V-update-letsencrypt-ssl error

After last update of HestiaCP, I have error:

Can't open invalid/xn--80adib0aftpbeiu4j.xn--p1ai.csr for reading, No such file or directory
140054134797440:error:02001002:system library:fopen:No such file or directory:../crypto/bio/bss_file.c:69:fopen('invalid/xn--80adib0aftpbeiu4j.xn--p1ai.csr','r')
140054134797440:error:2006D080:BIO routines:BIO_new_file:no such file:../crypto/bio/bss_file.c:76:
Error: Let's Encrypt finalize bad status 400 ([xn--80adib0aftpbeiu4j.xn--p1ai](https://xn--80adib0aftpbeiu4j.xn--p1ai/))

In LE…log:

==[Step 6]==
- status: 400
- nonce: 0001jBl7CASd_-fhzVmCMbNaxOKDLt9C8yASy2Q5a_HaXws
- payload: {"csr":""}
- certificate:
- answer: HTTP/2 400
server: nginx
date: Thu, 09 Dec 2021 02:17:12 GMT
content-type: application/problem+json
content-length: 158
boulder-requester: 112524615
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0001jBl7CASd_-fhzVmCMbNaxOKDLt9C8yASy2Q5a_HaXws

{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Error parsing certificate request: asn1: syntax error: sequence truncated",
  "status": 400
}

How can I fix it?

Please paste the whole lets encrypt log.

=============================
Date Time: 2021-12-09 05:17:09
WEB_SYSTEM: apache2
PROXY_SYSTEM: nginx
user: user1
domain: xn--80adib0aftpbeiu4j.xn--p1ai


- aliases:
- proto: http-01
- wildcard:


==[Step 1]==
- status: 200
- nonce: 0002CWLDPQ6gH_gqmTLRBZGKOZhGCE1pS5P-ojtY3Fm8eZI
- answer: HTTP/2 200
server: nginx
date: Thu, 09 Dec 2021 02:17:10 GMT
content-type: application/json
content-length: 658
cache-control: public, max-age=0, no-cache
replay-nonce: 0002CWLDPQ6gH_gqmTLRBZGKOZhGCE1pS5P-ojtY3Fm8eZI
x-frame-options: DENY
strict-transport-security: max-age=604800



==[API call]==
exit status: 0


==[Step 2]==
- status: 201
- nonce: 0101pA1Igx-oNch4thCz1EGWrIVZQGItO-GKHlU_SdjrLBg
- authz: https://acme-v02.api.letsencrypt.org/acme/authz-v3/55814731120
- finalize: https://acme-v02.api.letsencrypt.org/acme/finalize/112524615/45047666660
- payload: {"identifiers":[{"type":"dns","value":"xn--80adib0aftpbeiu4j.xn--p1ai"}]}
- answer: HTTP/2 201
server: nginx
date: Thu, 09 Dec 2021 02:17:11 GMT
content-type: application/json
content-length: 351
boulder-requester: 112524615
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
location: https://acme-v02.api.letsencrypt.org/acme/order/112524615/45047666660
replay-nonce: 0101pA1Igx-oNch4thCz1EGWrIVZQGItO-GKHlU_SdjrLBg
x-frame-options: DENY
strict-transport-security: max-age=604800

{
  "status": "ready",
  "expires": "2021-12-13T00:36:23Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "xn--80adib0aftpbeiu4j.xn--p1ai"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55814731120"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/112524615/45047666660"
}


==[API call]==
exit status: 0


==[Step 3]==
- status: 200
- nonce: 0101cLBjLtmdx1x53CQrD46aMXF-ep-W0sRmVXQG1sFh1BY
- url: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55814731120/GElaQg
- token: Ws6tXDUhkFDkoAQ-eL9GW3OqBSAickNZ_GsXNsHCG-c
- answer: HTTP/2 200
server: nginx
date: Thu, 09 Dec 2021 02:17:11 GMT
content-type: application/json
content-length: 1151
boulder-requester: 112524615
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0101cLBjLtmdx1x53CQrD46aMXF-ep-W0sRmVXQG1sFh1BY
x-frame-options: DENY
strict-transport-security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "xn--80adib0aftpbeiu4j.xn--p1ai"
  },
  "status": "valid",
  "expires": "2022-01-05T00:36:32Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "valid",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55814731120/GElaQg",
      "token": "Ws6tXDUhkFDkoAQ-eL9GW3OqBSAickNZ_GsXNsHCG-c",
      "validationRecord": [
        {
          "url": "http://xn--80adib0aftpbeiu4j.xn--p1ai/.well-known/acme-challenge/Ws6tXDUhkFDkoAQ-eL9GW3OqBSAickNZ_GsXNsHCG-c",
          "hostname": "xn--80adib0aftpbeiu4j.xn--p1ai",
          "port": "80",
          "addressesResolved": [
            "91.188.222.77"
          ],
          "addressUsed": "91.188.222.77"
        },
        {
          "url": "https://xn--80adib0aftpbeiu4j.xn--p1ai/.well-known/acme-challenge/Ws6tXDUhkFDkoAQ-eL9GW3OqBSAickNZ_GsXNsHCG-c",
          "hostname": "xn--80adib0aftpbeiu4j.xn--p1ai",
          "port": "443",
          "addressesResolved": [
            "91.188.222.77"
          ],
          "addressUsed": "91.188.222.77"
        }
      ],
      "validated": "2021-12-06T00:36:29Z"
    }
  ]
}


==[API call]==
exit status: 0


==[Step 6]==
- status: 400
- nonce: 0001jBl7CASd_-fhzVmCMbNaxOKDLt9C8yASy2Q5a_HaXws
- payload: {"csr":""}
- certificate:
- answer: HTTP/2 400
server: nginx
date: Thu, 09 Dec 2021 02:17:12 GMT
content-type: application/problem+json
content-length: 158
boulder-requester: 112524615
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
replay-nonce: 0001jBl7CASd_-fhzVmCMbNaxOKDLt9C8yASy2Q5a_HaXws

{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Error parsing certificate request: asn1: syntax error: sequence truncated",
  "status": 400
}

See GitHub #2272 Fix issue where email validator didn't allow idn domains (#2273) · hestiacp/[email protected] · GitHub

For the patch

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.