search

zenhack / simp_le

Simple Let's Encrypt client
GNU General Public License v3.0
223 stars 38 forks source link

acme.errors.ValidationError is not handled properly #147

Closed buchdag closed 3 years ago

buchdag commented 3 years ago

Seems like we might have an unhandled error when the ACME authorization fails.

https://github.com/nginx-proxy/docker-letsencrypt-nginx-proxy-companion/issues/689#issuecomment-704831654

2020-10-07 08:48:29,767:INFO:simp_le:1414: Generating new certificate private key
2020-10-07 08:48:31,505:ERROR:simp_le:1396: CA marked some of the authorizations as invalid, which likely means it could not access http://example.com/.well-known/acme-challenge/X. Did you set correct path in -d example.com:path or --default_root? Are all your domains accessible from the internet? Please check your domains' DNS entries, your host's network/firewall setup and your webserver config. If a domain's DNS entry has both A and AAAA fields set up, some CAs such as Let's Encrypt will perform the challenge validation over IPv6. If your DNS provider does not answer correctly to CAA records request, Let's Encrypt won't issue a certificate for your domain (see https://letsencrypt.org/docs/caa/). Failing authorizations: https://acme-v02.api.letsencrypt.org/acme/authz-v3/7725902331
Traceback (most recent call last):
  File "/usr/lib/python3.7/site-packages/simp_le.py", line 1370, in finalize_order
    finalized_order = client.poll_and_finalize(order)
  File "/usr/lib/python3.7/site-packages/acme/client.py", line 712, in poll_and_finalize
    orderr = self.poll_authorizations(orderr, deadline)
  File "/usr/lib/python3.7/site-packages/acme/client.py", line 736, in poll_authorizations
    raise errors.ValidationError(failed)
acme.errors.ValidationError
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
  File "/usr/lib/python3.7/site-packages/simp_le.py", line 1443, in persist_new_data
    order = finalize_order(client, order)
  File "/usr/lib/python3.7/site-packages/simp_le.py", line 1397, in finalize_order
    raise Error('Challenge validation has failed, see error log.')
simp_le.Error: Challenge validation has failed, see error log.
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
  File "/usr/lib/python3.7/site-packages/simp_le.py", line 1565, in main
    return main_with_exceptions(cli_args)
  File "/usr/lib/python3.7/site-packages/simp_le.py", line 1549, in main_with_exceptions
    persist_new_data(args, existing_data)
  File "/usr/lib/python3.7/site-packages/simp_le.py", line 1464, in persist_new_data
    chain=None,
  File "/usr/lib/python3.7/site-packages/simp_le.py", line 1128, in persist_data
    plugin.save(new_data)
  File "/usr/lib/python3.7/site-packages/simp_le.py", line 557, in save
    key = self.dump_key(data.key)
  File "/usr/lib/python3.7/site-packages/simp_le.py", line 455, in dump_key
    return OpenSSL.crypto.dump_privatekey(self.typ, data.wrapped).strip()
AttributeError: 'NoneType' object has no attribute 'wrapped'
Unhandled error has happened, traceback is above
Debugging tips: -v improves output verbosity. Help is available under --help.
buchdag commented 3 years ago

Nevermind, from the traceback this seems to be from an outdated version of simp_le. Closing.