Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ACME v1 is now disabled by Lets Encrypt. All requests must be made to ACMEv2 endpoint #190

Closed
weefinterativa opened this issue Oct 17, 2019 · 3 comments
Closed

ACME v1 is now disabled by Lets Encrypt. All requests must be made to ACMEv2 endpoint #190

weefinterativa opened this issue Oct 17, 2019 · 3 comments

Comments

@weefinterativa
Copy link

weefinterativa commented Oct 17, 2019
edited
Loading

When running the plugin to get a new certificate this is the message displayed:

Edit: The plugin version running is 0.8.9

2019-10-17 21:21:09,144:INFO:__main__:1211: Generating new account key
ACME server returned an error: urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555. See https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430 for details.

This is a know issue that as fixed in simp_le script in version 0.16.0 to allow using the ACMEv2

But the latest Dockerfile for dokku/docker-letsencrypt image clones the 0.15.0 version of simp_le repo line 17

(I'm reporting this because I cannot submit and tests in the docker-letsencrypt image right now and as described here the ACMEv1 will be disabled for good.)
@dean1012
Copy link
Contributor

I'll test this when I can.

In the meantime can you link the issue that was resolved in 0.16.0

@dean1012
Copy link
Contributor

I am unable to reproduce this running on dokku-letsencrypt v0.9.1

2019-10-18 01:01:58,632:INFO:__main__:1317: Generating new account key
2019-10-18 01:02:01,834:INFO:__main__:1343: By using simp_le, you implicitly agree to the CA's terms of service: https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
2019-10-18 01:02:01,996:INFO:__main__:1406: Generating new certificate private key
2019-10-18 01:02:10,159:INFO:__main__:396: Saving account_key.json
2019-10-18 01:02:10,161:INFO:__main__:396: Saving account_reg.json
2019-10-18 01:02:10,161:INFO:__main__:396: Saving fullchain.pem
2019-10-18 01:02:10,161:INFO:__main__:396: Saving chain.pem
2019-10-18 01:02:10,162:INFO:__main__:396: Saving cert.pem
2019-10-18 01:02:10,162:INFO:__main__:396: Saving key.pem
-----> Certificate retrieved successfully.

@weefinterativa
Copy link
Author

weefinterativa commented Oct 18, 2019
edited
Loading

@dean1012 Sure, here is the issue: zenhack/simp_le#101

Updating to version 0.9.1 solved this issue. For anyone who come here with this error, just update the lets encrypt plugin with (in the case the 0.9.1 was the latest release tag)

sudo dokku plugin:update letsencrypt

Then the new updated image do docker-letsencrypt will be downloaded:

sudo dokku letsencrypt project 
=====> Let's Encrypt project
-----> Updating letsencrypt docker image...
0.1.0: Pulling from dokku/letsencrypt
921b31ab772b: Already exists 
5b8c64164d75: Pull complete 
3f9e5593f73b: Pull complete 
Digest: sha256:af5f8529c407645e97821ad28eba328f4c59b83b2141334f899303c49fc07823
Status: Downloaded newer image for dokku/letsencrypt:0.1.0

Closing this issue, thank you @dean1012 for the time.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dean1012 @weefinterativa