Hello
I used dehydrated for the last years without problems - and now I got the message that I have to switch to API2.
So I changed the config:
#!/bin/bash
#CA="https://acme-v02.api.letsencrypt.org/directory"
WELLKNOWN="/home/e-smith/files/ibays/Primary/html/.well-known/acme-challenge"
HOOK="/usr/bin/hook-script.sh"
BASEDIR="/etc/dehydrated"
CONTACT_EMAIL=mail@adress.com
API="2"
PARAM_ACCEPT_TERMS="yes"
But It still get the path to API1 with
[root@www ~]# dehydrated -e
# dehydrated configuration
# INFO: Using main config file /etc/dehydrated/config
declare -- CA="https://acme-v01.api.letsencrypt.org/directory"
declare -- LICENSE="https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"
declare -- CERTDIR="/etc/dehydrated/certs"
declare -- CHALLENGETYPE="http-01"
declare -- DOMAINS_D=""
declare -- DOMAINS_TXT="/etc/dehydrated/domains.txt"
declare -- HOOK="/usr/bin/hook-script.sh"
declare -- HOOK_CHAIN="no"
declare -- RENEW_DAYS="30"
declare -- ACCOUNT_KEY="/etc/dehydrated/accounts/long path/account_key.pem"
declare -- ACCOUNT_KEY_JSON="/etc/dehydrated/accounts/long path/registration_info.json"
declare -- KEYSIZE="4096"
declare -- WELLKNOWN="/home/e-smith/files/ibays/Primary/html/.well-known/acme-challenge"
declare -- PRIVATE_KEY_RENEW="yes"
declare -- OPENSSL_CNF="/etc/pki/tls/openssl.cnf"
declare -- CONTACT_EMAIL="mail@address.com"
declare -- LOCKFILE="/etc/dehydrated/lock"
as you see at "declare -- CA="
https://acme-v01.api.letsencrypt.org/directory""
When I uncomment in config
CA="
https://acme-v02.api.letsencrypt.org/directory"
I get:
[root@www ~]# /usr/bin/dehydrated -c
# INFO: Using main config file /etc/dehydrated/config
Fetching missing account information from CA...
+ ERROR: An error occurred while sending post-request to https://acme-staging-v02.api.letsencrypt.org/acme/new-acct (Status 400)
Details:
HTTP/1.1 100 Continue
HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 03 Jun 2021 09:11:34 GMT
Content-Type: application/problem+json
Content-Length: 134
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0004dgd0feS87q0sxTbrernNonJAt58Qc0qnGJOHdrymvqU
{
"type": "urn:ietf:params:acme:error:accountDoesNotExist",
"detail": "No account exists with the provided key",
"status": 400
}
In sum:
When I add only
API="2"
to the config it will still point to
https://acme-v01.api.letsencrypt.org/directoryWhen I add
CA="
https://acme-v02.api.letsencrypt.org/directory" to the config I get an error.
("type": "urn:ietf:params:acme:error:accountDoesNotExist",
"detail": "No account exists with the provided key")
My versions of letsencrypt and dehydrated are up-to-date:
letsencrypt-0.5-15
dehydrated-0.6.5-1
Till now I have tried this:
config delprop modSSL crt
config delprop modSSL key
config delprop modSSL CertificateChainFile
signal-event console-save
reboot
config setprop letsencrypt status test
signal-event console-save
dehydrated -c
and
this
https://forums.contribs.org/index.php/topic,54460.msg285207.html#msg285207But it does not work.
Can somebody point me in the right direction?
Thank you for your help
Martin