Closed jemrobinson closed 3 months ago
Testing was held up by #1947
@craddm @JimMadge : should we merge this and fix #1947 in another PR to latest
?
I'm still running through a test deployment. Hit this error now:
Submit-ChallengeValidation: Authorization invalid for guacamole-sre-t2caps.blue.develop.turingsafehaven.ac.uk: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.guacamole-sre-t2caps.blue.develop.turingsafehaven.ac.uk - check that a DNS record exists for this domain
2024-06-20 21:49:53 [SUCCESS]: [✔] Certificate creation succeeded
2024-06-20 21:49:53 [ INFO]: Importing signed certificate into Key Vault 'kv-blue-sre-t2caps'...
2024-06-20 21:49:53 [FAILURE]: [x] Certificate import failed!
Import-AzKeyVaultCertificate: /workspaces/data-safe-haven/deployment/secure_research_environment/setup/Update_SRE_SSL_Certificate.ps1:225:125
Line |
225 | … lt.name -Name $certificateName -FilePath $certificateFilePath -ErrorA …
| ~~~~~~~~~~~~~~~~~~~~
| Cannot bind argument to parameter 'FilePath' because it is an empty string.
This is actually very adjacent to the original error! Can you post a bit more context?
Looks like maybe there is another bug to fix here?
Looks like the blue.develop.turingsafehaven.ac.uk
DNS zone is missing. Can you re-run the SHM deploy scripts @craddm ?
I'm merging this into release-v4.2.2
as the original problem is fixed. I'll open a new release-candidate PR from that branch.
:white_check_mark: Checklist
Enable foobar integration
rather than515 foobar
).develop
.:vertical_traffic_light: Depends on
n/a
:arrow_heading_up: Summary
Workaround for an issue where Let's Encrypt refused to provide certificates for uppercase FQDNs
:closed_umbrella: Related issues
Closes #1938
:microscope: Tests
~Tested inside function but not more widely. Waiting for a test report from original bug report provider.~ Now confirmed that this fixes #1938.