break (crl c) after the submissions the challenges are in pending
second run we accept logging of IP but run through the 5 challenges without submitting a challenge
Overall:
We have 16 pending challenges.
We have 4 log files
@jsha@cpu - am I correct in understaning the currently boulder has no way of ansering a Authz Query - for example - given an account with ID X please give me all pending autz
@bmw@schoen - is there anything in the works for certbot to solve this (don't want to spend too much time if you are working on solution)
The main thing that fail conditions teach me is this
A) Not everything goes to plan
B) When it doesn’t most client ask for new authz instead of reusing exisitng ones
C) Clients don’t have a way of keeping registered authz
D) my preference would be on fail conditions for client to submit a challenge anyway so the fialure clears the pending authz
All sorts of other factors make me think this is a problem so lets go on and solve it