This repository has been archived by the owner on Aug 26, 2021. It is now read-only.
Expose details when the ACME identifier authorization fails #276
Comments
|
@jpaulgs Jerome, thanks so much for putting the details of your issue here, they were instrumental in helping us resolve a difficult issue with Let's Encrypt. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I was trying to setup kube-lego on my cluster this morning and kept on receiving the following error:
time="2017-11-14T22:44:04Z" level=debug msg="error while authorizing: waiting for authorization failed: acme: identifier authorization failed" context=acme domain=....Which after 5 tries results in being rate limited:
time="2017-11-14T22:44:25Z" level=debug msg="error while authorizing: getting authorization failed: 429 urn:acme:error:rateLimited: Error creating new authz :: Too many failed authorizations recently." context=acme domain=...In this case the root cause of the error was a CAA record stipulating a different SSL provider. Is kube lego able to log the cause of the errors?
This type of issue doesn't appear to be recoverable so trying until the system gets rate limited is less than ideal. If possible I would actually prefer a hard failure with a useful message.
The text was updated successfully, but these errors were encountered: