search

polhenarejos / acme_email

ACME Email Client for EmailReply-00 Challenge
https://acme.castle.cloud
GNU General Public License v3.0
46 stars 7 forks source link

Error message during successful certificate issuance #26

Open augjoh opened 2 years ago

augjoh commented 2 years ago

After closing #21, and #25 we're now back to the original error:

$ python3 cli.py cert --passphrase passphrase --config-dir . --work-dir . --logs-dir ./logs -e address@mail --contact contact@${HOSTNAME} --imap --host mail --port 3143 --agree-tos --login address@mail --password address@mail --host mail --smtp-port 3025 --smtp-host mail --non-interactive
/builds/platynum/certification-authority/flows/acme_email/cli.py:47: DeprecationWarning: IConfig attribute in certbot.interfaces module is deprecated and will be removed soon.
  zope.component.provideUtility(config, interfaces.IConfig)
Saving debug log to /builds/platynum/certification-authority/flows/acme_email/logs/letsencrypt.log
/builds/platynum/certification-authority/flows/acme_email/cli.py:185: DeprecationWarning: IReporter attribute in certbot.interfaces module is deprecated and will be removed soon.
  zope.component.provideUtility(report, interfaces.IReporter)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
You are requesting a S/MIME certificate to CASTLE ACME server. Remember to add
the root certificate into your trust store for proper operation.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Account registered.
Requesting a certificate for address@mail

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
A challenge request for S/MIME certificate has been sent. In few minutes, ACME
server will send a challenge e-mail to requested recipient address@mail. You do
not need to take ANY action, as it will be replied automatically.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
17 Nov 18:52:17 - [info] [function:Send E-Mail] to: "address@mail", msg-id: <c538561e-c47a-0eb8-cefb-e07de020ed4f@mail>

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The ACME response has been sent successfully!
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
17 Nov 18:52:56 - [warn] [function:Authorize email] missing authentication-results email header
17 Nov 18:52:56 - [info] [function:Authorize email] Updating authorization: Sub/acme/b533237ca2a8a77ab35cdc74f14113feb9cf2f24e5ee9e411be288d52aecaa19/77dca7288f508d52e33d253e9591bd8424a636ab4761a1df0fe6b090b9309ae8/8609f56283fb0cd04ead54855d0e5b1cbc570a15fefd898ac577d0426a9bde14.json
--- Logging error ---
Traceback (most recent call last):
  File "/usr/lib/python3.9/imaplib.py", line 1173, in _get_tagged_response
    self._get_response()
  File "/usr/lib/python3.9/imaplib.py", line 1075, in _get_response
    resp = self._get_line()
  File "/usr/lib/python3.9/imaplib.py", line 1185, in _get_line
    raise self.abort('socket error: EOF')
imaplib.IMAP4.abort: socket error: EOF

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3.9/logging/handlers.py", line 73, in emit
    if self.shouldRollover(record):
  File "/usr/lib/python3.9/logging/handlers.py", line 191, in shouldRollover
    msg = "%s\n" % self.format(record)
  File "/usr/lib/python3.9/logging/__init__.py", line 927, in format
    return fmt.format(record)
  File "/usr/lib/python3.9/logging/__init__.py", line 663, in format
    record.message = record.getMessage()
  File "/usr/lib/python3.9/logging/__init__.py", line 367, in getMessage
    msg = msg % self.args
TypeError: not all arguments converted during string formatting
Call stack:
  File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 248, in <module>
    main(args)
  File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 191, in main
    request_cert(args, config)
  File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 110, in request_cert
    cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1353, in _csr_get_and_save_cert
    cert, chain = le_client.obtain_certificate_from_csr(csr)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 300, in obtain_certificate_from_csr
    orderr = self._get_order_and_authorizations(csr.data, best_effort=False)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 439, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 98, in handle_authorizations
    return authzrs_validated
  File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 106, in __exit__
    self._call_registered()
  File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 124, in _call_registered
    self.funcs[-1]()
  File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 241, in _cleanup_challenges
    self.auth.cleanup(achalls)
  File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 134, in cleanup
    self.imap.logout()
  File "/usr/lib/python3.9/site-packages/imapclient/imapclient.py", line 496, in logout
    typ, data = self._imap.logout()
  File "/usr/lib/python3.9/imaplib.py", line 642, in logout
    typ, dat = self._simple_command('LOGOUT')
  File "/usr/lib/python3.9/imaplib.py", line 1230, in _simple_command
    return self._command_complete(name, self._command(name, *args))
  File "/usr/lib/python3.9/imaplib.py", line 1047, in _command_complete
    typ, data = self._get_tagged_response(tag, expect_bye=logout)
  File "/usr/lib/python3.9/imaplib.py", line 1177, in _get_tagged_response
    self.print_log()
  File "/usr/lib/python3.9/imaplib.py", line 1274, in print_log
    self._mesg(*self._cmd_log[i])
Message: "< b'* OK IMAP4rev1 Server GreenMail v2.0.0-alpha-2 ready'"
Arguments: (1637175137.1718166,)
--- Logging error ---
Traceback (most recent call last):
  File "/usr/lib/python3.9/imaplib.py", line 1173, in _get_tagged_response
    self._get_response()
  File "/usr/lib/python3.9/imaplib.py", line 1075, in _get_response
    resp = self._get_line()
  File "/usr/lib/python3.9/imaplib.py", line 1185, in _get_line
    raise self.abort('socket error: EOF')
imaplib.IMAP4.abort: socket error: EOF

