Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    acme-v01.api.letsencrypt.org Reprecated?

    Scheduled Pinned Locked Moved
    ACME
    3
    4
    71
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mrnb
      last edited by

      These messages have appeared in the DNS Resolver logs since this morning:

      Jan 16 15:51:04	filterdns	27598	failed to resolve host acme-staging.api.letsencrypt.org will retry later again.
Jan 16 15:51:04	filterdns	27598	failed to resolve host acme-staging.api.letsencrypt.org will retry later again.

      I'm currently using the ACME certificates for a lot of hosts via HAProxy. Is this something permanently broken with the package or something temporary?

      Is anyone else seeing this issue?

      patient0P GertjanG 2 Replies Last reply Reply Quote 0
      • patient0P
        patient0 @mrnb
        last edited by

        @mrnb said in acme-v01.api.letsencrypt.org Reprecated?:

        acme-staging.api.letsencrypt.org

        I don't use it much myself, but t doesn't resolve for me either, acme-v02.api.letsencrypt.org does though.

        The internet shows that they switched to v2 in January 2018 (https://community.letsencrypt.org/t/staging-endpoint-for-acme-v2/49605). Maybe they finally switched of the old URL?

        1 Reply Last reply Reply Quote 0
        • GertjanG
          Gertjan @mrnb
          last edited by Gertjan

          @mrnb

          Why do you think the 'acme' (pfSense package) is broken ?
          Question : Where does this host name "acme-staging.api.letsencrypt.org" come from ?

          [24.11-RELEASE][root@pfSense.bhf.tld]/usr/local/pkg/acme: grep "acme-staging.api.letsencrypt.org" *
(not found)

          so not from acme.
          Where does it really come from ?
          Here :
          97dcc784-36c0-482e-914d-0f75c6894f6c-image.png

          Who feeds filterdns with host names to resolve ?
          The pfSense admin 😊
          You've entered this host name somewhere under Firewall > Aliases > IP.
          Maybe it's time to edit ?

          edit : staging ... wasn't that URL meant to be used for testing purposes only ? The certificates obtained when using

          f86c3d30-5b9d-474a-9ab2-2cb9ae707837-image.png

          are not 'valid'.
          I remember using it once, years ago, for half an hour or or to test drive my setup, as I can do as many test as I want.
          As soon as I had the setting right, I switched over to the second option in the list, and never came back to this page.

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          M 1 Reply Last reply Reply Quote 0
          • M
            mrnb @Gertjan
            last edited by

            @Gertjan

            Oh you helped solve the problem!

            Thank you!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.