I have the same problem on my server.
kern.version=OpenBSD 6.2 (GENERIC.MP) #6: Wed Feb 28 21:13:02 CET 2018
[email protected]:/usr/src/sys/arch/amd64/compile/GENERIC.MP
Everything works fine except until the end.
acme-client: https://acme-v01.api.letsencrypt.org/acme/new-cert: certificate
acme-client: http://cert.int-x3.letsencrypt.org/: full chain
acme-client: cert.int-x3.letsencrypt.org: DNS: 104.68.104.217
acme-client: http://cert.int-x3.letsencrypt.org/: bad HTTP: 301
acme-client: short read: chain length
acme-client: bad exit: certproc(8158): 1
acme-client: bad exit: netproc(96742): 1
My certificate expires on March 27, 2018 and cannot be renewed.
I found this bug report:
https://github.com/kristapsdz/acme-client-portable/issues/50
-- quote --
acme-client takes its instructions from the X509 certificate, CA issuer
(1.3.6.1.5.5.7.48.2), which directs to http://cert.int-x3.letsencrypt.org/.
However, http://cert.int-x3.letsencrypt.org/ redirects to
https://cert.int-x3.letsencrypt.org/ now:
$ curl --head "http://cert.int-x3.letsencrypt.org/";
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://cert.int-x3.letsencrypt.org/
Cache-Control: max-age=0
Expires: Sun, 11 Mar 2018 11:55:48 GMT
Date: Sun, 11 Mar 2018 11:55:48 GMT
Connection: keep-alive
