Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TrueNAS not updating the SSL as ot was before #5130

Open
gustavohellwig opened this issue May 2, 2024 · 3 comments
Open

TrueNAS not updating the SSL as ot was before #5130

gustavohellwig opened this issue May 2, 2024 · 3 comments

Comments

@gustavohellwig
Copy link

Steps to reproduce

TrueNAS Core
Version: TrueNAS-13.0-U6.1

Script:

export DEPLOY_TRUENAS_APIKEY="apias the /ui/apikeys provided"
export DEPLOY_TRUENAS_SCHEME="https"
export DEPLOY_TRUENAS_HOSTNAME="localhost.localdomain"
acme.sh --deploy -d localdomain --deploy-hook truenas --debug 2

Debug log

[Thu May  2 13:05:34 CDT 2024] Lets find script dir.
[Thu May  2 13:05:34 CDT 2024] _SCRIPT_='/opt/scripts/acmesh/acme.sh'
[Thu May  2 13:05:34 CDT 2024] _script='/opt/scripts/acmesh/acme.sh'
[Thu May  2 13:05:34 CDT 2024] _script_home='/opt/scripts/acmesh'
[Thu May  2 13:05:34 CDT 2024] Using config home:/opt/scripts/acmesh/data
[Thu May  2 13:05:34 CDT 2024] LE_WORKING_DIR='/opt/scripts/acmesh'
https://github.com/acmesh-official/acme.sh
v3.0.8
[Thu May  2 13:05:34 CDT 2024] Running cmd: deploy
[Thu May  2 13:05:34 CDT 2024] Using config home:/opt/scripts/acmesh/data
[Thu May  2 13:05:34 CDT 2024] default_acme_server
[Thu May  2 13:05:34 CDT 2024] ACME_DIRECTORY='https://acme.zerossl.com/v2/DV90'
[Thu May  2 13:05:34 CDT 2024] _ACME_SERVER_HOST='acme.zerossl.com'
[Thu May  2 13:05:34 CDT 2024] _ACME_SERVER_PATH='v2/DV90'
[Thu May  2 13:05:34 CDT 2024] DOMAIN_PATH='/opt/scripts/acmesh/certs/localdomain'
[Thu May  2 13:05:34 CDT 2024] DOMAIN_CONF='/opt/scripts/acmesh/certs/localdomain/localdomain.conf'
[Thu May  2 13:05:34 CDT 2024] _deployApi='/opt/scripts/acmesh/deploy/truenas.sh'
[Thu May  2 13:05:34 CDT 2024] _cdomain='localdomain'
[Thu May  2 13:05:34 CDT 2024] _ckey='/opt/scripts/acmesh/certs/localdomain/localdomain.key'
[Thu May  2 13:05:34 CDT 2024] _ccert='/opt/scripts/acmesh/certs/localdomain/localdomain.cer'
[Thu May  2 13:05:34 CDT 2024] _cca='/opt/scripts/acmesh/certs/localdomain/ca.cer'
[Thu May  2 13:05:34 CDT 2024] _cfullchain='/opt/scripts/acmesh/certs/localdomain/fullchain.cer'
[Thu May  2 13:05:34 CDT 2024] DEPLOY_TRUENAS_APIKEY='[hidden](please add '--output-insecure' to see this value)'
[Thu May  2 13:05:34 CDT 2024] DEPLOY_TRUENAS_HOSTNAME='localhost.localdomain'
[Thu May  2 13:05:34 CDT 2024] DEPLOY_TRUENAS_SCHEME='https'
[Thu May  2 13:05:34 CDT 2024] _api_url='https://localhost.localdomain/api/v2.0'
[Thu May  2 13:05:34 CDT 2024] Testing Connection TrueNAS
[Thu May  2 13:05:34 CDT 2024] GET
[Thu May  2 13:05:34 CDT 2024] url='https://localhost.localdomain/api/v2.0/system/state'
[Thu May  2 13:05:34 CDT 2024] timeout=
[Thu May  2 13:05:34 CDT 2024] _CURL='curl --silent --dump-header /opt/scripts/acmesh/data/http.header  -L  --trace-ascii /tmp/tmp.wWjeBDBGsi  -g  --insecure  '
[Thu May  2 13:05:35 CDT 2024] ret='0'
[Thu May  2 13:05:35 CDT 2024] TrueNAS system state: "READY".
[Thu May  2 13:05:35 CDT 2024] Getting current active certificate from TrueNAS
[Thu May  2 13:05:35 CDT 2024] GET
