starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-01-13 15:13:33 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

Need to delay/retry on 500 errors #159

New Issue
Closed
opened 2025-12-29 00:26:15 +01:00 by adam · 5 comments
adam commented 2025-12-29 00:26:15 +01:00
Owner
Copy Link

Originally created by @ktwalrus on GitHub (Oct 29, 2016).

I'm using an older version of the letsencrypt.sh script (from August, I think).

I have a domain with 70 subdomains that I am trying to renew the cert for. But, the LE server seems to be busy right now and I have been unable to run the script all the way through without the script aborting with a Server Busy (500) error partway through execution.

Here is the error message on one of the aborts:

 + Requesting challenge for va.walr.us...
 + Requesting challenge for wa.walr.us...
 + Requesting challenge for wv.walr.us...
  + ERROR: An error occurred while sending post-request to https://acme-v01.api.letsencrypt.org/acme/new-authz (Status 500)

Details:
<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>
An error occurred while processing your request.<p>
Reference&#32;&#35;179&#46;cb2bf648&#46;1477693536&#46;13fbd21a
</BODY></HTML>

And, here is another:

 + Responding to challenge for mb.walr.us...
 + Challenge is valid!
 + Responding to challenge for nb.walr.us...
 + Challenge is valid!
 + Responding to challenge for nl.walr.us...
  + ERROR: An error occurred while sending post-request to https://acme-v01.api.letsencrypt.org/acme/challenge/QWH5zHZkedorybrcjyqpIVp94YzO-lw8Lll5064q7dw/204691332 (Status 500)

Details:
<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>
An error occurred while processing your request.<p>
Reference&#32;&#35;179&#46;cb2bf648&#46;1477693078&#46;13f3a5ff
</BODY></HTML>

I think the script should check for a Status 500 and delay for 15 seconds or so and then retry the post-request.

I am using DNS challenges so when the script aborts, it leaves outstanding challenges and LE eventually makes me wait a week (like happened to me tonight) for the outstanding challenges to age off and allow me to try the script again.

Originally created by @ktwalrus on GitHub (Oct 29, 2016). I'm using an older version of the letsencrypt.sh script (from August, I think). I have a domain with 70 subdomains that I am trying to renew the cert for. But, the LE server seems to be busy right now and I have been unable to run the script all the way through without the script aborting with a Server Busy (500) error partway through execution. Here is the error message on one of the aborts: ``` + Requesting challenge for va.walr.us... + Requesting challenge for wa.walr.us... + Requesting challenge for wv.walr.us... + ERROR: An error occurred while sending post-request to https://acme-v01.api.letsencrypt.org/acme/new-authz (Status 500) Details: <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY> An error occurred while processing your request.<p> Reference&#32;&#35;179&#46;cb2bf648&#46;1477693536&#46;13fbd21a </BODY></HTML> ``` And, here is another: ``` + Responding to challenge for mb.walr.us... + Challenge is valid! + Responding to challenge for nb.walr.us... + Challenge is valid! + Responding to challenge for nl.walr.us... + ERROR: An error occurred while sending post-request to https://acme-v01.api.letsencrypt.org/acme/challenge/QWH5zHZkedorybrcjyqpIVp94YzO-lw8Lll5064q7dw/204691332 (Status 500) Details: <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY> An error occurred while processing your request.<p> Reference&#32;&#35;179&#46;cb2bf648&#46;1477693078&#46;13f3a5ff </BODY></HTML> ``` I think the script should check for a Status 500 and delay for 15 seconds or so and then retry the post-request. I am using DNS challenges so when the script aborts, it leaves outstanding challenges and LE eventually makes me wait a week (like happened to me tonight) for the outstanding challenges to age off and allow me to try the script again.
adam closed this issue 2025-12-29 00:26:15 +01:00
adam commented 2025-12-29 00:26:16 +01:00
Author
Owner
Copy Link

@pastukhov commented on GitHub (Oct 30, 2016):

There is about issue in letsecrypt repo about it https://github.com/letsencrypt/boulder/issues/1943#issuecomment-247550765

@pastukhov commented on GitHub (Oct 30, 2016): There is about issue in letsecrypt repo about it https://github.com/letsencrypt/boulder/issues/1943#issuecomment-247550765
adam commented 2025-12-29 00:26:16 +01:00
Author
Owner
Copy Link

@fragpit commented on GitHub (Dec 16, 2016):

facing this issue today, despite that letsencrypt status is ok. It happens on about 124 requests.

+ ERROR: An error occurred while sending post-request to https://acme-staging.api.letsencrypt.org/acme/new-authz (Status 500)

Details:
<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>
An error occurred while processing your request.<p>
Reference&#32;&#35;179&#46;72fcd4d9&#46;1481875287&#46;9e6f771
</BODY></HTML>


 + CloudFlare hook executing: clean_challenge
 + http_request() error in letsencrypt.sh?

less than 100, pass ok.

