augjoh commented 1 year ago

The client does not start anymore. I'm using the following command on latest alpine:

$ git clone --depth 1 https://github.com/polhenarejos/acme_email.git
Cloning into 'acme_email'...
$ cd acme_email
$ git log -n1
commit e85f1ba71e34529a9781ae35c803c57cb26009d0
Author: Pol Henarejos <pol.henarejos@cttc.es>
Date:   Tue Nov 30 19:38:39 2021 +0100
    "Remember to add the root certificate" is displayed only when the root cert is not present in the keychain.

    Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
$ pip install .
[...]
$ python3 cli.py --help || true
Traceback (most recent call last):
  File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 4, in <module>
    import zope.component
ModuleNotFoundError: No module named 'zope.component'

polhenarejos commented 1 year ago

Are you using certbot 2.0? If so, try to stay at a version >=1.20 && < 2.0

augjoh commented 1 year ago

I'm using the versions specified in setup-py via INSTALL_REQUIRES:

Successfully installed ConfigArgParse-1.5.3 PyOpenSSL-23.0.0 acme-2.1.0 certbot-2.1.0 certbot-castle-0.12.1.dev0 certifi-2022.12.7 charset-normalizer-2.1.1 configobj-5.0.6 distro-1.8.0 dkimpy-1.0.5 dnspython-2.2.1 idna-3.4 imapclient-2.3.1 josepy-1.13.0 parsedatetime-2.6 pyrfc3339-1.1 pytz-2022.7 requests-2.28.1 urllib3-1.26.13 zope.interface-5.5.2

Any specify a working set of dependencies there?

ww7 commented 1 year ago

After edit

INSTALL_REQUIRES = [
    'certbot<2.0',
    'acme<2.0',

Client started, but after License agreement it throw 500 error. Autority server https://acme.castle.cloud still alive?

$ python3 cli.py cert --config-dir . --work-dir . --logs-dir . -e example@example.at --contact example@example.at --usage digitalSignature --usage keyEncipherment

