Let's encrypt error

After I enabled the Let's encrypt (Under WAF) , I get this error:

Logging:

2018:09:24-12:14:12 mail letsencrypt[8563]: I Create account: creating new Let's Encrypt acccount
2018:09:24-12:14:12 mail letsencrypt[8563]: E Create account: TOS_UNAVAILABLE: Failed to retrieve current Terms of Service from remote server: 500 SSL_ca_path /etc/ssl/certs is not accessable
2018:09:24-12:14:12 mail letsencrypt[8563]: E Create account: failed to create account

Parents

+2 ewadie over 5 years ago

twister5800 said:

After I enabled the Let's encrypt (Under WAF) , I get this error:

Thanks for reporting this. Unfortunately the permissions of /etc/ssl/certs are no set properly by the Beta update.

You can fix this on the command line:

chmod 0755 /etc/ssl/certs

Then try again to enable Let's Encrypt.

We're tracking this as NUTM-10315.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Reject Answer

Cancel

0 twister5800 over 5 years ago in reply to ewadie

And we are happy:

2018:09:24-13:48:39 mail letsencrypt[22832]: I Create account: creating new Let's Encrypt acccount
2018:09:24-13:48:40 mail letsencrypt[22832]: I Create account: running command: /var/storage/chroot-reverseproxy/usr/dehydrated/bin/dehydrated -f /var/storage/chroot-reverseproxy/usr/dehydrated/conf/config --register --accept-terms



:-)

-----

Best regards
Martin

Sophos XGS 2100 @ Home | Sophos v20 Architect

0 twister5800 over 5 years ago in reply to twister5800

You can type wildcard names, which gives error notifications, UTM should deny even creating them in Webadmin :-)

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: Connection: close

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED:

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: {

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: "type": "urn:acme:error:malformed",

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: "detail": "Error creating new authz :: Wildcard names not supported",

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: "status": 400

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: }

2018:09:24-13:52:07 mail letsencrypt[23910]: I Renew certificate: sending notification WARN-603

2018:09:24-13:52:07 mail letsencrypt[23910]: [WARN-603] Let's Encrypt certificate renewal failed accessing Let's Encrypt service

2018:09:24-13:52:07 mail letsencrypt[23910]: I Renew certificate: execution completed (CSRs renewed: 0, failed: 1)

-----

Best regards
Martin

Sophos XGS 2100 @ Home | Sophos v20 Architect
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 mle over 5 years ago in reply to twister5800

twister5800 said:

You can type wildcard names, which gives error notifications, UTM should deny even creating them in Webadmin :-)

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: Connection: close

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED:

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: {

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: "type": "urn:acme:error:malformed",

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: "detail": "Error creating new authz :: Wildcard names not supported",

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: "status": 400

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: }

2018:09:24-13:52:07 mail letsencrypt[23910]: I Renew certificate: sending notification WARN-603

2018:09:24-13:52:07 mail letsencrypt[23910]: [WARN-603] Let's Encrypt certificate renewal failed accessing Let's Encrypt service

2018:09:24-13:52:07 mail letsencrypt[23910]: I Renew certificate: execution completed (CSRs renewed: 0, failed: 1)

Thank you for your feedback. We've filed this issue internally and are tracking it now as NUTM-10316.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 mle over 5 years ago in reply to twister5800

twister5800 said:

You can type wildcard names, which gives error notifications, UTM should deny even creating them in Webadmin :-)

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: Connection: close

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED:

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: {

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: "type": "urn:acme:error:malformed",

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: "detail": "Error creating new authz :: Wildcard names not supported",

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: "status": 400

2018:09:24-13:52:06 mail letsencrypt[23910]: E Renew certificate: COMMAND_FAILED: }

2018:09:24-13:52:07 mail letsencrypt[23910]: I Renew certificate: sending notification WARN-603

2018:09:24-13:52:07 mail letsencrypt[23910]: [WARN-603] Let's Encrypt certificate renewal failed accessing Let's Encrypt service

2018:09:24-13:52:07 mail letsencrypt[23910]: I Renew certificate: execution completed (CSRs renewed: 0, failed: 1)

Thank you for your feedback. We've filed this issue internally and are tracking it now as NUTM-10316.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data