polhenarejos / acme_email Goto Github PK
View Code? Open in Web Editor NEWACME Email Client for EmailReply-00 Challenge
License: GNU General Public License v3.0
acme_email's People
Contributors
Stargazers
Watchers
acme_email's Issues
State clearly and upfront that a specific root cert must be trusted
I have not been able to get a certificate yet due to technical trouble,
but as far as I understand the service meanwhile,
the certs produced are not verifiable using a vanilla trust store (by Thunderbird, Windows, Android, etc.), right?
Certificate renewal in CPS
Is there a project/issue tracker for the ACMECastle service? I'm writing here, because I couldn't find any.
Your CPS states:
4.6 Certificate renewal
Certificate renewal requests are treated as applications for new certificates.
This contradicts with Mozilla Root Store Policy:
6.2 S/MIME
For any certificate in a hierarchy capable of being used for S/MIME, CAs MUST revoke certificates upon the occurrence of any of the following events:
the subscriber indicates that the original certificate request was not authorized and does not retroactively grant authorization;
When my email account gets compromised, I have no possibility to revoke certificates an attacker creates with it, because I neither have the account key nor the certificate private key in this case. Wouldn't it be better to revoke all valid certificates with matching SAN and keyUsages upon renewal to prevent this?
Mail Response failing
Hello there,
i tried using acme_email to get an S/MIME Certificate. I get the first Mail with the Header: "ACME xxxxxxxxxxx", and got the text with the acme response.
I replied to the Mail with the ACME Response, but after some time the script just quit with:
All authorizations were not finalized by the CA.
Relevant Logs:
{"status": "pending", "expires": "2021-07-13T12:09:06.199Z", "identifier": {"type": "dns", "value": "[email protected]"}, "challenges": [{"url": "https://acme.castle.cloud/acme/chall/XXXXXXX", "type": "email-reply-00", "token": "XXXXXXXX", "status": "processing", "from": "[email protected]"}]}
2021-07-12 14:10:56,734:DEBUG:acme.client:Storing nonce: XXXXXXXXXXXXXX
2021-07-12 14:10:56,735:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 93, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/local/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 185, in _poll_authorizations
raise errors.AuthorizationError('All authorizations were not finalized by the CA.')
certbot.errors.AuthorizationError: All authorizations were not finalized by the CA.
2021-07-12 14:10:56,736:DEBUG:certbot._internal.error_handler:Calling registered functions
2021-07-12 14:10:56,736:INFO:certbot._internal.auth_handler:Cleaning up challenges
2021-07-12 14:10:56,736:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/Users/soberhofer/Documents/acme_email/cli.py", line 163, in <module>
main(args)
File "/Users/soberhofer/Documents/acme_email/cli.py", line 116, in main
request_cert(args, config)
File "/Users/soberhofer/Documents/acme_email/cli.py", line 89, in request_cert
cert_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
File "/usr/local/lib/python3.9/site-packages/certbot/_internal/main.py", line 1354, in _csr_get_and_save_cert
cert, chain = le_client.obtain_certificate_from_csr(csr)
File "/usr/local/lib/python3.9/site-packages/certbot/_internal/client.py", line 286, in obtain_certificate_from_csr
orderr = self._get_order_and_authorizations(csr.data, best_effort=False)
File "/usr/local/lib/python3.9/site-packages/certbot/_internal/client.py", line 425, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/usr/local/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 93, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/local/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 185, in _poll_authorizations
raise errors.AuthorizationError('All authorizations were not finalized by the CA.')
certbot.errors.AuthorizationError: All authorizations were not finalized by the CA.
2021-07-12 14:10:56,738:ERROR:certbot._internal.log:All authorizations were not finalized by the CA.
EDIT: After some more troubleshooting i have also tried the non-interactive mode, which failed due to some DKIM Checks. Once i disabled them it also went through but the CA did not finalize the Authorization. Is this expected? Are the DKIM Checks necessary?
CA audit report
Your certificate policy states, that:
8.6 Communication of results
[...]
The CA SHALL make the Audit Report publicly available.
Where can your audit report be found? If it is not yet available, when do you expect it to be published?
Missing installation instructions
I tried the following, by best guess:
python3 -m pip install zope certbot cryptography pkcs7
sudo python3 ./setup.py build install
but still cli.py returns
An unexpected error occurred:
ImportError: cannot import name 'pkcs7' from 'cryptography.hazmat.primitives.serialization' (/usr/lib/python3/dist-packages/cryptography/hazmat/primitives/serialization/__init__.py)
All authorizations were not finalized by the CA
Trying to use the automatic IMAP authenticator but keep encounting the above error. The tail of the log contains this:
{"status": "pending", "expires": "2022-03-08T21:22:53.040Z", "identifier": {"type": "dns", "value": "[email protected]"}, "challenges": [{"url": "https://acme.castle.cloud/acme/chall/Ix9vQfZmAoX", "type": "email-reply-00", "token": "-zONmIiLI5FrRYv1_XE69A", "status": "processing", "from": "[email protected]"}]}
2022-03-08 08:24:52,866:DEBUG:acme.client:Storing nonce: xJARMomWfdJlVfn64M9cdw
2022-03-08 08:24:52,867:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/nix/store/x4p8la6frp2nbxl8207dvh0w2cngl8gg-python3.9-certbot-1.22.0/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 105, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/nix/store/x4p8la6frp2nbxl8207dvh0w2cngl8gg-python3.9-certbot-1.22.0/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 209, in _poll_authorizations
raise errors.AuthorizationError('All authorizations were not finalized by the CA.')
certbot.errors.AuthorizationError: All authorizations were not finalized by the CA.
I've tried a few times, any suggestions?
Client does not start
When starting the client on a fresh installation, an exception is thrown:
$ python3 cli.py --help
Traceback (most recent call last):
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 8, in <module>
from certbot._internal import configuration
ImportError: cannot import name 'configuration' from 'certbot._internal' (/usr/lib/python3.9/site-packages/certbot/_internal/__init__.py)
Error 500
When requesting a certificate, I get the following error:
2023-04-17 09:41:05,462:DEBUG:urllib3.connectionpool:https://acme.castle.cloud:443 "POST /acme/new-acct HTTP/1.1" 500 None
2023-04-17 09:41:05,463:DEBUG:acme.client:Received response:
HTTP 500
Date: Mon, 17 Apr 2023 09:41:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-frame-options: DENY
vary: Cookie, Origin
x-content-type-options: nosniff
referrer-policy: same-origin
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HC%2BK...KOwOvA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Strict-Transport-Security: max-age=7776000
Server: cloudflare
CF-RAY: 7b9....984-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
<!doctype html>
<html lang="en">
<head>
<title>Server Error (500)</title>
</head>
<body>
<h1>Server Error (500)</h1><p></p>
</body>
</html>
Is the project still up? Or is this project abandoned?
Error message during successful certification request
The following error is shown during a certification request.
$ python3 cli.py cert --passphrase passphrase --config-dir . --work-dir . --logs-dir ./logs -e address@mail --contact contact@${HOSTNAME} --imap --host mail --port 3143 --agree-tos --login address@mail --password address@mail --host mail --smtp-port 3025 --smtp-host mail --non-interactive
[...]
