Project

General

Profile

Actions

Bug #14199

open

ACME - Issue with corrupted cert

Added by Juan Francisco Rodriguez Garcia 2 months ago. Updated 12 days ago.

Status:
New
Priority:
Normal
Assignee:
Category:
ACME
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
All
Affected Plus Version:
23.01
Affected Architecture:
All

Description

Hi team

After creating a new cert in HAProxy i got an timeout on the webui interface then receive this error:

PHP ERROR: Type: 1, File: /usr/local/www/acme/acme_certificates.php, Line: 261, Message: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/www/acme/acme_certificates.php:261
Stack trace:
#0 {main}

I can see the certificate but i dont have the option to delete the cert

thanks


Files

Captura de pantalla 2023-03-28 a las 23.54.26.png (37.4 KB) Captura de pantalla 2023-03-28 a las 23.54.26.png Juan Francisco Rodriguez Garcia, 03/28/2023 04:54 PM
Captura de pantalla 2023-03-28 a las 23.54.33.png (22 KB) Captura de pantalla 2023-03-28 a las 23.54.33.png Juan Francisco Rodriguez Garcia, 03/28/2023 04:54 PM
acme.xml (862 Bytes) acme.xml acme xml Jerold Von Hemel, 03/28/2023 05:34 PM
Captura de pantalla 2023-03-30 a las 0.27.06.png (190 KB) Captura de pantalla 2023-03-30 a las 0.27.06.png Juan Francisco Rodriguez Garcia, 03/29/2023 05:28 PM
hszsyKiBdC.png (134 KB) hszsyKiBdC.png error Kevin Dorff, 04/06/2023 12:09 PM
PHP_errors (1).log.zip (1.12 KB) PHP_errors (1).log.zip Juan Francisco Rodriguez Garcia, 04/12/2023 05:44 AM
Actions #1

Updated by Jerold Von Hemel 2 months ago

Attaching the Acme section of my config.xml backup which had this issue after upgrading to the new release on Feb 17 2023

Actions #2

Updated by Jim Pingle 2 months ago

  • Assignee set to Jim Pingle

The attached configuration snippet isn't a valid configuration for ACME. I'm not sure how it ended up in that state, but the domain list is empty so it couldn't have been doing anything useful. Input validation prevents me from even attempting to create an entry such as that, so I'm not sure what happened there.

The other errors appear to be from invalid certificate data as well.

And the original description here mentions HAProxy, not ACME. HAProxy doesn't have anything to do with ACME directly, though there are ways to hook them together they aren't done by default.

Actions #3

Updated by Juan Francisco Rodriguez Garcia 2 months ago

Hi Jim .

My bad, I said HAProxy by mistake, I am using ACME for this, attached screenshot

Actions #4

Updated by Kevin Dorff 2 months ago

I'm running pfSense+ 23.01 on a Netgate 2100.

This morning I was removing HAProxy (I've migrated to Nginx Proxy Manager (NPM) on another machine). Since NPM is now handling the wildcard cert, I wanted to remove it from pfSense's ACME configuration.

I deleted it and am now left with the error outlined above. See attached.

Actions #6

Updated by Juan Francisco Rodriguez Garcia 12 days ago

Problem continues after update to 23.05

Actions

Also available in: Atom PDF