Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/crypto/acme/autocert: failed cert creation is never retried #17740

Closed
niemeyer opened this issue Nov 2, 2016 · 7 comments
Closed

x/crypto/acme/autocert: failed cert creation is never retried #17740

niemeyer opened this issue Nov 2, 2016 · 7 comments
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Milestone
Unreleased

Comments

@niemeyer
Copy link
Contributor

niemeyer commented Nov 2, 2016
edited

When the creation of a certificate fails, the certState is being stored in m.state with an empty cert field, and there's no logic to retry the creation. On follow up requests the bogus state is returned and requests fail forever after.

Instead, it should retry after a short delay.
@bradfitz bradfitz added this to the Unreleased milestone Nov 2, 2016
@x1ddos
Copy link

x1ddos commented Nov 3, 2016
edited

@niemeyer good point. It's a known behaviour, well at least for me. I was planning on improving it.

Define "short" and for how long would it need to keep retrying (in case of consecutive failures)?

@x1ddos
Copy link

x1ddos commented Dec 16, 2016

Maybe a simpler way is to just remove the "bogus" state from in-memory map and retry on the next TLS hello. So, it would just seem like a new domain to the Manager.

How does it sound?

@bradfitz
Copy link
Contributor

If you're under heavy load and push a misconfiguration, you don't want to be slamming LetsEncrypt with requests. I'd make sure you not speak out any ACME for, say, a minute after any ACME rejection. Or be smart about which errors incur which time penalties. Some might mean infinite. Some might be transient network failures and you could retry in seconds.

But I think just waiting for the next TLS hello to kick off the retry seems fine.

@groob groob mentioned this issue Mar 31, 2017
Closed
@robpike robpike mentioned this issue Apr 25, 2017
Closed
@robpike
Copy link
Contributor

robpike commented Apr 25, 2017

This is related to the Upspin bug:

upspin/upspin#367

@bradfitz bradfitz added the NeedsFix The path to resolution is known, but the work has not been done. label Apr 25, 2017
@x1ddos
Copy link

x1ddos commented Apr 25, 2017

Thinking about this more, I'm leaning towards @bradfitz's suggestion - wait a minute and then remove the failed state, allowing next TLS hello to kick off a cert request again.

@x1ddos
Copy link

x1ddos commented Apr 25, 2017

Something like this: https://golang.org/cl/41694

@gopherbot
Copy link

CL https://golang.org/cl/41694 mentions this issue.

@golang golang locked and limited conversation to collaborators May 2, 2018
c-expert-zigbee pushed a commit to c-expert-zigbee/crypto_go that referenced this issue Mar 28, 2022
acme/autocert: remove failed state entries
582e8ab 
This change makes the Manager try creating a certificate
again, after a previously unsuccessful attempt.

The implementation is based on a timer, to prevent hitting
an ACME CA with too high QPS when under a heavy load.
The timer is hardcoded to 1 minute.

Fixes golang/go#17740.
Change-Id: I46a49201cf423be3360633a89209d7b2bccc1d76
Reviewed-on: https://go-review.googlesource.com/41694
Run-TryBot: Alex Vaghin <ddos@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
c-expert-zigbee pushed a commit to c-expert-zigbee/crypto_go that referenced this issue Mar 29, 2022
acme/autocert: remove failed state entries
253d5d4 
This change makes the Manager try creating a certificate
again, after a previously unsuccessful attempt.

The implementation is based on a timer, to prevent hitting
an ACME CA with too high QPS when under a heavy load.
The timer is hardcoded to 1 minute.

Fixes golang/go#17740.
Change-Id: I46a49201cf423be3360633a89209d7b2bccc1d76
Reviewed-on: https://go-review.googlesource.com/41694
Run-TryBot: Alex Vaghin <ddos@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
@rsc rsc unassigned x1ddos Jun 23, 2022
LewiGoddard pushed a commit to LewiGoddard/crypto that referenced this issue Feb 16, 2023
acme/autocert: remove failed state entries
87b594a 
This change makes the Manager try creating a certificate
again, after a previously unsuccessful attempt.

The implementation is based on a timer, to prevent hitting
an ACME CA with too high QPS when under a heavy load.
The timer is hardcoded to 1 minute.

Fixes golang/go#17740.
Change-Id: I46a49201cf423be3360633a89209d7b2bccc1d76
Reviewed-on: https://go-review.googlesource.com/41694
Run-TryBot: Alex Vaghin <ddos@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
BiiChris pushed a commit to BiiChris/crypto that referenced this issue Sep 15, 2023
acme/autocert: remove failed state entries
5373afd 
This change makes the Manager try creating a certificate
again, after a previously unsuccessful attempt.

The implementation is based on a timer, to prevent hitting
an ACME CA with too high QPS when under a heavy load.
The timer is hardcoded to 1 minute.

Fixes golang/go#17740.
Change-Id: I46a49201cf423be3360633a89209d7b2bccc1d76
Reviewed-on: https://go-review.googlesource.com/41694
Run-TryBot: Alex Vaghin <ddos@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Projects
None yet
Milestone
Unreleased
Development

No branches or pull requests
5 participants
@bradfitz @x1ddos @niemeyer @robpike @gopherbot