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3.9/logging/handlers.py", line 73, in emit
    if self.shouldRollover(record):
  File "/usr/lib/python3.9/logging/handlers.py", line 191, in shouldRollover
    msg = "%s\n" % self.format(record)
  File "/usr/lib/python3.9/logging/__init__.py", line 927, in format
    return fmt.format(record)
  File "/usr/lib/python3.9/logging/__init__.py", line 663, in format
    record.message = record.getMessage()
  File "/usr/lib/python3.9/logging/__init__.py", line 367, in getMessage
    msg = msg % self.args
TypeError: not all arguments converted during string formatting
Call stack:
  File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 248, in <module>
    main(args)
  File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 191, in main
    request_cert(args, config)
  File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 110, in request_cert
    cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1353, in _csr_get_and_save_cert
    cert, chain = le_client.obtain_certificate_from_csr(csr)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 300, in obtain_certificate_from_csr
    orderr = self._get_order_and_authorizations(csr.data, best_effort=False)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 439, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 98, in handle_authorizations
    return authzrs_validated
  File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 106, in __exit__
    self._call_registered()
  File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 124, in _call_registered
    self.funcs[-1]()
  File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 241, in _cleanup_challenges
    self.auth.cleanup(achalls)
  File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 134, in cleanup
    self.imap.logout()
  File "/usr/lib/python3.9/site-packages/imapclient/imapclient.py", line 496, in logout
    typ, data = self._imap.logout()
  File "/usr/lib/python3.9/imaplib.py", line 642, in logout
    typ, dat = self._simple_command('LOGOUT')
  File "/usr/lib/python3.9/imaplib.py", line 1230, in _simple_command
    return self._command_complete(name, self._command(name, *args))
  File "/usr/lib/python3.9/imaplib.py", line 1047, in _command_complete
    typ, data = self._get_tagged_response(tag, expect_bye=logout)
  File "/usr/lib/python3.9/imaplib.py", line 1177, in _get_tagged_response
    self.print_log()
  File "/usr/lib/python3.9/imaplib.py", line 1274, in print_log
    self._mesg(*self._cmd_log[i])
Message: "> b'ENLK0 CAPABILITY'"
Arguments: (1637175137.1718557,)
--- Logging error ---
Traceback (most recent call last):
  File "/usr/lib/python3.9/imaplib.py", line 1173, in _get_tagged_response
    self._get_response()
  File "/usr/lib/python3.9/imaplib.py", line 1075, in _get_response
    resp = self._get_line()
  File "/usr/lib/python3.9/imaplib.py", line 1185, in _get_line
    raise self.abort('socket error: EOF')
imaplib.IMAP4.abort: socket error: EOF

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3.9/logging/handlers.py", line 73, in emit
    if self.shouldRollover(record):
  File "/usr/lib/python3.9/logging/handlers.py", line 191, in shouldRollover
    msg = "%s\n" % self.format(record)
  File "/usr/lib/python3.9/logging/__init__.py", line 927, in format
    return fmt.format(record)
  File "/usr/lib/python3.9/logging/__init__.py", line 663, in format
    record.message = record.getMessage()
  File "/usr/lib/python3.9/logging/__init__.py", line 367, in getMessage
    msg = msg % self.args
TypeError: not all arguments converted during string formatting
Call stack:
  File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 248, in <module>
    main(args)
  File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 191, in main
    request_cert(args, config)
  File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 110, in request_cert
    cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1353, in _csr_get_and_save_cert
    cert, chain = le_client.obtain_certificate_from_csr(csr)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 300, in obtain_certificate_from_csr
    orderr = self._get_order_and_authorizations(csr.data, best_effort=False)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 439, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 98, in handle_authorizations
    return authzrs_validated
  File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 106, in __exit__
    self._call_registered()
  File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 124, in _call_registered
    self.funcs[-1]()
  File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 241, in _cleanup_challenges
    self.auth.cleanup(achalls)
  File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 134, in cleanup
    self.imap.logout()
  File "/usr/lib/python3.9/site-packages/imapclient/imapclient.py", line 496, in logout
    typ, data = self._imap.logout()
  File "/usr/lib/python3.9/imaplib.py", line 642, in logout
    typ, dat = self._simple_command('LOGOUT')
  File "/usr/lib/python3.9/imaplib.py", line 1230, in _simple_command
    return self._command_complete(name, self._command(name, *args))
  File "/usr/lib/python3.9/imaplib.py", line 1047, in _command_complete
    typ, data = self._get_tagged_response(tag, expect_bye=logout)
  File "/usr/lib/python3.9/imaplib.py", line 1177, in _get_tagged_response
    self.print_log()
  File "/usr/lib/python3.9/imaplib.py", line 1274, in print_log
    self._mesg(*self._cmd_log[i])
Message: "< b'* CAPABILITY IMAP4rev1 LITERAL+ SORT UIDPLUS IDLE QUOTA'"
Arguments: (1637175137.1720932,)
--- Logging error ---
Traceback (most recent call last):
  File "/usr/lib/python3.9/imaplib.py", line 1173, in _get_tagged_response
    self._get_response()
  File "/usr/lib/python3.9/imaplib.py", line 1075, in _get_response
    resp = self._get_line()
  File "/usr/lib/python3.9/imaplib.py", line 1185, in _get_line
    raise self.abort('socket error: EOF')
imaplib.IMAP4.abort: socket error: EOF

