When is LE going to be fixed?

An error occurred requesting a new certificate for epicjourney.us, www.epicjourney.us, mail.epicjourney.us from Let's Encrypt : Failed to request certificate :

Parsing account key...
Parsing CSR...
Registering account...
Already registered!
Verifying mail.epicjourney.us...
Traceback (most recent call last):
  File "/usr/libexec/webmin/webmin/acme_tiny.py", line 203, in 
    main(sys.argv[1)
  File "/usr/libexec/webmin/webmin/acme_tiny.py", line 199, in main
    signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca)
  File "/usr/libexec/webmin/webmin/acme_tiny.py", line 109, in get_crt
    raise ValueError("Error requesting challenges: {0} {1}".format(code, result))
ValueError: Error requesting challenges: 429 {
  "type": "urn:acme:error:rateLimited",
  "detail": "Error creating new authz :: Too many invalid authorizations recently.",
  "status": 429
}

Every single domain i am not having to go back and manually change which domains to renew..now LE is blocking my machine because of this bug. Stop waiting for the full release..do a point release for this bug ASAP as you are costing your users money.

Status: 
Closed (fixed)

Comments

unborn's picture
Submitted by unborn on Sun, 04/09/2017 - 07:57 Pro Licensee

@hescominsoon

what you mean by 'do a point release for this bug ASAP as you are costing your users money'? You do not need to wait for any fix as you are glp (free) user - just specify what domains should get ssl on lets encrypt tab and exclude mail.domain.com from the list.

  • in end of the day it does not cost you any money - you are gpl means free in all the way.. means also its open sourced - so you can fix it by your self without waiting on anything. If its costing you money, then get some pro support...

no i am not free i am a paid user. I have been a paid user since before the site got redone and the new pricing got introduced....nice try..

unborn's picture
Submitted by unborn on Sun, 04/09/2017 - 08:15 Pro Licensee

@hescominsoon

no one tried anything at you.. I just dont see that thingy of paid users any more for some reason. Been just noticed that about another ticket. I am deeply sorry for this but I think forums or tracker have some issue with this.. I can provide you wit the screenshot of it... - that is why I reacted like Ive done in first place.

vmissue

well considering my ongoing experiences with code quality in virtualmin the fact that i am not marked correctly in the forums is not surprising...

unborn's picture
Submitted by unborn on Sun, 04/09/2017 - 08:18 Pro Licensee

@hescominsoon

once again im sorry for this.. it was not mean to be like that. I am VERY WELL surprising - been trying to propose solutions for this for many months!

  • please understand that I am not part of that team.. I can help you with your issue.. how many domains we are talking about?
Joe's picture
Submitted by Joe on Sun, 04/09/2017 - 21:01 Pro Licensee

We have licenses from the old system still in effect (which hescominsoon has); the folks with those old licenses don't have a star. It'll correct over time, as users buy new licenses in the new system. It's not a bug, per se, just a behavior that was introduced in the past few months, and doesn't apply to older licenses. Administrators are able to see who has a Pro license, even without the star. unborn, you don't need to help protect the ticket tracker from GPL users. We rarely see support requests from GPL users here in the tracker; and when we do, we politely send them to the forums.

The LE issue is being worked on. I believe we have a fix in git, and if Jamie isn't able to roll a new release, I'll fish it out and roll out a minor release to fix this issue soon.

Joe's picture
Submitted by Joe on Sun, 04/09/2017 - 21:02 Pro Licensee

I gave hescominsoon a Pro star manually. So, no confusion.

Joe's picture
Submitted by Joe on Sun, 04/09/2017 - 22:20 Pro Licensee

Here's the commit that fixed it: https://github.com/virtualmin/virtualmin-gpl/commit/5de599a92b663567dd5b...

And the patch, if you're feeling ambitious:

diff --git a/feature-ssl.pl b/feature-ssl.pl
index 56b166b..3af72e3 100755
--- a/feature-ssl.pl
+++ b/feature-ssl.pl
@@ -1977,13 +1977,17 @@ return ( );
}

# get_hostnames_for_ssl(&domain)
-# Returns a list of names that should be used in an SSL cert
+# Returns a list of names that should be used in an SSL cert, based on their
+# IP address and whether Apache is configured to accept them.
sub get_hostnames_for_ssl
{
my ($d) = @_;
my @rv = ( $d->{'dom'} );
+my ($defvirt) = &get_apache_virtual($d->{'dom'}, $d->{'web_port'});
foreach my $sfx ("www", "mail") {
my $full = $sfx.".".$d->{'dom'};
+ my ($virt) = &get_apache_virtual($full, $d->{'web_port'});
+ next if (!$virt || $virt ne $defvirt);
if ($d->{'dns'}) {
my $recs = &get_domain_dns_records($d);
my ($r) = grep { $_->{'name'} eq $full."." } @$recs;

I've just tested it on some of our systems that were exhibiting the problem, and it seems to do the right thing. I'll start working on a -2 release for the repos. It's after 10PM here, so I may not finish before I'm too sleepy to be doing anything important, but, I'll try to get it rolled out.