See letsencrypt.log

``` 2023-02-24 17:01:55,875:DEBUG:certbot._internal.log:Root logging level set at 30 2023-02-24 17:01:55,894:DEBUG:certbot._internal.display.obj:Notifying user: You are requesting a S/MIME certificate to CASTLE ACME server. Remember to add the root certificate into your trust store for proper operation. 2023-02-24 17:01:56,083:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /home/admin/public_html/acme_email/keys/0003_key-certbot.pem 2023-02-24 17:01:56,130:DEBUG:certbot_castle.csr:Creating CSR: /home/admin/public_html/acme_email/csr/0003_csr-certbot.pem 2023-02-24 17:01:56,175:DEBUG:certbot._internal.plugins.selection:Requested authenticator castle-interactive and installer castle-installer 2023-02-24 17:01:56,179:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * castle-installer Description: Generates PKCS12 container from S/MIME challenge Interfaces: Installer, Plugin Entry point: castle-installer = certbot_castle.plugins.installer:Installer Initialized: Prep: True 2023-02-24 17:01:56,183:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * castle-interactive Description: Performs the S/MIME challenge Interfaces: Authenticator, Plugin Entry point: castle-interactive = certbot_castle.plugins.interactive:Authenticator Initialized: Prep: True 2023-02-24 17:01:56,183:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-02-24 17:01:56,183:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator castle-interactive, Installer castle-installer 2023-02-24 17:01:56,259:DEBUG:acme.client:Sending GET request to https://acme.castle.cloud/acme/directory. 2023-02-24 17:01:56,262:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme.castle.cloud:443 2023-02-24 17:01:56,406:DEBUG:urllib3.connectionpool:https://acme.castle.cloud:443 "GET /acme/directory HTTP/1.1" 200 None 2023-02-24 17:01:56,407:DEBUG:acme.client:Received response: HTTP 200 Date: Fri, 24 Feb 2023 17:01:56 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive x-frame-options: DENY x-content-type-options: nosniff referrer-policy: same-origin vary: Origin access-control-allow-origin: * strict-transport-security: max-age=7776000 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FFCDyr%2BI331%2BD8nI%2BRcEayfbcpZelQlfS8om0NbvMk65E8SRmBxAYq%2BUFEgVkpMEpXanGId%2B4GabFaq3gcrgqMxWmZj9F9JX4N1hTdVxXzeBxqZIKQqyeu%2BHJvoogUGL6uX9xxQBDYFTm0y5c1sEg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 79e9c41b2ff090bb-FRA Content-Encoding: gzip alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 {"9kHMb1A35WP": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme.castle.cloud/acme/key-change", "meta": {"caaIdentities": ["castle.cloud"], "termsOfService": "https://acme.castle.cloud/terms-of-service/", "website": "https://acme.castle.cloud/acme/directory"}, "newAccount": "https://acme.castle.cloud/acme/new-acct", "newNonce": "https://acme.castle.cloud/acme/new-nonce", "newOrder": "https://acme.castle.cloud/acme/new-order", "revokeCert": "https://acme.castle.cloud/acme/revoke-cert"} 2023-02-24 17:02:10,593:DEBUG:acme.client:Requesting fresh nonce 2023-02-24 17:02:10,593:DEBUG:acme.client:Sending HEAD request to https://acme.castle.cloud/acme/new-nonce. 2023-02-24 17:02:10,680:DEBUG:urllib3.connectionpool:https://acme.castle.cloud:443 "HEAD /acme/new-nonce HTTP/1.1" 204 0 2023-02-24 17:02:10,680:DEBUG:acme.client:Received response: HTTP 204 Date: Fri, 24 Feb 2023 17:02:10 GMT Connection: keep-alive replay-nonce: zcL_nqyw5aEVbHfVNjLNvQ Cache-Control: no-store x-frame-options: DENY x-content-type-options: nosniff referrer-policy: same-origin vary: Origin access-control-allow-origin: * strict-transport-security: max-age=7776000 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBGWm7fyuki8IhICGqJTbp6S0mhF3ITiiOGXcIK1XFqMHjtdne1NqGfYLuCBjxdwPi%2BV%2BLFX7Z1dWYNKUoKPSdH%2B1PNT48xFGvBmgGawumnSF3o703KoAN%2B3LGx%2Bag7G%2FVq1uTYYB%2FmAzvYWWgeRlw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 79e9c4743bea90bb-FRA alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 2023-02-24 17:02:10,680:DEBUG:acme.client:Storing nonce: zcL_nqyw5aEVbHfVNjLNvQ 2023-02-24 17:02:10,681:DEBUG:acme.client:JWS payload: b'{\n "contact": [\n "mailto:example@example.at"\n ],\n "termsOfServiceAgreed": true\n}' 2023-02-24 17:02:10,684:DEBUG:acme.client:Sending POST request to https://acme.castle.cloud/acme/new-acct: { "protected": "eyJhbGciOiAiUlMyNTYiLCAiandrIjogeyJuIjogIndjN2ZIQUJOOS1ZcUFZeGo1bWFjRnpYSzVDTlRrMmo1MFVPTVZYcG5hdHRrYUl4cjRSc2Y0dUhDT0lFWjQ3OXdIWEh4NWVKWkhjMDJZb2piRnlycm9icDlDLTNfSGpJMUhEVlByeTFYQ1JRUVE3SUV6TndPNDhudnV6TTdJWGJ0MDlPR2s5cVNpQWczaVNKc0RKYjRWTE1icU1YUGIwWWxYV2Jfa1RKcFMwMWZLZkxtX0V5ZXVrdlZmNzk3WjA0TmllQkVmQ1h0RWVjOXJhOVNCVjVaQjV3c3JPSUdiX08tQ2Noa256SC1pekljVXByYUEtc2J4cklKLUNVYlNqZkYxTmlCWEl4X3JOWWZvVk5BdmZWWmNFcnJqWF9ueE5ITjc3OFZmWTZlazFsdGFmTzVGU3hZaDVmY3hCTlFWNUg2MTF1c3hzQkxSdVRvODFaRlR6a0UydyIsICJlIjogIkFRQUIiLCAia3R5IjogIlJTQSJ9LCAibm9uY2UiOiAiemNMX25xeXc1YUVWYkhmVk5qTE52USIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLmNhc3RsZS5jbG91ZC9hY21lL25ldy1hY2N0In0", "signature": "f7uwb7jjeHfqTVQbPuguuo1oEX1x3d6KTgm-f-6wtkbZzAFk1aExkQLQb6G3z--8ubCiRL0tBKR6sX7d9sHLk0xt0BwLN98DSDHf4BQ6ZvcYCnLypVb82HnuNzsFNO7FaYIJyrqmNx3Gqrysykjg5o84n4XEYIdsPQAAcUbHrR2tTO-au_haZF15dVs-fUaj_2HwpO597SrwNWKoTsx-9_ZCAO-5G3t_4audtfB4Kn1S2aRTZWAY41exxK_s6HxMtRdA5lMiw5kjLF5F4600iyPxlneSisu4Ok5vJFVqC3dlqwiYLaEdWdEemSMYZexFetWDhgERHppTw0Aunj_HkA", "payload": "ewogICJjb250YWN0IjogWwogICAgIm1haWx0bzp1bHJpY2hAa29wZXR6a2kuYXQiCiAgXSwKICAidGVybXNPZlNlcnZpY2VBZ3JlZWQiOiB0cnVlCn0" } 2023-02-24 17:02:10,773:DEBUG:urllib3.connectionpool:https://acme.castle.cloud:443 "POST /acme/new-acct HTTP/1.1" 500 None 2023-02-24 17:02:10,774:DEBUG:acme.client:Received response: HTTP 500 Date: Fri, 24 Feb 2023 17:02:10 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive x-frame-options: DENY vary: Cookie, Origin x-content-type-options: nosniff referrer-policy: same-origin CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLKRvEmDskABfhQdNu4SxZ6fBKvdNa6rTRCKvoVTJwK%2BSzAfslUYjbWej8vFJly%2FCFS7s8fm9H%2BGlyhJ9ywYkm0yMpsXslRuiqxFwN%2BXl1b90r360LwMW11C2BWnvzyzXCMtWj0t2U17YJIPdwrbTQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=7776000 Server: cloudflare CF-RAY: 79e9c474cc7e90bb-FRA alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 Server Error (500)

Server Error (500)

2023-02-24 17:02:10,774:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/home/admin/public_html/acme_email/cli.py", line 257, in main(args) File "/home/admin/public_html/acme_email/cli.py", line 200, in main request_cert(args, config) File "/home/admin/public_html/acme_email/cli.py", line 117, in request_cert le_client = certbot_main._init_le_client(config, auth, installer) File "/home/admin/public_html/acme_email/venv/lib/python3.10/site-packages/certbot/_internal/main.py", line 827, in _init_le_client acc, acme = _determine_account(config) File "/home/admin/public_html/acme_email/venv/lib/python3.10/site-packages/certbot/_internal/main.py", line 735, in _determine_account acc, acme = client.register( File "/home/admin/public_html/acme_email/venv/lib/python3.10/site-packages/certbot/_internal/client.py", line 218, in register regr = perform_registration(acme, config, tos_cb) File "/home/admin/public_html/acme_email/venv/lib/python3.10/site-packages/certbot/_internal/client.py", line 267, in perform_registration acme).new_account_and_tos(newreg, tos_cb) File "/home/admin/public_html/acme_email/venv/lib/python3.10/site-packages/acme/client.py", line 927, in new_account_and_tos return client_v2.new_account(regr) File "/home/admin/public_html/acme_email/venv/lib/python3.10/site-packages/acme/client.py", line 643, in new_account response = self._post(self.directory['newAccount'], new_account) File "/home/admin/public_html/acme_email/venv/lib/python3.10/site-packages/acme/client.py", line 114, in _post return self.net.post(*args, **kwargs) File "/home/admin/public_html/acme_email/venv/lib/python3.10/site-packages/acme/client.py", line 1289, in post return self._post_once(*args, **kwargs) File "/home/admin/public_html/acme_email/venv/lib/python3.10/site-packages/acme/client.py", line 1303, in _post_once response = self._check_response(response, content_type=content_type) File "/home/admin/public_html/acme_email/venv/lib/python3.10/site-packages/acme/client.py", line 1155, in _check_response raise errors.ClientError(response) acme.errors.ClientError: 2023-02-24 17:02:10,775:ERROR:certbot._internal.log:An unexpected error occurred: 2023-02-24 17:02:10,776:ERROR:certbot._internal.log:acme.errors.ClientError: ```

polhenarejos commented 1 year ago

It should work with latest version 0.13.1.

augjoh commented 1 year ago

I've tried this with the latest version, but I does not install anymore:

$ git log -n1
commit 8f326dfae632be8fe0ce293bbd9d511e60b5afbb
Author: Pol Henarejos <pol.henarejos@cttc.es>
Date:   Tue Apr 18 12:03:07 2023 +0200
