force renew fails #338

New Issue

adam · 2025-12-29T01:23:21+01:00

adam commented

2025-12-29 01:23:21 +01:00

Originally created by @geomunion on GitHub (Apr 25, 2018).

Hi, i'm having some trouble to force the renewing of a certificate with version 0.6.1.

Requesting a new certificate (./dehydrated -c -d test.example.com) works fine,
but an second run with ./dehydraded -c -x -d test.example.com fails.

 + Responding to challenge for text.example.com authorization...
ERROR: Problem connecting to server (post for http://test.example.com/.well-known/acme....

After some debugging i think there is a problem in get_json_string_value() function or json is'nt proper grepped ....

challenge_uris[${idx}]="$(echo "${challenge}" | get_json_string_value url)"

The "renew" JSON from ${challenge} contains a second 'url' and looks truncated:

{"type": "http-01", "status": "valid", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chal....", "token": "......", "validationRecord": [{"url": "http://test.example.com/.well-known/acme-challenge/...", "hostname": "test.example.com", "port": "80", "addressesResolved": ["....."], "addressUsed": "..."}

The JSON for a new cert-request didn't contains an validationRecord - no second url:

 {"type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chal...", "token": "...."}

Anybody having same issue?

Originally created by @geomunion on GitHub (Apr 25, 2018). Hi, i'm having some trouble to force the renewing of a certificate with version 0.6.1. Requesting a new certificate (`./dehydrated -c -d test.example.com`) works fine, but an second run with `./dehydraded -c -x -d test.example.com` fails. ````text + Responding to challenge for text.example.com authorization... ERROR: Problem connecting to server (post for http://test.example.com/.well-known/acme.... ```` After some debugging i think there is a problem in `get_json_string_value()` function or json is'nt proper grepped .... ````bash challenge_uris[${idx}]="$(echo "${challenge}" | get_json_string_value url)" ```` The "renew" JSON from `${challenge}` contains a second 'url' and looks truncated: ````json {"type": "http-01", "status": "valid", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chal....", "token": "......", "validationRecord": [{"url": "http://test.example.com/.well-known/acme-challenge/...", "hostname": "test.example.com", "port": "80", "addressesResolved": ["....."], "addressUsed": "..."} ```` The JSON for a new cert-request didn't contains an `validationRecord` - no second url: ````json {"type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chal...", "token": "...."} ```` Anybody having same issue?

adam closed this issue

2025-12-29 01:23:21 +01:00

adam commented

2025-12-29 01:23:22 +01:00

@lukas2511 commented on GitHub (Apr 25, 2018):

Duplicate of #515 and #548. Update and try again. This should be fixed since over a month.

@lukas2511 commented on GitHub (Apr 25, 2018): Duplicate of #515 and #548. Update and try again. This should be fixed since over a month.

adam commented

2025-12-29 01:23:22 +01:00

@lukas2511 commented on GitHub (Apr 25, 2018):

@geomunion can you give me some feedback after trying the current master version? I'm preparing a release with the fix and would like to know if it really works.

@lukas2511 commented on GitHub (Apr 25, 2018): @geomunion can you give me some feedback after trying the current master version? I'm preparing a release with the fix and would like to know if it really works.

adam commented

2025-12-29 01:23:22 +01:00

@yibfozzy commented on GitHub (May 8, 2018):

Hi, we are facing similar issue:

dehydrated -c -x -d example.com -d www.example.com

ERROR: Challenge is invalid! (returned: ) (result: wClXT0e2KS5ALWrs1sKsQoxzYUA8VQxxHai5TBvvdNA.NMCeBkC_6N-Gq1Z4PrGrUd-9noP83HtpQBuqhKlUAZ0)
"dehydrated -c -x -d example.com -d www.example.com" unexpectedly returned exit value 1 at /opt/perl/5.26/share/site/App/Cmd.pm line 468.

Dehydrated version: 0.6.1
openssl: OpenSSL 1.0.1e-fips 11 Feb 2013
OS: CloudLinux Server release 6.9 (Igor Volk)

@yibfozzy commented on GitHub (May 8, 2018): Hi, we are facing similar issue: dehydrated -c -x -d example.com -d www.example.com ERROR: Challenge is invalid! (returned: ) (result: wClXT0e2KS5ALWrs1sKsQoxzYUA8VQxxHai5TBvvdNA.NMCeBkC_6N-Gq1Z4PrGrUd-9noP83HtpQBuqhKlUAZ0) "dehydrated -c -x -d example.com -d www.example.com" unexpectedly returned exit value 1 at /opt/perl/5.26/share/site/App/Cmd.pm line 468. Dehydrated version: 0.6.1 openssl: OpenSSL 1.0.1e-fips 11 Feb 2013 OS: CloudLinux Server release 6.9 (Igor Volk)

adam commented

2025-12-29 01:23:22 +01:00

@lukas2511 commented on GitHub (May 8, 2018):

@yibfozzy just update, that is already fixed in the 0.6.2 release.

@lukas2511 commented on GitHub (May 8, 2018): @yibfozzy just update, that is already fixed in the 0.6.2 release.

adam commented

2025-12-29 01:23:23 +01:00

@lukas2511 commented on GitHub (May 8, 2018):

@yibfozzy oh wait it actually seems to be a completely different issue. are you using dns validation? this seems like a dns ttl/caching issue to me.

@lukas2511 commented on GitHub (May 8, 2018): @yibfozzy oh wait it actually seems to be a completely different issue. are you using dns validation? this seems like a dns ttl/caching issue to me.

adam commented

2025-12-29 01:23:23 +01:00

@yibfozzy commented on GitHub (May 8, 2018):

@lukas2511 yep, my bad, didn't pay attention that error was a bit different. We do not use dns validation, though this error does not appear with 0.6.2 version, so everything is ok now 👍

@yibfozzy commented on GitHub (May 8, 2018): @lukas2511 yep, my bad, didn't pay attention that error was a bit different. We do not use dns validation, though this error does not appear with 0.6.2 version, so everything is ok now 👍

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/dehydrated#338