I have the same problem on my server.

kern.version=OpenBSD 6.2 (GENERIC.MP) #6: Wed Feb 28 21:13:02 CET 2018

Everything works fine except until the end.

acme-client: https://acme-v01.api.letsencrypt.org/acme/new-cert: certificate
acme-client: http://cert.int-x3.letsencrypt.org/: full chain
acme-client: cert.int-x3.letsencrypt.org: DNS:
acme-client: http://cert.int-x3.letsencrypt.org/: bad HTTP: 301
acme-client: short read: chain length
acme-client: bad exit: certproc(8158): 1
acme-client: bad exit: netproc(96742): 1

My certificate expires on March 27, 2018 and cannot be renewed.

I found this bug report:


-- quote --

acme-client takes its instructions from the X509 certificate, CA issuer 
(, which directs to http://cert.int-x3.letsencrypt.org/. 
However, http://cert.int-x3.letsencrypt.org/ redirects to 
https://cert.int-x3.letsencrypt.org/ now:

$ curl --head "http://cert.int-x3.letsencrypt.org/";
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://cert.int-x3.letsencrypt.org/
Cache-Control: max-age=0
Expires: Sun, 11 Mar 2018 11:55:48 GMT
Date: Sun, 11 Mar 2018 11:55:48 GMT
Connection: keep-alive

Reply via email to