So just a moment ago I was wondering why my Let’s Encrypt certificate on a particular server wasn’t renewing. I’m using a simple script called acme-tiny for Let’s Encrypt as it’s just about the lightest implementation for it. However it failed with this error message:
Traceback (most recent call last):
File "/home/user/acme_tiny.py", line 198, in
main(sys.argv[1:])
File "/home/user/acme_tiny.py", line 194, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca)
File "/home/user/acme_tiny.py", line 161, in get_crt
raise ValueError("Error signing certificate: {0} {1}".format(code, result))
ValueError: Error signing certificate: 403 {
"type": "urn:acme:error:unauthorized",
"detail": "Error creating new cert :: authorizations for these names not found or expired: example.com",
"status": 403
}
The answer is here: https://github.com/diafygi/acme-tiny/issues/167 and the solution is simple: this was a bug, it has been fixed, just get the latest version. The problem went away after that.