kong
kong copied to clipboard
Kong
Bug when triggering renewal of cert in acme plugin
Is there an existing issue for this?
- [X] I have searched the existing issues
Kong version ($ kong version)
3.5.0
Current Behavior
I try to trigger a renewal of certificates and there seems to be some issue in the acme client.
This is the request I do towards the admin-api:
curl http://XX.XXX.XXX.XXX:8001/acme -XPATCH
The response from my request is this:
{"message":"Renewal process started successfully"}
This is the error message from Kong:
Jan 28 18:09:58 fra1-kong-001 docker[138569]: kong-api | 2024/01/28 18:09:58 [error] 1280#0: *200803 [lua] job.lua:284: execute(): [timer-ng] failed to run timer unix_timestamp=1706465398520.000000;counter=13563:meta=debug off: /usr/local/share/lua/5.1/kong/plugins/acme/client.lua:512: attempt to index local 'config' (a boolean value), context: ngx.timer
Jan 28 18:09:58 fra1-kong-001 docker[138569]: kong-api | XX.XXX.XXX.XXX - - [28/Jan/2024:18:09:58 +0000] "PATCH /acme HTTP/1.1" 202 50 "-" "curl/8.4.0"
Expected Behavior
I except the existing certificates to be renewed and not get stuck with the "old" ones.
Steps To Reproduce
- Trigger a renew of certificate:
curl http://XX.XXX.XXX.XXX:8001/acme -XPATCH
Anything else?
I use DecK for configuring Kong, but I've done that since months and without any problem.
If I recall correct I did not have the renewal issue when I run an older version of Kong (not 3.5.0), but I don't remember the version back then.
I think it's related to the :configure handler change that recently introduced, there's a GH discussion around it too but I can't find it right now. cc @bungle
https://github.com/Kong/kong/blob/master/kong/plugins/acme/handler.lua#L93
@fffonion, looked also there and the only one I found could be relevant was #12224 but without any further information. But this issue must have started with PR #11703 from @bungle..
I'll add new certs manually for now so that my things don't stop work mid next week :P
