search

srvrco / getssl

obtain free SSL certificates from letsencrypt ACME server Suitable for automating the process on remote servers.
GNU General Public License v3.0
2.1k stars 378 forks source link

Request failed Request body doesn't fulfill schema #378

Open githublti opened 6 years ago

githublti commented 6 years ago

I'm currently using the getssl shell scripts along with GoDaddy to create SSL certificates via LetsEncrypt. The version of the script is

getssl ver. 2.10

This has been working fine. Tuesday, I went to issue a new certificate for an internal chat server and get the error:

Registering account Verify each domain Verifying chat.ltiprinting.com Request failed Request body doesn't fulfill schema, see details in fields getssl: DNS_ADD_COMMAND failed for domain chat.ourhiddendomain.com

I'm guessing that GoDaddy have updated their API?

Enabling debugging I get:

Result:
curl status = 0

HTTP/1.1 422 Unprocessable Entity
Server: nginx/1.11.3
Content-Type: application/json
Content-Length: 179 Strict-Transport-Security: max-age=15724800; includeSubDomains; preload X-Request-Id: 9vGbjWL28VZcutYzoDDSQQ X-DataCenter: PHX3 Expires: Fri, 27 Apr 2018 11:03:34 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 27 Apr 2018 11:03:34 GMT Connection: close

{"code":"INVALID_BODY","fields":[{"code":"UNEXPECTED_TYPE","message":"is not a array","path":"records"}],"message":"Request body doesn't fulfill schema, see details in fields"}

Doug

gururajahegde commented 6 years ago

You are correct, Godaddy API has changed, it is expecting json array now, I changed records field(field against -d in curl command) to start with [ and end with ] problem got resolved.

https://developer.godaddy.com/doc/endpoint/domains#/v1/recordReplaceTypeName

Dint find any reference to godaddy api in this project.

githublti commented 6 years ago

Could you please give me an example of what to change? I'm not familiar with curl and see several curl lines in the getssl script

Thanks!

Doug

githublti commented 6 years ago

Okay, I got it working. The two things I had to do.

In the getssl directory, dns_scripts subfolder. Edit dns_godaddy and search for

result="$(curl -i -s -X PUT -d "$request" --config - "$url"

And change it to

result="$(curl -i -s -X PUT -d "[$request]" --config - "$url"

And, when reading a different ticket, I modified the getssl script

if [[ "$needbase64" ]] ; then response=$($CURL -X POST -H--data "$body" "$url" | urlbase64) else response=$($CURL -X POST --data "$body" "$url") fi

changed to

if [[ "$needbase64" ]] ; then response=$($CURL -X POST -H "Content-type: application/jose+json" --data "$body" "$url" | urlbase64) else response=$($CURL -X POST -H "Content-type: application/jose+json" --data "$body" "$url") fi

After those changes, I was able to get my certificate

Doug

githublti commented 6 years ago

Okay,

I'm re-opening this ticket. The changes made to the script will put the DNS entry into Godaddy just fine, but it doesn't seem to commit it.

I have to log into Godady, edit the DNS entry and hit save. Once that is done, I can then see the entry with nslookup -type=txt

If I don't do that, the script will eventually hit the 100 count timeout

Doug