starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-01-11 22:30:44 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

Can not revoke cert #86

New Issue
Closed
opened 2025-12-29 00:24:32 +01:00 by adam · 1 comment
adam commented 2025-12-29 00:24:32 +01:00
Owner
Copy Link

Originally created by @bobykus on GitHub (Apr 18, 2016).

Running

/usr/local/sbin/letsencrypt.sh --cron --domain some.do --challenge http-01 --config .letsencrypt/config.sh
INFO: Using main config file .letsencrypt/config.sh
Processing some.do

  • Checking domain name(s) of existing cert... unchanged.
  • Checking expire date of existing cert...
  • Valid till Jun 27 10:11:00 2016 GMT (Longer than 14 days). Skipping renew!

While I run

/usr/local/sbin/letsencrypt.sh --revoke certs/some.do/fullchain-1459249840.pem --domain some.do --challenge http-01 --config .letsencrypt/config.sh
INFO: Using main config file .letsencrypt/config.sh
Revoking certs/some.do/fullchain-1459249840.pem

  • Done.
  • Renaming certificate to certs/some.do/fullchain-1459249840.pem-revoked

and of course then

/usr/local/sbin/letsencrypt.sh --revoke certs/some.do/fullchain-1459249840.pem-revoked --domain some.do --challenge http-01 --config .letsencrypt/config.sh
Revoking certs/domain.do/fullchain-1459249840.pem-revoked

Details:
{"type":"urn:acme:error:malformed","detail":"Certificate already revoked","status":409}

.letsencrypt/config.sh contains

BASEDIR=/location/some.do
WELLKNOWN="${BASEDIR}/.well-known/acme-challenge"
PRIVATE_KEY="${BASEDIR}/.letsencrypt/private_key.pem"

etc.

How come the site certificate is listed as revoked but I can not get new one because it valid until Jun 27?

Originally created by @bobykus on GitHub (Apr 18, 2016). Running /usr/local/sbin/letsencrypt.sh --cron --domain some.do --challenge http-01 --config .letsencrypt/config.sh INFO: Using main config file .letsencrypt/config.sh Processing some.do - Checking domain name(s) of existing cert... unchanged. - Checking expire date of existing cert... - Valid till Jun 27 10:11:00 2016 GMT (Longer than 14 days). Skipping renew! While I run /usr/local/sbin/letsencrypt.sh --revoke certs/some.do/fullchain-1459249840.pem --domain some.do --challenge http-01 --config .letsencrypt/config.sh INFO: Using main config file .letsencrypt/config.sh Revoking certs/some.do/fullchain-1459249840.pem - Done. - Renaming certificate to certs/some.do/fullchain-1459249840.pem-revoked and of course then /usr/local/sbin/letsencrypt.sh --revoke certs/some.do/fullchain-1459249840.pem-revoked --domain some.do --challenge http-01 --config .letsencrypt/config.sh Revoking certs/domain.do/fullchain-1459249840.pem-revoked - ERROR: An error occurred while sending post-request to https://acme-v01.api.letsencrypt.org/acme/revoke-cert (Status 409) Details: {"type":"urn:acme:error:malformed","detail":"Certificate already revoked","status":409} .letsencrypt/config.sh contains BASEDIR=/location/some.do WELLKNOWN="${BASEDIR}/.well-known/acme-challenge" PRIVATE_KEY="${BASEDIR}/.letsencrypt/private_key.pem" etc. How come the site certificate is listed as revoked but I can not get new one because it valid until Jun 27?
adam closed this issue 2025-12-29 00:24:32 +01:00
adam commented 2025-12-29 00:24:33 +01:00
Author
Owner
Copy Link

@lukas2511 commented on GitHub (Apr 18, 2016):

letsencrypt.sh is looking for cert.pem, which still is pointing to a valid place and seems valid, it doesn't check with the server if the certificate has been revoked.

if you run the revoke command on cert-1459249840.pem (or just delete it, or run the command with -x to force renew) it should work.

@lukas2511 commented on GitHub (Apr 18, 2016): letsencrypt.sh is looking for `cert.pem`, which still is pointing to a valid place and seems valid, it doesn't check with the server if the certificate has been revoked. if you run the revoke command on `cert-1459249840.pem` (or just delete it, or run the command with `-x` to force renew) it should work.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Complicated
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
 suggestions wanted
testing
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/dehydrated#86
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?