[Letsencrypt-devel] Bug#833494: acmetool: Does not correctly respond to changes in an ACME server's preferred agreement
Uwe Steinmann
uwe at steinmann.cx
Fri Aug 5 06:35:42 UTC 2016
Package: acmetool
Version: 0.0.54-1
Severity: important
Dear Maintainer,
Current version of acmetool has a problem with the agreement.
20160805081346 [CRITICAL] acmetool: fatal: reconcile: the following errors occurred:
error satisfying Target(xxxxxxx;https://acme-v01.api.letsencrypt.org/directory;0):
HTTP error: 400 Bad Request
map[Server:[nginx] Content-Type:[application/problem+json]
Boulder-Request-Id:[a8pizmxmElGgUHEUJwrrXaRRBPe-0updqBrZuKCauHo]
Pragma:[no-cache] Date:[Fri, 05 Aug 2016 06:13:46 GMT]
Content-Length:[265] Boulder-Requester:[1885796]
Replay-Nonce:[sKseTFb9KB-a6mkcMJs6ugOG3XwzaA-fUrwleqYiy38] Expires:[Fri,
05 Aug 2016 06:13:46 GMT] Cache-Control:[max-age=0, no-cache, no-store]]
{
"type": "urn:acme:error:malformed",
"detail": "Provided agreement URL
[https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf]
does not match current agreement URL
[https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf]",
"status": 400
}
This seems to have the same source as #833336 and acmetool 0.0.55 fixes
it according to the changelog:
Fixes #191, whereby acmetool did not correctly respond to changes in an
ACME server's preferred agreement. This is an important update and should
be applied promptly, as it causes autorenewal to fail (though by design,
acmetool requires intervention to agree to new agreements anyway).
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.6.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages acmetool depends on:
ii libc6 2.23-4
ii libcap2 1:2.25-1
Versions of packages acmetool recommends:
ii dialog 1.3-20160424-1
acmetool suggests no packages.
-- no debconf information
More information about the Letsencrypt-devel
mailing list