--- Logging error ---
Traceback (most recent call last):
File "/usr/lib/python3.9/imaplib.py", line 1173, in _get_tagged_response
self._get_response()
File "/usr/lib/python3.9/imaplib.py", line 1075, in _get_response
resp = self._get_line()
File "/usr/lib/python3.9/imaplib.py", line 1185, in _get_line
raise self.abort('socket error: EOF')
imaplib.IMAP4.abort: socket error: EOF
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.9/logging/handlers.py", line 73, in emit
if self.shouldRollover(record):
File "/usr/lib/python3.9/logging/handlers.py", line 191, in shouldRollover
msg = "%s\n" % self.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 927, in format
return fmt.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 663, in format
record.message = record.getMessage()
File "/usr/lib/python3.9/logging/__init__.py", line 367, in getMessage
msg = msg % self.args
TypeError: not all arguments converted during string formatting
Call stack:
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 166, in <module>
main(args)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 119, in main
request_cert(args, config)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 91, in request_cert
cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1345, in _csr_get_and_save_cert
cert, chain = le_client.obtain_certificate_from_csr(csr)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 297, in obtain_certificate_from_csr
orderr = self._get_order_and_authorizations(csr.data, best_effort=False)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 436, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 98, in handle_authorizations
return authzrs_validated
File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 106, in __exit__
self._call_registered()
File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 124, in _call_registered
self.funcs[-1]()
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 241, in _cleanup_challenges
self.auth.cleanup(achalls)
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 188, in cleanup
self.imap.logout()
File "/usr/lib/python3.9/site-packages/imapclient/imapclient.py", line 496, in logout
typ, data = self._imap.logout()
File "/usr/lib/python3.9/imaplib.py", line 642, in logout
typ, dat = self._simple_command('LOGOUT')
File "/usr/lib/python3.9/imaplib.py", line 1230, in _simple_command
return self._command_complete(name, self._command(name, *args))
File "/usr/lib/python3.9/imaplib.py", line 1047, in _command_complete
typ, data = self._get_tagged_response(tag, expect_bye=logout)
File "/usr/lib/python3.9/imaplib.py", line 1177, in _get_tagged_response
self.print_log()
File "/usr/lib/python3.9/imaplib.py", line 1274, in print_log
self._mesg(*self._cmd_log[i])
Message: "< b'* OK IMAP4rev1 Server GreenMail v1.6.5 ready'"
Arguments: (1630233059.1909673,)
--- Logging error ---
Traceback (most recent call last):
File "/usr/lib/python3.9/imaplib.py", line 1173, in _get_tagged_response
self._get_response()
File "/usr/lib/python3.9/imaplib.py", line 1075, in _get_response
resp = self._get_line()
File "/usr/lib/python3.9/imaplib.py", line 1185, in _get_line
raise self.abort('socket error: EOF')
imaplib.IMAP4.abort: socket error: EOF
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.9/logging/handlers.py", line 73, in emit
if self.shouldRollover(record):
File "/usr/lib/python3.9/logging/handlers.py", line 191, in shouldRollover
msg = "%s\n" % self.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 927, in format
return fmt.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 663, in format
record.message = record.getMessage()
File "/usr/lib/python3.9/logging/__init__.py", line 367, in getMessage
msg = msg % self.args
TypeError: not all arguments converted during string formatting
Call stack:
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 166, in <module>
main(args)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 119, in main
request_cert(args, config)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 91, in request_cert
cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1345, in _csr_get_and_save_cert
cert, chain = le_client.obtain_certificate_from_csr(csr)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 297, in obtain_certificate_from_csr
orderr = self._get_order_and_authorizations(csr.data, best_effort=False)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 436, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 98, in handle_authorizations
return authzrs_validated
File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 106, in __exit__
self._call_registered()
File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 124, in _call_registered
self.funcs[-1]()
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 241, in _cleanup_challenges
self.auth.cleanup(achalls)
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 188, in cleanup
self.imap.logout()
File "/usr/lib/python3.9/site-packages/imapclient/imapclient.py", line 496, in logout
typ, data = self._imap.logout()
File "/usr/lib/python3.9/imaplib.py", line 642, in logout
typ, dat = self._simple_command('LOGOUT')
File "/usr/lib/python3.9/imaplib.py", line 1230, in _simple_command
return self._command_complete(name, self._command(name, *args))
File "/usr/lib/python3.9/imaplib.py", line 1047, in _command_complete
typ, data = self._get_tagged_response(tag, expect_bye=logout)
File "/usr/lib/python3.9/imaplib.py", line 1177, in _get_tagged_response
self.print_log()
File "/usr/lib/python3.9/imaplib.py", line 1274, in print_log
self._mesg(*self._cmd_log[i])
Message: "> b'HFBC0 CAPABILITY'"
Arguments: (1630233059.191008,)
--- Logging error ---
Traceback (most recent call last):
File "/usr/lib/python3.9/imaplib.py", line 1173, in _get_tagged_response
self._get_response()
File "/usr/lib/python3.9/imaplib.py", line 1075, in _get_response
resp = self._get_line()
File "/usr/lib/python3.9/imaplib.py", line 1185, in _get_line
raise self.abort('socket error: EOF')
imaplib.IMAP4.abort: socket error: EOF
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.9/logging/handlers.py", line 73, in emit
if self.shouldRollover(record):
File "/usr/lib/python3.9/logging/handlers.py", line 191, in shouldRollover
msg = "%s\n" % self.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 927, in format
return fmt.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 663, in format
record.message = record.getMessage()
File "/usr/lib/python3.9/logging/__init__.py", line 367, in getMessage
msg = msg % self.args
TypeError: not all arguments converted during string formatting
Call stack:
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 166, in <module>
main(args)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 119, in main
request_cert(args, config)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 91, in request_cert
cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1345, in _csr_get_and_save_cert
cert, chain = le_client.obtain_certificate_from_csr(csr)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 297, in obtain_certificate_from_csr
orderr = self._get_order_and_authorizations(csr.data, best_effort=False)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 436, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 98, in handle_authorizations
return authzrs_validated
File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 106, in __exit__
self._call_registered()
File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 124, in _call_registered
self.funcs[-1]()
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 241, in _cleanup_challenges
self.auth.cleanup(achalls)
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 188, in cleanup
self.imap.logout()
File "/usr/lib/python3.9/site-packages/imapclient/imapclient.py", line 496, in logout
typ, data = self._imap.logout()
File "/usr/lib/python3.9/imaplib.py", line 642, in logout
typ, dat = self._simple_command('LOGOUT')
File "/usr/lib/python3.9/imaplib.py", line 1230, in _simple_command
return self._command_complete(name, self._command(name, *args))
File "/usr/lib/python3.9/imaplib.py", line 1047, in _command_complete
typ, data = self._get_tagged_response(tag, expect_bye=logout)
File "/usr/lib/python3.9/imaplib.py", line 1177, in _get_tagged_response
self.print_log()
File "/usr/lib/python3.9/imaplib.py", line 1274, in print_log
self._mesg(*self._cmd_log[i])
Message: "< b'* CAPABILITY IMAP4rev1 LITERAL+ SORT UIDPLUS IDLE QUOTA'"
Arguments: (1630233059.1912873,)
--- Logging error ---
Traceback (most recent call last):
File "/usr/lib/python3.9/imaplib.py", line 1173, in _get_tagged_response
self._get_response()