[Thu May  2 13:05:35 CDT 2024] url='https://localhost.localdomain/api/v2.0/system/general'
[Thu May  2 13:05:35 CDT 2024] timeout=
[Thu May  2 13:05:35 CDT 2024] _CURL='curl --silent --dump-header /opt/scripts/acmesh/data/http.header  -L  --trace-ascii /tmp/tmp.nU6nlsOLt6  -g  --insecure  '
[Thu May  2 13:05:35 CDT 2024] ret='0'
[Thu May  2 13:05:35 CDT 2024] Active_UI_Certificate_ID='11'
[Thu May  2 13:05:35 CDT 2024] Active_UI_Certificate_Name='Letsencrypt_2024-05-02_180447'
[Thu May  2 13:05:35 CDT 2024] Active_UI_http_redirect='true'
[Thu May  2 13:05:35 CDT 2024] Uploading new certificate to TrueNAS
[Thu May  2 13:05:35 CDT 2024] POST
[Thu May  2 13:05:35 CDT 2024] _post_url='https://localhost.localdomain/api/v2.0/certificate'
[Thu May  2 13:05:35 CDT 2024] body='{"create_type": "CERTIFICATE_CREATE_IMPORTED", "name": "Letsencrypt_2024-05-02_180535", "certificate": "-----BEGIN CERTIFICATE-----\nMIIFFTCCA/BLAHBLAHBLAH\n-----END CERTIFICATE-----\n\n-----BEGIN CERTIFICATE-----\nBLAHBLAHBLAH==\n-----END CERTIFICATE-----\n", "privatekey": "-----BEGIN RSA PRIVATE KEY-----\nBLAHBLAHBLAH\n-----END RSA PRIVATE KEY-----\n"}'
[Thu May  2 13:05:35 CDT 2024] _postContentType='application/json'
[Thu May  2 13:05:35 CDT 2024] _CURL='curl --silent --dump-header /opt/scripts/acmesh/data/http.header  -L  --trace-ascii /tmp/tmp.SwFW3N0oSD  -g  --insecure  '
[Thu May  2 13:05:35 CDT 2024] _ret='0'
[Thu May  2 13:05:35 CDT 2024] Fetching list of installed certificates
[Thu May  2 13:05:35 CDT 2024] GET
[Thu May  2 13:05:35 CDT 2024] url='https://localhost.localdomain/api/v2.0/system/general/ui_certificate_choices'
[Thu May  2 13:05:35 CDT 2024] timeout=
[Thu May  2 13:05:35 CDT 2024] _CURL='curl --silent --dump-header /opt/scripts/acmesh/data/http.header  -L  --trace-ascii /tmp/tmp.01O7hTx1Ie  -g  --insecure  '
[Thu May  2 13:05:35 CDT 2024] ret='0'
[Thu May  2 13:05:35 CDT 2024] Current activate certificate ID: 12
[Thu May  2 13:05:35 CDT 2024] PUT
[Thu May  2 13:05:35 CDT 2024] _post_url='https://localhost.localdomain/api/v2.0/system/general'
[Thu May  2 13:05:35 CDT 2024] body='{"ui_certificate": "12"}'
[Thu May  2 13:05:35 CDT 2024] _postContentType='application/json'
[Thu May  2 13:05:35 CDT 2024] _CURL='curl --silent --dump-header /opt/scripts/acmesh/data/http.header  -L  --trace-ascii /tmp/tmp.EjOBEL4Bqc  -g  --insecure  '
[Thu May  2 13:05:36 CDT 2024] _ret='0'
[Thu May  2 13:05:36 CDT 2024] Checking if WebDAV certificate is the same as the TrueNAS web UI
[Thu May  2 13:05:36 CDT 2024] GET
[Thu May  2 13:05:36 CDT 2024] url='https://localhost.localdomain/api/v2.0/webdav'
[Thu May  2 13:05:36 CDT 2024] timeout=
[Thu May  2 13:05:36 CDT 2024] _CURL='curl --silent --dump-header /opt/scripts/acmesh/data/http.header  -L  --trace-ascii /tmp/tmp.83D9DcoTBp  -g  --insecure  '
[Thu May  2 13:05:36 CDT 2024] ret='0'
[Thu May  2 13:05:36 CDT 2024] WebDAV certificate is not configured or is not the same as TrueNAS web UI
[Thu May  2 13:05:36 CDT 2024] Checking if FTP certificate is the same as the TrueNAS web UI
[Thu May  2 13:05:36 CDT 2024] GET
[Thu May  2 13:05:36 CDT 2024] url='https://localhost.localdomain/api/v2.0/ftp'
