Date: Sun, 08 Apr 2018 16:56:31 +0000 From: bugzilla-noreply@freebsd.org To: python@FreeBSD.org Subject: [Bug 227289] security/py-certbot-nginx: Wrong nginx configuration path set Message-ID: <bug-227289-21822-ztjcxJMEKz@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-227289-21822@https.bugs.freebsd.org/bugzilla/> References: <bug-227289-21822@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D227289 --- Comment #1 from Christer <fbsdbugzilla@csj.no> --- Followup; seems I was a bit too fast on the "renewals work" trigger. Automa= tic renewal didn't work when ran from cron. Certbot threw an error (domain name obfuscated for privacy): --- Attempting to renew cert (sub.domain.net) from /usr/local/etc/letsencrypt/renewal/sub.domain.net.conf produced an unexpect= ed error: The nginx plugin is not working; there may be problems with your existing configuration. The error was: NoInstallationError(). Skipping. All renewal attempts failed. The following certs could not be renewed: /usr/local/etc/letsencrypt/live/sub.domain.net/fullchain.pem (failure) 1 renew failure(s), 0 parse failure(s) --- Deleting the port and reinstalling it, and also recreating the symlink from /usr/local/etc/nginx to /etc/nginx restores expected working behavior: ---------------------------------------------------------------------------= ---- Processing /usr/local/etc/letsencrypt/renewal/sub.domain.net.conf ---------------------------------------------------------------------------= ---- Cert is due for renewal, auto-renewing... Plugins selected: Authenticator nginx, Installer nginx Renewing an existing certificate Performing the following challenges: tls-sni-01 challenge for sub.domain.net Waiting for verification... Cleaning up challenges ---------------------------------------------------------------------------= ---- new certificate deployed with reload of nginx server; fullchain is /usr/local/etc/letsencrypt/live/sub.domain.net/fullchain.pem ---------------------------------------------------------------------------= ---- So apparently there's more to this than "just" changing the path in constants.py and recompiling the .py into .pyc/.pyo files. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-227289-21822-ztjcxJMEKz>