lectl doesnt seem to work anymore

[theresemchale]

lectl letsencrypt.org lectl 0.17 (2018-August-23)

2020/January/22 12:19:14 - Checking all certs for letsencrypt.org

Info: I've not found any certificate for the domain letsencrypt.org

[theresemchale]

Looks like this is problem with crt.sh which also doesn't work anymore as per https://groups.google.com/forum/#!topic/crtsh/DM8SI-qsE8E . Can get lectl to work by changing lectl to use 91.199.212.73 as per the above note instead of crt.sh. Also had to change lectl as follows:

@@ -389,9 +389,8 @@ numberprecerts=0

 for i in $(echo "${certsfound}");do
     id=$(echo "$i" | $_awk -F'id=|>|"' '{print $4}')
-    domainid=$(echo "$i" | $_awk -F'CN=|>|<' '{print $17}')
-
-    $_curl -sS "${crturldomainid}${id}" > "${tempfile}.${id}" 2>/dev/null
+    domainid=$(echo "$i" | $_awk -F'CN=|>|<' '{print $16}')
+    $_curl -sSk "${crturldomainid}${id}" > "${tempfile}.${id}" 2>/dev/null
     _checkerror "Failed to retrieve ${crturldomainid}${id}"

     certtype="$(grep -A1 '>Summary<' "${tempfile}.${id}" | grep 'Precertificate' 1>/dev/null 2>&1)"

[sahsanu]

@theresemchale, thanks for reporting.

The problem is not the ip, right now crt.sh is pointing to the new server(s) on 91.199.212.73. The problem here is that they have changed the html in the certificate's page so lectl is not able to identify all the needed fields so your fix is not working right now too.

I'll take a look into it this weekend but I can't promise... it is a pain to parse an ugly html source code using shell scripts and crt.sh hasn't been working very well either for a long time. Anyway, I'll take a look and if the fix doesn't require too much work I'll try to fix it.

[sahsanu]

@theresemchale I've released version 0.18, could you please check the new version to know whether it is working fine again on your side?.

[bryanus]

@sahsanu installed and working for me! Thanks for the quick fix.

[theresemchale]

@sahsanu Thank you I've tried 0.19 this morning and thats working. Appreciate the quick fix