Open Vijay-1 opened 2 years ago
not working
LE is hard to test; can you be more specific about what's broken?
not working
LE is hard to test; can you be more specific about what's broken?
I have added more details. Please let me know if more details are required.
This Bug Report affects these Traffic Control components:
Traffic Ops
Current behavior:
Autorenewal (letsencrypt/autorenew) of Lets Encrypt is not working. POST letsencrypt/autorenew never returns and eventually taking the traffic ops down.
Expected behavior:
POST letsencrypt/autorenew should result in renewal of Lets encrypt.
Steps to reproduce:
topost /letsencrypt/autorenew -k -a 2.0 --to-url https://traffic-ops.net --to-user --to-password --request-payload --request-headers
Ported 6184 to 4.1.x which ended up in this issue
This should be an issue in 6.x as well:
Given below is the code which initializes LE Request during POST: https://github.com/apache/trafficcontrol/blob/308484ddfb37952901d8b138087d4b8f0c7b007d/traffic_ops/traffic_ops_golang/deliveryservice/acme.go#L478
The above snippet shows that we are initializing Key, But the flow for autorenew is missing this: https://github.com/apache/trafficcontrol/blob/308484ddfb37952901d8b138087d4b8f0c7b007d/traffic_ops/traffic_ops_golang/deliveryservice/autorenewcerts.go#L239
Because of this, autorenew might not work well this INSERT https://github.com/apache/trafficcontrol/blob/308484ddfb37952901d8b138087d4b8f0c7b007d/traffic_ops/traffic_ops_golang/deliveryservice/acme.go#L102
Code which sets the Key: https://github.com/apache/trafficcontrol/blob/308484ddfb37952901d8b138087d4b8f0c7b007d/traffic_ops/traffic_ops_golang/deliveryservice/acme.go#L613