Project

General

Profile

Actions

Bug #14796

open

ACME for domain registrar INWX in Germany

Added by K. K. 5 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
ACME
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
2.7.0
Affected Plus Version:
Affected Architecture:
amd64

Description

I am using ACME with INWX in Germany and automatic renewal has worked up to (at least) 11 July 2023. The latest renewal, however, did no longer work despite no changes to the pfSense System. I got in contact with the INWX support and they said that their API now also supports HTTPS/2 while previosly they only offered HTTP/1 and 1.1. Their explanation for the issue was as follows:

HTTP/1 and 1.1 both support uppercase parameters, whilst HTTP/2 automatically converts those to lowercase, which results in ACME being unable to store the cookie, thus loosing access to the system.

Their initial suggestion was to update to the latest version of ACME - which I did (in one go for both pfSense to 2.7 CE and ACME to 0.7.5). Unfortunately, the problem persisted after the update, but they then provided me with a quick solution as follows:

In the dns_inwx.sh script there is one line, line 197, which slightly needs to be changed as follows:
OLD LINE: INWX_Cookie=$(printf "Cookie: %s" "$(grep "domrobot=" "$HTTP_HEADER" | grep "^Set-Cookie:" | _tail_n 1 | _egrep_o 'domrobot=[^;]*;' | tr -d ';')")
NEW LINE: INWX_Cookie=$(printf "Cookie: %s" "$(grep "domrobot=" "$HTTP_HEADER" | grep -i "^Set-Cookie:" | _tail_n 1 | _egrep_o 'domrobot=[^;]*;' | tr -d ';')")

In other words: the grep in the sequence '| grep "^Set-Cookie:" |' needs to be made case-insensitive and thus read '| grep -i "^Set-Cookie:" |'

After this small change, the renewal of certificates again works as before and the problem appears to be solved.

BTW, the (original) source code on github under https://github.com/acmesh-official/acme.sh/blob/master/dnsapi/dns_inwx.sh also contains the "grep -i" command on line 197 - though I have not checked whether there are other changes in that file.

No data to display

Actions

Also available in: Atom PDF