search

danb35 / deploy-freenas

Python script to automate deploying TLS certificates to FreeNAS servers
GNU General Public License v3.0
202 stars 56 forks source link

Cannot delete expired certificates #36

Closed wang1zhen closed 3 years ago

wang1zhen commented 3 years ago

Hi danb35,

I have deployed the certificate half a year ago, and a new certificate has been issued and I wish to delete the expired one, when I try to delete it, here goes the error:

[EBUSY] This object is being used by other objects
``` Error: Traceback (most recent call last): File "/usr/local/lib/python3.8/site-packages/middlewared/job.py", line 367, in run await self.future File "/usr/local/lib/python3.8/site-packages/middlewared/job.py", line 405, in __run_body rv = await self.middleware.run_in_thread(self.method, *([self] + args)) File "/usr/local/lib/python3.8/site-packages/middlewared/utils/run_in_thread.py", line 10, in run_in_thread return await self.loop.run_in_executor(self.run_in_thread_executor, functools.partial(method, *args, **kwargs)) File "/usr/local/lib/python3.8/site-packages/middlewared/utils/io_thread_pool_executor.py", line 25, in run result = self.fn(*self.args, **self.kwargs) File "/usr/local/lib/python3.8/site-packages/middlewared/schema.py", line 977, in nf return f(*args, **kwargs) File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/crypto.py", line 2053, in do_delete self.middleware.call_sync('certificate.check_dependencies', id) File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1254, in call_sync return self.run_coroutine(methodobj(*prepared_call.args)) File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1294, in run_coroutine return fut.result() File "/usr/local/lib/python3.8/concurrent/futures/_base.py", line 432, in result return self.__get_result() File "/usr/local/lib/python3.8/concurrent/futures/_base.py", line 388, in __get_result raise self._exception File "/usr/local/lib/python3.8/site-packages/middlewared/service.py", line 561, in check_dependencies raise CallError('This object is being used by other objects', errno.EBUSY, middlewared.service_exception.CallError: [EBUSY] This object is being used by other objects ```
danb35 commented 3 years ago

That error makes it sound like you're using the old cert somewhere that this script doesn't control, either because the script doesn't handle it at all or because you haven't configured it to. Things like FTP, WebDAV, and S3 might be using the old cert, in which case you couldn't delete it.

wang1zhen commented 3 years ago

Thanks, you are right. The certificate is occupied by the webdav, and after removing it from the webdav certificate, it could be successfully deleted.