Hi,
I used StartSSL free certificates before but want to use letsencrypt now. Trying to install a new certificate via the web interface results in the following error in /var/log/syslog
Jun 19 08:25:11 mail Exception on /ssl/csr/innercode.nl [POST]#012Traceback (most recent call last):#012 File “/usr/local/lib/mailinabox/env/lib/python3.4/site-packages/flask/app.py”, line 2292, in wsgi_app#012 response = self.full_dispatch_request()#012 File “/usr/local/lib/mailinabox/env/lib/python3.4/site-packages/flask/app.py”, line 1815, in full_dispatch_request#012 rv = self.handle_user_exception(e)#012 File “/usr/local/lib/mailinabox/env/lib/python3.4/site-packages/flask/app.py”, line 1718, in handle_user_exception#012 reraise(exc_type, exc_value, tb)#012 File “/usr/local/lib/mailinabox/env/lib/python3.4/site-packages/flask/_compat.py”, line 35, in reraise#012 raise value#012 File “/usr/local/lib/mailinabox/env/lib/python3.4/site-packages/flask/app.py”, line 1813, in full_dispatch_request#012 rv = self.dispatch_request()#012 File “/usr/local/lib/mailinabox/env/lib/python3.4/site-packages/flask/app.py”, line 1799, in dispatch_request#012 return self.view_functionsrule.endpoint#012 File “/root/mailinabox/management/daemon.py”, line 53, in newview#012 return viewfunc(*args, **kwargs)#012 File “/root/mailinabox/management/daemon.py”, line 361, in ssl_get_csr#012 return create_csr(domain, ssl_private_key, request.form.get(‘countrycode’, ‘’), env)#012 File “/root/mailinabox/management/ssl_certificates.py”, line 559, in create_csr#012 “-subj”, “/C=%s/CN=%s” % (country_code, domain)])#012 File “/root/mailinabox/management/utils.py”, line 123, in shell#012 ret = getattr(subprocess, method)(cmd_args, **kwargs)#012 File “/usr/lib/python3.4/subprocess.py”, line 620, in check_output#012 raise CalledProcessError(retcode, process.args, output=output)#012subprocess.CalledProcessError: Command ‘[‘openssl’, ‘req’, ‘-new’, ‘-key’, ‘/home/user-data/ssl/ssl_private_key.pem’, ‘-sha256’, ‘-subj’, ‘/C=/CN=innercode.nl’]’ returned non-zero exit status 1
Running it manually ./ssl_certificates.py innercode.nl results in:
/usr/local/lib/mailinabox/env/lib/python3.4/site-packages/acme/jose/jwa.py:110: CryptographyDeprecationWarning: signer and verifier have been deprecated. Please use sign and verify instead.
signer = key.signer(self.padding, self.hash)
ERROR:acme.challenges:Unable to reach url/to/challenge: HTTPConnectionPool(host=‘innercode.nl’, port=80): Max retries exceeded with url: /.well-known/acme-challenge/BJ0jdD2_ahCmnAU7DrwqQa1Dy5fu0LRVJ_gc_uBjkHY (Caused by NewConnectionError(’<urllib3.connection.HTTPConnection object at 0x7f7051313320>: Failed to establish a new connection: [Errno 111] Connection refused’,))
ERROR:acme.challenges:Unable to reach url/to/challenge: HTTPConnectionPool(host=‘innercode.nl’, port=80): Max retries exceeded with url: /.well-known/acme-challenge/BJ0jdD2_ahCmnAU7DrwqQa1Dy5fu0LRVJ_gc_uBjkHY (Caused by NewConnectionError(’<urllib3.connection.HTTPConnection object at 0x7f7050773e10>: Failed to establish a new connection: [Errno 111] Connection refused’,))
innercode.nl:
Something unexpected went wrong: [NeedToInstallFile(‘url/to/challenge’, ‘BJ0jdD2_ahCmnAU7DrwqQa1Dy5fu0LRVJ_gc_uBjkHY.T1O3-nbRjjXxlUHkh4ikEF3vLUDtA9FO4WYldgQHPPE’, ‘BJ0jdD2_ahCmnAU7DrwqQa1Dy5fu0LRVJ_gc_uBjkHY’)]
The file is accessible outside so I don’t know why it fails.
Thanks in advance
