Hello Jeremy,

But back to my old in jinx appliance to the hub then created a new one using 15.1. I couldn't get the V16 appliance to install properly see my other post.
I then followed the instructions to update the confconsole which went okay and I restored all my certificates from the backup.


I then removed the hook script and registered with let's encrypt And disabled the add water.

So far so good. However running


To update the certificates with a new domain I get this error see below.



[2020-12-16 13:01:14] dehydrated-wrapper: INFO: started                                                                                                             
[2020-12-16 13:01:14] dehydrated-wrapper: WARNING: /etc/dehydrated/confconsole.config not found; copying default from /usr/share/confconsole/letsencrypt/dehydrated-
[2020-12-16 13:01:15] dehydrated-wrapper: WARNING: /etc/dehydrated/confconsole.hook.sh not found; copying default from /usr/share/confconsole/letsencrypt/dehydrated
[2020-12-16 13:01:15] dehydrated-wrapper: INFO: found nginx listening on port 80                                                                                    
[2020-12-16 13:01:15] dehydrated-wrapper: INFO: stopping nginx                                                                                                      
[2020-12-16 13:01:16] dehydrated-wrapper: INFO: running dehydrated                                                                                                  
  + ERROR: An error occurred while sending post-request to https://acme-v02.api.letsencrypt.org/acme/new-order (Status 400)                                         
HTTP/2 400                                                                                                                                                          
server: nginx                                                                                                                                                       
date: Wed, 16 Dec 2020 13:01:21 GMT                                                                                                                                 
content-type: application/problem+json                                                                                                                              
content-length: 107                                                                                                                                                 
boulder-requester: 106526784                                                                                                                                        
cache-control: public, max-age=0, no-cache                                                                                                                          
link: <  
replay-nonce: 0103a9G_R8Zdbgqfn-XIEfZvGUr1wiqAR5aKt12212121                                                                                                     
  "type": "urn:ietf:params:acme:error:malformed",                                                                                                                   
  "detail": "JWS verification error",                                                                                                                               
  "status": 400                                                                                                                                                     
[2020-12-16 13:01:21] dehydrated-wrapper: FATAL: dehydrated exited with a non-zero exit code.                                                                       
[2020-12-16 13:01:21] dehydrated-wrapper: WARNING: Python is still listening on port 80                                                                             
[2020-12-16 13:01:21] dehydrated-wrapper: INFO: attempting to kill add-water server                                                                                 
[2020-12-16 13:01:21] dehydrated-wrapper: WARNING: Something went wrong, restoring original cert & key.                                                             
[2020-12-16 13:01:21] dehydrated-wrapper: INFO: starting nginx                                                                                                      
[2020-12-16 13:01:21] dehydrated-wrapper: INFO: starting stunnel4


Manage to get it working by running these commands again. I had done it but probably in wrong order.

systemctl disable add-water
mv /var/lib/dehydrated /var/lib/dehydrated.bak
mkdir -p /var/lib/dehydrated/acme-challenges
/usr/bin/dehydrated --register --accept-terms


Now working ok.

Only thing not clear is whether I have to run

systemctl disable add-water 

after reboot ?



Jeremy Davis's picture

Glad to hear you got it worked out and apologies I wasn't along sooner to assist...

If you only installed the most recent v15.x version of Confconsole (v1.1.2) then you shouldn't need to disable it (it should not have been enabled during the install which it mistakenly was in the v1.1.1 release). Regardless, it won't hurt to manually disable it (if it's enabled that will be good, if it's already disabled, it'll do nothing - also no reboot required).

Either way, you can test it by restarting the appliance and if the default webserver starts and add-water doesn't then you're all good.

Add new comment