kyeotic
Dabbler
- Joined
- Mar 2, 2023
- Messages
- 15
I'm trying to get a LetsEncrypt cert and running into an error on the final step.
I've tried running the list-buckets command from the AWS CLI using the same creds and it works. I've also verified that the system clock is accurate. Not sure whats going on.
Here is the full error log.
Code:
[EFAULT] Failed to perform route53 challenge for 'local.kye.dev' domain: [EFAULT] Failed to get Hosted zones with provided credentials :An error occurred (SignatureDoesNotMatch) when calling the ListHostedZones operation: Signature expired: 20230303T110322Z is now earlier than 20230303T190722Z (20230303T191222Z - 5 min.)
I've tried running the list-buckets command from the AWS CLI using the same creds and it works. I've also verified that the system clock is accurate. Not sure whats going on.
Here is the full error log.
Code:
Error: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol_/authenticators/route53.py", line 60, in _find_zone_id_for_domain for page in paginator.paginate(): File "/usr/lib/python3/dist-packages/botocore/paginate.py", line 255, in __iter__ response = self._make_request(current_kwargs) File "/usr/lib/python3/dist-packages/botocore/paginate.py", line 332, in _make_request return self._method(**current_kwargs) File "/usr/lib/python3/dist-packages/botocore/client.py", line 357, in _api_call return self._make_api_call(operation_name, kwargs) File "/usr/lib/python3/dist-packages/botocore/client.py", line 676, in _make_api_call raise error_class(parsed_response, operation_name) botocore.exceptions.ClientError: An error occurred (SignatureDoesNotMatch) when calling the ListHostedZones operation: Signature expired: 20230303T110322Z is now earlier than 20230303T190722Z (20230303T191222Z - 5 min.) During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol_/authenticators/base.py", line 26, in perform perform_ret = self._perform(domain, validation_name, validation_content) File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol_/authenticators/route53.py", line 38, in _perform return self._change_txt_record('UPSERT', validation_name, validation_content) File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol_/authenticators/route53.py", line 84, in _change_txt_record zone_id = self._find_zone_id_for_domain(validation_domain_name) File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol_/authenticators/route53.py", line 71, in _find_zone_id_for_domain raise CallError(f'Failed to get Hosted zones with provided credentials :{e}') middlewared.service_exception.CallError: [EFAULT] Failed to get Hosted zones with provided credentials :An error occurred (SignatureDoesNotMatch) when calling the ListHostedZones operation: Signature expired: 20230303T110322Z is now earlier than 20230303T190722Z (20230303T191222Z - 5 min.) During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/middlewared/job.py", line 426, in run await self.future File "/usr/lib/python3/dist-packages/middlewared/job.py", line 461, in __run_body rv = await self.method(*([self] + args)) File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1186, in nf res = await f(*args, **kwargs) File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1318, in nf return await func(*args, **kwargs) File "/usr/lib/python3/dist-packages/middlewared/plugins/crypto_/certificates.py", line 323, in do_create await self.middleware.call(f'certificate.{self.map_functions[create_type]}', job, data) File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1386, in call return await self._call( File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1346, in _call return await self.run_in_executor(prepared_call.executor, methodobj, *prepared_call.args) File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1249, in run_in_executor return await loop.run_in_executor(pool, functools.partial(method, *args, **kwargs)) File "/usr/lib/python3.9/concurrent/futures/thread.py", line 52, in run result = self.fn(*self.args, **self.kwargs) File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1322, in nf return func(*args, **kwargs) File "/usr/lib/python3/dist-packages/middlewared/plugins/crypto_/certificates.py", line 373, in create_acme_certificate final_order = self.middleware.call_sync('acme.issue_certificate', job, 25, data, csr_data) File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1416, in call_sync return methodobj(*prepared_call.args) File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol_/issue_cert.py", line 96, in issue_certificate self.handle_authorizations(job, progress, order, dns_mapping, acme_client, key) File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol_/issue_cert.py", line 139, in handle_authorizations self.middleware.call_sync( File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1416, in call_sync return methodobj(*prepared_call.args) File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1322, in nf return func(*args, **kwargs) File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol_/challenge.py", line 29, in perform_challenge authenticator.perform(*self.get_validation_parameters(data['challenge'], data['domain'], data['key'])) File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol_/authenticators/base.py", line 28, in perform raise CallError(f'Failed to perform {self.NAME} challenge for {domain!r} domain: {e}') middlewared.service_exception.CallError: [EFAULT] Failed to perform route53 challenge for 'local.kye.dev' domain: [EFAULT] Failed to get Hosted zones with provided credentials :An error occurred (SignatureDoesNotMatch) when calling the ListHostedZones operation: Signature expired: 20230303T110322Z is now earlier than 20230303T190722Z (20230303T191222Z - 5 min.)