After time away on the forum, although reading regularly, I have a new problem , yet another one -_-
Yesterday, was my certificate renew but it did not work, having a little searched why, but I did not find a solution , all that I could find a bit of explanation, letsencrypt request a challenge but does not reply
So if any one has hint, idea or solution I’m interested
Try to execute the script from command line using the -v option. Then paste the output😉
Sorry I have forget it last night, so the output of the command is that
[root@zazo ~]# /usr/libexec/nethserver/letsencrypt-certs -v
/usr/sbin/letsencrypt.sh --cron --config /etc/letsencrypt.sh/config.sh -d zazo.snalis.org -d recuputil.saint-nazaire.cc -d repo.snalis.org -d saint-nazaire.cc -d snalis.org -d webmail.snalis.org
# INFO: Using main config file /etc/letsencrypt.sh/config.sh
Processing zazo.snalis.org with alternative names: recuputil.saint-nazaire.cc repo.snalis.org saint-nazaire.cc snalis.org webmail.snalis.org
+ Checking domain name(s) of existing cert... changed!
+ Domain name(s) are not matching!
+ Names in old certificate: d3e.snalis.org initiativeslocales.saint-nazaire.cc lenoyau.org monnaie.saint-nazaire.cc recuputil.saint-nazaire.cc repo.snalis.org saint-nazaire.cc snalis.org webmail.snalis.org www.lenoyau.org zazo.snalis.org
+ Configured names: recuputil.saint-nazaire.cc repo.snalis.org saint-nazaire.cc snalis.org webmail.snalis.org zazo.snalis.org
+ Forcing renew.
+ Checking expire date of existing cert...
+ Valid till May 26 17:12:00 2016 GMT (Less than 30 days). Renewing!
+ Signing domains...
+ Generating signing request...
+ Requesting challenge for zazo.snalis.org...
See if this helps…
According to Bug #824903:
Recently letsencrypt.org changed to return pretty json with lots of newlines. This breaks
various sed-based json parsing code in the distributed version of letsencrypt.sh
The symptom is that ‘letsencrypt.sh --cron’ silently exits after printing
+ Requesting challenge for <servername>
The “official” fix:
Thanks, after a bit of search in issue, I’ve found this useful, I
just needed to replace the line 369 with challenges="$(printf ‘%s\n’
and it work again.
"${response}" | sed ‘:a;N;$!ba;s/\n//g’ | sed -n
’s/.(“challenges”:[^[][[^]]])./\1/p’)"
Good you found the solution; that was fast!
I’m sure this will be fixed shortly in the NethServer’s Let’s Encrypt implementation
I will fix it next week.
Thanks for finding the bug and the solution!
I just created a new issue ready for QA:
http://dev.nethserver.org/issues/3399
The bug should be resolved (already tested on a 6.7), but @Crazyusb can you pleas give it a try on your machine?
Thanks!
I just test and got
INFO: Using main config file /etc/letsencrypt.sh/config.sh
ERROR: WELLKNOWN directory doesn’t exist, please create /etc/letsencrypt.sh/.acme-challenges and set appropriate permissions.
Your template /etc/letsencrypt.sh/config.sh
is not expanded.
Please, make sure you have installed latest release of nethserver-letsencrypt:
nethserver-letsencrypt-1.0.2-1.ns6.noarch
Otherwise, execute:
expand-template /etc/letsencrypt.sh/config.sh
Then retry to renew
Working great thanks