Master list of Certbot error strings


#1

Is there a master list of certbot error strings?

I have all the “urn:acme:error:connection”, “urn:acme:error:unauthorized”, etc, but there are several other strings I can’t find in the code:
e.g. “Wildcard domains are not supported”, “An unexpected error occurred: ConnectionError”

Is there some place these are defined/localised?

I’m trying to programmatically parse the certbot stdout/stderr to map the errors to internal codes.


#2

Something like that?

https://tools.ietf.org/html/draft-ietf-acme-acme-14#page-15

Important part:

This list is not exhaustive. The server MAY return errors whose “type” field is set to a URI other than those defined above. Servers MUST NOT use the ACME URN namespace Section 9.6 for errors other than the standard types. Clients SHOULD display the “detail” field of all errors.

(for acme V1 you should check that document too: https://github.com/letsencrypt/boulder/blob/master/docs/acme-divergences.md )


#3

You’re seeing different kinds of errors:

  • ACME errors from the CA (where the CA gave a reason why a certificate couldn’t be issued)
  • Errors generated by Certbot itself (for example, warning the user that Certbot failed to parse a file or command-line option, or that Certbot knows that a request couldn’t succeed)
  • Runtime errors from libraries like the networking library (for example, explaining that Certbot couldn’t connect to the CA)

Some of the strings that you’re referring to here are in the third category and are in other Python libraries that Certbot calls into, such as the requests library or one of its own dependencies.

We haven’t tried to make Certbot errors machine-readable in general, so I think this will be a difficult exercise to fully enumerate these.


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.