Since upgrading several servers to HestiaCP 1.9.6, we’re seeing Let’s Encrypt certificate requests and renewals fail on multiple independent installations.
The issue was not present before the upgrade and occurs on more than one server.
Typical errors include:
-
Let's Encrypt acme/authz bad status 404
-
Let's Encrypt finalize bad status 403
-
Let's Encrypt finalize bad status 404
Can anyone from the Hestia team confirm whether there are known Let’s Encrypt related issues in 1.9.6, or whether additional debugging information is needed?
I can provide logs and further details if required.
Hi,
I’m not part of the Hestia team, but I’m not aware of any issues regarding Let’s Encrypt certificates after the update. In fact, last night one of my certificates was renewed as usual.
Could you please provide the log for one of those domains? The log is located at:
/var/log/hestia/LE-YourUser-YourDomain.log
Also, please include the actual domain name, either here or by sending me a private message.
Thanks. It may be that existing renewals are not affected; I’m mainly seeing this with manual/new certificate requests so far.
I’ll reproduce it again on a test domain after restoring the server to a clean snapshot and then share the relevant log.
I’ve just created a new certificate (not renewed) and it works fine.
Quick update: we tested this on two separate HestiaCP 1.9.6 servers on different networks/providers and both were showing the same Let’s Encrypt errors.
After about an hour, certificate requests started working again on both servers without any obvious change. At this point it appears the issue was most likely on the Let’s Encrypt/ACME side rather than HestiaCP itself.
We’ll keep an eye on it.
Great! Thanks for the update.