Joe's picture
Submitted by Joe on Mon, 04/10/2017 - 00:57 Pro Licensee

Status: Active » Fixed

This should be fixed by the 5.07-3 update which is now in all repos.

unborn's picture
Submitted by unborn on Tue, 04/11/2017 - 11:23 Pro Licensee

@Submitted by Joe on Mon, 04/10/2017 - 03:01

sorry to bump this old issue but towards me - still no star - is there any issues with pro licence users or I did missed something out there right a way?

Edit: now I can see it when I did actually reply to the threat - im sorry.

yeppers...they got this one fixed.

hey unborn..think yhou can help with the firewall issues and other ipv6 issues I am constantly fighting?

unborn's picture
Submitted by unborn on Thu, 04/13/2017 - 03:05 Pro Licensee

@hescominsoon

sorry for late reply, been busy a bit. Yeah if I would be able to, Im sure I would help.

fakemoth's picture
Submitted by fakemoth on Fri, 04/14/2017 - 04:09

@unborn - you keep doing that mistake man; told you I am a Pro user of both Virtualmin an Cloudmin, but you kept ranting about GPL, on the exact LE issue - nothing to be so angry with GPL users really, as Jamie said.

Jamie can you get me one of those fancy stars, got 9 years man in the ranks, feeling old :) ? Just so I can keep unborn at bay :)

The Pro stars are added automatically for all new license purchases, but anyone with an active older-style license (purchased prior to 2016) wouldn't have one yet. Nor would anyone who makes their purchases with Paypal.

I've added a star for you though fakemoth, thanks for being a customer for all those years!

Status: Fixed » Closed (fixed)
unborn's picture
Submitted by unborn on Mon, 04/17/2017 - 06:13 Pro Licensee

@fakemoth

Im very sorry for confusion..

andreycheck did explained this very well.. the thing is: I did not know..which is no excuse and I was very wrong about this! fakemoth please accept my deep apology regards this. I was not angry or anything.

I learned my lesson last month about this.. you know sometimes people would do put lot of pressure on you, to demanding it all needs to be free and you sleep weeks like one hour a day for nothing - I do apologise for my any previous offending comments to you, which did offended you or makes you feel that I am angry or something. It was not surely mean to be like that at all.

Also I would like to apology to virtualmin team for this, meaning it would not happen again. I would leave tickets (issues) to be handled by them. In end of the day, they should be only allowed to see, or reply..

@fakemoth I would apology to your email directly or inbox but this feature is not working in current forums/issues, so I am passing this along out there. - no need to reply or anything else. Simply - I was wrong and I am very very sorry about it! I was very wrong and it was only my mistake.

fakemoth's picture
Submitted by fakemoth on Mon, 04/17/2017 - 06:43

No problem man, please relax, stuff happens on the web and more than often in forums and other tools like this one.

But I think this should not change the "status" or "importance" per se of user requests, paying some money that is. In open source developers are gods - but they can't live without their subjects, which in fact are gods on their own turfs. And rather in an eventual "conflict" the developer always loses, as the user will surely find another solution, and the project simply dies. Believe me - there are teams out there that simply refuse to accept a suggestion, feature requests, or even acknowledge usability issues, bugs and so on... under the excuse "well it's free, take it or leave it". This just lowers the quality of open source software. When in fact simply because of the interaction between users an developers, the open source has the highest standards of all if you ask me.

Saw way too many projects with problems because of this attitude. But Virtualmin will never be one of those, I am pretty sure, as the team has the best practices possible in managing their community. I would have smell'em otherwise :D

I understand it's frustrating - just don't bash people around, Pro users or otherwise. Also please understand that this is a multicultural thingy, so "demand", "I feel entitled", "must", etc maybe in that culture, or at least in that guys head, does not have such a strong connotation... And more than often I (a Romanian) am speaking with a Chinese guy, and an Argentinian one, but we are all using English. Just saying, but you can see where I am going - we are getting Lost in Translation pretty often.

Problem is closed for quite a while, let's leave it to rest; thank you for your words and for posting back. And don't you dare give up on open source! ;)

unborn's picture
Submitted by unborn on Fri, 04/21/2017 - 12:18 Pro Licensee

@fakemoth

...as I mentioned earlier I am not part of the greatest - no part of virltualmin team, sorry buddy I am just trying to help you with it as it goes... ps trust me: i will not give up on opensource! not any time soon :)