@fragpit commented on GitHub (Dec 16, 2016): facing this issue today, despite that letsencrypt status is ok. It happens on about 124 requests. ``` + ERROR: An error occurred while sending post-request to https://acme-staging.api.letsencrypt.org/acme/new-authz (Status 500) Details: <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY> An error occurred while processing your request.<p> Reference&#32;&#35;179&#46;72fcd4d9&#46;1481875287&#46;9e6f771 </BODY></HTML> + CloudFlare hook executing: clean_challenge + http_request() error in letsencrypt.sh? ``` less than 100, pass ok.
adam commented 2025-12-29 00:26:16 +01:00
Author
Owner
Copy Link

@ktwalrus commented on GitHub (Feb 24, 2017):

I'm using the latest version of dehydrated and this still happens for me. Any chance of a fix coming soon?

 + Requesting challenge for imap.wi.walr.us...
 + Requesting challenge for imap.wy.walr.us...
 + CloudFlare hook executing: deploy_challenge
 + Settling down for 10s...
 + Responding to challenge for imap.ab.walr.us...
 + Challenge is valid!
 + Responding to challenge for imap.bc.walr.us...
 + Challenge is valid!
 + Responding to challenge for imap.mb.walr.us...
 + Challenge is valid!
 + Responding to challenge for imap.nb.walr.us...
 + Challenge is valid!
 + Responding to challenge for imap.nl.walr.us...
 + Challenge is valid!
 + Responding to challenge for imap.nt.walr.us...
  + ERROR: An error occurred while sending post-request to https://acme-v01.api.letsencrypt.org/acme/challenge/icWKuzvIizvhXXM39SFY7xAEdlY92UDSzLVEjQjx8rE/696947227 (Status 500)

Details:
<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>
An error occurred while processing your request.<p>
Reference&#32;&#35;179&#46;df2bf648&#46;1487897858&#46;32a9724
</BODY></HTML>
@ktwalrus commented on GitHub (Feb 24, 2017): I'm using the latest version of dehydrated and this still happens for me. Any chance of a fix coming soon? ``` + Requesting challenge for imap.wi.walr.us... + Requesting challenge for imap.wy.walr.us... + CloudFlare hook executing: deploy_challenge + Settling down for 10s... + Responding to challenge for imap.ab.walr.us... + Challenge is valid! + Responding to challenge for imap.bc.walr.us... + Challenge is valid! + Responding to challenge for imap.mb.walr.us... + Challenge is valid! + Responding to challenge for imap.nb.walr.us... + Challenge is valid! + Responding to challenge for imap.nl.walr.us... + Challenge is valid! + Responding to challenge for imap.nt.walr.us... + ERROR: An error occurred while sending post-request to https://acme-v01.api.letsencrypt.org/acme/challenge/icWKuzvIizvhXXM39SFY7xAEdlY92UDSzLVEjQjx8rE/696947227 (Status 500) Details: <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY> An error occurred while processing your request.<p> Reference&#32;&#35;179&#46;df2bf648&#46;1487897858&#46;32a9724 </BODY></HTML> ```
adam commented 2025-12-29 00:26:17 +01:00
Author
Owner
Copy Link

@ktwalrus commented on GitHub (Feb 24, 2017):

Turns out this doesn't seem to be as bad a problem as it was before. When I re-ran dehydrated, it didn't deploy_challenges for the ones that had previously succeeded. Instead, it picked up with the challenge that had failed with the SERVER BUSY error.

Still, dehydrated should probably check for Status 500 and delay before retrying the post-request. As it is now, the script simply prints the error messages and exits which is not very friendly in the case of a temporary problem like SERVER BUSY.

@ktwalrus commented on GitHub (Feb 24, 2017): Turns out this doesn't seem to be as bad a problem as it was before. When I re-ran dehydrated, it didn't deploy_challenges for the ones that had previously succeeded. Instead, it picked up with the challenge that had failed with the SERVER BUSY error. Still, dehydrated should probably check for Status 500 and delay before retrying the post-request. As it is now, the script simply prints the error messages and exits which is not very friendly in the case of a temporary problem like SERVER BUSY.
adam commented 2025-12-29 00:26:17 +01:00
Author
Owner
Copy Link

@lukas2511 commented on GitHub (Jul 10, 2017):

Duplicate of quite a lot of other tickets. There are a lot of reasons not to implement this: If Let's Encrypt is under heavy load it definitively won't help if tons of clients retry and retry and retry, also error handling in bash is hard enough, retrying stuff will only result in quite complicated code, carrying failure flags and everything. At the moment the script often just hardly exits on errors.

What I will implement soon(ish): Caching of requested verifications. This will help with the rate limiting, and should speed things up if you really wanted to retry running the script.

@lukas2511 commented on GitHub (Jul 10, 2017): Duplicate of quite a lot of other tickets. There are a lot of reasons not to implement this: If Let's Encrypt is under heavy load it definitively won't help if tons of clients retry and retry and retry, also error handling in bash is hard enough, retrying stuff will only result in quite complicated code, carrying failure flags and everything. At the moment the script often just hardly exits on errors. What I will implement soon(ish): Caching of requested verifications. This will help with the rate limiting, and should speed things up if you really wanted to retry running the script.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Complicated
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
 suggestions wanted
testing
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/dehydrated#159
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?