    Upgrade to version 0.13.1

    Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
$ pip install .
Processing /builds/platynum/certification-authority/flows/acme_email
[...]
Building wheels for collected packages: psutil
  Building wheel for psutil (pyproject.toml): started
  Building wheel for psutil (pyproject.toml): finished with status 'error'
  error: subprocess-exited-with-error

  × Building wheel for psutil (pyproject.toml) did not run successfully.
  │ exit code: 1
  ╰─> [43 lines of output]
      running bdist_wheel
      running build
      running build_py
      creating build
      creating build/lib.linux-x86_64-cpython-310
      creating build/lib.linux-x86_64-cpython-310/psutil
      copying psutil/_compat.py -> build/lib.linux-x86_64-cpython-310/psutil
      copying psutil/_psaix.py -> build/lib.linux-x86_64-cpython-310/psutil
      copying psutil/__init__.py -> build/lib.linux-x86_64-cpython-310/psutil
      copying psutil/_psbsd.py -> build/lib.linux-x86_64-cpython-310/psutil
      copying psutil/_psosx.py -> build/lib.linux-x86_64-cpython-310/psutil
      copying psutil/_psposix.py -> build/lib.linux-x86_64-cpython-310/psutil
      copying psutil/_pslinux.py -> build/lib.linux-x86_64-cpython-310/psutil
      copying psutil/_common.py -> build/lib.linux-x86_64-cpython-310/psutil
      copying psutil/_pssunos.py -> build/lib.linux-x86_64-cpython-310/psutil
      copying psutil/_pswindows.py -> build/lib.linux-x86_64-cpython-310/psutil
      creating build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/runner.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/test_unicode.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/test_sunos.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/__init__.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/test_memleaks.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/test_testutils.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/test_linux.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/test_contracts.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/test_misc.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/test_posix.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/test_connections.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/test_bsd.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/__main__.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/test_windows.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/test_aix.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/test_system.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/test_osx.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      copying psutil/tests/test_process.py -> build/lib.linux-x86_64-cpython-310/psutil/tests
      running build_ext
      building 'psutil._psutil_linux' extension
      creating build/temp.linux-x86_64-cpython-310
      creating build/temp.linux-x86_64-cpython-310/psutil
      gcc -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -Os -fomit-frame-pointer -g -O2 -Os -fomit-frame-pointer -g -O2 -Os -fomit-frame-pointer -g -O2 -DTHREAD_STACK_SIZE=0x100000 -fPIC -DPSUTIL_POSIX=1 -DPSUTIL_SIZEOF_PID_T=4 -DPSUTIL_VERSION=595 -DPy_LIMITED_API=0x03060000 -DPSUTIL_ETHTOOL_MISSING_TYPES=1 -DPSUTIL_LINUX=1 -I/usr/include/python3.10 -c psutil/_psutil_common.c -o build/temp.linux-x86_64-cpython-310/psutil/_psutil_common.o
      psutil could not be installed from sources because gcc is not installed. Try running:
        sudo apk add gcc python3-dev
      error: command 'gcc' failed: No such file or directory
      [end of output]

  note: This error originates from a subprocess, and is likely not a problem with pip.
  ERROR: Failed building wheel for psutil
Failed to build psutil
ERROR: Could not build wheels for psutil, which is required to install pyproject.toml-based projects

@polhenarejos: Is it possible to avoid installation of a development environment somehow?

polhenarejos commented 1 year ago

psutil is used by the new thunderbird authenticator. In the meanwhile, if you do not use this, comment line 20 of thunderbird.py where import psutil and edit setup.py to remove psutil dependence. You won't be able to run this authenticator, but it should not fail. I will figure out how to solve it.

polhenarejos commented 11 months ago

gcc is necessary to build acme_email.

polhenarejos / acme_email

Client does not start #32

Server Error (500)