File "/usr/lib/python3.9/imaplib.py", line 1075, in _get_response
resp = self._get_line()
File "/usr/lib/python3.9/imaplib.py", line 1185, in _get_line
raise self.abort('socket error: EOF')
imaplib.IMAP4.abort: socket error: EOF
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.9/logging/handlers.py", line 73, in emit
if self.shouldRollover(record):
File "/usr/lib/python3.9/logging/handlers.py", line 191, in shouldRollover
msg = "%s\n" % self.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 927, in format
return fmt.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 663, in format
record.message = record.getMessage()
File "/usr/lib/python3.9/logging/__init__.py", line 367, in getMessage
msg = msg % self.args
TypeError: not all arguments converted during string formatting
Call stack:
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 166, in <module>
main(args)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 119, in main
request_cert(args, config)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 91, in request_cert
cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1345, in _csr_get_and_save_cert
cert, chain = le_client.obtain_certificate_from_csr(csr)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 297, in obtain_certificate_from_csr
orderr = self._get_order_and_authorizations(csr.data, best_effort=False)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 436, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 98, in handle_authorizations
return authzrs_validated
File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 106, in __exit__
self._call_registered()
File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 124, in _call_registered
self.funcs[-1]()
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 241, in _cleanup_challenges
self.auth.cleanup(achalls)
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 188, in cleanup
self.imap.logout()
File "/usr/lib/python3.9/site-packages/imapclient/imapclient.py", line 496, in logout
typ, data = self._imap.logout()
File "/usr/lib/python3.9/imaplib.py", line 642, in logout
typ, dat = self._simple_command('LOGOUT')
File "/usr/lib/python3.9/imaplib.py", line 1230, in _simple_command
return self._command_complete(name, self._command(name, *args))
File "/usr/lib/python3.9/imaplib.py", line 1047, in _command_complete
typ, data = self._get_tagged_response(tag, expect_bye=logout)
File "/usr/lib/python3.9/imaplib.py", line 1177, in _get_tagged_response
self.print_log()
File "/usr/lib/python3.9/imaplib.py", line 1274, in print_log
self._mesg(*self._cmd_log[i])
Message: "< b'HFBC0 OK CAPABILITY completed.'"
Arguments: (1630233059.1913066,)
Encountered exception during recovery: imaplib.IMAP4.abort: command: LOGOUT => socket error: EOF
Thunderbird does not recognize the certificate
Using thunderbird, I get errors of the certificate could not be found or is expired when being used to send an email. The import is not affected. Adding the root and/or intermediate certificates has no effect, and reading the signed mail sent from another client works just fine.
The error message:
Maybe this is due to a difference in the certificate format an populated terms.
Update: After looking into the p12, I saw that it does not include the chain of trust, and after adding in the intermediate, thunderbird was able to correctly use the certificate. Is there any reason for not including the chain in the p12 file?
Internal Server Error 500
Hi,
I receive internal server error, when trying to make a cert with the interactive authenticator:
2021-07-19 04:27:55,540:DEBUG:urllib3.connectionpool:https://acme.castle.cloud:443 "POST /acme/order/XXXXXXXX/finalize HTTP/1.1" 500 None
2021-07-19 04:27:55,540:DEBUG:acme.client:Received response:
HTTP 500
Date: Mon, 19 Jul 2021 02:27:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: DENY
Vary: Cookie
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v3?s=5vVWO5XU%2BFFP7Pt5xHSHnPTFD0DO70p63YVjufQCSpxy0GG7Pz7%2BzCV5zb73cFfMZYAIefLaLSpZ8yiaEh4N3fKghp8QgE7ShEejSIjJ2s2hsrYbX3BcGXoLF6glP11Q365wOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6710836df9a0bc54-LHR
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
<!doctype html>
<html lang="en">
<head>
<title>Server Error (500)</title>
</head>
<body>
<h1>Server Error (500)</h1><p></p>
</body>
</html>
2021-07-19 04:27:55,541:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/Users/andrew/acme_email/cli.py", line 164, in <module>
main(args)
File "/Users/andrew/acme_email/cli.py", line 117, in main
request_cert(args, config)
File "/Users/andrew/acme_email/cli.py", line 89, in request_cert
cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
File "/usr/local/lib/python3.9/site-packages/certbot-1.17.0-py3.9.egg/certbot/_internal/main.py", line 1354, in _csr_get_and_save_cert
cert, chain = le_client.obtain_certificate_from_csr(csr)
File "/usr/local/lib/python3.9/site-packages/certbot-1.17.0-py3.9.egg/certbot/_internal/client.py", line 290, in obtain_certificate_from_csr
orderr = self.acme.finalize_order(orderr, deadline,
File "/usr/local/lib/python3.9/site-packages/acme-1.17.0-py3.9.egg/acme/client.py", line 923, in finalize_order
return cast(ClientV2, self.client).finalize_order(
File "/usr/local/lib/python3.9/site-packages/acme-1.17.0-py3.9.egg/acme/client.py", line 745, in finalize_order
self._post(orderr.body.finalize, wrapped_csr)
File "/usr/local/lib/python3.9/site-packages/acme-1.17.0-py3.9.egg/acme/client.py", line 86, in _post
return self.net.post(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/acme-1.17.0-py3.9.egg/acme/client.py", line 1201, in post
return self._post_once(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/acme-1.17.0-py3.9.egg/acme/client.py", line 1214, in _post_once
response = self._check_response(response, content_type=content_type)
File "/usr/local/lib/python3.9/site-packages/acme-1.17.0-py3.9.egg/acme/client.py", line 1077, in _check_response
raise errors.ClientError(response)
acme.errors.ClientError: <Response [500]>
2021-07-19 04:27:55,547:ERROR:certbot._internal.log:An unexpected error occurred:
2021-07-19 04:27:55,547:ERROR:certbot._internal.log:acme.errors.ClientError: <Response [500]>
Cert generation just fails
In manual mode (using one -e option, to avoid bug #15), the process seems to work until:
Requesting a certificate for 1@y
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
A challenge request for S/MIME certificate has been sent. In few minutes, ACME
server will send a challenge e-mail to requested recipient. Please, copy the
ENTIRE subject and paste it below. The subject starts with the label ACME:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Subject: (Enter 'c' to cancel): ACME: jpgHkpwS7AaZVlsOOTrh4A
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
A challenge response has been generated. Please, copy the following text, reply
the e-mail you have received from ACME server and paste this text in the TOP of
the message's body:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-----BEGIN ACME RESPONSE-----
jlmy3Y1CiOMYL29HTgQ6-TbQcTGvm2_E7zaYXRNaKyA
-----END ACME RESPONSE-----
All authorizations were not finalized by the CA.
cli.py fails with strange error message
When running cli.py on alpine:latest docker container it fails:
$ python3 cli.py cert --passphrase passphrase --config-dir . --work-dir . --logs-dir ./logs -e address@mail --contact contact@${HOSTNAME} --imap --host mail --port 3143 --agree-tos --login address@mail --password address@mail --host mail --smtp-port 3025 --smtp-host mail --non-interactive
An unexpected error occurred:
ModuleNotFoundError: No module named 'win32com'
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/tmps1ar2erb/log or re-run Certbot with -v for more details.
https://acme.castle.cloud/acme/terms_of_service.pdf does not exist
The link in the below output is broken:
Please read the Terms of Service at
https://acme.castle.cloud/acme/terms_of_service.pdf. You must agree in order to
register with the ACME server. Do you agree?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o:
Server returning 500 error
Using the IMAP authenticator I am encountering a 500 error. I think this is the relevant part of the log:
<h1>IntegrityError
at /acme/directory</h1>
<pre class="exception_value">(1451, 'Cannot delete or update a parent row: a foreign key constraint fails (`castle_acme`.`acme_app_challenge`, CONSTRAINT `acme_app_challenge_authorization_id_00481fd5_fk_acme_app_` FOREIGN KEY (`authorization_id`) REFERENCES `acme_app_authorization` (`id`))')</pre>
<table class="meta">
Any suggestions on how to resolve this? Would more of the log help?
