Skip to content

fix: extractCertsFromAcmeJson fails if "sans" not in Certificates.domain.main#1574

Merged
erik-wramner merged 2 commits intodocker-mailserver:masterfrom
martinwepner:fix/traefik-acme-parser
Jul 21, 2020
Merged

fix: extractCertsFromAcmeJson fails if "sans" not in Certificates.domain.main#1574
erik-wramner merged 2 commits intodocker-mailserver:masterfrom
martinwepner:fix/traefik-acme-parser

Conversation

@martinwepner
Copy link
Copy Markdown
Contributor

@martinwepner martinwepner commented Jul 19, 2020
edited
Loading

@MichaelSp made a great PR #1553 supporting acme.json from traefik.

However, if acme.json's Certificates[x].domain.sans === undefined python will crash and the keys won't be added to /etc/letsencrypt/live/"$HOSTNAME"/key|fullchain.pem.
In my case this (sans === undefined) is true for all my certificates in acme.json; I just have the main-entry.

My logs when I start docker-mailserver:

[...]
Initializing setup
Checking configuration
Configuring mail server
Traceback (mosat recent call last):
  File "<string>", line 1, in <module>
  File "<string>", line 1, in <lambda>
KeyError: 'sans'
Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "<string>", line 1, in <lambda>
KeyError: 'sans'
Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "<string>", line 1, in <lambda>
KeyError: 'sans'
Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "<string>", line 1, in <lambda>
KeyError: 'sans'
  * Cannot access '/etc/letsencrypt/live/mail.mydomain.de/fullchain.pem' or '/etc/letsencrypt/live/mydomain.de/fullchain.pem'
[...]

tbh I am not really into python and I don't get everything what's going on in @MichaelSp python code. I did therefore rewrite it to my understanding (but maybe this is dumb because my lack of python-skills and we should just add the \"sans\" in c[\"domain\"] check to the existing code.

martinwepner
martinwepner commented Jul 19, 2020
View reviewed changes
Comment thread target/helper_functions.sh
KEY=$(cat /etc/letsencrypt/acme.json | python -c "
import sys,json
acme = json.load(sys.stdin)
for key, value in acme.items():
Copy link
Copy Markdown
Contributor Author

@martinwepner martinwepner Jul 19, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could probably just iterate over acme.values() here instead...

@martinwepner martinwepner mentioned this pull request Jul 20, 2020
Closed
@erik-wramner erik-wramner merged commit cc34be2 into docker-mailserver:master Jul 21, 2020
@MichaelSp
Copy link
Copy Markdown
Contributor

MichaelSp commented Jul 21, 2020

I'm also not an python expert myself so thanks for improving my crappy code :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@martinwepner @MichaelSp @erik-wramner