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3.9/logging/handlers.py", line 73, in emit
    if self.shouldRollover(record):
  File "/usr/lib/python3.9/logging/handlers.py", line 191, in shouldRollover
    msg = "%s\n" % self.format(record)
  File "/usr/lib/python3.9/logging/__init__.py", line 927, in format
    return fmt.format(record)
  File "/usr/lib/python3.9/logging/__init__.py", line 663, in format
    record.message = record.getMessage()
  File "/usr/lib/python3.9/logging/__init__.py", line 367, in getMessage
    msg = msg % self.args
TypeError: not all arguments converted during string formatting
Call stack:
  File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 248, in <module>
    main(args)
  File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 191, in main
    request_cert(args, config)
  File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 110, in request_cert
    cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1353, in _csr_get_and_save_cert
    cert, chain = le_client.obtain_certificate_from_csr(csr)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 300, in obtain_certificate_from_csr
    orderr = self._get_order_and_authorizations(csr.data, best_effort=False)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 439, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
  File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 98, in handle_authorizations
    return authzrs_validated
  File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 106, in __exit__
    self._call_registered()
  File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 124, in _call_registered
    self.funcs[-1]()
  File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 241, in _cleanup_challenges
    self.auth.cleanup(achalls)
  File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 134, in cleanup
    self.imap.logout()
  File "/usr/lib/python3.9/site-packages/imapclient/imapclient.py", line 496, in logout
    typ, data = self._imap.logout()
  File "/usr/lib/python3.9/imaplib.py", line 642, in logout
    typ, dat = self._simple_command('LOGOUT')
  File "/usr/lib/python3.9/imaplib.py", line 1230, in _simple_command
    return self._command_complete(name, self._command(name, *args))
  File "/usr/lib/python3.9/imaplib.py", line 1047, in _command_complete
    typ, data = self._get_tagged_response(tag, expect_bye=logout)
  File "/usr/lib/python3.9/imaplib.py", line 1177, in _get_tagged_response
    self.print_log()
  File "/usr/lib/python3.9/imaplib.py", line 1274, in print_log
    self._mesg(*self._cmd_log[i])
Message: "< b'ENLK0 OK CAPABILITY completed.'"
Arguments: (1637175137.172112,)
Encountered exception during recovery: imaplib.IMAP4.abort: command: LOGOUT => socket error: EOF
17 Nov 18:52:58 - [info] [function:Sign TBS] with serial 6fb9de5aa1066855acb54d56258f18861faa6165
17 Nov 18:52:58 - [info] [debug:Issuing for] /CN=address@mail with serial 6fb9de5aa1066855acb54d56258f18861faa6165

Successfully received certificate.
Certificate is saved at:            /builds/platynum/certification-authority/flows/acme_email/live/0000_cert.pem
Intermediate CA chain is saved at:  /builds/platynum/certification-authority/flows/acme_email/live/0000_ca.pem
Full certificate chain is saved at: /builds/platynum/certification-authority/flows/acme_email/live/0000_chain.pem
This certificate expires on 2022-11-17.
Deploying certificate

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
PKCS12 container generated at
/builds/platynum/certification-authority/flows/acme_email/live/0000_cert.pfx
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
polhenarejos commented 2 years ago

At least this time the client is able to generate the certificate. I added a sanity exception (the same as the original) but I am pretty sure it will not work.

If not, would you give me a temporary credential to your server?

augjoh commented 2 years ago

You can run the server on your side, too. https://greenmail-mail-test.github.io/greenmail/#deployment

polhenarejos commented 2 years ago

Yes, I did and I fixes some errors with idle mode. But this last is different and I cannot reproduce it. Did you try the last commit?

augjoh commented 2 years ago

I'm using commit 393a2b151c4442d32eded41aa131ff26319e54b0

polhenarejos commented 2 years ago

I am so sorry but I tried with 3 imap (one of GreenMail) and everything works fine. If I could test the same server you are testing would be great to fix it.

augjoh commented 2 years ago

Although everything seems to be working fine, it leaves a bad taste. Perhaps you should file this bug upstream to your IMAP library?

polhenarejos commented 9 months ago

Can we close this issue? Is it still happening?