ImportError: cannot import name 'pkcs7'
Discussed in #2
Originally posted by CLSMCSMII July 16, 2021
After git clone and run setup.py successfully, I tried this command
python3 cli.py cert --config-dir . --work-dir . --logs-dir . -e [email protected] --contact panxxx@xxxxxx --usage digitalSignature --usage keyEncipherment
(both emails are valid)
Then I got this error:
An unexpected error occurred:
ImportError: cannot import name 'pkcs7'
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/tmphkn09j3p/log or re-run Certbot with -v for more details.
And.. tail /tmp/tmphkn09j3p/log
File "/home/tempuser/acme/acme_email/certbot_castle/plugins/imap.py", line 22, in
from cryptography.hazmat.primitives.serialization import pkcs7
ImportError: cannot import name 'pkcs7'
2021-07-16 10:55:46,200:ERROR:certbot._internal.log:An unexpected error occurred:
2021-07-16 10:55:46,200:ERROR:certbot._internal.log:ImportError: cannot import name 'pkcs7'
Already install pkcs7 with this command "pip3 install pkcs7" still got the same error.
Any idea?
Does not work with multiple email addresses
When giving four email addresses (using -e options) to cli.py, I get (email addresses blinded):
Inconsistent domain requests:
From the CSR: 1@y
From command line/config: 3@y, 2@y, 4@y, 1@y
Ordered identifier should have type "email"
When ordering an identifier, type dns is used. An RFC8823 conformant order should have type set to email.
Please see https://datatracker.ietf.org/doc/html/rfc8823#section-3 for more information.
ValueError: Valid PEM but no BEGIN CERTIFICATE/END CERTIFICATE delimiters.
I just tried to run acme_mail on my RHEL8 devbox and setup my environment like this
dnf install python3.9 -y
wget https://github.com/polhenarejos/acme_email/archive/refs/heads/main.zip
unzip main.zip
cd acme_email-main
python3.9 -m venv venv
source venv/bin/activate
pip install wheel
pip install .
But running python3.9 cli.py cert --config-dir . --work-dir . --logs-dir . -e [email protected] --contact [email protected] --usage digitalSignature --usage keyEncipherment aborts with this message:
/root/acme_email-main/cli.py:48: DeprecationWarning: IConfig attribute in certbot.interfaces module is deprecated and will be removed soon.
zope.component.provideUtility(config, interfaces.IConfig)
Saving debug log to /root/acme_email-main/letsencrypt.log
/root/acme_email-main/cli.py:194: DeprecationWarning: IReporter attribute in certbot.interfaces module is deprecated and will be removed soon.
zope.component.provideUtility(report, interfaces.IReporter)
An unexpected error occurred:
ValueError: Valid PEM but no BEGIN CERTIFICATE/END CERTIFICATE delimiters. Are you sure this is a certificate?
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /root/acme_email-main/letsencrypt.log or re-run Certbot with -v for more details.
Full letsencrypt.log
2022-05-16 20:51:46,193:DEBUG:certbot._internal.log:Root logging level set at 30
2022-05-16 20:51:46,196:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/root/acme_email-main/cli.py", line 257, in <module>
main(args)
File "/root/acme_email-main/cli.py", line 200, in main
request_cert(args, config)
File "/root/acme_email-main/cli.py", line 64, in request_cert
root_cert_advise()
File "/root/acme_email-main/cli.py", line 57, in root_cert_advise
fingerprints = list(map(lambda a: a.fingerprint(hashes.SHA256()).hex(), root_certs))
File "/root/acme_email-main/certbot_castle/utils.py", line 36, in get_root_ca_certs
cert = x509.load_pem_x509_certificate(cert_pem)
File "/root/acme_email-main/venv/lib64/python3.9/site-packages/cryptography/x509/base.py", line 514, in load_pem_x509_certificate
return rust_x509.load_pem_x509_certificate(data)
ValueError: Valid PEM but no BEGIN CERTIFICATE/END CERTIFICATE delimiters. Are you sure this is a certificate?
2022-05-16 20:51:46,196:ERROR:certbot._internal.log:An unexpected error occurred:
2022-05-16 20:51:46,197:ERROR:certbot._internal.log:ValueError: Valid PEM but no BEGIN CERTIFICATE/END CERTIFICATE delimiters. Are you sure this is a certificate?
Obfuscate the password when exporting
Currently at the last step of the ACME when exporting the p12 file, the password is not being obfuscated.
cli.py does not emit certificates
This is a follow up of #21, which has been closed, already.
When using cli.py on docker alpine:latest, no certificates are requested anymore:
$ python3 cli.py cert --passphrase passphrase --config-dir . --work-dir . --logs-dir ./logs -e address@mail --contact contact@${HOSTNAME} --imap --host mail --port 3143 --agree-tos --login address@mail --password address@mail --host mail --smtp-port 3025 --smtp-host mail --non-interactive
MAPI Authenticator only runs in Windows
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/tmpq6lvw8j1/log or re-run Certbot with -v for more details.
Allow for external ACME client
In preparation for other ACME server implementing S/MIME, such as smallstep's CA, it would be nice to have the option to change the CA's URL. Smallstep would probably implement their own interface in their current ACME one, but it would be nice to have more diverse tools.
ACME RESPONSE isn't hashed
When replying to a challenge, the response should be a SHA256 hash. acme_email responds with the raw value instead:
-----BEGIN ACME RESPONSE-----
awLYLYhYGF2QzIVrudy0Kh0xpD99Gik0eKm2kugoatr49G3Q6n1jFsRgyGqgTxSmt9GAW-kMqiy510M1hWA.5AjSXX1bYClIzYsCdpFAcQU4vbpw2pLjRKQpeKyKTYA
-----END ACME RESPONSE-----
Client does not start
The client does not start anymore. I'm using the following command on latest alpine:
$ git clone --depth 1 https://github.com/polhenarejos/acme_email.git
Cloning into 'acme_email'...
$ cd acme_email
$ git log -n1
commit e85f1ba71e34529a9781ae35c803c57cb26009d0
Author: Pol Henarejos <[email protected]>
Date: Tue Nov 30 19:38:39 2021 +0100
"Remember to add the root certificate" is displayed only when the root cert is not present in the keychain.
