Cannot provision SSL certificate no errors


Recommended Posts

  • 5 months later...
  • 5 months later...

Did some further testing by swapping out the flash drive, since for this build I was still using the trial key. Still got the same issue.

 

I updated to 6.10.0-rc2 and then tried again, still the same issue. But the system log revealed something with 6.10 that did not exist in 6.9. Below is the excerpt from the log:

 

Nov 24 09:09:17 PRIME emhttpd: shcmd (114): /usr/bin/php -f /usr/local/emhttp/webGui/include/ProvisionCert.php
Nov 24 09:09:17 PRIME root: Error: Server was unable to provision SSL certificate
Nov 24 09:09:17 PRIME emhttpd: shcmd (114): exit status: 1
Nov 24 09:09:17 PRIME emhttpd: shcmd (115): /etc/rc.d/rc.nginx reload
Nov 24 09:09:17 PRIME root: Checking configuration for correct syntax and
Nov 24 09:09:17 PRIME root: then trying to open files referenced in configuration...
Nov 24 09:09:17 PRIME root: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Nov 24 09:09:17 PRIME root: nginx: configuration file /etc/nginx/nginx.conf test is successful
Nov 24 09:09:17 PRIME root: Reloading Nginx configuration...
Nov 24 09:09:20 PRIME nginx: 2021/11/24 09:09:20 [alert] 2269#2269: *9524 open socket #26 left in connection 8
Nov 24 09:09:20 PRIME nginx: 2021/11/24 09:09:20 [alert] 2269#2269: *9522 open socket #18 left in connection 10
Nov 24 09:09:20 PRIME nginx: 2021/11/24 09:09:20 [alert] 2269#2269: *9512 open socket #13 left in connection 16
Nov 24 09:09:20 PRIME nginx: 2021/11/24 09:09:20 [alert] 2269#2269: aborting

 

The second line says it was not able to provision the cert. Do not know if this is a bug or if the unRAID provision site (https://keys.lime-technology.com/account/ssl/provisioncert) has an issue. Got the site URL from looking through the php file from the first line in the log excerpt above.

 

Should this be reported as a bug?

Link to comment
  • 2 weeks later...
4 minutes ago, StanC said:

@ljm42 Is there anything else I can try to resolve this?

We haven't seen this before and are looking into it. The (sort of) good news is that this doesn't appear to be a widespread problem, I have a feeling your specific certificate request got borked during their outage yesterday. We're trying to figure out how to reset it.

Link to comment
On 12/3/2021 at 8:37 AM, ljm42 said:

We haven't seen this before and are looking into it. The (sort of) good news is that this doesn't appear to be a widespread problem, I have a feeling your specific certificate request got borked during their outage yesterday. We're trying to figure out how to reset it.

 

@ljm42   I am not apposed to this, since this is a brand new build with nothing on it. But would it help if I restart with a clean build (fresh copy of unRAID OS, new server name, etc.)?  Or is it that my email address is being blocked by LetsEncrypt?

Edited by StanC
Link to comment
On 12/7/2021 at 4:01 PM, ljm42 said:

I don't think there is really anything to be done on your end. But I do see that Let's Encrypt has some maintenance coming up on Dec 8th and 9th, I'm hoping that will help:

  https://letsencrypt.status.io/

 

@ljm42  I have finally got it working 😀

 

I did end up recreating the thumb drive after exporting my license key. I wanted to start with a clean build. Since this is my VM Workstation Build (in my signature). Also I wanted to change out a NVMe drive and move the thumb drive to an internal USB 2.0 port, all my external ports are 3.x. I swap out a WDC Black NVMe 1TB with a Sabrent Rocker 4+ 1TB, the WDC was running at 50 degrees which kept sending alerts. The Sabrent runs at around 36 degrees.

 

After swapping out components and went about getting it configured and then went to provision it again. I got a the DNS Rebinding Error message - different but making progress. I am using OPNsense as my router, so I needed to add the necessary Host Override in Unbound DNS service. After that I was able to get the certificate 👍

 

So now I am good to go. Thanks again.

