Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ssl no longer works #55

Open
deserat opened this issue Dec 13, 2017 · 1 comment
Open

ssl no longer works #55

deserat opened this issue Dec 13, 2017 · 1 comment

Comments

@deserat
Copy link

deserat commented Dec 13, 2017

dc scale nginx=1 using latest and 1.13-r7.0.1 produces the following output.

2017/12/13 01:18:13 # INFO: Using main config file /etc/acme/dehydrated/config.staging
2017/12/13 01:18:14 + Generating account key...
2017/12/13 01:18:18 + Registering account key with ACME server...
2017/12/13 01:18:19   + ERROR: An error occurred while sending post-request to https://acme-staging.api.letsencrypt.org/acme/new-reg (Status 400)
2017/12/13 01:18:19 
2017/12/13 01:18:19 Details:
2017/12/13 01:18:19 {
2017/12/13 01:18:19   "type": "urn:acme:error:malformed",
2017/12/13 01:18:19   "detail": "Provided agreement URL [https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf] does not match current agreement URL [https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf]",
2017/12/13 01:18:19   "status": 400
2017/12/13 01:18:19 }
2017/12/13 01:18:19 
2017/12/13 01:18:19 rm: cannot remove '/etc/acme/dehydrated/domains.txt': No such file or directory
2017/12/13 01:18:19 
2017/12/13 01:18:19 
2017/12/13 01:18:19 Error registering account key. See message above for more information.
2017/12/13 01:18:19 check.nginx-ssl exited with error: check.nginx-ssl: exit status 1

I built an new image and added... LICENSE="https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf" to the config.staging and config.production. That results in

2017/12/13 01:32:12 ACME leader claimed
2017/12/13 01:32:12 # INFO: Using main config file /etc/acme/dehydrated/config.staging
2017/12/13 01:32:12 ERROR: Lock file '/etc/acme/dehydrated/lock' present, aborting.
2017/12/13 01:32:12 check.nginx-ssl exited with error: check.nginx-ssl: exit status 1
2017/12/13 01:32:22 curl: (7) Failed to connect to prod.curry4dronedrop.com port 443: Connection refused
2017/12/13 01:32:22 check.nginx-public-ssl exited with error: check.nginx-public-ssl: exit status 7
2017/12/13 01:32:22 curl: (6) Could not resolve host: prod.curry4dronedrop.com"
2017/12/13 01:32:22 curl: (7) Failed to connect to localhost port 443: Connection refused
2017/12/13 01:32:22 check.nginx-public-ssl exited with error: check.nginx-public-ssl: exit status 7
2017/12/13 01:32:22 Renewing Consul session 7ef0d31e-0e88-12ba-0343-4cbe4e9cc8fe... complete

being repeated endlessly in the docker log. I've validated the domain is resolvable from both inside and outside the the container.
@deserat deserat changed the title ssl not longer works ssl no longer works Dec 13, 2017
@LibertyBeta
Copy link

I can also replicate this with a new cert, not a renewal. Why haven't we moved to using something like certbot?

tjcelaya added a commit to tjcelaya/autopilotpattern-nginx that referenced this issue Jan 18, 2018
@tjcelaya
Resolve autopilotpattern#55 by specifying the latest agreement URL in…
d4a3e1d 
… the configs for dehydrated
@tjcelaya tjcelaya mentioned this issue Jan 18, 2018
Open
filippobosi added a commit to filippobosi/nginx that referenced this issue May 12, 2019
@filippobosi
Merge pull request #1 from filippobosi/fix/55-letsencrypt-agreement-url
7699a25 
Resolve autopilotpattern#55 by specifying the latest agreement URL in the configs for…
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@deserat @LibertyBeta