[Thu May  2 13:05:36 CDT 2024] timeout=
[Thu May  2 13:05:36 CDT 2024] _CURL='curl --silent --dump-header /opt/scripts/acmesh/data/http.header  -L  --trace-ascii /tmp/tmp.7CdwmSvXb8  -g  --insecure  '
[Thu May  2 13:05:36 CDT 2024] ret='0'
[Thu May  2 13:05:36 CDT 2024] FTP certificate is not configured or is not the same as TrueNAS web UI
[Thu May  2 13:05:36 CDT 2024] Checking if S3 certificate is the same as the TrueNAS web UI
[Thu May  2 13:05:36 CDT 2024] GET
[Thu May  2 13:05:36 CDT 2024] url='https://localhost.localdomain/api/v2.0/s3'
[Thu May  2 13:05:36 CDT 2024] timeout=
[Thu May  2 13:05:36 CDT 2024] _CURL='curl --silent --dump-header /opt/scripts/acmesh/data/http.header  -L  --trace-ascii /tmp/tmp.FgIXchAaIe  -g  --insecure  '
[Thu May  2 13:05:36 CDT 2024] ret='0'
[Thu May  2 13:05:36 CDT 2024] S3 certificate is not configured or is not the same as TrueNAS web UI
[Thu May  2 13:05:36 CDT 2024] Checking if any chart release Apps is using the same certificate as TrueNAS web UI. Tool 'jq' is required
[Thu May  2 13:05:36 CDT 2024] Query all chart release
[Thu May  2 13:05:36 CDT 2024] GET
[Thu May  2 13:05:36 CDT 2024] url='https://localhost.localdomain/api/v2.0/chart/release'
[Thu May  2 13:05:36 CDT 2024] timeout=
[Thu May  2 13:05:36 CDT 2024] _CURL='curl --silent --dump-header /opt/scripts/acmesh/data/http.header  -L  --trace-ascii /tmp/tmp.rEY4cepSFJ  -g  --insecure  '
[Thu May  2 13:05:36 CDT 2024] ret='0'
parse error: Expected string key before ':' at line 1, column 4
[Thu May  2 13:05:36 CDT 2024] Found  related chart release in list: 
[Thu May  2 13:05:36 CDT 2024] Deleting old certificate
[Thu May  2 13:05:36 CDT 2024] DELETE
[Thu May  2 13:05:36 CDT 2024] _post_url='https://localhost.localdomain/api/v2.0/certificate/id/11'
[Thu May  2 13:05:36 CDT 2024] body
[Thu May  2 13:05:36 CDT 2024] _postContentType='application/json'
[Thu May  2 13:05:36 CDT 2024] _CURL='curl --silent --dump-header /opt/scripts/acmesh/data/http.header  -L  --trace-ascii /tmp/tmp.5HnWMetEax  -g  --insecure  '
[Thu May  2 13:05:36 CDT 2024] _ret='0'
[Thu May  2 13:05:36 CDT 2024] Reloading TrueNAS web UI
[Thu May  2 13:05:36 CDT 2024] GET
[Thu May  2 13:05:36 CDT 2024] url='https://localhost.localdomain/api/v2.0/system/general/ui_restart'
[Thu May  2 13:05:36 CDT 2024] timeout=
[Thu May  2 13:05:36 CDT 2024] _CURL='curl --silent --dump-header /opt/scripts/acmesh/data/http.header  -L  --trace-ascii /tmp/tmp.w7dspklTaQ  -g  --insecure  '
[Thu May  2 13:05:37 CDT 2024] ret='0'
[Thu May  2 13:05:37 CDT 2024] _restart_UI='null'
[Thu May  2 13:05:37 CDT 2024] Success
@github-actions GitHub Actions
Copy link

github-actions bot commented May 2, 2024

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.

@gustavohellwig
Copy link
Author

the same error after run the:

acme.sh --upgrade

Also, I have manually updated the certificate, applied and worked. So the problem is just with the script and not with the certificate.

@croneter
Copy link

croneter commented May 9, 2024

Same issue here

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@croneter @gustavohellwig