update wiki #357

New Issue

adam · 2025-12-29T01:23:38+01:00

adam commented

2025-12-29 01:23:38 +01:00

Originally created by @tomfun on GitHub (Jun 12, 2018).

I used certbot, and follow instructions how to import accaunt.
It is very unclear. I wanted to see there such things:

how to name output file for default settings (account_key.pem ?)
how to name sub folder for dehydrated account
what to do with ACCOUNT_KEY_JSON / registration_info.json

After my attempts to guess I've been banned :(
Or maybe not... who knows, I want to see some debug / verbose mode option, to understand, why I got

 + Signing domains...
ERROR: Certificate authority doesn't allow certificate signing

Originally created by @tomfun on GitHub (Jun 12, 2018). I used certbot, and follow instructions [how to import accaunt](https://github.com/lukas2511/dehydrated/wiki/Import-from-official-letsencrypt-client#import-account-key). It is very unclear. I wanted to see there such things: - how to name output file for default settings (account_key.pem ?) - how to name sub folder for dehydrated account - what to do with ACCOUNT_KEY_JSON / registration_info.json After my attempts to guess I've been banned :( Or maybe not... who knows, I want to see some debug / verbose mode option, to understand, why I got ```txt + Signing domains... ERROR: Certificate authority doesn't allow certificate signing ```

adam closed this issue

2025-12-29 01:23:38 +01:00

adam commented

2025-12-29 01:23:38 +01:00

@lukas2511 commented on GitHub (Sep 26, 2018):

Well, the import script is kinda deprecated, that was used back when dehydrated didn't support registration itself (early 2016). If certbot hasn't change the format of their keyfiles you should get a valid key back, which you should be able to configure as ACCOUNT_KEY. ACCOUNT_KEY_JSON can be left empty, dehydrated will automatically try to fetch the account information and will use the path of your account key with an appended json ending.

ERROR: Certificate authority doesn't allow certificate signing appears if a certain json key is missing from the CA directory. That can happen if you set a wrong CA variable, or the CA doesn't deliver that key because signing is disabled for maintenance or whatever, or some other kind of error, maybe even a rate-limiting notice instead of the usual json dictionary, you can check that easily using something like curl https://acme-v02.api.letsencrypt.org/directory (you should see JSON with a new-authz and new-cert key.

Sorry for the late reply, probably way too late, but I didn't want to just silently close this issue.

@lukas2511 commented on GitHub (Sep 26, 2018): Well, the import script is kinda deprecated, that was used back when dehydrated didn't support registration itself (early 2016). If certbot hasn't change the format of their keyfiles you should get a valid key back, which you should be able to configure as `ACCOUNT_KEY`. `ACCOUNT_KEY_JSON` can be left empty, dehydrated will automatically try to fetch the account information and will use the path of your account key with an appended json ending. `ERROR: Certificate authority doesn't allow certificate signing` appears if a certain json key is missing from the CA directory. That can happen if you set a wrong `CA` variable, or the CA doesn't deliver that key because signing is disabled for maintenance or whatever, or some other kind of error, maybe even a rate-limiting notice instead of the usual json dictionary, you can check that easily using something like `curl https://acme-v02.api.letsencrypt.org/directory` (you should see JSON with a `new-authz` and `new-cert` key. Sorry for the late reply, probably way too late, but I didn't want to just silently close this issue.

adam referenced this issue

2025-12-29 01:29:25 +01:00

[PR #357] [CLOSED] dont strip when cwd is / #810

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/dehydrated#357