Fatal error during cert install on Plesk


#1

During installation of certificate on Plesk Onyx server

My domain is: https://plesk.topline.cloud

I ran this command: # sudo -H ./letsencrypt-auto certonly --standalone -d plesk.topline.cloud

It produced this output:
Upgrading certbot-auto 0.22.0 to 0.22.1…
Replacing certbot-auto…
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for plesk.topline.cloud
Cleaning up challenges
Encountered exception during recovery
’HTTP01’ object has no attribute 'achalls’
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/error_handler.py”, line 100, in _call_registered
self.funcs-1
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/auth_handler.py”, line 299, in _cleanup_challenges
achalls = self._get_all_achalls(aauthzrs)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/auth_handler.py”, line 138, in _get_all_achalls
all_achalls.extend(aauthzr.achalls)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/achallenges.py”, line 45, in getattr
return getattr(self.challb, name)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/acme/messages.py”, line 388, in getattr
return getattr(self.chall, name)
AttributeError: ‘HTTP01’ object has no attribute 'achalls’
Problem binding to port 80: Could not bind to IPv4 or IPv6.

My web server is (include version): apache 2.4
The operating system my web server runs on is: CentOS7
My hosting provider, if applicable, is: Linode
I can login to a root shell on my machine: yes
I’m using a control panel to manage my site: Plesk Onyx


#2

You caught a bug and we’ll be fixing it shortly.

Thanks for the report and sorry for the trouble!


#3

Try running certbot-auto again. The initial issue you reported should have been resolved.


#4

[root@li505-108 letsencrypt]# ./certbot-auto -d plesk.topline.cloud
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate and install certificates?

1: Apache Web Server plugin - Beta (apache)
2: Nginx Web Server plugin - Alpha (nginx)

Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 2
Plugins selected: Authenticator nginx, Installer nginx
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for plesk.topline.cloud
Using default address 80 for authentication.
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. plesk.topline.cloud (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://plesk.topline.cloud/.well-known/acme-challenge/D-faEj0ZaKOE2vtsYs660XnfAhZuydzxK3fmenEdCek:
IMPORTANT NOTES:


Here’s the latest log entry:

2018-03-20 03:47:41,411:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/bin/letsencrypt”, line 11, in
sys.exit(main())
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/main.py”, line 1266, in main
return config.func(config, plugins)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/main.py”, line 1031, in run
certname, lineage)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/main.py”, line 118, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/client.py”, line 350, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/client.py”, line 294, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/client.py”, line 330, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/auth_handler.py”, line 79, in handle_authorizations
self._respond(aauthzrs, resp, best_effort)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/auth_handler.py”, line 154, in _respond
self._poll_challenges(aauthzrs, chall_update, best_effort)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/auth_handler.py”, line 220, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. plesk.topline.cloud (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://plesk.topline.cloud/.well-known/acme-challenge/D-faEj0ZaKOE2vtsYs660XnfAhZuydzxK3fmenEdCek: "

404 Not Found

Not Found

<p"

#5

Also tried this after making sure to kill all httpd processes and restart apache

[root@li505-108 letsencrypt]# sudo -H ./letsencrypt-auto certonly --standalone -d plesk.topline.cloud
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for plesk.topline.cloud
Cleaning up challenges
Problem binding to port 80: Could not bind to IPv4 or IPv6.
________________________________-

logfile

2018-03-20 04:15:20,655:DEBUG:certbot.error_handler:Calling registered functions
2018-03-20 04:15:20,655:INFO:certbot.auth_handler:Cleaning up challenges
2018-03-20 04:15:20,656:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/bin/letsencrypt”, line 11, in
sys.exit(main())
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/main.py”, line 1266, in main
return config.func(config, plugins)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/main.py”, line 1157, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/main.py”, line 118, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/client.py”, line 350, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/client.py”, line 294, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/client.py”, line 330, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/auth_handler.py”, line 72, in handle_authorizations
resp = self._solve_challenges(aauthzrs)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/auth_handler.py”, line 124, in _solve_challenges
resp = self.auth.perform(all_achalls)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/standalone.py”, line 221, in perform
return [self._try_perform_single(achall) for achall in achalls]
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/standalone.py”, line 228, in _try_perform_single
_handle_perform_error(error)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/standalone.py”, line 226, in _try_perform_single
return self._perform_single(achall)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/standalone.py”, line 232, in _perform_single
servers, response = self._perform_http_01(achall)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/standalone.py”, line 241, in _perform_http_01
servers = self.servers.run(port, challenges.HTTP01, listenaddr=addr)
File “/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/standalone.py”, line 67, in run
raise errors.StandaloneBindError(error, port)
StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.


#6

Hi, wondering there’s any further advice regarding the last 2 responses.


#7

@schoen, are you able to help debug these more common validation and port binding errors now that the initial Certbot bug has been resolved?


#8

I got the cert installed. You can close this issue.
Thanks.


#9

Glad to hear it. Sorry I wasn’t able to help you more myself.


#10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.