Issues updating Let's Encrypt certificate for muc/xmpp subdomains

[csolisr]

Describe the bug

After transitioning to Debian Bookworm and installing this Metronome app, the system has had issues updating its main domain's certificate, specifically because of the muc / xmpp subdomains that usually are handled by Metronome.

Context

• Hardware: Dedicated x86 system
• YunoHost version: 12.0.2
• I have access to my server: Through SSH / webadmin / direct access
• Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: yes
  • If yes, please explain: Manually updated in-place to Debian Bookworm
• Using, or trying to install package version/branch: 0.12.4 (stable)

Steps to reproduce

1. Install YNH over Debian Bullseye
2. Update using the instructions from here
3. Manually install Metronome

Expected behavior

The system should work as usual, with all scheduled certificate updates resolving as before the update to Bookworm.

Logs

An attempt for renewing the certificate for domain azkware.net failed with the following
error :

Certificate renewing for azkware.net failed!
Could not sign the new certificate
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/yunohost/vendor/acme_tiny/acme_tiny.py", line 214, in get_crt
    assert disable_check or _do_request(wellknown_url)[0] == keyauthorization
                            ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/yunohost/vendor/acme_tiny/acme_tiny.py", line 76, in _do_request
    raise ValueError(
ValueError: Error:
Url: http://xmpp-upload.azkware.net/.well-known/acme-challenge/l9LI-J_hLdiHja8KYqW51Oph8ezmHjEDGxXfhc14ClU
Data: None
Response Code: None
Response: <urlopen error [Errno 111] Connection refused>

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/yunohost/certificate.py", line 501, in _fetch_and_enable_new_certificate
    signed_certificate = sign_certificate(
                         ^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/yunohost/vendor/acme_tiny/acme_tiny.py", line 216, in get_crt
    raise ValueError(
ValueError: Wrote file to /var/www/.well-known/acme-challenge-public/l9LI-J_hLdiHja8KYqW51Oph8ezmHjEDGxXfhc14ClU, but couldn't download http://xmpp-upload.azkware.net/.well-known/acme-challenge/l9LI-J_hLdiHja8KYqW51Oph8ezmHjEDGxXfhc14ClU: Error:
Url: http://xmpp-upload.azkware.net/.well-known/acme-challenge/l9LI-J_hLdiHja8KYqW51Oph8ezmHjEDGxXfhc14ClU
Data: None
Response Code: None
Response: <urlopen error [Errno 111] Connection refused>

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/yunohost/certificate.py", line 389, in certificate_renew
    _fetch_and_enable_new_certificate(domain, no_checks=no_checks)
  File "/usr/lib/python3/dist-packages/yunohost/certificate.py", line 514, in _fetch_and_enable_new_certificate
    raise YunohostError("certmanager_cert_signing_failed")
yunohost.utils.error.YunohostError: Could not sign the new certificate

[csolisr]

Possibly related: https://github.com/YunoHost/issues/issues/1635

[anubister]

Probably solved by https://github.com/anubister/prosody_ynh/pull/3