lets encrypt problem

An error occurred requesting a new certificate for domain.dk, www.domain.dk, mail.domain.dk from Let's Encrypt :

<

pre>Updating letsencrypt and virtual environment dependencies.......Command "/root/.local/share/letsencrypt/bin/python2.7 -u -c "import setuptools, tokenize;file='/tmp/pip-build-JeHajm/python-augeas/setup.py';f=getattr(tokenize, 'open', open)(file);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, file, 'exec'))" install --record /tmp/pip-KxBk0v-record/install-record.txt --single-version-externally-managed --compile --install-headers /root/.local/share/letsencrypt/include/site/python2.7/python-augeas" failed with error code 1 in /tmp/pip-build-JeHajm/python-augeas/

it doesn't encrypt and i get this error every 5 min

and i haven't added mail.domain.dk... it just suddenly was there.

if i manually set domain.dk and www.domain.dk it still gives error

Updating letsencrypt and virtual environment dependencies.......Command "/root/.local/share/letsencrypt/bin/python2.7 -u -c "import setuptools, tokenize;file='/tmp/pip-build-4EoHcD/python-augeas/setup.py';f=getattr(tokenize, 'open', open)(file);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, file, 'exec'))" install --record /tmp/pip-_76S2g-record/install-record.txt --single-version-externally-managed --compile --install-headers /root/.local/share/letsencrypt/include/site/python2.7/python-augeas" failed with error code 1 in /tmp/pip-build-4EoHcD/python-augeas/

please help asap.

Status: 
Closed (fixed)

Comments

Looks like you are using the Let's Encrypt provided client. Try un-installing that, which will fall back to using Virtualmin's built-in version.

thanx Jamie, that was the problem... solved by removing that and /etc/letsencrypt

Status: Active » Fixed

I'm having the same issue and I'm guessing that it's the same problem and fix. Can you tell me how you removed the Let's Encrypt provided client?

Thanks,

Hmm, do you recall installing Let's Encrypt previously? It should have an uninstall function.

I unfortunately don't recall the command name, though I vaguely recall it being something like either letsencrypt-auto, letsencrypt, or acme. You may want to see if one of those 3 commands exists, and if so, just rename it to something else.

Looks like you are using the Let's Encrypt provided client. Try un-installing that, which will fall back to using Virtualmin's built-in version.

Likewise. Not sure how to implement this as I'm getting the same error.

Cyrus, did you perhaps have any of the commands mentioned in Comment #5 above?

@andreycheck

letsencrypt-auto

-bash: letsencrypt-auto: command not found

letsencrypt

-bash: letsencrypt: command not found

acme

-bash: acme: command not found

Jamie, do you recall the name of the program Virtualmin looks for to determine if the Let's Encrypt provided client is installed?

It's normally called letsencrypt or letsencrypt-auto .

Sorry, I still don't understand what I'm specifically expected to do. My error when requesting a certificate is:
Updating letsencrypt and virtual environment dependencies......Command "/root/.local/share/letsencrypt/bin/python2.7 -u -c "import setuptools, tokenize;file='/tmp/pip-build-RbG2pn/python-augeas/setup.py';f=getattr(tokenize, 'open', open)(file);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, file, 'exec'))" install --record /tmp/pip-s110sR-record/install-record.txt --single-version-externally-managed --compile --install-headers /root/.local/share/letsencrypt/include/site/python2.7/python-augeas" failed with error code 1 in /tmp/pip-build-RbG2pn/python-augeas/
Please advise.

Can you post the /etc/webmin/webmin/config file from your system? It should contain the path to the Let's Encrypt command that Webmin is running.

cron_mode=0
letsencrypt_cmd=/root/letsencrypt/letsencrypt-auto
third_url=
letsencrypt_doms=host.myserver.com
upmins=3
letsencrypt_webroot=/home/myvirtualdomain/public_html
last_version_check=1480873633
upmissing=0
standard_url=
letsencrypt_size=
uphour=20
warn_days=7
last_version_number=1.820
updays=1
upshow=1
osdn=1
update=0

That may be it, do you have a file named "/root/letsencrypt/letsencrypt-auto"?

yes, that file exists

Try renaming that file, and rename the /etc/letsencrypt directory -- and then re-attempt the Let's Encrypt setup in Virtuamin.

Renamed the file and directory. Tried to request a certificate for a virtual domain.

Parsing account key...
Parsing CSR...
Registering account...
Already registered!
Verifying mydomain.com...
mydomain.com verified!
Verifying www.mydomain.com...
www.mydomain.com verified!
Verifying mail.mydomain.com...
Wrote file to /home/xxxx/public_html/.well-known/acme-challenge/2S6WAPDgXLdlFQSzoroj3ChAsBsFMrHwjQBDCXFiw_8, but couldn't download http://mail.mydomain.com/.well-known/acme-challenge/2S6WAPDgXLdlFQSzoroj3ChAsBsFMrHwjQBDCXFiw_8
Traceback (most recent call last):
  File "/usr/libexec/webmin/webmin/acme_tiny.py", line 203, in <module>
    main(sys.argv[1:])
  File "/usr/libexec/webmin/webmin/acme_tiny.py", line 199, in main
    signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca)
  File "/usr/libexec/webmin/webmin/acme_tiny.py", line 154, in get_crt
    domain, challenge_status))
ValueError: mail.mydomain.com challenge did not pass: {u'status': u'invalid', u'validationRecord': [{u'url': u'http://mail.mydomain.com/.well-known/acme-challenge/2S6WAPDgXLdlFQSzoroj3ChAsBsFMrHwjQBDCXFiw_8', u'hostname': u'mail.mydomain.com', u'addressUsed': u'67.xxx.xxx.xx', u'port': u'80', u'addressesResolved': [u'67.xxx.xxx.xx']}], u'keyAuthorization': u'2S6WAPDgXLdlFQSzoroj3ChAsBsFMrHwjQBDCXFiw_8.UKZ480pEHiYZhjcjXT_oSRzD2mx3F894eFN-3CQgXYo', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/08dYhaduJ0w9yyxC-k32_LRHKL9ZcWINJ53AGn2yO94/925021548', u'token': u'2S6WAPDgXLdlFQSzoroj3ChAsBsFMrHwjQBDCXFiw_8', u'error': {u'status': 403, u'type': u'urn:acme:error:unauthorized', u'detail': u'Invalid response from http://mail.mydomain.com/.well-known/acme-challenge/2S6WAPDgXLdlFQSzoroj3ChAsBsFMrHwjQBDCXFiw_8: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"'}, u'type': u'http-01'}

Have changed mydomain and IP for the above.

Okay, that's a step in the right direction! It now looks like you're seeing a known bug, that will be fixed in the next release.

A temporary workaround would be to add an entry like this to your Apache config for that particular VirtualHost:

ServerAlias mail.domain.com

And then restart Apache.

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.