You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This last worked in July with no updates to python/certbot/s3front. I was able to manually use cli aws iam to upload the cert, then I logged into cloudfront and choose the new cert since I was nearing expiry.
I get an erroneous invalid credentials message, but my account with Let’s Encrypt and AWS work fine and then generated cert fails to upload to aws:iam, update aws:cloudfront.
I saw in logs s3front successfully updated well known hosts and acme then issued cert, I see cert on local certbot file system. Then in logs I see the install portion of s3front try to make a call to a non-routable 169.254 IP, then do a post with new certificate and then fails saying no credentials.
The two AWS variables are set and did work from the script to place file on s3 for LE to issue the cert. I then used AWS cli, with same credentials, to manually upload the cert to IAM.
2021-10-04 17:54:13,722:DEBUG:botocore.utils:Caught retryable HTTP exception while making metadata service request to http://169.254.169.254/latest/api/token: Connect timeout on endpoint URL: "http://169.254.169.254/latest/api/token"
Traceback (most recent call last):
File "/usr/local/Cellar/certbot/1.19.0/libexec/lib/python3.9/site-packages/urllib3/connection.py", line 169, in _new_conn
conn = connection.create_connection(
File "/usr/local/Cellar/certbot/1.19.0/libexec/lib/python3.9/site-packages/urllib3/util/connection.py", line 96, in create_connection
raise err
File "/usr/local/Cellar/certbot/1.19.0/libexec/lib/python3.9/site-packages/urllib3/util/connection.py", line 86, in create_connection
sock.connect(sa)
socket.timeout: timed out
This last worked in July with no updates to python/certbot/s3front. I was able to manually use cli aws iam to upload the cert, then I logged into cloudfront and choose the new cert since I was nearing expiry.
I get an erroneous invalid credentials message, but my account with Let’s Encrypt and AWS work fine and then generated cert fails to upload to aws:iam, update aws:cloudfront.
I saw in logs s3front successfully updated well known hosts and acme then issued cert, I see cert on local certbot file system. Then in logs I see the install portion of s3front try to make a call to a non-routable 169.254 IP, then do a post with new certificate and then fails saying no credentials.
The two AWS variables are set and did work from the script to place file on s3 for LE to issue the cert. I then used AWS cli, with same credentials, to manually upload the cert to IAM.
2021-10-04 17:54:13,722:DEBUG:botocore.utils:Caught retryable HTTP exception while making metadata service request to http://169.254.169.254/latest/api/token: Connect timeout on endpoint URL: "http://169.254.169.254/latest/api/token"
Traceback (most recent call last):
File "/usr/local/Cellar/certbot/1.19.0/libexec/lib/python3.9/site-packages/urllib3/connection.py", line 169, in _new_conn
conn = connection.create_connection(
File "/usr/local/Cellar/certbot/1.19.0/libexec/lib/python3.9/site-packages/urllib3/util/connection.py", line 96, in create_connection
raise err
File "/usr/local/Cellar/certbot/1.19.0/libexec/lib/python3.9/site-packages/urllib3/util/connection.py", line 86, in create_connection
sock.connect(sa)
socket.timeout: timed out
17:54:14,948:DEBUG:botocore.endpoint:Making request for OperationModel(name=UploadServerCertificate) with params: {'url_path': '/', 'query_string': '', 'method': 'POST', 'headers': {'Content-Type': 'application/x-www-form-urlencoded; charset=utf-8', 'User-Agent': 'Boto3/1.17.112 Python/3.9.7 Darwin/19.6.0 Botocore/1.20.112'}, 'body': {'Action': 'UploadServerCertificate', 'Version': '2010-05-08', 'Path': '/cloudfront/letsencrypt/', 'ServerCertificateName': 'le-diff name.net-#######', 'CertificateBody': '-----BEGIN CERTIFICATE-----\nMIIFNjCCBB6gAwIBAgISBOibeQhpG98ietpgQc1UlOFfMA0GCSqGSIb3DQEBCwUA\nMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD\nEwJSMzAeFw0yMTEw
2021-10-04 17:54:14,949:ERROR:certbot._internal.renewal:Failed to renew certificate nameremoved.net with error: Unable to locate credentials
2021-10-04 17:54:14,963:DEBUG:certbot._internal.renewal:Traceback was:
Traceback (most recent call last):
File "/usr/local/Cellar/certbot/1.19.0/libexec/lib/python3.9/site-packages/certbot/_internal/renewal.py", line 475, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
The text was updated successfully, but these errors were encountered: