certify icon indicating copy to clipboard operation
certify copied to clipboard

Published 20 hours ago verified publisher icon webprofusion

Integrate status check for letsencrypt.org API to diagnose failures

Open kd8ssq opened this issue 6 years ago • 6 comments

I'm getting an error when registering both a new cert and trying to renew an old cert. You can see the logs below. I'm wondering if it has to do with a communication issue between Certify and Let's Encrypt because it's happening on 2 different servers on both a new request and a renewal request. Am I correct? If so, would it be possible to add error handling to make a friendler error message so people know what the issue actually is?

2018-05-18 11:05:52.634 -04:00 [INF] Could not begin authorization for domain with Let's Encrypt: [cbcdavison.org] System.UriFormatException: Invalid URI: The URI scheme is not valid.
   at System.Uri.CreateThis(String uri, Boolean dontEscape, UriKind uriKind)
   at System.Uri..ctor(String uriString)
   at ACMESharp.AcmeClient.GetDirectory(Boolean saveRelative) in D:\Work\GIT\certify\src\lib\ACMESharp\ACMESharp\ACMESharp\AcmeClient.cs:line 145
   at Certify.ACMESharpCompat.ACMESharpUtils.NewIdentifier(String alias, String dns, String vaultProfile) in D:\Work\GIT\certify\src\Certify.Core\ACMESharpCompat\ACMESharpUtils.cs:line 336
   at Certify.VaultManager.BeginRegistrationAndValidation(CertRequestConfig requestConfig, String identifierAlias, String challengeType, String domain) in D:\Work\GIT\certify\src\Certify.Core\Management\VaultManager.cs:line 670 - [11:05 AM] NewIdentifier [cbcdavison.org] : System.UriFormatException: Invalid URI: The URI scheme is not valid.
   at System.Uri.CreateThis(String uri, Boolean dontEscape, UriKind uriKind)
   at System.Uri..ctor(String uriString)
   at ACMESharp.AcmeClient.GetDirectory(Boolean saveRelative) in D:\Work\GIT\certify\src\lib\ACMESharp\ACMESharp\ACMESharp\AcmeClient.cs:line 145
   at Certify.ACMESharpCompat.ACMESharpUtils.NewIdentifier(String alias, String dns, String vaultProfile) in D:\Work\GIT\certify\src\Certify.Core\ACMESharpCompat\ACMESharpUtils.cs:line 336
   at Certify.VaultManager.BeginRegistrationAndValidation(CertRequestConfig requestConfig, String identifierAlias, String challengeType, String domain) in D:\Work\GIT\certify\src\Certify.Core\Management\VaultManager.cs:line 670
2018-05-18 11:05:53.689 -04:00 [INF] Validation of the required challenges did not complete successfully. [cbcdavison.org] : System.UriFormatException: Invalid URI: The URI scheme is not valid.
   at System.Uri.CreateThis(String uri, Boolean dontEscape, UriKind uriKind)
   at System.Uri..ctor(String uriString)
   at ACMESharp.AcmeClient.GetDirectory(Boolean saveRelative) in D:\Work\GIT\certify\src\lib\ACMESharp\ACMESharp\ACMESharp\AcmeClient.cs:line 145
   at Certify.ACMESharpCompat.ACMESharpUtils.NewIdentifier(String alias, String dns, String vaultProfile) in D:\Work\GIT\certify\src\Certify.Core\ACMESharpCompat\ACMESharpUtils.cs:line 336
   at Certify.VaultManager.BeginRegistrationAndValidation(CertRequestConfig requestConfig, String identifierAlias, String challengeType, String domain) in D:\Work\GIT\certify\src\Certify.Core\Management\VaultManager.cs:line 670
2018-05-18 11:05:53.689 -04:00 [INF] Validation of the required challenges did not complete successfully. [cbcdavison.org] : System.UriFormatException: Invalid URI: The URI scheme is not valid.
   at System.Uri.CreateThis(String uri, Boolean dontEscape, UriKind uriKind)
   at System.Uri..ctor(String uriString)
   at ACMESharp.AcmeClient.GetDirectory(Boolean saveRelative) in D:\Work\GIT\certify\src\lib\ACMESharp\ACMESharp\ACMESharp\AcmeClient.cs:line 145
   at Certify.ACMESharpCompat.ACMESharpUtils.NewIdentifier(String alias, String dns, String vaultProfile) in D:\Work\GIT\certify\src\Certify.Core\ACMESharpCompat\ACMESharpUtils.cs:line 336
   at Certify.VaultManager.BeginRegistrationAndValidation(CertRequestConfig requestConfig, String identifierAlias, String challengeType, String domain) in D:\Work\GIT\certify\src\Certify.Core\Management\VaultManager.cs:line 670

kd8ssq avatar May 18 '18 15:05 kd8ssq

:wave: @kd8ssq

I'm not a developer/user of Certify and may be incorrect, but I suspect this may be caused by a maintenance outage with the Let's Encrypt service.

We expect service to be restored in the coming hour. Please keep an eye on letsencrypt.status.io for more.

cpu avatar May 18 '18 15:05 cpu

@cpu I believe you're correct. Thanks for the maintenance link. I was looking for it to see what the status of the services was but couldn't find it. I'll wait till things are restored then try again.

kd8ssq avatar May 18 '18 15:05 kd8ssq

@cpu I can confirm that was the issue. I subscribed for the updates to be notified when there's going to be an outage. Thanks again.

@webprofusion-chrisc Is there a way to check the status of the Let's Encrypt servers prior to registering? Or maybe pull in the status feed into the settings area? Just a thought.

kd8ssq avatar May 18 '18 15:05 kd8ssq

@kd8ssq Great, glad to hear you're all set now. Thanks!

cpu avatar May 18 '18 15:05 cpu

@kd8ssq @cpu thanks folks, yes it would be great if the status.io sevice had an api for general use- perhaps its does? While we could parse the html I'd rather get a json feed. On the other hand it could result in significant traffic to the status.io api and I'm not sure what limits they have. Definitely something to look at.

webprofusion-chrisc avatar May 19 '18 02:05 webprofusion-chrisc

Further to this I plan to eventually use the letsdebug.net API to provide general 2nd level diagnostics.

webprofusion-chrisc avatar Jul 31 '18 06:07 webprofusion-chrisc