Certification path could not be validated


#1

Hi,
When requesting the Certification for my domin. i’m getting this error. Please check and advise. Thanks
Request failed - Certification path could not be validated. Org.BouncyCastle.Pkix.PkixCertPathBuilderException: Certification path could not be validated. β€”> Org.BouncyCastle.Pkix.PkixCertPathValidatorException: Could not validate certificate: certificate not valid until 20180816081154GMT+00:100:
2018-08-16 09:11:53.070 +05:00 [INF] hafizbilal.com: Request failed - Certification path could not be validated. Org.BouncyCastle.Pkix.PkixCertPathBuilderException: Certification path could not be validated. β€”> Org.BouncyCastle.Pkix.PkixCertPathValidatorException: Could not validate certificate: certificate not valid until 20180816081154GMT+00:00
at Org.BouncyCastle.Pkix.Rfc3280CertPathUtilities.ProcessCertA(PkixCertPath certPath, PkixParameters paramsPKIX, Int32 index, AsymmetricKeyParameter workingPublicKey, X509Name workingIssuerName, X509Certificate sign)
at Org.BouncyCastle.Pkix.PkixCertPathValidator.Validate(PkixCertPath certPath, PkixParameters paramsPkix)
at Org.BouncyCastle.Pkix.PkixCertPathBuilder.Build(X509Certificate tbvCert, PkixBuilderParameters pkixParams, IList tbvPath)
β€” End of inner exception stack trace β€”
at Org.BouncyCastle.Pkix.PkixCertPathBuilder.Build(PkixBuilderParameters pkixParams)
at Certes.Pkcs.PfxBuilder.FindIssuers()
at Certes.Pkcs.PfxBuilder.Build(String friendlyName, String password)
at Certify.Providers.Certes.CertesACMEProvider.d__24.MoveNext()
β€” End of stack trace from previous location where exception was thrown β€”
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task)
at Certify.Management.CertifyManager.d__11.MoveNext() in D:\Work\GIT\certify\src\Certify.Core\Management\CertifyManager\CertifyManager.CertificateRequest.cs:line 698
β€” End of stack trace from previous location where exception was thrown β€”
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task)
at Certify.Management.CertifyManager.d__10.MoveNext() in D:\Work\GIT\certify\src\Certify.Core\Management\CertifyManager\CertifyManager.CertificateRequest.cs:line 512
β€” End of stack trace from previous location where exception was thrown β€”
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certify.Management.CertifyManager.d__7.MoveNext() in D:\Work\GIT\certify\src\Certify.Core\Management\CertifyManager\CertifyManager.CertificateRequest.cs:line 298
2018-08-16 09:11:53.070 +05:00 [INF] hafizbilal.com: Request failed - Certification path could not be validated. Org.BouncyCastle.Pkix.PkixCertPathBuilderException: Certification path could not be validated. β€”> Org.BouncyCastle.Pkix.PkixCertPathValidatorException: Could not validate certificate: certificate not valid until 20180816081154GMT+00:00
at Org.BouncyCastle.Pkix.Rfc3280CertPathUtilities.ProcessCertA(PkixCertPath certPath, PkixParameters paramsPKIX, Int32 index, AsymmetricKeyParameter workingPublicKey, X509Name workingIssuerName, X509Certificate sign)
at Org.BouncyCastle.Pkix.PkixCertPathValidator.Validate(PkixCertPath certPath, PkixParameters paramsPkix)
at Org.BouncyCastle.Pkix.PkixCertPathBuilder.Build(X509Certificate tbvCert, PkixBuilderParameters pkixParams, IList tbvPath)
β€” End of inner exception stack trace β€”
at Org.BouncyCastle.Pkix.PkixCertPathBuilder.Build(PkixBuilderParameters pkixParams)
at Certes.Pkcs.PfxBuilder.FindIssuers()
at Certes.Pkcs.PfxBuilder.Build(String friendlyName, String password)
at Certify.Providers.Certes.CertesACMEProvider.d__24.MoveNext()
β€” End of stack trace from previous location where exception was thrown β€”
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task)
at Certify.Management.CertifyManager.d__11.MoveNext() in D:\Work\GIT\certify\src\Certify.Core\Management\CertifyManager\CertifyManager.CertificateRequest.cs:line 698
β€” End of stack trace from previous location where exception was thrown β€”
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task)
at Certify.Management.CertifyManager.d__10.MoveNext() in D:\Work\GIT\certify\src\Certify.Core\Management\CertifyManager\CertifyManager.CertificateRequest.cs:line 512
β€” End of stack trace from previous location where exception was thrown β€”
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certify.Management.CertifyManager.d__7.MoveNext() in D:\Work\GIT\certify\src\Certify.Core\Management\CertifyManager\CertifyManager.CertificateRequest.cs:line 298
