LE: Deserialization error Wrong directory fields

Discussion in 'Installation/Configuration' started by Sniperrr, Sep 1, 2018.

  1. Sniperrr

    Sniperrr New Member

    Hi,
    i just installed new server on Ubuntu 16.04 as a slave server in multiserver solution. It's practically perfect server with own nginx, mariaDB, postfix, dovecot, ... only DNS is missing which is on master server. Everything seems to be working fine (webs,dbs,ftps...), except LetsEncrypt ...

    It looks like ISPC send LE request on slave server, but something goes wrong. Here is letsencrypt.log :
    Code:
    2018-09-01 11:44:45,361:DEBUG:letsencrypt.cli:Root logging level set at 30
    2018-09-01 11:44:45,363:INFO:letsencrypt.cli:Saving debug log to /var/log/letsencrypt/letsencrypt.log
    2018-09-01 11:44:45,364:DEBUG:letsencrypt.cli:letsencrypt version: 0.4.1
    2018-09-01 11:44:45,364:DEBUG:letsencrypt.cli:Arguments: ['-n', '--text', '--agree-tos', '--expand', '--authenticator', 'webroot', '--server', 'https://acme-v02.api.letsencrypt.org/directory', '--rsa-key-size', '4096', '--email', '[email protected]', '--domains', 'ezou.eu', '--domains', 'www.ezou.eu', '--webroot-path', '/usr/local/ispconfig/interface/acme']
    2018-09-01 11:44:45,365:DEBUG:letsencrypt.cli:Discovered plugins: PluginsRegistry(PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
    2018-09-01 11:44:45,366:DEBUG:letsencrypt.cli:Requested authenticator webroot and installer None
    2018-09-01 11:44:45,367:DEBUG:letsencrypt.plugins.webroot:Creating root challenges validation dir at /usr/local/ispconfig/interface/acme/.well-known/acme-challenge
    2018-09-01 11:44:45,367:DEBUG:letsencrypt.plugins.webroot:Creating root challenges validation dir at /usr/local/ispconfig/interface/acme/.well-known/acme-challenge
    2018-09-01 11:44:45,367:DEBUG:letsencrypt.display.ops:Single candidate plugin: * webroot
    Description: Webroot Authenticator
    Interfaces: IAuthenticator, IPlugin
    Entry point: webroot = letsencrypt.plugins.webroot:Authenticator
    Initialized: <letsencrypt.plugins.webroot.Authenticator object at 0x7fcccbc04410>
    Prep: True
    2018-09-01 11:44:45,369:DEBUG:letsencrypt.cli:Selected authenticator <letsencrypt.plugins.webroot.Authenticator object at 0x7fcccbc04410> and installer None
    2018-09-01 11:44:48,945:DEBUG:root:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. args: (), kwargs: {}
    2018-09-01 11:44:48,968:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
    2018-09-01 11:44:49,188:DEBUG:requests.packages.urllib3.connectionpool:"GET /directory HTTP/1.1" 200 658
    2018-09-01 11:44:49,194:DEBUG:root:Received <Response [200]>. Headers: {'Content-Length': '658', 'Expires': 'Sat, 01 Sep 2018 11:44:49 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Sat, 01 Sep 2018 11:44:49 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json'}. Content: '{\n  "DSYdjf5nHfA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",\n  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",\n  "meta": {\n    "caaIdentities": [\n      "letsencrypt.org"\n    ],\n    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",\n    "website": "https://letsencrypt.org"\n  },\n  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",\n  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",\n  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",\n  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"\n}'
    2018-09-01 11:44:49,196:DEBUG:acme.client:Received response <Response [200]> (headers: {'Content-Length': '658', 'Expires': 'Sat, 01 Sep 2018 11:44:49 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Sat, 01 Sep 2018 11:44:49 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json'}): '{\n  "DSYdjf5nHfA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",\n  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",\n  "meta": {\n    "caaIdentities": [\n      "letsencrypt.org"\n    ],\n    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",\n    "website": "https://letsencrypt.org"\n  },\n  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",\n  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",\n  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",\n  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"\n}'
    2018-09-01 11:44:49,201:DEBUG:letsencrypt.cli:Exiting abnormally:
    Traceback (most recent call last):
      File "/usr/bin/letsencrypt", line 9, in <module>
        load_entry_point('letsencrypt==0.4.1', 'console_scripts', 'letsencrypt')()
      File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 1986, in main
        return config.func(config, plugins)
      File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 689, in obtain_cert
        le_client = _init_le_client(config, authenticator, installer)
      File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 206, in _init_le_client
        acc, acme = _determine_account(config)
      File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 191, in _determine_account
        config, account_storage, tos_cb=_tos_cb)
      File "/usr/lib/python2.7/dist-packages/letsencrypt/client.py", line 116, in register
        acme = acme_from_config_key(config, key)
      File "/usr/lib/python2.7/dist-packages/letsencrypt/client.py", line 41, in acme_from_config_key
        return acme_client.Client(config.server, key=key, net=net)
      File "/usr/lib/python2.7/dist-packages/acme/client.py", line 63, in __init__
        self.net.get(directory).json())
      File "/usr/lib/python2.7/dist-packages/acme/messages.py", line 169, in from_json
        raise jose.DeserializationError(str(error))
    DeserializationError: Deserialization error: Wrong directory fields
     
    Any idea what causing Deserialization error: Wrong directory fields?
     
  2. ahrasis

    ahrasis Well-Known Member

    Perfect server tutorial is using letsencrypt which is quite outdated. You should try to upgrade your it to latest certbot using certbot ppa as discussed in few other recent threads.
     
  3. Sniperrr

    Sniperrr New Member

    @ahrasis Thank you for your hint.
    Is actually problem with outdated certbot. I tried few solutions and i hope following one was the right one.
    Working for me:
    1. Update certbot with certbot-auto (after this error will change to Deserialization error: The following field are required: new_authzr_uri.)
      Code:
      wget https://dl.eff.org/certbot-auto
      chmod a+x ./certbot-auto
      ./certbot-auto
    2. Reinstall/Install nginx certbot plugin
      Code:
      add-apt-repository ppa:certbot/certbot
      apt-get update
      apt-get install python-certbot-nginx
    3. Now check vesion of certbot, it has to be higher than 0.22 :
      Code:
      certbot --version
     
    till likes this.

Share This Page