A little while ago my Vaultwarden instance stopped working. I checked the web frontend and the interface was down with (first a CloudFlare host error, and playing with it made it change into) an invalid SSL certificate.
caddy | {"level":"info","ts":1654723317.160815,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"linode-vaultwarden.spikespaz.com","challenge_type":"dns-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
caddy | {"level":"error","ts":1654723317.2791078,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"linode-vaultwarden.spikespaz.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for linode-vaultwarden.spikespaz.com (probably OK if presenting failed)"}
caddy | {"level":"error","ts":1654723317.36962,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"linode-vaultwarden.spikespaz.com","issuer":"acme-v02.api.letsencrypt.org-directory","error":"[linode-vaultwarden.spikespaz.com] solving challenges: presenting for challenge: adding temporary record for zone spikespaz.com.: got error status: HTTP 400: [{Code:6003 Message:Invalid request headers}] (order=https://acme-v02.api.letsencrypt.org/acme/order/411258510/96010725016) (ca=https://acme-v02.api.letsencrypt.org/directory)"}
caddy | {"level":"info","ts":1654723317.372098,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["linode-vaultwarden.spikespaz.com"],"ca":"https://acme.zerossl.com/v2/DV90","account":"[email protected]"}
caddy | {"level":"info","ts":1654723317.3731222,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["linode-vaultwarden.spikespaz.com"],"ca":"https://acme.zerossl.com/v2/DV90","account":"[email protected]"}
caddy | {"level":"info","ts":1654723325.842115,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"linode-vaultwarden.spikespaz.com","challenge_type":"dns-01","ca":"https://acme.zerossl.com/v2/DV90"}
caddy | {"level":"error","ts":1654723325.9414904,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"linode-vaultwarden.spikespaz.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for linode-vaultwarden.spikespaz.com (probably OK if presenting failed)"}
caddy | {"level":"error","ts":1654723329.863269,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"linode-vaultwarden.spikespaz.com","issuer":"acme.zerossl.com-v2-DV90","error":"[linode-vaultwarden.spikespaz.com] solving challenges: presenting for challenge: adding temporary record for zone spikespaz.com.: got error status: HTTP 400: [{Code:6003 Message:Invalid request headers}] (order=https://acme.zerossl.com/v2/DV90/order/V9_HdrdzKjVUHDrqGQw_ew) (ca=https://acme.zerossl.com/v2/DV90)"}
caddy | {"level":"error","ts":1654723329.8633559,"logger":"tls.obtain","msg":"will retry","error":"[linode-vaultwarden.spikespaz.com] Obtain: [linode-vaultwarden.spikespaz.com] solving challenges: presenting for challenge: adding temporary record for zone spikespaz.com.: got error status: HTTP 400: [{Code:6003 Message:Invalid request headers}] (order=https://acme.zerossl.com/v2/DV90/order/V9_HdrdzKjVUHDrqGQw_ew) (ca=https://acme.zerossl.com/v2/DV90)","attempt":1,"retrying_in":60,"elapsed":13.350819347,"max_duration":2592000}
caddy | {"level":"info","ts":1654723390.2530217,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"linode-vaultwarden.spikespaz.com","challenge_type":"dns-01","ca":"https://acme-staging-v02.api.letsencrypt.org/directory"}
caddy | {"level":"error","ts":1654723390.3825397,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"linode-vaultwarden.spikespaz.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for linode-vaultwarden.spikespaz.com (probably OK if presenting failed)"}
caddy | {"level":"error","ts":1654723390.4436834,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"linode-vaultwarden.spikespaz.com","issuer":"acme-v02.api.letsencrypt.org-directory","error":"[linode-vaultwarden.spikespaz.com] solving challenges: presenting for challenge: adding temporary record for zone spikespaz.com.: got error status: HTTP 400: [{Code:6003 Message:Invalid request headers}] (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/51143733/2796180054) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)"}
caddy | {"level":"info","ts":1654723397.8965223,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"linode-vaultwarden.spikespaz.com","challenge_type":"dns-01","ca":"https://acme.zerossl.com/v2/DV90"}
caddy | {"level":"error","ts":1654723398.0058784,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"linode-vaultwarden.spikespaz.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for linode-vaultwarden.spikespaz.com (probably OK if presenting failed)"}
caddy | {"level":"error","ts":1654723400.164129,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"linode-vaultwarden.spikespaz.com","issuer":"acme.zerossl.com-v2-DV90","error":"[linode-vaultwarden.spikespaz.com] solving challenges: presenting for challenge: adding temporary record for zone spikespaz.com.: got error status: HTTP 400: [{Code:6003 Message:Invalid request headers}] (order=https://acme.zerossl.com/v2/DV90/order/-n9DujCE-i07QAZ-deyQlg) (ca=https://acme.zerossl.com/v2/DV90)"}
caddy | {"level":"error","ts":1654723400.1642082,"logger":"tls.obtain","msg":"will retry","error":"[linode-vaultwarden.spikespaz.com] Obtain: [linode-vaultwarden.spikespaz.com] solving challenges: presenting for challenge: adding temporary record for zone spikespaz.com.: got error status: HTTP 400: [{Code:6003 Message:Invalid request headers}] (order=https://acme.zerossl.com/v2/DV90/order/-n9DujCE-i07QAZ-deyQlg) (ca=https://acme.zerossl.com/v2/DV90)","attempt":2,"retrying_in":120,"elapsed":83.65167139,"max_duration":2592000}