2018-08-16 09:11:54.001 +05:00 [ERR] Certificate request process failed: Org.BouncyCastle.Pkix.PkixCertPathBuilderException: Certification path could not be validated. β€”> Org.BouncyCastle.Pkix.PkixCertPathValidatorException: Could not validate certificate: certificate not valid until 20180816081154GMT+00:00
at Org.BouncyCastle.Pkix.Rfc3280CertPathUtilities.ProcessCertA(PkixCertPath certPath, PkixParameters paramsPKIX, Int32 index, AsymmetricKeyParameter workingPublicKey, X509Name workingIssuerName, X509Certificate sign)
at Org.BouncyCastle.Pkix.PkixCertPathValidator.Validate(PkixCertPath certPath, PkixParameters paramsPkix)
at Org.BouncyCastle.Pkix.PkixCertPathBuilder.Build(X509Certificate tbvCert, PkixBuilderParameters pkixParams, IList tbvPath)
β€” End of inner exception stack trace β€”
at Org.BouncyCastle.Pkix.PkixCertPathBuilder.Build(PkixBuilderParameters pkixParams)
at Certes.Pkcs.PfxBuilder.FindIssuers()
at Certes.Pkcs.PfxBuilder.Build(String friendlyName, String password)
at Certify.Providers.Certes.CertesACMEProvider.d__24.MoveNext()
β€” End of stack trace from previous location where exception was thrown β€”
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task)
at Certify.Management.CertifyManager.d__11.MoveNext() in D:\Work\GIT\certify\src\Certify.Core\Management\CertifyManager\CertifyManager.CertificateRequest.cs:line 698
β€” End of stack trace from previous location where exception was thrown β€”
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task)
at Certify.Management.CertifyManager.d__10.MoveNext() in D:\Work\GIT\certify\src\Certify.Core\Management\CertifyManager\CertifyManager.CertificateRequest.cs:line 512
β€” End of stack trace from previous location where exception was thrown β€”
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certify.Management.CertifyManager.d__7.MoveNext() in D:\Work\GIT\certify\src\Certify.Core\Management\CertifyManager\CertifyManager.CertificateRequest.cs:line 298
Org.BouncyCastle.Pkix.PkixCertPathBuilderException: Certification path could not be validated. β€”> Org.BouncyCastle.Pkix.PkixCertPathValidatorException: Could not validate certificate: certificate not valid until 20180816081154GMT+00:00
at Org.BouncyCastle.Pkix.Rfc3280CertPathUtilities.ProcessCertA(PkixCertPath certPath, PkixParameters paramsPKIX, Int32 index, AsymmetricKeyParameter workingPublicKey, X509Name workingIssuerName, X509Certificate sign)
at Org.BouncyCastle.Pkix.PkixCertPathValidator.Validate(PkixCertPath certPath, PkixParameters paramsPkix)
at Org.BouncyCastle.Pkix.PkixCertPathBuilder.Build(X509Certificate tbvCert, PkixBuilderParameters pkixParams, IList tbvPath)
β€” End of inner exception stack trace β€”
at Org.BouncyCastle.Pkix.PkixCertPathBuilder.Build(PkixBuilderParameters pkixParams)
at Certes.Pkcs.PfxBuilder.FindIssuers()
at Certes.Pkcs.PfxBuilder.Build(String friendlyName, String password)
at Certify.Providers.Certes.CertesACMEProvider.d__24.MoveNext()
β€” End of stack trace from previous location where exception was thrown β€”
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task)
at Certify.Management.CertifyManager.d__11.MoveNext() in D:\Work\GIT\certify\src\Certify.Core\Management\CertifyManager\CertifyManager.CertificateRequest.cs:line 698
β€” End of stack trace from previous location where exception was thrown β€”
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task)
at Certify.Management.CertifyManager.d__10.MoveNext() in D:\Work\GIT\certify\src\Certify.Core\Management\CertifyManager\CertifyManager.CertificateRequest.cs:line 512
β€” End of stack trace from previous location where exception was thrown β€”
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Certify.Management.CertifyManager.d__7.MoveNext() in D:\Work\GIT\certify\src\Certify.Core\Management\CertifyManager\CertifyManager.CertificateRequest.cs:line 298


#2

Thanks for reporting this, it’s the first time this has come up - can you confirm you’re on the latest version and that your Windows Update is all up to date. Can you also make sure your server time is set correctly just in case it has skewed a little.


#3

Hi, same issue here did you make any headway to a cause and fix


#4

@topsey can you confirm that the issue still occurs after updating your system time against an internet time service? This issue implies that either your server or Let’s Encrypts server is experiencing clock skew.


#5

Hi, yes thanks after adjusting the clock I am able to acquire a wildcard cert.