9peppe
March 24, 2020, 11:09am
44
fooby
March 24, 2020, 11:18am
45
hahah,
it doesnt want to give me a SSL cert does it!. Anything i can do to fettle the code to add a wait condition or something
9peppe
March 24, 2020, 11:22am
46
from time import sleep
sleep(seconds)
fooby
March 24, 2020, 11:43am
47
and i should insert that (for say 2 seconds) in at line 134? Or something like this?
find the http-01 challenge and write the challenge file
challenge = [c for c in authorization['challenges'] if c['type'] == "http-01"][0]
token = re.sub(r"[^A-Za-z0-9_\-]", "_", challenge['token'])
keyauthorization = "{0}.{1}".format(token, thumbprint)
wellknown_path = os.path.join(acme_dir, token)
from time import sleep
sleep(2)
with open(wellknown_path, "w") as wellknown_file:
wellknown_file.write(keyauthorization)
9peppe
March 24, 2020, 11:46am
48
that’s too early.
between 138 and 139, I’d say, after the comment and before the try
block (or inside the try block)
fooby
March 24, 2020, 11:49am
49
ah right ok, makese sense now. Sorry only really a config fettler not much of a coder.
check that the file is in place
from time import sleep
sleep(2)
try:
wellknown_url = "http://{0}/.well-known/acme-challenge/{1}".format(domain, token)
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
assert(disable_check or _do_request(wellknown_url, context=ctx)[0] == keyauthorization)
except (AssertionError, ValueError) as e:
raise ValueError("Wrote file to {0}, but couldn't download {1}: {2}".format(wellknown_path, wellknown_url, e))
So did that, rebooted box.
Traceback (most recent call last):
File “/usr/share/webmin/webmin/acme_tiny.py”, line 203, in
main(sys.argv[1:])
File “/usr/share/webmin/webmin/acme_tiny.py”, line 199, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca, disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact)
File “/usr/share/webmin/webmin/acme_tiny.py”, line 148, in get_crt
raise ValueError(“Wrote file to {0}, but couldn’t download {1}: {2}”.format(wellknown_path, wellknown_url, e))
ValueError: Wrote file to /home/sentinelfs/public_html/.well-known/acme-challenge/T5d2cmSY9zzCjdk36iPcLUA85btXXSrgyFWihbMSUiA, but couldn’t download http://sentinelfs.co/.well-known/acme-challenge/T5d2cmSY9zzCjdk36iPcLUA85btXXSrgyFWihbMSUiA: Error:
Url: http://sentinelfs.co/.well-known/acme-challenge/T5d2cmSY9zzCjdk36iPcLUA85btXXSrgyFWihbMSUiA
Data: None
Response Code: 404
Response:
404 Not Found
404 Not Found
nginx
9peppe
March 24, 2020, 11:58am
50
and I get the file, it does not.
I guess two seconds is not enough.
fooby
March 24, 2020, 12:00pm
51
weird, really cant believe this sort of fettling is needed. Ill up it to 5 seconds and see what happens.
fooby
March 24, 2020, 12:17pm
52
Traceback (most recent call last):
File “/usr/share/webmin/webmin/acme_tiny.py”, line 203, in
main(sys.argv[1:])
File “/usr/share/webmin/webmin/acme_tiny.py”, line 199, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca, disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact)
File “/usr/share/webmin/webmin/acme_tiny.py”, line 148, in get_crt
raise ValueError(“Wrote file to {0}, but couldn’t download {1}: {2}”.format(wellknown_path, wellknown_url, e))
ValueError: Wrote file to /home/sentinelfs/public_html/.well-known/acme-challenge/T5d2cmSY9zzCjdk36iPcLUA85btXXSrgyFWihbMSUiA, but couldn’t download http://sentinelfs.co/.well-known/acme-challenge/T5d2cmSY9zzCjdk36iPcLUA85btXXSrgyFWihbMSUiA: Error:
Url: http://sentinelfs.co/.well-known/acme-challenge/T5d2cmSY9zzCjdk36iPcLUA85btXXSrgyFWihbMSUiA
Data: None
Response Code: 404
Response:
404 Not Found
404 Not Found
nginx
still failed. It must be something else?
9peppe
March 24, 2020, 12:20pm
53
I don’t even.
You can try putting disable_check=True
before the try block.
1 Like
fooby
March 24, 2020, 12:46pm
54
Requesting a certificate for sentinelfs.co , www.sentinelfs.co from Let’s Encrypt …
… request was successful!
Configuring webserver to use new certificate and key …
… done
Applying web server configuration …
… done
!!!
yay
Thank you very much for your help, what a mess on. Would kinda love to understand why we need to disable the check. But i guess thats for people smarter than me.
9peppe
March 24, 2020, 12:49pm
55
All this will be lost when virtualmin upgrades. You should check if you can switch clients.
(it can be a lot of things with your software, network, or both)
fooby
March 24, 2020, 12:49pm
56
True, but there has been no upgrades i’m aware of from when it worked before and now. I’ll keep an eye on this and any upgrades i might need to do to virtualmin.
system
Closed
April 23, 2020, 12:49pm
57
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.