Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Certificate not importing but API reporting 200 success? #45

Open
Dizlem opened this issue Nov 15, 2021 · 4 comments
Open

Certificate not importing but API reporting 200 success? #45

Dizlem opened this issue Nov 15, 2021 · 4 comments

Comments

@Dizlem
Copy link

Dizlem commented Nov 15, 2021

I'm experiencing an odd issue with the final import of the certificate into a TrueNAS-12.0-U6 system. It all seems to work and the NAS responds with a 200 success status and the script indicates success but no certificate is actually imported. It then does a check for the certificate and confirms it isn't there and errors.

I don't think it is the script but the API itself as I can see when I print out the api post payload that the json is populated (looks correct). I can also see the API get for installed certificates working correctly and can print out the response through the script detailing the installed certificates. I can also see the same behaviour when I use postman to recreate the POST API call, it responds with what I assume is a request number (as it increments) and returns a 200 response but no certificate is added.

Is this something that anyone has seen before? Trying to figure out whether its something I've done incorrectly.

I've imported the certificate via the gui for the time being and it works fine but I was hoping to have auto renew setup on a cron job so I wouldn't have to manually update.

root@letsencrypt:/config/*.xxxx.yyyy # /root/.acme.sh/acme.sh --install-cert -d '*.xxxx.yyyy' --reloadcmd "/root/deploy-freenas/deploy_freenas.py" [Mon Nov 15 15:27:03 GMT 2021] Run reload cmd: /root/deploy-freenas/deploy_freenas.py Certificate import successful Certificate list successful Error searching for newly imported certificate in certificate list. [Mon Nov 15 15:27:08 GMT 2021] Reload error for :

@dacabdi
Copy link

dacabdi commented Dec 31, 2021

Experiencing the same issue.

@dacabdi
Copy link

dacabdi commented Jan 1, 2022

@Dizlem, I got it working today. Trying to get around it, in the meantime, I tried to upload the cert directly through the UI and noticed that it does not allow naming the cert with spaces or dots in it. Maybe this is the issue for you too. So, I changed the field cert_base_name to a simple non spaced string and it worked. Apparently the same restriction applies. Hoping this works for you too.

EDIT: If the author confirms that this is the case, I can open a PR doing the validation on the file. Although I would be concerned about that because the validation rules might fall out of sync with the API. I wonder if there is a common source of truth to be consumed here.

@7ooL
Copy link

7ooL commented Nov 5, 2022

@dacabdi I can confim the issue was the same for me. cert_base_name contained a period (.) and did not return in the certificate list. removing the period worked.

@Tuckie
Copy link

Tuckie commented Feb 9, 2023

I've been having a similar issue with the old cert staying around when upgrading the cert that is attached to my apps.

I tracked down some details from the truenas team: "That endpoint returns a job id. It happens in the background, you need to monitor that job and get its result."

It sounds like another api call (loop) is needed for checking out how the import went (and the same for the cert deletion).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants