Problem starting over with renewal #364
Description
I am trying to implement an auto-renewal cert on my Azure Application Gateway using the info from the blog post below:
When trying to implement the actual auto-renewal piece which is done using an Azure Automation Runbook (PowerShell), I ran into an issue. I tried using the Runbook as is and while the test run Completed it actually failed to do the job. In an effort to figure out why it had failed, I copied the Runbook locally and stepped thru the code a section at a time. Below is the block of code that I worked thru:
Initialize-ACMEVault
New-ACMERegistration -Contacts mailto:$EmailAddress -AcceptTos
$AliasDns = "certificateAlias"
New-ACMEIdentifier -Dns $domain -Alias $AliasDns
(Complete-ACMEChallenge $AliasDns -ChallengeType http-01 -Handler manual).Challenge
$http01 = (Update-ACMEIdentifier $AliasDns -ChallengeType http-01).Challenges | Where- Object {$_.Type -eq "http-01"}
# Add file blob to check DNS
$tmpPath = $env:TEMP + "\"
$pfxfile = $tmpPath + "certificate.pfx"
$FileContentStrIndex = $http01.HandlerHandleMessage.IndexOf("File Content:")
$FileContentSegments = $http01.HandlerHandleMessage.Substring($FileContentStrIndex + 15).Split(".")
$FileContentSegments[1] = $FileContentSegments[1].Substring(0,
$FileContentSegments[1].IndexOf("]"))
$filePath = $tmpPath + $FileContentSegments[0]
$fileContent = $FileContentSegments[0] + "." + $FileContentSegments[1]
Set-Content -Value $fileContent -Path $filePath
$blobName = ".well-known\acme-challenge\" + $FileContentSegments[0]
$storageAccount = Get-AzureRmStorageAccount -ResourceGroupName
$STResourceGroupName -Name $storageName
$ctx = $storageAccount.Context
set-azurestorageblobcontent -File $filePath -Container "public" -Context $ctx -Blob $blobName
Submit-ACMEChallenge $AliasDns -ChallengeType http-01 -Force
Update-ACMEIdentifier $AliasDns
When I ran the last line, the resultant output showed a Status of invalid. Looking thru the code, I checked to make sure the file did get created and uploaded to the Azure Storage Account. I also checked that I could access the file from a browser using the URL that LE would use. The only thing I though was maybe the file was not in ASCII format and that was causing the issue. Being a newbie to LE and ACME...I tried to re-create the file ensuing it was in ASCII format and re-run the Update-ACMEIdentifier line again. Doing that I learned that once an Identifier goes invalid...it's lifespan is over and I need to start over. I just don't know how to start over from here. When I try to run the New-ACMEIdentifier line again...it give me the error An item with the same key has already been added.
For additional information, below is an image of the error thrown when I tested the Runbook using the Automation Account:
