Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Migration: missing account_email in ACME #773

Closed
gsanchietti opened this issue Sep 23, 2024 · 4 comments
Closed

Migration: missing account_email in ACME #773

gsanchietti opened this issue Sep 23, 2024 · 4 comments
Assignees
@gsanchietti
Labels
verified All test cases were verified successfully
Milestone
NethSecurity 8.3

Comments

@gsanchietti
Copy link
Member

Steps to reproduce

  • Perform a migration from NethServer 7 to the current version.
  • Check the ACME configuration after the migration.

Expected behavior

  • The acme.@acme[0].account_email property should be correctly populated with the appropriate email address, such as no-reply@nethsecurity.org.

Actual behavior

  • After migration, the account_email option is missing in the ACME configuration, causing the following error:

    Sep 23 00:00:00 sole crond[12701]: USER root pid 18426 cmd /etc/init.d/acme start
Sep 23 00:00:00 sole acme: account_email option is required

  • Checking the ACME configuration shows that the account_email field is absent:

    root@sole:~# uci show acme
acme.@acme[0]=acme
acme.@acme[0].debug='0'
acme.example_subdomain=cert
acme.example_subdomain.enabled='0'
acme.example_subdomain.staging='1'
acme.example_subdomain.domains='example.net' 'www.example.net' 'mail.example.net'
acme.example_subdomain.validation_method='webroot'
acme.ns_default=cert
acme.ns_default.enabled='1'
acme.ns_default.domains='fw.mydomain.com'
acme.ns_default.key_type='rsa2048'
acme.ns_default.validation_method='standalone'

  • The missing property that causes the issue is:

    acme.@acme[0].account_email='no-reply@nethsecurity.org'

Components

NethSecurity Image: 8-23.05.4-ns.1.2.0
@gsanchietti gsanchietti moved this to Ready ⏯ in NethSecurity Sep 23, 2024
@gsanchietti gsanchietti added this to the NethSecurity 8.3 milestone Sep 23, 2024
@gsanchietti gsanchietti mentioned this issue Sep 23, 2024
Merged
@gsanchietti gsanchietti self-assigned this Sep 23, 2024
@gsanchietti gsanchietti moved this from Ready ⏯ to In progress 🛠 in NethSecurity Sep 23, 2024
gsanchietti added a commit that referenced this issue Sep 23, 2024
@gsanchietti
ns-migration: acme, set account_email (#774)
e2ea8a3 
Avoid error like:

  Sep 23 00:00:00 sole acme: account_email option is required

#773
@github-actions GitHub Actions
Copy link
Contributor

Testing image version: 8-23.05.4-ns.1.2.0-56-ge2ea8a387

@github-actions github-actions bot added the testing Packages are available from testing repositories label Sep 23, 2024
@gsanchietti gsanchietti removed the testing Packages are available from testing repositories label Sep 23, 2024
gsanchietti added a commit that referenced this issue Sep 23, 2024
@gsanchietti
ns-mgiration: acme, really account_email
cc554b0 
The option should go under the main acme record

Issue #773
@github-actions GitHub Actions
Copy link
Contributor

Testing image version: 8-23.05.4-ns.1.2.0-57-gcc554b0ba

@github-actions github-actions bot added the testing Packages are available from testing repositories label Sep 23, 2024
@gsanchietti
Copy link
Member Author

Test case

Follow these instructions to try the fix without a real machine where all Let's Encrypt requirements are satisfied:

  • access the machine with SSH and go to /root
  • execute: 
    mkdir /root/export
cat > /root/export/acme.json <<EOF
{
  "config": {
    "domains": [
      "le.gs.nethserver.net"
    ],
    "account_email": ""
  }
}
EOF
  • import: /usr/share/ns-migration/80acme /root/export && uci commit
  • execute: uci get acme.@acme[0].account_email, it should return no-reply@nethsecurity.org

@Tbaile
Copy link
Contributor

Tbaile commented Sep 23, 2024

Verified.

@Tbaile Tbaile added verified All test cases were verified successfully and removed testing Packages are available from testing repositories labels Sep 23, 2024
@github-project-automation github-project-automation bot moved this from In progress 🛠 to Done ✅ in NethSecurity Sep 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gsanchietti gsanchietti

Labels
verified All test cases were verified successfully
Projects
NethSecurity
Archived in project
Milestone
NethSecurity 8.3
Development

No branches or pull requests
2 participants
@gsanchietti @Tbaile