Project

General

Profile

Actions
Copy link

action #166976

closed

dehydrated error on o3: "JWS has no anti-replay nonce"

Added by robert.richardson 3 months ago. Updated 3 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
nicksinger
Category:
Regressions/Crashes
Target version:
openQA Project (public) - Ready
Start date:
2024-09-18
Due date:
% Done:

0%

Estimated time:
Tags:
alert, infra, reactive work

Description

The cron daemon reported a error during the renewal of the TLS certificates on o3

  + ERROR: An error occurred while sending head-request to https://acme-v02.api.letsencrypt.org/acme/new-nonce (Status 503)

Details:
HTTP/2 503
server: nginx
date: Wed, 18 Sep 2024 00:00:02 GMT
content-type: application/problem+json
content-length: 90
cache-control: private
retry-after: 7



/usr/bin/dehydrated: line 737: 1: unbound variable
  + ERROR: An error occurred while sending post-request to https://acme-v02.api.letsencrypt.org/acme/new-order (Status 400)

Details:
HTTP/2 400
server: nginx
date: Wed, 18 Sep 2024 00:00:03 GMT
content-type: application/problem+json
content-length: 112
boulder-requester: 1199940347
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: UAMvsxnwPbq16itgZ7VH3R4fO4kHnh40eCxwKxESWNNkcphNDPE

{
  "type": "urn:ietf:params:acme:error:badNonce",
  "detail": "JWS has no anti-replay nonce",
  "status": 400
}
/usr/bin/dehydrated: line 737: 1: unbound variable
Processing openqa.opensuse.org
 + Checking domain name(s) of existing cert... unchanged.
 + Checking expire date of existing cert...
 + Valid till Oct 17 23:00:12 2024 GMT (Less than 30 days). Renewing!
 + Signing domains...
 + Generating private key...
 + Generating signing request...
 + Requesting new certificate order from CA...
Actions
Copy link

Also available in: Atom PDF