Issue with the lambda function for cert renewam

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: shravyaitsolutions.com

I ran this command:lambda function/python 3.7.4 - letslambda

It produced this output:

[ERROR] AttributeError: 'Directory field "new-authz" not found'
Traceback (most recent call last):
File "/var/task/letslambda.py", line 542, in lambda_handler
authorization_resource = get_authorization(acme_client, domain)
File "/var/task/letslambda.py", line 100, in get_authorization
authorization_resource = client.request_domain_challenges(domain['name'])
File "/var/task/acme/client.py", line 344, in request_domain_challenges
typ=messages.IDENTIFIER_FQDN, value=domain), new_authzr_uri)
File "/var/task/acme/client.py", line 321, in request_challenges
response = self._post(self.directory.new_authz, new_authz)
File "/var/task/acme/messages.py", line 243, in getattr
raise AttributeError(str(error))

My web server is (include version):lambda function/python 3.7.4

The operating system my web server runs on is (include version):ubuntu

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.14.0 / git

Hi @sureshby

that's wrong, see

https://acme-v02.api.letsencrypt.org/directory

new-order exists.

So you use an ACME.v.1 - client, that's deprecated.

Update your client or use another client.

1 Like

Yeah, I can't find anything on the Internet called "letslambda" that's newer than 2016. Can you say where you got it from? It may just be that the client you're using is something that was abandoned by whoever wrote it, and doesn't work with the now-standardized ACME specification.

There are other Python clients that you might be able to finagle into Lambda somehow. But I think that there wasn't nearly as much interest in integrating Let's Encrypt clients into AWS Lambda once Amazon released their own Certificate Manager which also gives free certificates for use within their managed services.

For myself, I did want to get my own certificates from Let's Encrypt to install on my own servers using Lambda, and so I put together my own Node.js-based Lambda function, but just to be clear it's just something I threw together for my own purposes and may "require only minimal configuration and tweaking" to fit whatever you're trying to do. But the use cases where you actually need it are getting more and more rare, as (if you're staying within AWS) you can usually use their own Certificate Manager, in same cases even from inside an EC2 server.

Hi,

Thanks for the response
Yes , it is a older version of the code - looks to be written for acme 1

Thanks & Regards,
Suresh Babu Y

Yup. ACME v1 is almost completely gone.

But from a quick look at that letslambda README, it seems to be designed for use with AWS ELB, and since you can get certificates in AWS Certificate Manager for use in ELB without needing Let's Encrypt anymore the author probably never bothered to update it.

Looks like the author even posted about it here, once upon a time:

@kiddouk was last seen on this forum in June 2016.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.