acme-chief fails in acmechief-test1001 to renew certificates, the log shows the following error:
Feb 04 13:44:20 acmechief-test1001 acme-chief-backend[28213]: Handling order finalized event for apt / ec-prime256v1 Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: Traceback (most recent call last): Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: File "/usr/bin/acme-chief-backend", line 11, in <module> Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: load_entry_point('acme-chief==0.22', 'console_scripts', 'acme-chief-backend')() Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: File "/usr/lib/python3/dist-packages/acme_chief/acme_chief.py", line 908, in main Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: ACMEChief().run() Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: File "/usr/lib/python3/dist-packages/acme_chief/acme_chief.py", line 364, in run Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: self.certificate_management() Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: File "/usr/lib/python3/dist-packages/acme_chief/acme_chief.py", line 881, in certificate_management Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: new_status = self._handle_pushed_challenges(cert_id, key_type_id) Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: File "/usr/lib/python3/dist-packages/acme_chief/acme_chief.py", line 687, in _handle_pushed_challenges Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: status = self._handle_order_finalized(cert_id, key_type_id) Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: File "/usr/lib/python3/dist-packages/acme_chief/acme_chief.py", line 715, in _handle_order_finalized Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: certificate = session.get_certificate(csr_id) Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: File "/usr/lib/python3/dist-packages/acme_chief/acme_requests.py", line 483, in get_certificate Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: certificate_order = self.acme_client.fetch_certificate(finished_order, deadline=deadline) Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: File "/usr/lib/python3/dist-packages/acme_chief/acme_requests.py", line 227, in fetch_certificate Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: response = self.net.get(orderr.uri) Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: File "/usr/lib/python3/dist-packages/acme/client.py", line 1171, in get Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: self._send_request('GET', url, **kwargs), content_type=content_type) Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: File "/usr/lib/python3/dist-packages/acme/client.py", line 1073, in _check_response Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: raise messages.Error.from_json(jobj) Feb 04 13:44:21 acmechief-test1001 acme-chief-backend[28213]: acme.messages.Error: urn:ietf:params:acme:error:malformed :: The request message was malformed :: Method not allowed
This could be related to the python3-acme version we are currently using and some recent changes on Let's Encrypt regarding POST-as-get requests