Project

General

Profile

Actions
Copy link

Bug #10476

closed

Services - Acme - Certificates using loopia API

Added by Tobias Müllauer about 4 years ago. Updated almost 4 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
ACME
Target version:
-
Start date:
04/18/2020
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:
amd64

Description

Hello i am trying to add certificate from letsecrypt using Acme.

I try diferent setup but it seams Acme try to add Check sub domain as TTL 60

Loopia dont accept this only 300 minimum.

Se the output

Fortnox
Renewing certificate
account:
server: letsencrypt-production-2

/usr/local/pkg/acme/acme.sh --issue -d 'Fortnox.xxx.se' --dns 'dns_loopia' --home '/tmp/acme/Fortnox/' --accountconf '/tmp/acme/Fortnox/accountconf.conf' --force --reloadCmd '/tmp/acme/Fortnox/reloadcmd.sh' --log-level 3 --log '/tmp/acme/Fortnox/acme_issuecert.log'
Array
(
[path] => /etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin/
[PATH] => /etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin/
[LOOPIA_User] =>
[LOOPIA_Password] =>
)
[Sun Apr 19 00:41:17 CEST 2020] Single domain='Fortnox.xxx.se'
[Sun Apr 19 00:41:17 CEST 2020] Getting domain auth token for each domain
[Sun Apr 19 00:41:20 CEST 2020] Getting webroot for domain='Fortnox.xxx.se'
[Sun Apr 19 00:41:20 CEST 2020] Adding txt value: for domain: _acme-challenge.Fortnox.xxx.se
[Sun Apr 19 00:41:20 CEST 2020] Adding record
[Sun Apr 19 00:41:21 CEST 2020] Error
[Sun Apr 19 00:41:21 CEST 2020] Error
[Sun Apr 19 00:41:21 CEST 2020] Error add txt for domain:_acme-challenge.Fortnox.xxx.se
[Sun Apr 19 00:41:21 CEST 2020] Please check log file for more details: /tmp/acme/Fortnox/acme_issuecert.log

[Sun Apr 19 00:41:20 CEST 2020] _postContentType
[Sun Apr 19 00:41:20 CEST 2020] Http already initialized.
[Sun Apr 19 00:41:20 CEST 2020] _CURL='curl -L --silent --dump-header /tmp/acme/Fortnox//http.header -g '
[Sun Apr 19 00:41:21 CEST 2020] _ret='0'
[Sun Apr 19 00:41:21 CEST 2020] Error
[Sun Apr 19 00:41:21 CEST 2020] POST
[Sun Apr 19 00:41:21 CEST 2020] _post_url='https://api.loopia.se/RPCSERV'
[Sun Apr 19 00:41:21 CEST 2020] body='
<methodCall>
<methodName>addZoneRecord</methodName>
<params>
<param>
<value><string>account</string></value>
</param>
<param>
<value><string></string></value>
</param>
<param>
<value><string>se</string></value>
</param>
<param>
<value><string>_acme-challenge.Fortnox.xxx</string></value>
</param>
<param>
<struct>
<member>
<name>type</name>
<value><string>TXT</string></value>
</member>
<member>
<name>priority</name>
<value><int>0</int></value>
</member>
<member>
<name>ttl</name>
<value><int>60</int></value>
</member>
<member>
<name>rdata</name>
<value><string>N69VjqhMdEDJbnQj86Kv-l4459nOO_NeD7Y15zKLGqI</string></value>
</member>
</struct>
</param>
</params>
</methodCall>'
[Sun Apr 19 00:41:21 CEST 2020] _postContentType
[Sun Apr 19 00:41:21 CEST 2020] Http already initialized.
[Sun Apr 19 00:41:21 CEST 2020] _CURL='curl -L --silent --dump-header /tmp/acme/Fortnox//http.header -g '
[Sun Apr 19 00:41:21 CEST 2020] _ret='0'
[Sun Apr 19 00:41:21 CEST 2020] Error
[Sun Apr 19 00:41:21 CEST 2020] Error add txt for domain:_acme-challenge.Fortnox.xxx.se
[Sun Apr 19 00:41:21 CEST 2020] _on_issue_err
[Sun Apr 19 00:41:21 CEST 2020] Please check log file for more details: /tmp/acme/Fortnox/acme_issuecert.log
[Sun Apr 19 00:41:21 CEST 2020] _chk_vlist='Fortnox.xxx.se#TOKEN.v1dLdM-umh7cUnP1mSJ2Fhn0-zM_b2UYl3gti_e5WVA#https://acme-v02.api.letsencrypt.org/acme/chall-v3/4042003242/LjpsHA#dns-01#dns_loopia,'
[Sun Apr 19 00:41:21 CEST 2020] start to deactivate authz
[Sun Apr 19 00:41:21 CEST 2020] Trigger domain validation.
[Sun Apr 19 00:41:21 CEST 2020] _t_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4042003242/LjpsHA'
[Sun Apr 19 00:41:21 CEST 2020] _t_key_authz='TOKEN.v1dLdM-umh7cUnP1mSJ2Fhn0-zM_b2UYl3gti_e5WVA'
[Sun Apr 19 00:41:21 CEST 2020] _t_vtype
[Sun Apr 19 00:41:21 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4042003242/LjpsHA'
[Sun Apr 19 00:41:21 CEST 2020] payload='{}'
[Sun Apr 19 00:41:21 CEST 2020] Use cached jwk for file: /tmp/acme/Fortnox//ca/acme-v02.api.letsencrypt.org/account.key
[Sun Apr 19 00:41:21 CEST 2020] base64 single line.
[Sun Apr 19 00:41:21 CEST 2020] payload64='e30'
[Sun Apr 19 00:41:21 CEST 2020] _request_retry_times='1'
[Sun Apr 19 00:41:21 CEST 2020] Use _CACHED_NONCE='01013HXSFBOL5K3KQE5v4yk1BcLQkhQOZvTcaBDm2eYryE0'
[Sun Apr 19 00:41:21 CEST 2020] nonce='01013HXSFBOL5K3KQE5v4yk1BcLQkhQOZvTcaBDm2eYryE0'

