I am getting an error when running management/ssl_certificates.py, either manually or via the daily cronjob. This has caused my SSL certs to expire whilst I was on holiday, and now I can’t access the web admin interface.
I’ve read and followed the fixes for all the other letsencrypt issues I’ve seen on discourse and the github issues tracker (involving removing the apt-installed python3-openssl, and making sure that there is only one pip3-installed version of pyOpenSSL), and am still getting the same error. The specific message is something to do with openssl, but I’ve not found anything useful by searching for that string.
root@example:/home/ubuntu/mailinabox# management/ssl_certificates.py -v > Reading account key from /home/user-data/ssl/lets_encrypt/account.pem. > Validating existing account saved to /home/user-data/ssl/lets_encrypt/registration.json. > Reusing existing challenges for example.com. > The challenges for example.com have been accepted. [-- The previous two lines repeat for each of my domains --] > Generating a new certificate signing request. > Requesting a certificate. Traceback (most recent call last): File "management/ssl_certificates.py", line 809, in <module> provision_certificates_cmdline() [-- snip stack trace --] File "/usr/local/lib/python3.4/dist-packages/OpenSSL/_util.py", line 48, in exception_from_error_queue raise exception_type(errors) OpenSSL.SSL.Error: [('asn1 encoding routines', 'ASN1_CHECK_TLEN', 'wrong tag'), ('asn1 encoding routines', 'ASN1_D2I_EX_PRIMITIVE', 'nested asn1 error'), ('asn1 encoding routines', 'ASN1_TEMPLATE_NOEXP_D2I', 'nested asn1 error'), ('rsa routines', 'OLD_RSA_PRIV_DECODE', 'RSA lib')] Exception ignored in: <bound method ClientNetwork.__del__ of <acme.client.ClientNetwork object at 0x7fa19a74edd8>> Traceback (most recent call last): File "/usr/local/lib/python3.4/dist-packages/acme/client.py", line 518, in __del__ File "/usr/local/lib/python3.4/dist-packages/requests/sessions.py", line 689, in close File "/usr/lib/python3.4/_collections_abc.py", line 512, in __iter__ File "/usr/lib/python3.4/collections/__init__.py", line 91, in __iter__ ReferenceError: weakly-referenced object no longer exists
I tried updating my install from latest master and that didn’t change the error messages either. Has anyone else seen a similar error?
Looking at the mail from the daily_tasks.sh failures, I also think I’ll be running into the letsencrypt rate limit at some point, as it seems to be requesting the certificate daily for the past week or so.
root@example:/home/ubuntu/mailinabox# pip3 freeze | egrep "cryptography|pyOpenSSL|free-tls" cryptography==1.8.1 free-tls-certificates==0.1.6 pyOpenSSL==16.2.0