Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Bug when cron renew certificate

    ACME
    3
    10
    507
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pulcov
      last edited by

      Hi.

      I have an issue with acme cron renew. When cron try to renew certificate, pfSense crash reporter generate new report :

      Crash report begins.  Anonymous machine information:
      
      amd64
      11.2-RELEASE-p3
      FreeBSD 11.2-RELEASE-p3 #17 e6b497fa0a3(RELENG_2_4_4): Thu Sep 20 09:04:45 EDT 2018     root@buildbot3:/crossbuild/ce-244/obj/amd64/WvDslnYb/crossbuild/ce-244/pfSense/tmp/FreeBSD-src/sys/pfSense
      
      Crash report details:
      
      PHP Errors:
      [20-Nov-2018 03:16:00 Europe/Paris] PHP Fatal error:  Uncaught Error: Class 'pfsense_pkg\acme\acme_sh_domain' not found in /usr/local/pkg/acme/acme.inc:970
      Stack trace:
      #0 /usr/local/pkg/acme/acme.inc(838): pfsense_pkg\acme\issue_certificate('**************', false)
      #1 /usr/local/pkg/acme/acme_command.sh(26): pfsense_pkg\acme\renew_all_certificates(false)
      #2 {main}
        thrown in /usr/local/pkg/acme/acme.inc on line 970
      
      
      No FreeBSD crash data found.
      

      If i start renew in web UI, that's work without any error.

      Would anyone have an idea about this ?

      Thanks

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        Hi,

        Can you detail your setup and version ?

        The script "/usr/local/pkg/acme/acme.inc" includes /usr/local/pkg/acmeacme_sh.inc where the class "/usr/local/pkg/acme" is defined.

        No "help me" PM's please. Use the forum, thanks.

        1 Reply Last reply Reply Quote 0
        • P
          pulcov
          last edited by

          Hi,

          Thanks for reply.

          PfSense : 2.4.4
          Acme package : 0.3.2_4

          GertjanG 1 Reply Last reply Reply Quote 0
          • P
            pulcov
            last edited by

            0_1542812304484_81781e4f-ec51-4427-84ac-4cd2d50d369b-image.png

            1 Reply Last reply Reply Quote 0
            • GertjanG
              Gertjan @pulcov
              last edited by

              @pulcov said in Bug when cron renew certificate:

              PfSense : 2.4.4
              Acme package : 0.3.2_4

              Ok, these are the latest.

              Now, the setup, like "what is your methed ?", etc.

              Btw : my "acme" will renew my wild card cert the 25, that 4 days from now. I'll post back with results, if needed. The acme package works fine for me for more the a year already.

              No "help me" PM's please. Use the forum, thanks.

              1 Reply Last reply Reply Quote 0
              • P
                pulcov
                last edited by

                Ok, it's strange. I found the bug but I do not understand why I'm the only one to have it.

                If i start the same command launched by cron (/usr/local/pkg/acme/acme_command.sh) i have an error.
                But if i start this command into the acme folder (/usr/local/pkg/acme/) that's work.

                I have changed my script acme_command.sh by adding chdir. Now issue is fixed :

                #!/usr/local/bin/php -f
                <?php
                namespace pfsense_pkg\acme;
                
                chdir(dirname(__FILE__));
                
                include_once("config.lib.inc");
                include_once("acme.inc");
                
                $command = $argv[1];
                
                1 Reply Last reply Reply Quote 0
                • jimpJ
                  jimp Rebel Alliance Developer Netgate
                  last edited by

                  Which DNS update method are you using there?

                  I have a couple dozen systems all using cron and they all update fine. I suspect it may be an issue in the specific update method script being called there.

                  Remember: Upvote with the πŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                  Need help fast? Netgate Global Support!

                  Do not Chat/PM for help!

                  1 Reply Last reply Reply Quote 0
                  • GertjanG
                    Gertjan
                    last edited by

                    For info : my acme wild card cert for pfSense was renewed as usual last November 25th.
                    Using the nsupdate method btw.

                    No "help me" PM's please. Use the forum, thanks.

                    1 Reply Last reply Reply Quote 0
                    • P
                      pulcov
                      last edited by

                      Hi,

                      I'm sorry for my late response. I'm using DNS-NSupdate / RFC 2136 update method.

                      1 Reply Last reply Reply Quote 0
                      • jimpJ
                        jimp Rebel Alliance Developer Netgate
                        last edited by

                        That's the only method I use, and all of them are working perfectly here.

                        Remember: Upvote with the πŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                        Need help fast? Netgate Global Support!

                        Do not Chat/PM for help!

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post