Hello all,
I've been using the dehydrated script from its introduction, before packages of smeserver-letsencrypt and dehydrated were available. Since I've been receiving warnings about ACME v1 EOL today I've plunged into trying to do the same job with smeserver-letsencrypt.
Thing is I did not know how to get rid of the existing dehydrated installation. I've left that aside and configured the packaged dehydrated using the wiki instructions. Trying to get a new certificate in test mode ended with an error, regardless of whether I was trying the v1 or v2 APIs.
Then I made the serious error of nuking everything: I uninstalled the smeserver-letsencrypt and dehydrated packages and also did:
config show modSSL
config delprop modSSL CertificateChainFile
config delprop modSSL crt
config delprop modSSL key
rm /home/e-smith/ssl.{crt,key,pem}/*
rm -rf /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
signal-event post-upgrade; signal-event reboot
I re-installed smeserver-letsencrypt and dehydrated, but the problem persists.
My configuration:
# config show modSSL
modSSL=service
TCPPort=443
access=public
status=enabled
# config show letsencrypt
letsencrypt=service
ACCEPT_TERMS=yes
API=2
configure=none
email=<mymail>
hookScript=disabled
status=test
# ll /etc/dehydrated/
total 32
drwxr-x--- 3 root root 4096 Jun 10 08:56 accounts
drwxr-x--- 2 root root 4096 Jul 25 2019 archive
drwxr-x--- 2 root root 4096 Jul 25 2019 certs
drwxr-x--- 2 root root 4096 Jun 10 08:51 conf.d
-rw-r--r-- 1 root root 286 Jun 10 08:51 config
-rw-r--r-- 1 root root 16 Jun 10 08:55 domains.txt
-rwxr-x--- 1 root root 8045 Jun 26 2019 hook.sh
# dehydrated -c
# INFO: Using main config file /etc/dehydrated/config
+ ERROR: An error occurred while sending head-request to https://acme-v01.api.letsencrypt.org/terms (Status 403)
Details:
HTTP/1.1 403 Forbidden
Server: nginx
Date: Thu, 10 Jun 2021 06:13:53 GMT
Content-Type: application/problem+json
Content-Length: 333
Connection: keep-alive
ETag: "60b68461-14d"
# config setprop letsencrypt API 1
# signal-event console-save
# dehydrated -c
# INFO: Using main config file /etc/dehydrated/config
+ ERROR: An error occurred while sending get-request to https://acme-staging.api.letsencrypt.org/directory (Status 403)
Details:
{
"type": "urn:acme:error:serverInternal",
"detail": "ACMEv1 is deprecated and you can no longer get certificates from this endpoint. Please use the ACMEv2 endpoint, you may need to update your ACME client software to do so. Visit https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430/27 for more information."
}
Any help will be appreciated.