show_account
broken in combination with ACMEv1 account reuse using symbolic links
#9306
Labels
area: ui / ux
bug
has pr
priority: significant
Issues with higher than average priority that do not need to be in the current milestone.
Reported on the Community here: https://community.letsencrypt.org/t/certbot-show-account-fails-with-acme-v01-api-letsencrypt-org-dns-lookup-failure/178367
Since #6156 ACMEv1 account reuse is done using symbolic links.
In #9127 the
show_account
subcommand was introduced, making use of thequery_registration
function of theacme
library, passing theregr
object from the account to that function.However, when symbolic link account reuse is in place, the
regr
object contains an accounturi
of the ACMEv1 protocol, including the now-nonexistingacme-v01
API URL. That URI is directly used in_send_recv_regr()
, triggering a DNS error.Possible fixes:
main.show_account
and keep usingquery_registration
, orclient.query_registration
, ormain.show_account()
to not usequery_registration
but build a signed request fornewAccount
on its own.The text was updated successfully, but these errors were encountered: