My xenial verification
First, reproducing the problem:
$ sudo certbot run
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): andr...@canonical.com
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
(...)
I stopped there, as today the v1 endpoint is working, but this bug is
about changing certbot to use v2, so the above, even though it didn't
fail, is enough to confirm it's using v1.
So I cancel, and upgrade to the version in proposed:
*** 0.27.0-1~ubuntu16.04.1 500
500 http://us.archive.ubuntu.com/ubuntu xenial-proposed/universe amd64
Packages
And now it uses v2:
$ sudo certbot run
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): andr...@canonical.com
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
(...)
Testing fake renewal works:
$ sudo certbot --dry-run renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/certbot-test.justgohome.co.uk.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for certbot-test.justgohome.co.uk
Enabled Apache rewrite module
Waiting for verification...
Cleaning up challenges
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
new certificate deployed with reload of apache server; fullchain is
/etc/letsencrypt/live/certbot-test.justgohome.co.uk/fullchain.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/certbot-test.justgohome.co.uk/fullchain.pem (success)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
IMPORTANT NOTES:
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
Now let's revoke it (note it also uses the v2 endpoint):
$ sudo certbot --cert-path
/etc/letsencrypt/live/certbot-test.justgohome.co.uk/fullchain.pem revoke
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you like to delete the cert(s) you just revoked?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es (recommended)/(N)o: y
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Deleted all files relating to certificate certbot-test.justgohome.co.uk.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully revoked the certificate that was located
at /etc/letsencrypt/live/certbot-test.justgohome.co.uk/fullchain.pem
And the systemd timer is active:
$ sudo systemctl list-timers
NEXT LEFT LAST PASSED
UNIT ACTIVATES
Sat 2019-10-26 01:02:54 UTC 4h 12min left Fri 2019-10-25 20:37:10 UTC 13min
ago certbot.timer certbot.service
xenial verification succeeded.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1837673
Title:
Certbot will be unable to create new ACME accounts
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-certbot/+bug/1837673/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
