Windows client crypt-le (le64.exe V0.38) could not finalize an order
Closed this issue · 2 comments
Hello Support,
Cannot get any certificates and not sure what I am doing wrong.
My domain is: pje1.pjelectrical.com.au
I ran this command using valid email address and complex password:
le64.exe -email "##########" -key pje1.pjelectrical.com.au_2022-05-09.key -csr pje1.pjelectrical.com.au_2022-05-09.csr -csr-key pje1.pjelectrical.com.au_2022-05-09.key -crt pje1.pjelectrical.com.au_2022-05-09.crt -domains "pje1.pjelectrical.com.au" -generate-missing -live -export-pfx "##########" -tag-pfx "pje1.pjelectrical.com.au_2022-05-09" -handle-as dns -api 2 -debug
It produced this output:
2022/05/09 05:02:15 [ Crypt::LE client v0.38 started. ]
2022/05/09 05:02:15 Generating a new account key
2022/05/09 05:02:19 Account key generated.
2022/05/09 05:02:19 Saving generated account key into pje1.pjelectrical.com.au_2022-05-09.key
2022/05/09 05:02:19 Generating a new CSR for domains pje1.pjelectrical.com.au
2022/05/09 05:02:19 CSR key loaded
2022/05/09 05:02:19 New CSR will be based on 'pje1.pjelectrical.com.au_2022-05-09.key' key
2022/05/09 05:02:19 CSR generated.
2022/05/09 05:02:19 Saving a new CSR into pje1.pjelectrical.com.au_2022-05-09.csr
2022/05/09 05:02:19 Account email has been set to 'PAnderson@atecho.com.au'
2022/05/09 05:02:19 Connecting to https://acme-v02.api.letsencrypt.org/directory
2022/05/09 05:02:20 Connecting to https://acme-v02.api.letsencrypt.org/acme/new-nonce
2022/05/09 05:02:21 Directory loaded successfully.
2022/05/09 05:02:21 Registering the account key
2022/05/09 05:02:21 Connecting to https://acme-v02.api.letsencrypt.org/acme/new-acct
2022/05/09 05:02:21 New key is now registered, reg path: https://acme-v02.api.letsencrypt.org/acme/acct/534430636. You need to accept TOS at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
2022/05/09 05:02:21 Account ID: 534430636
2022/05/09 05:02:21 Registration success: TOS change status - 1, new registration flag - 1.
2022/05/09 05:02:21 The key has been successfully registered. ID: 534430636
2022/05/09 05:02:21 Make sure to check TOS at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
2022/05/09 05:02:21 Connecting to https://acme-v02.api.letsencrypt.org/acme/acct/534430636
2022/05/09 05:02:21 Accepted TOS.
2022/05/09 05:02:21 Current contact details: PAnderson@atecho.com.au
2022/05/09 05:02:21 Connecting to https://acme-v02.api.letsencrypt.org/acme/new-order
2022/05/09 05:02:21 Connecting to https://acme-v02.api.letsencrypt.org/acme/finalize/534430636/86934322246
2022/05/09 05:02:22 Could not finalize an order.
2022/05/09 05:02:22 Requesting challenge.
2022/05/09 05:02:22 Connecting to https://acme-v02.api.letsencrypt.org/acme/authz-v3/106485177136
2022/05/09 05:02:22 Received challenges for pje1.pjelectrical.com.au.
2022/05/09 05:02:22 Requested challenges for 1 domain(s).
2022/05/09 05:02:22 Challenge for 'pje1.pjelectrical.com.au' requires the following DNS record to be created:
Host: _acme-challenge.pje1.pjelectrical.com.au, type: TXT, value: aB8Tigpdi3ABmDhcLjbOBOc-afD9zcdSB4vJ59cLTZo
Wait for DNS to update by checking it with the command: nslookup -q=TXT _acme-challenge.pje1.pjelectrical.com.au
When you see a text record returned, press
2022/05/09 05:04:36 Accepted challenges for 1 domain(s).
2022/05/09 05:04:36 Connecting to https://acme-v02.api.letsencrypt.org/directory
2022/05/09 05:04:37 Connecting to https://acme-v02.api.letsencrypt.org/acme/new-nonce
2022/05/09 05:04:37 Directory loaded successfully.
2022/05/09 05:04:37 Connecting to https://acme-v02.api.letsencrypt.org/acme/chall-v3/106485177136/ryq4-w
2022/05/09 05:04:39 Connecting to https://acme-v02.api.letsencrypt.org/acme/chall-v3/106485177136/ryq4-w
2022/05/09 05:04:41 Connecting to https://acme-v02.api.letsencrypt.org/acme/chall-v3/106485177136/ryq4-w
2022/05/09 05:04:42 Domain pje1.pjelectrical.com.au has been verified successfully.
2022/05/09 05:04:42 Processing the 'dns' verification for 'pje1.pjelectrical.com.au'
2022/05/09 05:04:42 Domain verification results for 'pje1.pjelectrical.com.au': success.
2022/05/09 05:04:42 You can now delete '_acme-challenge.pje1.pjelectrical.com.au' DNS record
2022/05/09 05:04:42 Verified challenges for 1 domain(s).
2022/05/09 05:04:42 Requesting domain certificate.
2022/05/09 05:04:42 Connecting to https://acme-v02.api.letsencrypt.org/acme/finalize/534430636/86934322246
2022/05/09 05:04:42 Could not finalize an order.
2022/05/09 05:04:42 Could not finalize an order.
My web server is (include version): IIS V8.5.9600.16384
The operating system my web server runs on is (include version): Windows2012R2
My hosting provider, if applicable, is: N/A
I can login to a root shell on my machine : YES
I'm using a control panel to manage my site : NO
The version of my client is : le64.exe version 0.38.0.0 .
Please help.
Thanks.
I believe this might have been sorted at the time via LE forums. Version 0.39 implements the retry mechanism for async order finalization, which should be more robust, so closing it now - feel free to re-open if the same error re-occurs. Thanks.
I believe this might have been sorted at the time via LE forums. Version 0.39 implements the retry mechanism for async order finalization, which should be more robust, so closing it now - feel free to re-open if the same error re-occurs. Thanks.
