starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-01-13 23:23:32 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

improve error management on a domain request #215

New Issue
Closed
opened 2025-12-29 01:19:03 +01:00 by adam · 2 comments
adam commented 2025-12-29 01:19:03 +01:00
Owner
Copy Link

Originally created by @M-M-M-M on GitHub (Apr 28, 2017).

What happens?

If you have several lines on domains.txt file then if an error is occurring on one linge dehydrated is exiting without working on further lines.

What is expected?

Reporting the error for the relevant line and certificate and continuing on next lines.

How to reproduce it?

  1. create a domains.txt with two certificates:
www.example.com wordpress.example.com 
mail.example.com

DNS entries for www.example.com, wordpress.example.com and mail.example.com are corrects.

run dehydrated to create successfully the two certificates.

  1. edit domains.txt to add a non valid DNS name on first line and a third line:
www.example.com wordpress.example.com inexistantdnsentry.example.com
mail.example.com
new.example.com

run dehydrated

Getting an error message like:

# INFO: Using main config file /opt/dehydrated/config
Processing www.example.com with alternative names: wordpress.example.com inexistantdnsentry.example.com
+ Checking domain name(s) of existing cert... changed!
+ Domain name(s) are not matching!
+ Names in old certificate: wordpress.example.com www.example.com
+ Configured names: inexistantdnsentry.example.com wordpress.example.com www.example.com
+ Forcing renew.
+ Checking expire date of existing cert...
+ Valid till Jul 25 16:44:00 2017 GMT (Longer than 30 days). Ignoring because renew was forced!
+ Signing domains...
+ Generating private key...
+ Generating signing request...
+ Requesting challenge for www.example.com...
+ Already validated!
+ Requesting challenge for wordpress.example.com...
+ Already validated!
+ Requesting challenge for inexistantdnsentry.example.com...
+ Responding to challenge for inexistantdnsentry.example.com...
ERROR: Challenge is invalid! (returned: invalid) (result: {
 "type": "http-01",
 "status": "invalid",
 "error": {
   "type": "urn:acme:error:connection",
   "detail": "DNS problem: NXDOMAIN looking up A for inexistantdnsentry.example.com",
   "status": 400
 },
 "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/22dY1SlkAz52S8fkiaoH4B_B163h91S_8Gc7Oe28/1036443784",
 "token": "yOUUZiP7bD9fCFOEAqTjih2DUv4lvhJjFzTtEu5XSlg",
 "keyAuthorization": "yOUUZiP7bD9fCFOEAqTjih2DUv4lvhJ34FqEu5XSlg.Pb-D1-hUkEfjd7iHCh456qUcodPfV_JuMPLjudJYARo",
 "validationRecord": [
   {
     "url": "http://inexistantdnsentry.example.com/.well-known/acme-challenge/yOUUZiP7bD9fCFOEAqTjih2DUv4lvhJ34FqEu5XSlg",
     "hostname": "inexistantdnsentry.example.com",
     "port": "80",
     "addressesResolved": [],
     "addressUsed": ""
   }
 ]
})

==> dehydrated is not trying to work on second line/certificate mail.example.com nor on third line/certificate new.example.com

Any error on one line should not prohibited dehydrated to work on other lines.

cause
_exiterr function used to display the error is exiting the full process and not stopping only the failing line/certificate...

Originally created by @M-M-M-M on GitHub (Apr 28, 2017). **What happens?** If you have several lines on domains.txt file then if an error is occurring on one linge dehydrated is exiting without working on further lines. **What is expected?** Reporting the error for the relevant line and certificate _**and**_ continuing on next lines. **How to reproduce it?** 1. create a domains.txt with two certificates: ``` www.example.com wordpress.example.com mail.example.com ``` DNS entries for www.example.com, wordpress.example.com and mail.example.com are corrects. run dehydrated to create successfully the two certificates. 2. edit domains.txt to add a non valid DNS name on first line and a third line: ``` www.example.com wordpress.example.com inexistantdnsentry.example.com mail.example.com new.example.com ``` run dehydrated Getting an error message like: ``` # INFO: Using main config file /opt/dehydrated/config Processing www.example.com with alternative names: wordpress.example.com inexistantdnsentry.example.com + Checking domain name(s) of existing cert... changed! + Domain name(s) are not matching! + Names in old certificate: wordpress.example.com www.example.com + Configured names: inexistantdnsentry.example.com wordpress.example.com www.example.com + Forcing renew. + Checking expire date of existing cert... + Valid till Jul 25 16:44:00 2017 GMT (Longer than 30 days). Ignoring because renew was forced! + Signing domains... + Generating private key... + Generating signing request... + Requesting challenge for www.example.com... + Already validated! + Requesting challenge for wordpress.example.com... + Already validated! + Requesting challenge for inexistantdnsentry.example.com... + Responding to challenge for inexistantdnsentry.example.com... ERROR: Challenge is invalid! (returned: invalid) (result: { "type": "http-01", "status": "invalid", "error": { "type": "urn:acme:error:connection", "detail": "DNS problem: NXDOMAIN looking up A for inexistantdnsentry.example.com", "status": 400 }, "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/22dY1SlkAz52S8fkiaoH4B_B163h91S_8Gc7Oe28/1036443784", "token": "yOUUZiP7bD9fCFOEAqTjih2DUv4lvhJjFzTtEu5XSlg", "keyAuthorization": "yOUUZiP7bD9fCFOEAqTjih2DUv4lvhJ34FqEu5XSlg.Pb-D1-hUkEfjd7iHCh456qUcodPfV_JuMPLjudJYARo", "validationRecord": [ { "url": "http://inexistantdnsentry.example.com/.well-known/acme-challenge/yOUUZiP7bD9fCFOEAqTjih2DUv4lvhJ34FqEu5XSlg", "hostname": "inexistantdnsentry.example.com", "port": "80", "addressesResolved": [], "addressUsed": "" } ] }) ``` ==> dehydrated is not trying to work on second line/certificate mail.example.com nor on third line/certificate new.example.com Any error on one line should not prohibited dehydrated to work on other lines. **cause** _exiterr function used to display the error is exiting the full process and not stopping only the failing line/certificate...
adam closed this issue 2025-12-29 01:19:03 +01:00
adam commented 2025-12-29 01:19:04 +01:00
Author
Owner
Copy Link

@txr13 commented on GitHub (Apr 29, 2017):

Have you tried using --keep-going?

--keep-going (-g) Keep going after encountering an error while creating/renewing multiple certificates in cron mode

@txr13 commented on GitHub (Apr 29, 2017): Have you tried using `--keep-going`? > --keep-going (-g) Keep going after encountering an error while creating/renewing multiple certificates in cron mode
adam commented 2025-12-29 01:19:04 +01:00
Author
Owner
Copy Link

@M-M-M-M commented on GitHub (Apr 29, 2017):

No, I didn't. Thank you for the notice

I have added PARAM_KEEP_GOING="yes" in config file.

@M-M-M-M commented on GitHub (Apr 29, 2017): No, I didn't. Thank you for the notice I have added PARAM_KEEP_GOING="yes" in config file.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Complicated
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
 suggestions wanted
testing
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/dehydrated#215
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?