Closed jpROC1 closed 5 months ago
This could be that firewall rules to the Lets Encrypt API for test/staging certs.
It is strange this has started to happen as rate limiting hasn't been an issue previously.
I managed to get it working by "Updating" the service and it ran through again and completed. It seemed to be something with the firewall rules not being fully deployed before it tried the second step.
closing for now
I am deploying the TRE following the QuickStart. I am currently at step 6.
I have had to use test certs for lets encrypt due to rate limiting from letsencrpyt.
I am getting this error when running creating the shared cert for nexus. 263a89aa-1561-4b42-b014-a11da80741e4: Error message: Unable to find image 'xxxxxxxacr.azurecr.io/tre-shared-service-certs@sha256:a2b6d2c3a65beaa338a20d08ee1b804426ac6a907e4b6b549e13287f6663b9ac' locally Saving debug log to /cnab/app/letsencrypt/logs/letsencrypt.log An unexpected error occurred: requests.exceptions.SSLError: HTTPSConnectionPool(host='acme-staging-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1135)'))) Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /cnab/app/letsencrypt/logs/letsencrypt.log or re-run Certbot with -v for more details. error running command /cnab/app /bin/bash ./scripts/letsencrypt.sh --application_gateway_name --cert_name nexus-ssl --fqdn --keyvault_name --resource_group_name --storage_account_name : exit status 1 Error: error running command /cnab/app /bin/bash ./scripts/letsencrypt.sh --application_gateway_name --cert_name nexus-ssl --fqdn --keyvault_name --resource_group_name --storage_account_name : exit status 1 1 error occurred: mixin execution failed: package command failed /cnab/app/cnab/app/mixins/exec/runtimes/exec-runtime install Saving debug log to /cnab/app/letsencrypt/logs/letsencrypt.log An unexpected error occurred: requests.exceptions.SSLError: HTTPSConnectionPool(host='acme-staging-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1135)'))) Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /cnab/app/letsencrypt/logs/letsencrypt.log or re-run Certbot with -v for more details. error running command /cnab/app /bin/bash ./scripts/letsencrypt.sh --application_gateway_name agw-certs-xxxxxxxii --cert_name nexus-ssl --fqdn nexus-xxxxxxxii.westeurope.cloudapp.azure.com --keyvault_name kv-xxxxxxxii --resource_group_name rg-xxxxxxxii --storage_account_name stwebcertsxxxxxxxii: exit status 1 Error: error running command /cnab/app /bin/bash ./scripts/letsencrypt.sh --application_gateway_name agw-certs-xxxxxxxii --cert_name nexus-ssl --fqdn nexus-xxxxxxxii.westeurope.cloudapp.azure.com --keyvault_name kv-xxxxxxxii --resource_group_name rg-xxxxxxxii --storage_account_name stwebcertsxxxxxxxii: exit status 1 1 error occurred: mixin execution failed: package command failed /cnab/app/cnab/app/mixins/exec/runtimes/exec-runtime install Saving debug log to /cnab/app/letsencrypt/logs/letsencrypt.log An unexpected error occurred: requests.exceptions.SSLError: HTTPSConnectionPool(host='acme-staging-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by SSLError(SSLEOFError(8, 'EOF occurred in violation of protocol (_ssl.c:1135)'))) Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /cnab/app/letsencrypt/logs/letsencrypt.log or re-run Certbot with -v for more details. error running command /cnab/app /bin/bash ./scripts/letsencrypt.sh --application_gateway_name agw-certs-xxxxxxxii --cert_name nexus-ssl --fqdn nexus-xxxxxxxii.westeurope.cloudapp.azure.com --keyvault_name kv-xxxxxxxii --resource_group_name rg-xxxxxxxii --storage_account_name stwebcertsxxxxxxxii: exit status 1 Error: error running command /cnab/app /bin/bash ./scripts/letsencrypt.sh --application_gateway_name agw-certs-xxxxxxxii --cert_name nexus-ssl --fqdn nexus-xxxxxxxii.westeurope.cloudapp.azure.com --keyvault_name kv-xxxxxxxii --resource_group_name rg-xxxxxxxii --storage_account_name stwebcertsxxxxxxxii: exit status 1 1 error occurred: * container exit code: 1, message: ; Command executed: porter install "263a89aa-1561-4b42-b014-a11da80741e4" --reference xxxxxxxacr.azurecr.io/tre-shared-service-certs:v0.5.1 --param arm_environment="public" --param arm_use_msi="true" --param azure_environment="AzureCloud" --param cert_name="nexus-ssl" --param domain_prefix="nexus" --param id="263a89aa-1561-4b42-b014-a11da80741e4" --param tfstate_container_name="tfstate" --param tfstate_resource_group_name="xxxxxxxmgmtRG" --param tfstate_storage_account_name="xxxxxxxstac" --param tre_id="xxxxxxxii" --force --credential-set arm_auth --credential-set aad_auth