Signed-off-by: Pol Henarejos <[email protected]>
$ pip install .
[...]
$ python3 cli.py --help || true
Traceback (most recent call last):
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 4, in <module>
import zope.component
ModuleNotFoundError: No module named 'zope.component'
Can not access ca.castle.cloud
We can not access:
http://ca.castle.cloud/crl/CASTLE_Root_RR1.crl
Cannot extract certificate
When requesting a certificate, the following error hinders saving the certificate:
2023-10-07 20:16:12,056:DEBUG:acme.client:Storing nonce: 1a_NhWv1-TTLchs_l-gJMVBzziLJtjzjeEkghCqDdBE
2023-10-07 20:16:12,057:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 264, in <module>
main(args)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 202, in main
request_cert(args, config)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 124, in request_cert
cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/certbot/_internal/main.py", line 1521, in _csr_get_and_save_cert
cert_path, chain_path, fullchain_path = le_client.save_certificate(
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/certbot/_internal/client.py", line 618, in save_certificate
cert_file, abs_cert_path = _open_pem_file(self.config, 'cert_path', cert_path)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/certbot/_internal/client.py", line 864, in _open_pem_file
if config.set_by_user(cli_arg_path):
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/certbot/configuration.py", line 110, in set_by_user
raise RuntimeError(
RuntimeError: NamespaceConfig.set_by_user called without an ArgumentSources dict. See NamespaceConfig.set_argument_sources().
2023-10-07 20:16:12,058:ERROR:certbot._internal.log:An unexpected error occurred:
2023-10-07 20:16:12,058:ERROR:certbot._internal.log:RuntimeError: NamespaceConfig.set_by_user called without an ArgumentSources dict. See NamespaceConfig.set_argument_sources().
Error : All authorizations were not finalized by the CA.
I have tried with different e-mail providers and each time I received the challenge and the answer is sent (I have tried via SMTP and manually).
But the response from https://acme.castle.cloud/acme/authz/********* is always the same:
{"status": "pending", "expires": "********", "identifier": {"type": "dns", "value": "****"}, "challenges": [{"url": "https://acme.castle.cloud/acme/chall/********", "type": "email-reply-00", "token": "**********", "status": "processing", "from": "acme+************@castle.cloud"}]}So finally the attempt fails with the error code 'All authorizations were not finalized by the CA.' after having reached the maximum number of attempts.
Am I doing something wrong?
IMAP error blocks certificate issuance
When requesting a certificate with cli.py, an IMAP exception blocks certificate issuance:
$ python3 cli.py cert --passphrase passphrase --config-dir . --work-dir . --logs-dir ./logs -e address@mail --contact contact@${HOSTNAME} --imap --host mail --port 3143 --agree-tos --login address@mail --password address@mail --host mail --smtp-port 3025 --smtp-host mail --non-interactive�[0;m
/builds/platynum/certification-authority/flows/acme_email/cli.py:47: DeprecationWarning: IConfig attribute in certbot.interfaces module is deprecated and will be removed soon.
zope.component.provideUtility(config, interfaces.IConfig)
Saving debug log to /builds/platynum/certification-authority/flows/acme_email/logs/letsencrypt.log
/builds/platynum/certification-authority/flows/acme_email/cli.py:185: DeprecationWarning: IReporter attribute in certbot.interfaces module is deprecated and will be removed soon.
zope.component.provideUtility(report, interfaces.IReporter)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
You are requesting a S/MIME certificate to CASTLE ACME server. Remember to add
the root certificate into your trust store for proper operation.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Account registered.
Requesting a certificate for address@mail
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
A challenge request for S/MIME certificate has been sent. In few minutes, ACME
server will send a challenge e-mail to requested recipient address@mail. You do
not need to take ANY action, as it will be replied automatically.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
16 Nov 21:13:42 - [info] [function:Send E-Mail] to: "address@mail", msg-id: <f43881fd-3497-e6be-abfb-738f059df136@mail>
--- Logging error ---
Traceback (most recent call last):
File "/usr/lib/python3.9/imaplib.py", line 1173, in _get_tagged_response
self._get_response()
File "/usr/lib/python3.9/imaplib.py", line 1075, in _get_response
resp = self._get_line()
File "/usr/lib/python3.9/imaplib.py", line 1185, in _get_line
raise self.abort('socket error: EOF')
imaplib.IMAP4.abort: socket error: EOF
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.9/logging/handlers.py", line 73, in emit
if self.shouldRollover(record):
File "/usr/lib/python3.9/logging/handlers.py", line 191, in shouldRollover
msg = "%s\n" % self.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 927, in format
return fmt.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 663, in format
record.message = record.getMessage()
File "/usr/lib/python3.9/logging/__init__.py", line 367, in getMessage
msg = msg % self.args
TypeError: not all arguments converted during string formatting
Call stack:
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 248, in <module>
main(args)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 191, in main
request_cert(args, config)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 110, in request_cert
cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1353, in _csr_get_and_save_cert
cert, chain = le_client.obtain_certificate_from_csr(csr)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 300, in obtain_certificate_from_csr
orderr = self._get_order_and_authorizations(csr.data, best_effort=False)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 439, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations
resps = self.auth.perform(achalls)
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 85, in perform
return [self._perform_emailreply00(achall) for achall in achalls]
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 85, in <listcomp>
return [self._perform_emailreply00(achall) for achall in achalls]
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 98, in _perform_emailreply00
respo = self.imap.fetch(uid, ['RFC822'])
File "/usr/lib/python3.9/site-packages/imapclient/imapclient.py", line 1367, in fetch
typ, data = self._imap._command_complete("FETCH", tag)
File "/usr/lib/python3.9/imaplib.py", line 1047, in _command_complete
typ, data = self._get_tagged_response(tag, expect_bye=logout)
File "/usr/lib/python3.9/imaplib.py", line 1177, in _get_tagged_response
self.print_log()
File "/usr/lib/python3.9/imaplib.py", line 1274, in print_log
self._mesg(*self._cmd_log[i])
Message: "< b'* OK IMAP4rev1 Server GreenMail v2.0.0-alpha-2 ready'"
Arguments: (1637097221.3968813,)
--- Logging error ---
Traceback (most recent call last):
File "/usr/lib/python3.9/imaplib.py", line 1173, in _get_tagged_response
self._get_response()
File "/usr/lib/python3.9/imaplib.py", line 1075, in _get_response
resp = self._get_line()
File "/usr/lib/python3.9/imaplib.py", line 1185, in _get_line
raise self.abort('socket error: EOF')
imaplib.IMAP4.abort: socket error: EOF
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.9/logging/handlers.py", line 73, in emit
if self.shouldRollover(record):
File "/usr/lib/python3.9/logging/handlers.py", line 191, in shouldRollover
msg = "%s\n" % self.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 927, in format
return fmt.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 663, in format
record.message = record.getMessage()
File "/usr/lib/python3.9/logging/__init__.py", line 367, in getMessage
msg = msg % self.args
TypeError: not all arguments converted during string formatting
Call stack:
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 248, in <module>
main(args)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 191, in main
request_cert(args, config)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 110, in request_cert
cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1353, in _csr_get_and_save_cert
cert, chain = le_client.obtain_certificate_from_csr(csr)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 300, in obtain_certificate_from_csr
orderr = self._get_order_and_authorizations(csr.data, best_effort=False)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 439, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations
resps = self.auth.perform(achalls)
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 85, in perform
return [self._perform_emailreply00(achall) for achall in achalls]
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 85, in <listcomp>
return [self._perform_emailreply00(achall) for achall in achalls]
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 98, in _perform_emailreply00
respo = self.imap.fetch(uid, ['RFC822'])
File "/usr/lib/python3.9/site-packages/imapclient/imapclient.py", line 1367, in fetch
typ, data = self._imap._command_complete("FETCH", tag)
File "/usr/lib/python3.9/imaplib.py", line 1047, in _command_complete
typ, data = self._get_tagged_response(tag, expect_bye=logout)
File "/usr/lib/python3.9/imaplib.py", line 1177, in _get_tagged_response
self.print_log()
File "/usr/lib/python3.9/imaplib.py", line 1274, in print_log
self._mesg(*self._cmd_log[i])
Message: "> b'CDEJ0 CAPABILITY'"
Arguments: (1637097221.3969378,)
--- Logging error ---
Traceback (most recent call last):
File "/usr/lib/python3.9/imaplib.py", line 1173, in _get_tagged_response
self._get_response()
File "/usr/lib/python3.9/imaplib.py", line 1075, in _get_response
resp = self._get_line()
File "/usr/lib/python3.9/imaplib.py", line 1185, in _get_line
raise self.abort('socket error: EOF')
imaplib.IMAP4.abort: socket error: EOF
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.9/logging/handlers.py", line 73, in emit
if self.shouldRollover(record):
File "/usr/lib/python3.9/logging/handlers.py", line 191, in shouldRollover
msg = "%s\n" % self.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 927, in format
return fmt.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 663, in format
record.message = record.getMessage()
File "/usr/lib/python3.9/logging/__init__.py", line 367, in getMessage
msg = msg % self.args
TypeError: not all arguments converted during string formatting
Call stack:
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 248, in <module>
main(args)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 191, in main
request_cert(args, config)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 110, in request_cert
cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1353, in _csr_get_and_save_cert
cert, chain = le_client.obtain_certificate_from_csr(csr)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 300, in obtain_certificate_from_csr
orderr = self._get_order_and_authorizations(csr.data, best_effort=False)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 439, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations
resps = self.auth.perform(achalls)
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 85, in perform
return [self._perform_emailreply00(achall) for achall in achalls]
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 85, in <listcomp>
return [self._perform_emailreply00(achall) for achall in achalls]
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 98, in _perform_emailreply00
respo = self.imap.fetch(uid, ['RFC822'])
File "/usr/lib/python3.9/site-packages/imapclient/imapclient.py", line 1367, in fetch
typ, data = self._imap._command_complete("FETCH", tag)
File "/usr/lib/python3.9/imaplib.py", line 1047, in _command_complete
typ, data = self._get_tagged_response(tag, expect_bye=logout)
File "/usr/lib/python3.9/imaplib.py", line 1177, in _get_tagged_response
self.print_log()
File "/usr/lib/python3.9/imaplib.py", line 1274, in print_log
self._mesg(*self._cmd_log[i])
Message: "< b'* CAPABILITY IMAP4rev1 LITERAL+ SORT UIDPLUS IDLE QUOTA'"
Arguments: (1637097221.3994844,)
--- Logging error ---
Traceback (most recent call last):
File "/usr/lib/python3.9/imaplib.py", line 1173, in _get_tagged_response
self._get_response()
File "/usr/lib/python3.9/imaplib.py", line 1075, in _get_response
resp = self._get_line()
File "/usr/lib/python3.9/imaplib.py", line 1185, in _get_line
raise self.abort('socket error: EOF')
imaplib.IMAP4.abort: socket error: EOF
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.9/logging/handlers.py", line 73, in emit
if self.shouldRollover(record):
File "/usr/lib/python3.9/logging/handlers.py", line 191, in shouldRollover
msg = "%s\n" % self.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 927, in format
return fmt.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 663, in format
record.message = record.getMessage()
File "/usr/lib/python3.9/logging/__init__.py", line 367, in getMessage
msg = msg % self.args
TypeError: not all arguments converted during string formatting
Call stack:
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 248, in <module>
main(args)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 191, in main
request_cert(args, config)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 110, in request_cert
cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1353, in _csr_get_and_save_cert
cert, chain = le_client.obtain_certificate_from_csr(csr)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 300, in obtain_certificate_from_csr
orderr = self._get_order_and_authorizations(csr.data, best_effort=False)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 439, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations
resps = self.auth.perform(achalls)
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 85, in perform
return [self._perform_emailreply00(achall) for achall in achalls]
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 85, in <listcomp>
return [self._perform_emailreply00(achall) for achall in achalls]
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 98, in _perform_emailreply00
respo = self.imap.fetch(uid, ['RFC822'])
File "/usr/lib/python3.9/site-packages/imapclient/imapclient.py", line 1367, in fetch
typ, data = self._imap._command_complete("FETCH", tag)
File "/usr/lib/python3.9/imaplib.py", line 1047, in _command_complete
typ, data = self._get_tagged_response(tag, expect_bye=logout)
File "/usr/lib/python3.9/imaplib.py", line 1177, in _get_tagged_response
self.print_log()
File "/usr/lib/python3.9/imaplib.py", line 1274, in print_log
self._mesg(*self._cmd_log[i])
Message: "< b'CDEJ0 OK CAPABILITY completed.'"
Arguments: (1637097221.3996263,)
An unexpected error occurred:
imaplib.IMAP4.abort: command: FETCH => socket error: EOF
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /builds/platynum/certification-authority/flows/acme_email/logs/letsencrypt.log or re-run Certbot with -v for more details.
All authorizations were not finalized by the CA.
I see ERROR:certbot._internal.log:All authorizations were not finalized by the CA..
I am running the following command for an Outlook email address:
sudo python3 cli.py cert --config-dir . --work-dir . --logs-dir . --contact [email protected] -e [email protected]
Erorrs "All authorizations were not finalized by the CA" followed by response 500 errors
I encounted the first error when trying to create a certificate:
2023-06-30 11:15:21,205:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/nix/store/qifkbxi0s3v0b7bi6yg9pblljlqfc4qg-python3.9-certbot-1.22.0/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 105, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/nix/store/qifkbxi0s3v0b7bi6yg9pblljlqfc4qg-python3.9-certbot-1.22.0/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 209, in _poll_authorizations
raise errors.AuthorizationError('All authorizations were not finalized by the CA.')
certbot.errors.AuthorizationError: All authorizations were not finalized by the CA.
I though i'd try again and specify just a digial signature with --usage digitalSignature but now i'm getting 500 errors:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The ACME response has been sent successfully!
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
An unexpected error occurred:
acme.errors.ClientError: <Response [500]>
Happy to attach logs if it helps, just not sure which bits of it need redacting.
