Hi,
My initial mailinabox setup was pretty standard, including the root, www, and box subdomains. I noticed that exchange/activesync clients will provision themselves correctly using the autodiscover subdomain, so I added a domain alias for that subdomain to get it to appear in the SSL Certificates page. On the previous MIAB version, 0.20, I would get an error similar to this after clicking the Provision button: TLS certificate renewal failing with Let's Encrypt
On the newest version at this time (0.21), I just get a generic “Something went wrong, sorry” error when clicking the Provision button. In addition, every morning I get an email like this, which I assume is related:
Traceback (most recent call last):
File “management/ssl_certificates.py”, line 807, in
provision_certificates_cmdline()
File “management/ssl_certificates.py”, line 450, in provision_certificates_cmdline
status = provision_certificates(env, agree_to_tos_url=agree_to_tos_url, logger=my_logger, force_domains=force_domains, show_extended_problems=show_extended_problems)
File “management/ssl_certificates.py”, line 337, in provision_certificates
logger=my_logger)
File “/usr/local/lib/python3.4/dist-packages/free_tls_certificates/client.py”, line 64, in issue_certificate
agree_to_tos_url, validation_method, acme_server, logger)
File “/usr/local/lib/python3.4/dist-packages/free_tls_certificates/client.py”, line 112, in validate_domain_ownership
acme_server=acme_server)
File “/usr/local/lib/python3.4/dist-packages/free_tls_certificates/client.py”, line 317, in create_client
client = acme.client.Client(acme_server, key)
File “/usr/local/lib/python3.4/dist-packages/acme/client.py”, line 63, in init
self.net.get(directory).json())
File “/usr/local/lib/python3.4/dist-packages/acme/client.py”, line 624, in get
self._send_request(‘GET’, url, **kwargs), content_type=content_type)
File “/usr/local/lib/python3.4/dist-packages/acme/client.py”, line 606, in _send_request
response = self.session.request(method, url, *args, **kwargs)
File “/usr/local/lib/python3.4/dist-packages/requests/sessions.py”, line 488, in request
resp = self.send(prep, **send_kwargs)
File “/usr/local/lib/python3.4/dist-packages/requests/sessions.py”, line 609, in send
r = adapter.send(request, **kwargs)
File “/usr/local/lib/python3.4/dist-packages/requests/adapters.py”, line 423, in send
timeout=timeout
File “/usr/local/lib/python3.4/dist-packages/requests/packages/urllib3/connectionpool.py”, line 594, in urlopen
chunked=chunked)
File “/usr/local/lib/python3.4/dist-packages/requests/packages/urllib3/connectionpool.py”, line 350, in _make_request
self._validate_conn(conn)
File “/usr/local/lib/python3.4/dist-packages/requests/packages/urllib3/connectionpool.py”, line 835, in validate_conn
conn.connect()
File “/usr/local/lib/python3.4/dist-packages/requests/packages/urllib3/connection.py”, line 311, in connect
cert_reqs=resolve_cert_reqs(self.cert_reqs),
File "/usr/local/lib/python3.4/dist-packages/requests/packages/urllib3/util/ssl.py", line 267, in create_urllib3_context
context.set_ciphers(ciphers or DEFAULT_CIPHERS)
File “/usr/local/lib/python3.4/dist-packages/requests/packages/urllib3/contrib/pyopenssl.py”, line 385, in set_ciphers
self._ctx.set_cipher_list(ciphers)
TypeError: must be str, not bytes
Should I just be nuking the install and provisioning a new box that includes the autodiscover subdomain or is there an easy way to fix this? I haven’t been able to find any solutions on here yet, but if I missed something please point it out to me.
Thanks