search

Mordred / certbot-plugin-websupport

Certbot plugin for DNS using Websupport service.
MIT License
7 stars 2 forks source link

Renewal attemp seems failing #4

Open Huge opened 7 months ago

Huge commented 7 months ago

cat /home/ubuntu/saas-django/websupport.ini

dns_api_key = ***
dns_api_secret = ***

sudo /home/ubuntu/saas-django/.venv/bin/certbot renew --dry-run

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/mydomain.cz.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Simulating renewal of an existing certificate for *.mydomain.cz
Unsafe permissions on credentials configuration file: /home/ubuntu/saas-django/websupport.ini
Encountered exception during recovery: NameError: name 'code' is not defined
Failed to renew certificate mydomain.cz with error: name 'code' is not defined

tail of /var/log/letsencrypt/letsencrypt.log

2024-03-18 14:19:41,235:DEBUG:urllib3.connectionpool:https://rest.websupport.sk:443 "GET /v1/user/self/zone/mydomain.cz HTTP/1.1" 401 None
2024-03-18 14:19:41,236:ERROR:certbot._internal.error_handler:Encountered exception during recovery: NameError: name 'code' is not defined
2024-03-18 14:19:41,237:ERROR:certbot._internal.renewal:Failed to renew certificate mydomain.cz with error: name 'code' is not defined
2024-03-18 14:19:41,238:DEBUG:certbot._internal.renewal:Traceback was:
Traceback (most recent call last):
  File "/home/ubuntu/saas-django/.venv/lib/python3.10/site-packages/certbot/_internal/renewal.py", line 540, in handle_renewal_request
    main.renew_cert(lineage_config, plugins, renewal_candidate)
  File "/home/ubuntu/saas-django/.venv/lib/python3.10/site-packages/certbot/_internal/main.py", line 1550, in renew_cert
    renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage)
  File "/home/ubuntu/saas-django/.venv/lib/python3.10/site-packages/certbot/_internal/main.py", line 131, in _get_and_save_cert
    renewal.renew_cert(config, domains, le_client, lineage)
  File "/home/ubuntu/saas-django/.venv/lib/python3.10/site-packages/certbot/_internal/renewal.py", line 399, in renew_cert
    new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
  File "/home/ubuntu/saas-django/.venv/lib/python3.10/site-packages/certbot/_internal/client.py", line 428, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/home/ubuntu/saas-django/.venv/lib/python3.10/site-packages/certbot/_internal/client.py", line 496, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
  File "/home/ubuntu/saas-django/.venv/lib/python3.10/site-packages/certbot/_internal/auth_handler.py", line 88, in handle_authorizations
    resps = self.auth.perform(achalls)
  File "/home/ubuntu/saas-django/.venv/lib/python3.10/site-packages/certbot/plugins/dns_common.py", line 76, in perform
    self._perform(domain, validation_domain_name, validation)
  File "/home/ubuntu/saas-django/.venv/lib/python3.10/site-packages/certbot_plugin_websupport/dns.py", line 57, in _perform
    self._get_websupport_client().add_txt_record(domain, validation_name, validation, self.ttl)
  File "/home/ubuntu/saas-django/.venv/lib/python3.10/site-packages/certbot_plugin_websupport/dns.py", line 87, in add_txt_record
    zone_id = self._find_zone_id(domain)
  File "/home/ubuntu/saas-django/.venv/lib/python3.10/site-packages/certbot_plugin_websupport/dns.py", line 166, in _find_zone_id
    .format(code, e))
NameError: name 'code' is not defined

2024-03-18 14:19:41,241:DEBUG:certbot._internal.display.obj:Notifying user: 
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2024-03-18 14:19:41,242:ERROR:certbot._internal.renewal:All simulated renewals failed. The following certificates could not be renewed:
2024-03-18 14:19:41,242:ERROR:certbot._internal.renewal:  /etc/letsencrypt/live/mydomain.cz/fullchain.pem (failure)
2024-03-18 14:19:41,242:DEBUG:certbot._internal.display.obj:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2024-03-18 14:19:41,242:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/home/ubuntu/saas-django/.venv/bin/certbot", line 8, in <module>
    sys.exit(main())
  File "/home/ubuntu/saas-django/.venv/lib/python3.10/site-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
  File "/home/ubuntu/saas-django/.venv/lib/python3.10/site-packages/certbot/_internal/main.py", line 1894, in main
    return config.func(config, plugins)
  File "/home/ubuntu/saas-django/.venv/lib/python3.10/site-packages/certbot/_internal/main.py", line 1642, in renew
    renewed_domains, failed_domains = renewal.handle_renewal_request(config)
  File "/home/ubuntu/saas-django/.venv/lib/python3.10/site-packages/certbot/_internal/renewal.py", line 568, in handle_renewal_request
    raise errors.Error(
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2024-03-18 14:19:41,242:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s)
➜ python -V
Python 3.10.12
➜ which python
/home/ubuntu/saas-django/.venv/bin/python
Mordred commented 7 months ago

Try to apply this change: https://github.com/Mordred/certbot-plugin-websupport/commit/963b50d8da78d1eae16c9a16a2ac115e6a250dde

Huge commented 7 months ago

Yeilds Failed to renew certificate mydomain.cz with error: Error determining zone_id: 401. Please confirm that you have supplied valid Websupport API credentials. so a bunch better for general use.+)

( Somehow pip install git+https://github.com/Mordred/certbot-plugin-websupport.git@963b50d8da78d1eae16c9a16a2ac115e6a250dde did have no effect, but copying the file from the cloned master showed effect. )