simp_le icon indicating copy to clipboard operation
simp_le copied to clipboard

Published 20 hours ago verified publisher icon kuba

SHA256 hash of the TOS has changed

Open thomastweets opened this issue 8 years ago • 15 comments

With the update to the Let’s Encrypt Subscriber Agreement today (v.1.1.1) the SHA256 hash has changed to 6373439b9f29d67a5cd4d18cbc7f264809342dbf21cb2ba2fc7588df987a6221 I can create a pull request to change line 894/895 of simp_le.py, however, I am not sure whether this covers all of it (and I am not deep into the topic).

thomastweets avatar Aug 01 '16 21:08 thomastweets

Having this issue as well, cannot create any new certs at all.

Please approve the PR asap.

And thanks for all the great work :)

LeoFidjeland avatar Aug 01 '16 22:08 LeoFidjeland

Also got same error here.

@LeoFidjeland : As an workaround you can pass parameter: --tos_sha256 6373439b9f29d67a5cd4d18cbc7f264809342dbf21cb2ba2fc7588df987a6221. At least here it worked.

andresmrm avatar Aug 01 '16 23:08 andresmrm

+1, my app is down because I cannot renew my certificate. Any help is greatly appreciated

madshargreave avatar Aug 02 '16 07:08 madshargreave

To the best of my understanding, this issue only affects new registrations, and it can be worked around by using --tos_sha256 6373439..., as suggested by @andresmrm above. If using an existing (already registered) account key, then no changes are necessary. Correct?

amiryal avatar Aug 02 '16 08:08 amiryal

@amiryal True! However, some other software that makes use of simp_le does not allow to specify this parameter. (e.g. https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion or https://github.com/dokku/dokku-letsencrypt). I am working on a forked docker image of https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion to have a work-around for now as I indeed need to do new registrations with simp_le.

thomastweets avatar Aug 02 '16 08:08 thomastweets

Here we go: https://hub.docker.com/r/thomastweets/docker-letsencrypt-nginx-proxy-companion/

thomastweets avatar Aug 02 '16 09:08 thomastweets

Awesome, thanks so much @thomastweets! Works perfectly!

You saved the day!!

LeoFidjeland avatar Aug 02 '16 09:08 LeoFidjeland

Is this project still maintained?

vrozkovec avatar Aug 28 '16 07:08 vrozkovec

@vrozkovec -- the author has been inactive on github since June. Maybe google has been keeping him busy.

chicks-net avatar Sep 07 '16 15:09 chicks-net

Does anyone have contact to the maintainer? If not, does anyone plan to create a organization for this project and start maintaining it again?

Thor77 avatar Oct 22 '16 19:10 Thor77

I gave up and I've migrated to acme.sh.

chicks-net avatar Oct 23 '16 02:10 chicks-net

If you want to workaround the problem, you can comment a couple of lines in simp_le/venv/lib/python/site-packages/acme/messages.py:

        #if not set(canon_jobj).issubset(self._REGISTERED_TYPES): # <-- this line (should be 140)
            # TODO: acme-spec is not clear about this: 'It is a JSON
            # dictionary, whose keys are the "resource" values listed
            # in {{https-requests}}'z
         #   raise ValueError('Wrong directory fields') # <-- and this one

wiz78 avatar Dec 12 '16 09:12 wiz78

@wiz78 the right way to do it is to upgrade the acme library to a later version, as implemented by this fork of simp_le. If you would like, you may suggest your change to ACME upstream.

amiryal avatar Dec 12 '16 10:12 amiryal

@amiryal you're right. Mine was meant to be a dirty hack, since I was under the impression that the whole project had been abandoned.

wiz78 avatar Dec 12 '16 10:12 wiz78

Glad to help inform people about the more maintained fork. :)

amiryal avatar Dec 12 '16 10:12 amiryal