Duplicate Certs #75

Open
opened 2021-04-24 10:39:19 +00:00 by Ghost · 2 comments

I keep getting this error, is it from Greenlock or from Let's encrypt?

Warning duplicate_certs:
a search for 'redacted-my-domain.com' returned multiple certificates
Error: a search for 'redacted-my-domain.com' returned multiple certificates
    at Object.greenlock.get (/app/node_modules/@root/greenlock/greenlock.js:223:23)

This happens both running Greenlock in staging & production mode.

I am using greenlock-store-fs on a mounted docker volume.
Checked the volumn and this domain only has a single certifacate in there.

It's also a brand new domain, just registered it, added it to my setup and then ran my greenlock app.

Looks like manager.find & manager.set are both called multple times.

It seems that manager.set does indeed request multiple certificate.

Also looks like manager.get is never requested.

Few questions:

  • Any idea on how to get past the duplicate certificates?
  • Is manager.get even required anymore?
  • Is there a way to revoke certificates via greenlock? or other means?

Thanks in advance

I keep getting this error, is it from Greenlock or from Let's encrypt? ``` Warning duplicate_certs: a search for 'redacted-my-domain.com' returned multiple certificates Error: a search for 'redacted-my-domain.com' returned multiple certificates at Object.greenlock.get (/app/node_modules/@root/greenlock/greenlock.js:223:23) ``` This happens both running Greenlock in staging & production mode. I am using `greenlock-store-fs` on a mounted docker volume. Checked the volumn and this domain only has a single certifacate in there. It's also a brand new domain, just registered it, added it to my setup and then ran my greenlock app. Looks like `manager.find` & `manager.set` are both called multple times. It seems that `manager.set` does indeed request multiple certificate. Also looks like `manager.get` is never requested. Few questions: * Any idea on how to get past the duplicate certificates? * Is `manager.get` even required anymore? * Is there a way to revoke certificates via greenlock? or other means? Thanks in advance
Owner

That's from Greenlock.

There's no way to revoke certificates in greenlock, but that's not related to the problem you're having here.

IIRC, manager.get is not used when manager.find is used. Details are here: https://git.rootprojects.org/root/greenlock-manager-test.js

I'm not sure why you would get that error.

My first instinct is to say just start over fresh using the quickstart and see if it happens again.

If you need paid support, this is probably something we could look over and solve together within 2-3 hours.

Also, please let me know if you already figured this out.

That's from Greenlock. There's no way to revoke certificates in greenlock, but that's not related to the problem you're having here. IIRC, `manager.get` is not used when `manager.find` is used. Details are here: https://git.rootprojects.org/root/greenlock-manager-test.js I'm not sure why you would get that error. My first instinct is to say just start over fresh using the quickstart and see if it happens again. If you need paid support, this is probably something we could look over and solve together within 2-3 hours. Also, please let me know if you already figured this out.
Author

Hi there, I have a similar error :
[400] Error creating new order :: Domain name "test8.domain.com" is redundant with a wildcard domain in the same request. Remove one or the other from the certificate request.

context: 'cert_issue',
subject: '.mydomain.com',
altnames: [ '
.mydomain.com', 'test8.mydomain.com' ],
toJSON: [Function: errorToJSON],
servername: 'test6.mydomain.com',
_site: {
challenges: { 'dns-01': [Object] },
subject: '.mydomain.com',
renewAt: 1624196379695,
altnames: [ '
.mydomain.com', 'test8.mydomain.com' ]
}

I am using greenlock-store-fs ("basePath": "./greenlock.d") on a mounted docker volume.

BTW this is not only on the docker image, I get this error on the same setting in a not docker container

I tried to let the altnames without the subdomains like altnames: [ '*.mydomain.com'] i don't get the error but the app doesn't load...

Hi there, I have a similar error : [400] Error creating new order :: Domain name "test8.domain.com" is redundant with a wildcard domain in the same request. Remove one or the other from the certificate request. context: 'cert_issue', subject: '*.mydomain.com', altnames: [ '*.mydomain.com', 'test8.mydomain.com' ], toJSON: [Function: errorToJSON], servername: 'test6.mydomain.com', _site: { challenges: { 'dns-01': [Object] }, subject: '*.mydomain.com', renewAt: 1624196379695, altnames: [ '*.mydomain.com', 'test8.mydomain.com' ] } I am using greenlock-store-fs ("basePath": "./greenlock.d") on a mounted docker volume. BTW this is not only on the docker image, I get this error on the same setting in a not docker container I tried to let the altnames without the subdomains like altnames: [ '*.mydomain.com'] i don't get the error but the app doesn't load...
Sign in to join this conversation.
No Label
No Milestone
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: root/greenlock-express.js#75
No description provided.