Closed lunix33 closed 6 days ago
Hmm, my guess is that this changed over time, since it did work when I first implemented it. The Pebble implementation still has a final slash in the Edit: I just saw that it also removes the trailing renewalInfo
URL./
.
And indeed, here's the change in Boulder: https://github.com/letsencrypt/boulder/commit/d19f70407cd6c20acc15bf8af39115f7ce34cd94
Thanks for the quick fix. Can't wait to see the next release so I can test it out for myself.
I'll wait 1-2 more days for possible feedback on #799 (unrelated PR to this issue) and will create a new bugfix release once that's merged.
SUMMARY
I've been trying to setup an ACME deployment pipeline using Ansible, but when trying to get the renewal information for a certificate, I've noticed the request is not properly formatted. The function in the ACME client taking care of formatting the URL doesn't add a slash between the directory URL and the certificate id (see: https://github.com/ansible-collections/community.crypto/blob/2d82f49adc1e8281721bedc80de7ed9f3d5d22a2/plugins/module_utils/acme/acme.py#L407). When looking at the ACME directory of Lets Encrypt, the URL doesn't end with a slash, and seems to be used as-is. This causes the request to error with a 404.
ISSUE TYPE
COMPONENT NAME
ANSIBLE VERSION
COLLECTION VERSION
CONFIGURATION
OS / ENVIRONMENT
LSB Version: n/a Distributor ID: Arch Description: Arch Linux Release: rolling Codename: n/a
STEPS TO REPRODUCE
EXPECTED RESULTS
I'd expect the command to be successful to know if the certificate is due for renewal
ACTUAL RESULTS
The command error with a 404 status when trying to reach the ACME directory