Unable to renew: "Unable to meet CA SCT embedding requirements"

I’m running Ubuntu 16.04 with a number of customer domains. Renewal ist automatic by running ‘letsencrypt renew’.

Today I got this back from cron:

2018-07-21 00:26:00,154:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/****.de.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: Error creating new cert :: Unable to meet CA SCT embedding requirements. Skipping.
2018-07-21 00:26:36,276:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/****.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: Error creating new cert :: Unable to meet CA SCT embedding requirements. Skipping.
2018-07-21 00:27:12,505:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/****.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: Error creating new cert :: Unable to meet CA SCT embedding requirements. Skipping.
2018-07-21 00:27:48,716:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/****.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: Error creating new cert :: Unable to meet CA SCT embedding requirements. Skipping.
2018-07-21 00:28:24,902:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/****.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: Error creating new cert :: Unable to meet CA SCT embedding requirements. Skipping.
2018-07-21 00:29:01,233:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/****.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: Error creating new cert :: Unable to meet CA SCT embedding requirements. Skipping.
2018-07-21 00:29:37,815:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/****.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: Error creating new cert :: Unable to meet CA SCT embedding requirements. Skipping.
2018-07-21 00:30:13,921:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/****.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: Error creating new cert :: Unable to meet CA SCT embedding requirements. Skipping.
2018-07-21 00:30:50,094:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/****.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: Error creating new cert :: Unable to meet CA SCT embedding requirements. Skipping.
2018-07-21 00:31:26,441:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/****.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: Error creating new cert :: Unable to meet CA SCT embedding requirements. Skipping.
2018-07-21 00:32:02,691:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/****.conf produced an unexpected error: urn:acme:error:serverInternal :: The server experienced an internal error :: Error creating new cert :: Unable to meet CA SCT embedding requirements. Skipping.
11 renew failure(s), 0 parse failure(s)

All of the domains belong to one single customer.

I have no idea what caused this, I don’t understand the error messages. Is this a problem on my side or is LetsEncrypt broken now? This exact setup is running successfully for about a year and many other domains.

Google has never seen this error mesage before so I’m asking here.

It was probably related to this incident earlier today: https://letsencrypt.status.io/pages/incident/55957a99e800baa4470002da/5b5266df6e646c425d1e77c1

If you’re still experiencing the issue, let us know, but otherwise, Certbot will/would have just tried again 12 hours later and succeeded.

1 Like

Thank you. I have started my script again and it didn’t produce any errors.

Hi, I’m experiencing the same issue right now. Should I also try later? What is the root cause?

Should I also try later?

Yes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.