my all certificate is old now and can’t upgrade. So what I do? When I try press “provision certificate” button I just get this “Error Something went wrong, sorry.”
This certificate issue broke whole email… so any users can’t access mail via web or outlook 2016. Also I try run mailinabox command.
I don’t have modified mailinabox machine… Maybe this is beginner coder mistake.
Some stuff changed in Let’s encrypt between 0.25 and 0.26, (They updated their API I think) I would upgrade as soon as possible. 0.26 is very stable as of right now.
We are having all kinds of problems with .25 and .26. I tried migrating to a new box and with a fresh install .26 didn’t work at all. .25 is stuck with an expired cert and there doesn’t seem to be anything we can do about it. I’ve got maybe a day’s time trying to fix this stuff and it hasn’t been great.
@stegan totally - I actually just opened an issue that goes over what we’ve been seeing. I actually spun up a new VM and verified it was running .26c and Roundcube wasn’t working and the same SSL error was happening: Something went wrong. The only similarity between the two boxes, old and new, was that the user-data folder was transferred. Since it’s a VM and making an internal networking change like that could sometimes mean you’re still seeing the old box, I triple checked that the new one was .26c and then SSH’d to the new box and ran the ssl_certs.py script which threw a syntax error.
edit: thank you for any assistance you may have, even pointing me in the right direction. we’ve been offline for two days and I’m stressed and frustrated. With a few projects pending it is a tough time to lose email.
Go back to DO login page (not your local terminal to box) if you have followed the “PasswordAuthentication to no” your only way into the “box” will be through DO:
I’d reboot from their console - if that doesn’t solve it I would start completely afresh being extra careful on each step and not implementing the “PasswordAuthentication = no” step. (just use a super secure ie VERY long password for root access).
You CAN live without implementing that step for ages without ill effect on MAIB just one ‘X’ in your status report.
BTW: this problem with your ssl access is not the same as a Lets Encrypt issue, they are different.
If you can log into your box with SSH, you can run the status checks on the command line. You can also reset your password in case that’s the problem.
(ssh into your box)
sudo su # become root
cd ~/mailinabox # this is where Mail-in-a-Box is normally instaled
management/status_checks.py # runs status checks
tools/mail.py user password you@yourdomain.com # asks for a new password
Certificate renewal does not work. Certificates are expired and I can not create any new ones now.
Mailinabox v 0.26c, updated, rebooted
I have a mailinabox from 09/2017. in 12/17 SSL updated OK. In 01/12 or 02/12 I updated from 0.23 to 0.26. Today (since refresh does not work cert) I updated from 0.26 (a or b) to 0.26c
I tried:#1101 (comment)
Next I run: sudo pip3 install --upgrade pyOpenSSL
Renew:
./management/ssl_certificates.py
/usr/local/lib/mailinabox/env/lib/python3.4/site-packages/acme/jose/jwa.py:110: CryptographyDeprecationWarning: signer and verifier have been deprecated. Please use sign and verify instead.
signer = key.signer(self.padding, self.hash)
A TLS certificate was requested for: box. example.com, example.com, www.example.com.
We have to wait 60 seconds for the certificate to be issued…
We have to wait 50 seconds for the certificate to be issued…
We have to wait 40 seconds for the certificate to be issued…
We have to wait 30 seconds for the certificate to be issued…
We have to wait 20 seconds for the certificate to be issued…
We have to wait 10 seconds for the certificate to be issued…
Traceback (most recent call last):
File “./ssl_certificates.py”, line 803, in
provision_certificates_cmdline()
File “./ssl_certificates.py”, line 446, in provision_certificates_cmdline
status = provision_certificates(env, agree_to_tos_url=agree_to_tos_url, logger=my_logger, force_domains=force_domains, show_extended_problems=show_extended_problems)
File “./ssl_certificates.py”, line 331, in provision_certificates
logger=my_logger)
File “/usr/local/lib/mailinabox/env/lib/python3.4/site-packages/free_tls_certificates/client.py”, line 64, in issue_certificate
agree_to_tos_url, validation_method, acme_server, logger)
File “/usr/local/lib/mailinabox/env/lib/python3.4/site-packages/free_tls_certificates/client.py”, line 121, in validate_domain_ownership
challg = submit_domain_validation(client, regr, account, challenges_file, domain, validation_method, logger)
File “/usr/local/lib/mailinabox/env/lib/python3.4/site-packages/free_tls_certificates/client.py”, line 433, in submit_domain_validation
message = '; '.join(c.error.detail for c in challg.challenges if c.status.name == “invalid”)
File “/usr/local/lib/mailinabox/env/lib/python3.4/site-packages/free_tls_certificates/client.py”, line 433, in
message = '; '.join(c.error.detail for c in challg.challenges if c.status.name == “invalid”)
AttributeError: ‘NoneType’ object has no attribute ‘detail’
I wouldn’t recommend downgrading but if you have to, go into ~/mailinabox/setup/bootstrap.sh and change the TAG variable then run.
NOTE: This is 100% unsupported by the dev (afaik) and I will not really support it either (as a user) since it completely modifies what MIAB is right now. (Maybe bad wording, but I hope you get the gist)
There’s no chance that an earlier version is going to work better than a later version. And in general this could lead to data loss of Nextcloud and Roundcube data since the database can’t be migrated backwards.