Link to comment
On 12/8/2021 at 1:01 AM, ljm42 said:

I don't think there is really anything to be done on your end. But I do see that Let's Encrypt has some maintenance coming up on Dec 8th and 9th, I'm hoping that will help:

  https://letsencrypt.status.io/

 

Still nothing here, Ive followed all the DNS guides on the internet and made rules, opened ports, and fixed the rebind issue on the UDM Pro, ive also updated to the 6.10.0-rc2, and now my provision button does nothing. It brings the loading animation up for 4 seconds, then nothing,

Ill quote the log with what happens during the "provision"

 

Dec 11 02:28:29 Server emhttpd: shcmd (87): /usr/bin/php -f /usr/local/emhttp/webGui/include/ProvisionCert.php
Dec 11 02:28:32 Server root:
Dec 11 02:28:32 Server emhttpd: shcmd (88): /etc/rc.d/rc.nginx reload
Dec 11 02:28:32 Server root: Checking configuration for correct syntax and
Dec 11 02:28:32 Server root: then trying to open files referenced in configuration...
Dec 11 02:28:32 Server root: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Dec 11 02:28:32 Server root: nginx: configuration file /etc/nginx/nginx.conf test is successful
Dec 11 02:28:32 Server root: Reloading Nginx configuration...

 

Link to comment
Spoiler

  

2 hours ago, K1ng0011 said:

I get and object Object error.

 

 

 

Getting the exact same error.  No matter what I do, I can't get around it.

Different DNS providers, different browser clients, trying different ports, network settings, etc..... nothing.

Exact same object:Object error

 

Edited by WeDoItLive
Link to comment
  • 2 months later...
  • 4 months later...
On 12/11/2021 at 11:35 AM, meldalinn said:

 

Still nothing here, Ive followed all the DNS guides on the internet and made rules, opened ports, and fixed the rebind issue on the UDM Pro, ive also updated to the 6.10.0-rc2, and now my provision button does nothing. It brings the loading animation up for 4 seconds, then nothing,

Ill quote the log with what happens during the "provision"

 

Dec 11 02:28:29 Server emhttpd: shcmd (87): /usr/bin/php -f /usr/local/emhttp/webGui/include/ProvisionCert.php
Dec 11 02:28:32 Server root:
Dec 11 02:28:32 Server emhttpd: shcmd (88): /etc/rc.d/rc.nginx reload
Dec 11 02:28:32 Server root: Checking configuration for correct syntax and
Dec 11 02:28:32 Server root: then trying to open files referenced in configuration...
Dec 11 02:28:32 Server root: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Dec 11 02:28:32 Server root: nginx: configuration file /etc/nginx/nginx.conf test is successful
Dec 11 02:28:32 Server root: Reloading Nginx configuration...

 

 

Facing exactly the same behaviour. Did you or anyone solved this ? 

  • Like 2
Link to comment

Hi all, same error - I just upgraded to 6.10.3, clicked the "Upgrade Certificate" button and lost my Cert. I tried to reprovision the certificate but I see the following error in my logs:

 

Jul 17 02:24:11 nasserv emhttpd: shcmd (312): /usr/bin/php -f /usr/local/emhttp/webGui/include/ProvisionCert.php
Jul 17 02:24:12 nasserv root: Error: Server was unable to provision SSL certificate
Jul 17 02:24:12 nasserv emhttpd: shcmd (312): exit status: 1
Jul 17 02:24:12 nasserv emhttpd: shcmd (313): /etc/rc.d/rc.nginx reload
Jul 17 02:24:12 nasserv root: Checking configuration for correct syntax and
Jul 17 02:24:12 nasserv root: then trying to open files referenced in configuration...
Jul 17 02:24:12 nasserv root: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Jul 17 02:24:12 nasserv root: nginx: configuration file /etc/nginx/nginx.conf test is successful
Jul 17 02:24:12 nasserv root: Reloading Nginx configuration...

Edited by coolspot
  • Like 1
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.