[Sun Apr 19 00:41:22 CEST 2020] responseHeaders='HTTP/2 200
server: nginx
date: Sat, 18 Apr 2020 22:41:21 GMT
content-type: application/json
content-length: 184
boulder-requester: 80635259
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory&gt;;rel="index"
link: <https://acme-v02.api.letsencrypt.org/acme/authz-v3/4042003242&gt;;rel="up"
location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/4042003242/LjpsHA
replay-nonce: 0101mzycGMVsq5BpSGMI8t5A4Qptbr_6mK9fLFjh6NkBZpE
x-frame-options: DENY
strict-transport-security: max-age=604800

'
[Sun Apr 19 00:41:22 CEST 2020] code='200'
[Sun Apr 19 00:41:22 CEST 2020] original='{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/4042003242/LjpsHA",
"token": "TOKEN"
}'
[Sun Apr 19 00:41:22 CEST 2020] response='{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/4042003242/LjpsHA","token":"TOKEN"}'
[Sun Apr 19 00:41:22 CEST 2020] pid
[Sun Apr 19 00:41:22 CEST 2020] No need to restore nginx, skip.
[Sun Apr 19 00:41:22 CEST 2020] _clearupdns
[Sun Apr 19 00:41:22 CEST 2020] dns_entries
[Sun Apr 19 00:41:22 CEST 2020] skip dns.

Files

at loopia.PNG (12.7 KB) at loopia.PNG Tobias Müllauer, 04/18/2020 05:50 PM
Actions
Copy link
 #1

Updated by Jim Pingle about 4 years ago

  • Status changed from New to Needs Patch
  • Target version deleted (2.5.0)
  • Affected Version deleted (2.5.0)

The TTL value of 60 is hardcoded in the dns_loopia.sh script, which comes from the acme.sh project. You need to open an issue upstream with them: https://github.com/acmesh-official/acme.sh

Actions
Copy link
 #2

Updated by Tobias Müllauer about 4 years ago

Jim Pingle wrote:

The TTL value of 60 is hardcoded in the dns_loopia.sh script, which comes from the acme.sh project. You need to open an issue upstream with them: https://github.com/acmesh-official/acme.sh

Done.

Actions
Copy link
 #3

Updated by Viktor Gurov about 4 years ago

Tobias Müllauer wrote:

Jim Pingle wrote:

The TTL value of 60 is hardcoded in the dns_loopia.sh script, which comes from the acme.sh project. You need to open an issue upstream with them: https://github.com/acmesh-official/acme.sh

Done.

https://github.com/acmesh-official/acme.sh/pull/2877

Actions
Copy link
 #4

Updated by Viktor Gurov almost 4 years ago

  • Status changed from Needs Patch to Resolved

resolved in the latest acme pkg 0.6.8:

/usr/local/pkg/acme/dnsapi/dns_loopia.sh:
<member>
            <name>ttl</name>
            <value><int>300</int></value>
          </member>

Actions
Copy link

Also available in: Atom PDF