win-acme: Renews fail intermittent

I just updated to latest version 2.1.11.917 (RELEASE, PLUGGABLE, 64-bit).

When running renews I get this errors. If I filter to just one renewal manually it succeedes. I reproduced this several times. I think before 2.1.11 it was not possible to complete the orders at all.

 [EROR] (InvalidOperationException): No challenge found
 [DBUG] Exception details: InvalidOperationException {TargetSite=Void MoveNext(), StackTrace="   at PKISharp.WACS.RenewalValidator.AnswerChallenge(ValidationCon
text validationContext)\r\n   at PKISharp.WACS.RenewalValidator.ParallelValidation(ParallelOperations level, ILifetimeScope scope, ExecutionContext context, Lis
t`1 parameters)\r\n   at PKISharp.WACS.RenewalValidator.ParallelValidation(ParallelOperations level, ILifetimeScope scope, ExecutionContext context, List`1 para
meters)\r\n   at PKISharp.WACS.RenewalValidator.AuthorizeOrder(ExecutionContext context, RunLevel runLevel)\r\n   at PKISharp.WACS.RenewalExecutor.ExecuteRenewa
l(ILifetimeScope execute, List`1 orders, RunLevel runLevel)\r\n   at PKISharp.WACS.RenewalExecutor.HandleRenewal(Renewal renewal, RunLevel runLevel)\r\n   at PK
ISharp.WACS.RenewalManager.ProcessRenewal(Renewal renewal, RunLevel runLevel)", Message="No challenge found", Data=[], InnerException=null, HelpLink=null, Sourc
e="wacs.lib", HResult=-2146233079}
 [EROR] Renewal for [Manual] foo.example.com failed, will retry on next run
 
 
  [EROR] (InvalidOperationException): No challenge found
 [DBUG] Exception details: InvalidOperationException {TargetSite=Void MoveNext(), StackTrace="   at PKISharp.WACS.RenewalValidator.AnswerChallenge(ValidationCon
text validationContext)\r\n   at PKISharp.WACS.RenewalValidator.ParallelValidation(ParallelOperations level, ILifetimeScope scope, ExecutionContext context, Lis
t`1 parameters)\r\n   at PKISharp.WACS.RenewalValidator.ParallelValidation(ParallelOperations level, ILifetimeScope scope, ExecutionContext context, List`1 para
meters)\r\n   at PKISharp.WACS.RenewalValidator.AuthorizeOrder(ExecutionContext context, RunLevel runLevel)\r\n   at PKISharp.WACS.RenewalExecutor.ExecuteRenewa
l(ILifetimeScope execute, List`1 orders, RunLevel runLevel)\r\n   at PKISharp.WACS.RenewalExecutor.HandleRenewal(Renewal renewal, RunLevel runLevel)\r\n   at PK
ISharp.WACS.RenewalManager.ProcessRenewal(Renewal renewal, RunLevel runLevel)", Message="No challenge found", Data=[], InnerException=null, HelpLink=null, Sourc
e="wacs.lib", HResult=-2146233079}
 [EROR] Renewal for [Manual] bar.example.net failed, will retry on next run

This is the situation I always tried to avoid… running all sites with SSL and the renew of hundreds of certificates fails at a given time because of a software issue… 😦

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Comments: 29 (14 by maintainers)

Most upvoted comments

Looks like others have seen similar things recently with Let’s Encrypt: https://community.letsencrypt.org/t/repeated-dns-error-during-secondary-validation-dns-problem-networking-error-looking-up-a/135243/8

If your cert has many domains included it could be a Let’s Encrypt rate limit issue (20 requests per second) but usually that would result in an rate-limit error.

+1
webprofusion-chrisc on Oct 29, 2020

Every domain is online and has for sure an ipv4 address.

There are no IPv6 adresses, only ipv4 exists.

Since the dns server zone setttings have not changed for years I think it can only be an issue of the software. Also keep in mind with multithreading disabled the renew works fine! This can only be a software issue of win-acme.

+1
alexhass on Oct 29, 2020
Read more comments on GitHub
← win-acme: GoDaddy plugin "Unauthorized"
svelte-windicss-preprocess: Breaks .svelte modules →