Error message during successful certificate issuance
After closing #21, and #25 we're now back to the original error:
$ python3 cli.py cert --passphrase passphrase --config-dir . --work-dir . --logs-dir ./logs -e address@mail --contact contact@${HOSTNAME} --imap --host mail --port 3143 --agree-tos --login address@mail --password address@mail --host mail --smtp-port 3025 --smtp-host mail --non-interactive�[0;m
/builds/platynum/certification-authority/flows/acme_email/cli.py:47: DeprecationWarning: IConfig attribute in certbot.interfaces module is deprecated and will be removed soon.
zope.component.provideUtility(config, interfaces.IConfig)
Saving debug log to /builds/platynum/certification-authority/flows/acme_email/logs/letsencrypt.log
/builds/platynum/certification-authority/flows/acme_email/cli.py:185: DeprecationWarning: IReporter attribute in certbot.interfaces module is deprecated and will be removed soon.
zope.component.provideUtility(report, interfaces.IReporter)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
You are requesting a S/MIME certificate to CASTLE ACME server. Remember to add
the root certificate into your trust store for proper operation.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Account registered.
Requesting a certificate for address@mail
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
A challenge request for S/MIME certificate has been sent. In few minutes, ACME
server will send a challenge e-mail to requested recipient address@mail. You do
not need to take ANY action, as it will be replied automatically.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
17 Nov 18:52:17 - [info] [function:Send E-Mail] to: "address@mail", msg-id: <c538561e-c47a-0eb8-cefb-e07de020ed4f@mail>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The ACME response has been sent successfully!
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
17 Nov 18:52:56 - [warn] [function:Authorize email] missing authentication-results email header
17 Nov 18:52:56 - [info] [function:Authorize email] Updating authorization: Sub/acme/b533237ca2a8a77ab35cdc74f14113feb9cf2f24e5ee9e411be288d52aecaa19/77dca7288f508d52e33d253e9591bd8424a636ab4761a1df0fe6b090b9309ae8/8609f56283fb0cd04ead54855d0e5b1cbc570a15fefd898ac577d0426a9bde14.json
--- Logging error ---
Traceback (most recent call last):
File "/usr/lib/python3.9/imaplib.py", line 1173, in _get_tagged_response
self._get_response()
File "/usr/lib/python3.9/imaplib.py", line 1075, in _get_response
resp = self._get_line()
File "/usr/lib/python3.9/imaplib.py", line 1185, in _get_line
raise self.abort('socket error: EOF')
imaplib.IMAP4.abort: socket error: EOF
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.9/logging/handlers.py", line 73, in emit
if self.shouldRollover(record):
File "/usr/lib/python3.9/logging/handlers.py", line 191, in shouldRollover
msg = "%s\n" % self.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 927, in format
return fmt.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 663, in format
record.message = record.getMessage()
File "/usr/lib/python3.9/logging/__init__.py", line 367, in getMessage
msg = msg % self.args
TypeError: not all arguments converted during string formatting
Call stack:
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 248, in <module>
main(args)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 191, in main
request_cert(args, config)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 110, in request_cert
cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1353, in _csr_get_and_save_cert
cert, chain = le_client.obtain_certificate_from_csr(csr)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 300, in obtain_certificate_from_csr
orderr = self._get_order_and_authorizations(csr.data, best_effort=False)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 439, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 98, in handle_authorizations
return authzrs_validated
File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 106, in __exit__
self._call_registered()
File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 124, in _call_registered
self.funcs[-1]()
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 241, in _cleanup_challenges
self.auth.cleanup(achalls)
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 134, in cleanup
self.imap.logout()
File "/usr/lib/python3.9/site-packages/imapclient/imapclient.py", line 496, in logout
typ, data = self._imap.logout()
File "/usr/lib/python3.9/imaplib.py", line 642, in logout
typ, dat = self._simple_command('LOGOUT')
File "/usr/lib/python3.9/imaplib.py", line 1230, in _simple_command
return self._command_complete(name, self._command(name, *args))
File "/usr/lib/python3.9/imaplib.py", line 1047, in _command_complete
typ, data = self._get_tagged_response(tag, expect_bye=logout)
File "/usr/lib/python3.9/imaplib.py", line 1177, in _get_tagged_response
self.print_log()
File "/usr/lib/python3.9/imaplib.py", line 1274, in print_log
self._mesg(*self._cmd_log[i])
Message: "< b'* OK IMAP4rev1 Server GreenMail v2.0.0-alpha-2 ready'"
Arguments: (1637175137.1718166,)
--- Logging error ---
Traceback (most recent call last):
File "/usr/lib/python3.9/imaplib.py", line 1173, in _get_tagged_response
self._get_response()
File "/usr/lib/python3.9/imaplib.py", line 1075, in _get_response
resp = self._get_line()
File "/usr/lib/python3.9/imaplib.py", line 1185, in _get_line
raise self.abort('socket error: EOF')
imaplib.IMAP4.abort: socket error: EOF
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.9/logging/handlers.py", line 73, in emit
if self.shouldRollover(record):
File "/usr/lib/python3.9/logging/handlers.py", line 191, in shouldRollover
msg = "%s\n" % self.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 927, in format
return fmt.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 663, in format
record.message = record.getMessage()
File "/usr/lib/python3.9/logging/__init__.py", line 367, in getMessage
msg = msg % self.args
TypeError: not all arguments converted during string formatting
Call stack:
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 248, in <module>
main(args)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 191, in main
request_cert(args, config)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 110, in request_cert
cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1353, in _csr_get_and_save_cert
cert, chain = le_client.obtain_certificate_from_csr(csr)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 300, in obtain_certificate_from_csr
orderr = self._get_order_and_authorizations(csr.data, best_effort=False)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 439, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 98, in handle_authorizations
return authzrs_validated
File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 106, in __exit__
self._call_registered()
File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 124, in _call_registered
self.funcs[-1]()
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 241, in _cleanup_challenges
self.auth.cleanup(achalls)
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 134, in cleanup
self.imap.logout()
File "/usr/lib/python3.9/site-packages/imapclient/imapclient.py", line 496, in logout
typ, data = self._imap.logout()
File "/usr/lib/python3.9/imaplib.py", line 642, in logout
typ, dat = self._simple_command('LOGOUT')
File "/usr/lib/python3.9/imaplib.py", line 1230, in _simple_command
return self._command_complete(name, self._command(name, *args))
File "/usr/lib/python3.9/imaplib.py", line 1047, in _command_complete
typ, data = self._get_tagged_response(tag, expect_bye=logout)
File "/usr/lib/python3.9/imaplib.py", line 1177, in _get_tagged_response
self.print_log()
File "/usr/lib/python3.9/imaplib.py", line 1274, in print_log
self._mesg(*self._cmd_log[i])
Message: "> b'ENLK0 CAPABILITY'"
Arguments: (1637175137.1718557,)
--- Logging error ---
Traceback (most recent call last):
File "/usr/lib/python3.9/imaplib.py", line 1173, in _get_tagged_response
self._get_response()
