Lego: DNS challenge with route53 fails with MalformedInput in 0.4.1
I tried to run lego 0.4.1 on an EC2 instance using route53. It failed with message MalformedInput: ChangeBatch is not valid, expected ChangeResourceRecordSetsRequest. With lego 0.4.0 the same command worked and a certificate was issued.
Maybe this is related to https://github.com/aws/aws-sdk-go/issues/1550 ?
Complete log output (I replaced my domain with www.example.com and removed ids.):
./bin/lego --email="[email protected]" --domains="www.example.com" --dns=route53 run
2017/10/01 08:26:25 [INFO][www.example.com] acme: Obtaining bundled SAN certificate
2017/10/01 08:26:25 [INFO][www.example.com] AuthURL: https://acme-v01.api.letsencrypt.org/acme/authz/<id>
2017/10/01 08:26:25 [INFO][www.example.com] acme: Could not find solver for: http-01
2017/10/01 08:26:25 [INFO][www.example.com] acme: Trying to solve DNS-01
2017/10/01 08:26:26 [www.example.com] Could not obtain certificates
Error presenting token: Failed to change Route 53 record set: MalformedInput: ChangeBatch is not valid, expected ChangeResourceRecordSetsRequest
status code: 400, request id: <request-id>
I did not need to configure AWS credentials as lego automatically uses the instance role. This is very useful, thanks for this feature!
kaklakariada
All 14 comments
Hello! Thank you for reporting this!
From what I can see from the bug you linked this may in fact be it. Would it be possible for you to try to compile lego yourself from master and see if it works now? If it does I will recompile the 0.4.1 release and update the binaries.
xenolf
on 1 Oct 2017
Hi @xenolf,
Sorry, but I can't compile lego myself at the moment as I don't have a linux machine available and I don't want to install the compiler toolchain on my server. In a few days I will have access to my linux box again and can try it.
kaklakariada
on 1 Oct 2017
I run into this with the docker image https://hub.docker.com/r/xenolf/lego/
lego version 0.4.1
hostmaster
on 9 Oct 2017
@hostmaster are you able to try the latest master? It should be fixed there. If the fix is verified I will publish new binaries.
xenolf
on 9 Oct 2017
Sorry it's my bad. The Docker image works for me.
hostmaster
on 10 Oct 2017
Able to reproduce
⟫ docker run "xenolf/lego" --version
lego version 0.4.1
Also I'm a bit confused, master and v0.4.1 are both 14 days old, but this issue was opened only 10 days ago. Is go updated in alpine 3.6?
laurentr
on 11 Oct 2017
Just wanted to confirm that building from the latest master solves the issue for me.
chatziko
on 18 Oct 2017
@xenolf Build from master branch resolved the problem. Thanks!
xueshanf
on 20 Oct 2017
I take it new binaries have not been released? Still seeing this issue, and I am unable to build from master in the meantime due to #422.
frickenate
on 25 Oct 2017
I am seeing this issue too on lego version v0.4.1-0-g67c86d860a79. I'll build from master and see if that fixes it. In the meantime, perhaps a new image could be released?
efine
on 25 Oct 2017
This fixed my issue.
I rebuilt lego on Debian 9.1 from commit aa94fb4 using go version go1.9.1 linux/amd64.
- The
gocompiler was installed from tarball into/usr/local/go. - The PATH was set to include
/usr/local/go/bin. - Basically, it was a bog-standard setup exactly as instructed.
~
mkdir -p ~/go/src && cd ~/go/src
go get -u github.com/xenolf/lego
go build github.com/xenolf/lego
sudo cp ./lego /usr/local/bin/
~
efine
on 26 Oct 2017
Latest container is working for me now. Thanks!
laurentr
on 26 Oct 2017
Building from master fixes this, but the binaries listed in Releases on this site are still broken. It would be great to see a new release including this fix!
jen20
on 10 Jan 2018
Closed because the problem is solved
ldez
on 15 Sep 2018
Related issues
lenovouser
·
5Comments
benjamincudi
·
3Comments
rawtaz
·
3Comments
moomerman
·
4Comments
voltagex
·
3Comments
Most helpful comment
Building from master fixes this, but the binaries listed in Releases on this site are still broken. It would be great to see a new release including this fix!