As Deepak says, the ’13’ in that error message almost always refers to a filesystem permission problem. Check the files and the directory tree in which it lives for correct read/write permissions. Consider turning up the logging level if that doesn’t help.
> On Jun 19, 2026, at 7:54 AM, Abfalterer, Armin > <[email protected]> wrote: > > The error status urn:ietf:params:acme:error:unauthorized seems to come from > the CA Provider so I deem that it is not a local permission issue. > Von: Deepak Goel <[email protected]> > Gesendet: Freitag, 19. Juni 2026 12:16 > An: [email protected] <[email protected]> > Betreff: Re: [users@httpd] Certificate renewal fails after upgrade to httpd > v2.4.66 > Sie erhalten nicht häufig E-Mails von [email protected]. Erfahren Sie, warum > dies wichtig ist > looks like a directory or file access issue > > "status-description": "Permission denied", > > You might have to check with ls -lt command and then do a chmod > > > > > Deepak > "The greatness of a nation can be judged by the way its animals are treated - > Mahatma Gandhi" > > +91 73500 12833 > [email protected] > > LinkedIn: www.linkedin.com/in/deicool > > "Plant a Tree, Go Green" > > Make In India : http://www.makeinindia.com/home > > > On Fri, Jun 19, 2026 at 3:43 PM Abfalterer, Armin > <[email protected]> wrote: > Hi all > An instance running httpd v2.4.66 persistently fails to renew certificates > with an ACME unauthorized error. ZeroSSL rejects the replaces field in the > new order, claiming the certificate being replaced does not belong to the > current ACME account. Renewal never succeeds and the error counter keeps > incrementing. > Renewal was working prior to the upgrade to v2.4.66. > Environment > • Apache httpd version: 2.4.66 > • ACME CA: ZeroSSL > Observed Behavior > Renewal fails repeatedly with error count accumulating. The job.json / > md-status output shows status 13 (Permission denied), problem > urn:ietf:params:acme:error:unauthorized, with the detail: "The 'replaces' > field does not identify a certificate that belongs to this ACME account", > during the activity "Creating new order ... replacing-cert=...". > > { > "renewal": { > "name": "xxx", > "finished": false, > "notified": false, > "notified-renewed": false, > "next-run": "Fri, 19 Jun 2026 06:09:00 GMT", > "last-run": "Thu, 18 Jun 2026 22:44:59 GMT", > "errors": 11, > "last": { > "status": 13, > "status-description": "Permission denied", > "problem": "urn:ietf:params:acme:error:unauthorized", > "detail": "The \"replaces\" field does not identify a certificate that > belongs to this ACME account", > "activity": "Creating new order, key-spec=default, profile=none, > replacing-cert=xxx" > }, > "cert": {} > } > } > > Is this a known issue? Is there a recommended mitigation? > > Regards, Armin --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
