Project

General

Profile

Actions
Copy link

Bug #14199

closed

ACME - Issue with corrupted cert

Added by Juan Francisco Rodriguez Garcia about 2 years ago. Updated almost 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Jim Pingle
Category:
ACME
Target version:
-
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Affected Version:
All
Affected Plus Version:
23.01
Affected Architecture:
All

Description

Hi team

After creating a new cert in HAProxy i got an timeout on the webui interface then receive this error:

PHP ERROR: Type: 1, File: /usr/local/www/acme/acme_certificates.php, Line: 261, Message: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/www/acme/acme_certificates.php:261
Stack trace:
#0 {main}

I can see the certificate but i dont have the option to delete the cert

thanks

Files

Download all files
Captura de pantalla 2023-03-28 a las 23.54.26.png (37.4 KB) Captura de pantalla 2023-03-28 a las 23.54.26.png Juan Francisco Rodriguez Garcia, 03/28/2023 04:54 PM
Captura de pantalla 2023-03-28 a las 23.54.33.png (22 KB) Captura de pantalla 2023-03-28 a las 23.54.33.png Juan Francisco Rodriguez Garcia, 03/28/2023 04:54 PM
acme.xml (862 Bytes) acme.xml acme xml Jerold Von Hemel, 03/28/2023 05:34 PM
Captura de pantalla 2023-03-30 a las 0.27.06.png (190 KB) Captura de pantalla 2023-03-30 a las 0.27.06.png Juan Francisco Rodriguez Garcia, 03/29/2023 05:28 PM
hszsyKiBdC.png (134 KB) hszsyKiBdC.png error Kevin Dorff, 04/06/2023 12:09 PM
PHP_errors (1).log.zip (1.12 KB) PHP_errors (1).log.zip Juan Francisco Rodriguez Garcia, 04/12/2023 05:44 AM
Actions
Copy link
 #1

Updated by Jerold Von Hemel about 2 years ago

Attaching the Acme section of my config.xml backup which had this issue after upgrading to the new release on Feb 17 2023

Actions
Copy link
 #2

Updated by Jim Pingle about 2 years ago

  • Assignee set to Jim Pingle

The attached configuration snippet isn't a valid configuration for ACME. I'm not sure how it ended up in that state, but the domain list is empty so it couldn't have been doing anything useful. Input validation prevents me from even attempting to create an entry such as that, so I'm not sure what happened there.

The other errors appear to be from invalid certificate data as well.

And the original description here mentions HAProxy, not ACME. HAProxy doesn't have anything to do with ACME directly, though there are ways to hook them together they aren't done by default.

Actions
Copy link
 #3

Updated by Juan Francisco Rodriguez Garcia about 2 years ago

Hi Jim .

My bad, I said HAProxy by mistake, I am using ACME for this, attached screenshot

Actions
Copy link
 #4

Updated by Kevin Dorff about 2 years ago

I'm running pfSense+ 23.01 on a Netgate 2100.

This morning I was removing HAProxy (I've migrated to Nginx Proxy Manager (NPM) on another machine). Since NPM is now handling the wildcard cert, I wanted to remove it from pfSense's ACME configuration.

I deleted it and am now left with the error outlined above. See attached.

Actions
Copy link
 #6

Updated by Juan Francisco Rodriguez Garcia almost 2 years ago

Problem continues after update to 23.05

Actions
Copy link
 #7

Updated by Jim Pingle almost 2 years ago

  • Status changed from New to In Progress
Actions
Copy link
 #8

Updated by Jim Pingle almost 2 years ago

  • Status changed from In Progress to Feedback
  • % Done changed from 0 to 100

Fixed in ACME pkg v0.7.4

Actions
Copy link
 #9

Updated by Danilo Zrenjanin almost 2 years ago

  • Status changed from Feedback to Resolved

Perhaps this issue is related to the https://redmine.pfsense.org/issues/14592

I couldn't recreate any of the reported issues in ACME pkg v0.7.5

I am marking this ticket resolved.

Actions
Copy link

Also available in: Atom PDF