ACMEv1 question for letsencrypt-express client

nackulous · October 19, 2019, 6:19pm

Normally I run express via custom systemctl I setup. Something like this: https://www.digitalocean.com/community/tutorials/how-to-use-systemctl-to-manage-systemd-services-and-units When you guys asked what’s the response, I ran the status systemctl command and was reminded that it only gives you a few lines. So I stopped the express server and ran it directly via node blahServer.js and watched the responses when I hit the website and it attempted to renew certs.

Here’s what I got with .testing() enabled…

NOW CONNECTED TO DB
[LEX] testing mode turned on
[LEX] default server: https://acme-staging.api.letsencrypt.org/directory

###################################################

Open up a browser and visit this server

at its domain name.

ENJOY!

###################################################

Note: testing certs will be installed because .testing() was called.
remove .testing() to get live certs.

[LEX] automatic registration handling turned on for testing.

[LEX] creating sniCallback {
“configDir”: “/home/nick/letsencrypt/etc”,
“debug”: true,
“webrootPath”: “/tmp/acme-challenge”,
“privkeyPath”: “/home/nick/letsencrypt/etc/live/:hostname/privkey.pem”,
“fullchainPath”: “/home/nick/letsencrypt/etc/live/:hostname/fullchain.pem”,
“certPath”: “/home/nick/letsencrypt/etc/live/:hostname/cert.pem”,
“chainPath”: “/home/nick/letsencrypt/etc/live/:hostname/chain.pem”,
“server”: “https://acme-staging.api.letsencrypt.org/directory”,
“letsencrypt”: {
“backend”: {}
}
}
Server is now listening on port 443…
[LEX] no certs loaded for ‘www.crowdcontrolrecords.com’
[LE] fetch
[letsencrypt/lib/common.js] fetchFromDisk
Error: ENOENT: no such file or directory, open ‘/home/nick/letsencrypt/etc/live/www.crowdcontrolrecords.com/privkey.pem’
at Error (native)
[LEX] fetch from disk result ‘www.crowdcontrolrecords.com’:
null
[LEX] ‘www.crowdcontrolrecords.com’ is not registered, requesting approval
[LEX] ‘www.crowdcontrolrecords.com’ registration approved, attempting register
[LE] register
[NLE]: begin registration
This Let’s Encrypt / ACME server has been updated with urls that this client doesn’t understand
{ ‘key-change’: ‘https://acme-staging.api.letsencrypt.org/acme/key-change’,
meta:
{ caaIdentities: [ ‘letsencrypt.org’ ],
‘terms-of-service’: ‘https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf’,
website: ‘https://letsencrypt.org/docs/staging-environment/’ },
‘new-authz’: ‘https://acme-staging.api.letsencrypt.org/acme/new-authz’,
‘new-cert’: ‘https://acme-staging.api.letsencrypt.org/acme/new-cert’,
‘new-reg’: ‘https://acme-staging.api.letsencrypt.org/acme/new-reg’,
pAn5U_Z11hs: ‘Adding random entries to the directory’,
‘revoke-cert’: ‘https://acme-staging.api.letsencrypt.org/acme/revoke-cert’ }
[le/core.js] use account
Account ‘ed812d0d50e92225ecd36b053a8b7540’ was corrupt. No big deal (I think?). Creating a new one…
[LEX] ‘www.crowdcontrolrecords.com’ register completed Error: Registration request failed: {
“type”: “urn:acme:error:unauthorized”,
“detail”: “Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555. See End of Life Plan for ACMEv1 for details.”,
“status”: 403
}
at handleErr (/home/nick/release/develop_671a19a/node_modules/letiny-core/lib/register-new-account.js:101:17)
at getTerms (/home/nick/release/develop_671a19a/node_modules/letiny-core/lib/register-new-account.js:28:16)
at Request._callback (/home/nick/release/develop_671a19a/node_modules/letiny-core/lib/acme-client.js:113:7)
at Request.self.callback (/home/nick/release/develop_671a19a/node_modules/request/request.js:187:22)
at emitTwo (events.js:106:13)
at Request.emit (events.js:191:7)
at Request. (/home/nick/release/develop_671a19a/node_modules/request/request.js:1044:10)
at emitOne (events.js:96:13)
at Request.emit (events.js:188:7)
at IncomingMessage. (/home/nick/release/develop_671a19a/node_modules/request/request.js:965:12)
at emitNone (events.js:91:20)
at IncomingMessage.emit (events.js:185:7)
at endReadableNT (_stream_readable.js:934:12)
at _combinedTickCallback (internal/process/next_tick.js:74:11)
at process._tickCallback (internal/process/next_tick.js:98:9) undefined
cert is NOT looking good
[LEX] certs for ‘www.crowdcontrolrecords.com’ recently failed and are still in cool down
[LEX] certs for ‘www.crowdcontrolrecords.com’ recently failed and are still in cool down