-
Notifications
You must be signed in to change notification settings - Fork 185
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Problem starting over with renewal #364
Comments
Unfortunately, once an Identifier is marked invalid, that particular instance can't be revived (this is a limitation of LE and the ACME protocol), as you discovered. You need to create a new Identifier (starting with the The reason you're getting an error about the same key already being added is that you're reusing the same $AliasDns = "certificateAlias-$([datetime]::Now.ToString("yyyyMMdd-HHmm"))"
New-ACMEIdentifier -Dns $domain -Alias $AliasDns Would give you unique aliases each time this code is run. So to address your original issue, pby want to stop after the call to NOTE, if you still have the response from the previous challenge, you can still validate it was correct, because the challenge response file should still be where it was placed. |
@ebekker thanks for the great info. I think I still have everything from the first try...can you give me some detail on how to validate the response? |
I am trying to implement an auto-renewal cert on my Azure Application Gateway using the info from the blog post below:
https://intelequia.com/blog/post/1012/automating-azure-application-gateway-ssl-certificate-renewals-with-let-s-encrypt-and-azure-automation
When trying to implement the actual auto-renewal piece which is done using an Azure Automation Runbook (PowerShell), I ran into an issue. I tried using the Runbook as is and while the test run
Completed
it actually failed to do the job. In an effort to figure out why it had failed, I copied the Runbook locally and stepped thru the code a section at a time. Below is the block of code that I worked thru:When I ran the last line, the resultant output showed a
Status
ofinvalid
. Looking thru the code, I checked to make sure the file did get created and uploaded to the Azure Storage Account. I also checked that I could access the file from a browser using the URL that LE would use. The only thing I though was maybe the file was not in ASCII format and that was causing the issue. Being a newbie to LE and ACME...I tried to re-create the file ensuing it was in ASCII format and re-run theUpdate-ACMEIdentifier
line again. Doing that I learned that once an Identifier goesinvalid
...it's lifespan is over and I need to start over. I just don't know how to start over from here. When I try to run theNew-ACMEIdentifier
line again...it give me the errorAn item with the same key has already been added
.For additional information, below is an image of the error thrown when I tested the Runbook using the Automation Account:
The text was updated successfully, but these errors were encountered: