caprover icon indicating copy to clipboard operation
caprover copied to clipboard

Published 20 hours ago verified publisher icon caprover

changing ssl generation endpoint

Open LiquidITGuy opened this issue 4 years ago • 5 comments

IMPORTANT: This is a bug report. If you are having problem with deploying a particular app use the deployment issue type.

What is the problem? When trying to activate https on one of my service I got this error :

1107 : Unexpected output when enabling SSL forFQDNICHANGEDINTHELOG with ACME Certbot Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator webroot, Installer None [31mAn unexpected error occurred:[0m [31mThe server experienced an internal error :: The service is down for maintenance or had an internal error. Check https://letsencrypt.status.io/ for more details.[0m Please see the logfiles in /var/log/letsencrypt for more details.

According to https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430/16 on https://letsencrypt.status.io I suppose that without updating caprover certificate request all the https services will be down at the end of the next month

Steps to reproduce the problem: just try to activate https on any service during the shutdown

not sure about the issue but I prefear to ask :)

LiquidITGuy avatar Apr 26 '21 17:04 LiquidITGuy

@LiquidITGuy

  • What version of CapRover are you using?
  • What do you as output of this?
ls -lah /captain/data/letencrypt/etc/accounts

githubsaturn avatar Apr 26 '21 23:04 githubsaturn

The current CapRover build uses 1.6.0 of Certbot which has proper support for v2

https://github.com/caprover/caprover/blob/39fd3ec197db3af905b8f2222148e1c64ba0b4a7/src/utils/CaptainConstants.ts#L126

You can confirm this by running this:

docker exec -it $(docker container ls --filter name=captain-certbot | awk 'FNR == 2 {print $1}') certbot --version

githubsaturn avatar Apr 26 '21 23:04 githubsaturn

Thanks for the answers @githubsaturn My caprover version is 1.9.0

ls -lah /captain/data/letencrypt/etc/accounts

drwx------ 3 root root 4.0K Apr 20 22:34 acme-v02.api.letsencrypt.org

docker exec -it $(docker container ls --filter name=captain-certbot | awk 'FNR == 2 {print $1}') certbot --version

certbot 1.6.0

so there is a really strange behaviour. I wondering why this error was displayed if all is up to date 🤔

LiquidITGuy avatar Apr 27 '21 10:04 LiquidITGuy

Okay this is really confusing then. Next one is in May, Thursday, 6th - Monday 10th (5 days).

Let's try then to see if we can replicate the issue.

githubsaturn avatar Apr 27 '21 12:04 githubsaturn

@LiquidITGuy - I cannot reproduce the issue. Can you reproduce?

I've just created a fresh SSL cert for this domain: https://wiki.server.demo.caprover.com and it appears to work fine

https://www.sslshopper.com/ssl-checker.html#hostname=https://wiki.server.demo.caprover.com/

githubsaturn avatar May 07 '21 02:05 githubsaturn