File "/usr/lib/python3.9/imaplib.py", line 1075, in _get_response
resp = self._get_line()
File "/usr/lib/python3.9/imaplib.py", line 1185, in _get_line
raise self.abort('socket error: EOF')
imaplib.IMAP4.abort: socket error: EOF
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.9/logging/handlers.py", line 73, in emit
if self.shouldRollover(record):
File "/usr/lib/python3.9/logging/handlers.py", line 191, in shouldRollover
msg = "%s\n" % self.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 927, in format
return fmt.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 663, in format
record.message = record.getMessage()
File "/usr/lib/python3.9/logging/__init__.py", line 367, in getMessage
msg = msg % self.args
TypeError: not all arguments converted during string formatting
Call stack:
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 248, in <module>
main(args)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 191, in main
request_cert(args, config)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 110, in request_cert
cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1353, in _csr_get_and_save_cert
cert, chain = le_client.obtain_certificate_from_csr(csr)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 300, in obtain_certificate_from_csr
orderr = self._get_order_and_authorizations(csr.data, best_effort=False)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 439, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 98, in handle_authorizations
return authzrs_validated
File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 106, in __exit__
self._call_registered()
File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 124, in _call_registered
self.funcs[-1]()
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 241, in _cleanup_challenges
self.auth.cleanup(achalls)
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 134, in cleanup
self.imap.logout()
File "/usr/lib/python3.9/site-packages/imapclient/imapclient.py", line 496, in logout
typ, data = self._imap.logout()
File "/usr/lib/python3.9/imaplib.py", line 642, in logout
typ, dat = self._simple_command('LOGOUT')
File "/usr/lib/python3.9/imaplib.py", line 1230, in _simple_command
return self._command_complete(name, self._command(name, *args))
File "/usr/lib/python3.9/imaplib.py", line 1047, in _command_complete
typ, data = self._get_tagged_response(tag, expect_bye=logout)
File "/usr/lib/python3.9/imaplib.py", line 1177, in _get_tagged_response
self.print_log()
File "/usr/lib/python3.9/imaplib.py", line 1274, in print_log
self._mesg(*self._cmd_log[i])
Message: "< b'* CAPABILITY IMAP4rev1 LITERAL+ SORT UIDPLUS IDLE QUOTA'"
Arguments: (1637175137.1720932,)
--- Logging error ---
Traceback (most recent call last):
File "/usr/lib/python3.9/imaplib.py", line 1173, in _get_tagged_response
self._get_response()
File "/usr/lib/python3.9/imaplib.py", line 1075, in _get_response
resp = self._get_line()
File "/usr/lib/python3.9/imaplib.py", line 1185, in _get_line
raise self.abort('socket error: EOF')
imaplib.IMAP4.abort: socket error: EOF
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.9/logging/handlers.py", line 73, in emit
if self.shouldRollover(record):
File "/usr/lib/python3.9/logging/handlers.py", line 191, in shouldRollover
msg = "%s\n" % self.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 927, in format
return fmt.format(record)
File "/usr/lib/python3.9/logging/__init__.py", line 663, in format
record.message = record.getMessage()
File "/usr/lib/python3.9/logging/__init__.py", line 367, in getMessage
msg = msg % self.args
TypeError: not all arguments converted during string formatting
Call stack:
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 248, in <module>
main(args)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 191, in main
request_cert(args, config)
File "/builds/platynum/certification-authority/flows/acme_email/cli.py", line 110, in request_cert
cert_path, chain_path, fullchain_path = certbot_main._csr_get_and_save_cert(config, le_client)
File "/usr/lib/python3.9/site-packages/certbot/_internal/main.py", line 1353, in _csr_get_and_save_cert
cert, chain = le_client.obtain_certificate_from_csr(csr)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 300, in obtain_certificate_from_csr
orderr = self._get_order_and_authorizations(csr.data, best_effort=False)
File "/usr/lib/python3.9/site-packages/certbot/_internal/client.py", line 439, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 98, in handle_authorizations
return authzrs_validated
File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 106, in __exit__
self._call_registered()
File "/usr/lib/python3.9/site-packages/certbot/_internal/error_handler.py", line 124, in _call_registered
self.funcs[-1]()
File "/usr/lib/python3.9/site-packages/certbot/_internal/auth_handler.py", line 241, in _cleanup_challenges
self.auth.cleanup(achalls)
File "/builds/platynum/certification-authority/flows/acme_email/certbot_castle/plugins/imap.py", line 134, in cleanup
self.imap.logout()
File "/usr/lib/python3.9/site-packages/imapclient/imapclient.py", line 496, in logout
typ, data = self._imap.logout()
File "/usr/lib/python3.9/imaplib.py", line 642, in logout
typ, dat = self._simple_command('LOGOUT')
File "/usr/lib/python3.9/imaplib.py", line 1230, in _simple_command
return self._command_complete(name, self._command(name, *args))
File "/usr/lib/python3.9/imaplib.py", line 1047, in _command_complete
typ, data = self._get_tagged_response(tag, expect_bye=logout)
File "/usr/lib/python3.9/imaplib.py", line 1177, in _get_tagged_response
self.print_log()
File "/usr/lib/python3.9/imaplib.py", line 1274, in print_log
self._mesg(*self._cmd_log[i])
Message: "< b'ENLK0 OK CAPABILITY completed.'"
Arguments: (1637175137.172112,)
Encountered exception during recovery: imaplib.IMAP4.abort: command: LOGOUT => socket error: EOF
17 Nov 18:52:58 - [info] [function:Sign TBS] with serial 6fb9de5aa1066855acb54d56258f18861faa6165
17 Nov 18:52:58 - [info] [debug:Issuing for] /CN=address@mail with serial 6fb9de5aa1066855acb54d56258f18861faa6165
Successfully received certificate.
Certificate is saved at: /builds/platynum/certification-authority/flows/acme_email/live/0000_cert.pem
Intermediate CA chain is saved at: /builds/platynum/certification-authority/flows/acme_email/live/0000_ca.pem
Full certificate chain is saved at: /builds/platynum/certification-authority/flows/acme_email/live/0000_chain.pem
This certificate expires on 2022-11-17.
Deploying certificate
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
PKCS12 container generated at
/builds/platynum/certification-authority/flows/acme_email/live/0000_cert.pfx
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Missing CP / CPS
As stated in the terms of service:
4.4 IMPORTANT DISCLAIMER OF WARRANTIES AND LIMITATION OF LIABILITY
EXCEPT AS EXPRESSLY SET FORTH IN CTTC’S CERTIFICATE POLICY AND CERTIFICATE PRACTICE STATEMENT [...]
Where can these CTTC CP and CPS be found?
certbot fails when called with --no-passphrase and --non-interactive
When calling certbot with --no-passphrase and --non-interactive it fails during PFX creation:
$ python3 cli.py cert --no-passphrase --config-dir . --work-dir . --logs-dir ./logs -e address@mail --contact contact@${HOSTNAME} --imap --host mail --port 3143 --agree-tos --login address@mail --password address@mail --host mail --smtp-port 3025 --smtp-host mail --non-interactive
Saving debug log to /builds/platynum/certification-authority/flows/acme_email/logs/letsencrypt.log
[...]
Skipped user interaction because Certbot doesn't appear to be running in a terminal. You should probably include --non-interactive or --force-interactive on the command line.
Account registered.
Requesting a certificate for address@mail
[...]
Deploying certificate
Could not install certificate
An unexpected error occurred:
ValueError: Password must be 1 or more bytes.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /builds/platynum/certification-authority/flows/acme_email/logs/letsencrypt.log or re-run Certbot with -v for more details.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.