Salt: acme.cert failed to create the certficate
Description of Issue
creation of a new certificate failed , at the first execution .
Function: acme.cert
Name: h
Result: False
Comment: An exception occurred in this state: Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/salt/state.py", line 1981, in call
**cdata['kwargs'])
File "/usr/lib/python3/dist-packages/salt/loader.py", line 1977, in wrapper
return f(*args, **kwargs)
File "/usr/lib/python3/dist-packages/salt/states/acme.py", line 141, in cert
ret['changes'] = salt.utils.dictdiffer.deep_diff(current_certificate, new_certificate)
File "/usr/lib/python3/dist-packages/salt/utils/dictdiffer.py", line 54, in deep_diff
new = copy.deepcopy(new)
File "/usr/lib/python3.7/copy.py", line 150, in deepcopy
y = copier(x, memo)
File "/usr/lib/python3.7/copy.py", line 240, in _deepcopy_dict
y[deepcopy(key, memo)] = deepcopy(value, memo)
File "/usr/lib/python3.7/copy.py", line 169, in deepcopy
rv = reductor(4)
TypeError: can't pickle dict_keys objects
Started: 05:44:34.273018
Duration: 4196.963 ms
Setup
(Please provide relevant configs and/or SLS files (Be sure to remove sensitive info).)
new-cert-for-bots:
acme.cert:
- name: {{ pillar['x509_hostname'] }}
- email: {{ pillar['x509_email'] }}
- http_01_port: 8080
- http_01_address: 127.0.0.1
Steps to Reproduce Issue
a web server that proxy to 8080 , with nginx :
location /.well-known/acme-challenge/ {
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080;
}
root@h:~# salt-call --versions-report
### Versions Report
Salt Version:
Salt: 3000
Dependency Versions:
cffi: Not Installed
cherrypy: Not Installed
dateutil: 2.7.3
docker-py: Not Installed
gitdb: Not Installed
gitpython: Not Installed
Jinja2: 2.10
libgit2: Not Installed
M2Crypto: Not Installed
Mako: Not Installed
msgpack-pure: Not Installed
msgpack-python: 0.5.6
mysql-python: Not Installed
pycparser: Not Installed
pycrypto: 2.6.1
pycryptodome: Not Installed
pygit2: Not Installed
Python: 3.7.3 (default, Dec 20 2019, 18:57:59)
python-gnupg: Not Installed
PyYAML: 3.13
PyZMQ: 17.1.2
smmap: Not Installed
timelib: Not Installed
Tornado: 4.5.3
ZMQ: 4.3.1
System Versions:
dist: debian 10.3
locale: UTF-8
machine: x86_64
release: 4.19.0-8-amd64
system: Linux
version: debian 10.3
root@hs:~# dpkg -l cert\*
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-============-============-=================================================
ii certbot 0.31.0-1 all automatically configure HTTPS using Let's Encrypt
root@h:~# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 10 (buster)
Release: 10
Codename: buster
ErwanMAS
All 7 comments
This is a py3 issue, fixed by #52362
OrangeDog
on 1 Apr 2020
Thanks @OrangeDog, see if that works for you @ErwanMAS and ill label accordingly.
xeacott
on 3 Apr 2020
@xeacott just checking, but you realise that PR is still open?
OrangeDog
on 8 Apr 2020
👍1
removed the label since that PR is now closed and not merged their is a PR based on 52362 --> https://github.com/saltstack/salt/pull/57569 @waynew @cmcmarrow can one of you please review?
sagetherage
on 11 Jun 2020
looks like the new pr above does not address this issue so assigned to get a PR open
sagetherage
on 11 Jun 2020
@sagetherage it's already been fixed by #56243
OrangeDog
on 11 Jun 2020
👍1
cmcmarrow
on 11 Jun 2020
Was this page helpful?
0 / 5 - 0 ratings
Related issues
twangboy
路
3Comments
mooperd
路
3Comments
golmaal
路
3Comments
commutecat
路
3Comments
allyunion
路
3Comments