starred/acme-dns
1
0
Fork 0
mirror of https://github.com/acme-dns/acme-dns.git synced 2026-04-27 12:55:48 +03:00
Code Issues 178 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #13] No JSON object could be decoded #3

New issue
Closed
opened 2026-03-13 15:18:38 +03:00 by kerem · 9 comments
kerem commented 2026-03-13 15:18:38 +03:00
Owner
Copy link

Originally created by @eknori on GitHub (Sep 11, 2017).
Original GitHub issue: https://github.com/acme-dns/acme-dns/issues/13

I have put acme-dns into a Docker container with exposed ports 53 and 443. I get response for requests on 53/UDP but I get no response on 443/TCP. All I get is "No JSON object could be decoded"

I have the following (DEFAULT) settings in the api section of config.cfg

 [api]
 # domain name to listen requests for, mandatory if using tls = "letsencrypt"
 api_domain = ""
 # listen port, eg. 443 for default HTTPS
 port = "443"
 # possible values: "letsencrypt", "cert", "none"
 tls = "none"

Any hint, where to look into?

Originally created by @eknori on GitHub (Sep 11, 2017). Original GitHub issue: https://github.com/acme-dns/acme-dns/issues/13 I have put acme-dns into a Docker container with exposed ports 53 and 443. I get response for requests on 53/UDP but I get no response on 443/TCP. All I get is "No JSON object could be decoded" I have the following (DEFAULT) settings in the api section of config.cfg ``` [api] # domain name to listen requests for, mandatory if using tls = "letsencrypt" api_domain = "" # listen port, eg. 443 for default HTTPS port = "443" # possible values: "letsencrypt", "cert", "none" tls = "none" ``` Any hint, where to look into?
kerem closed this issue 2026-03-13 15:18:43 +03:00
kerem commented 2026-03-13 15:18:49 +03:00
Author
Owner
Copy link

@joohoi commented on GitHub (Sep 11, 2017):

Unfortunately I'm unavailable to reproduce the problem. Could you post the HTTP request you are sending in?

Does this work:
curl -X GET http://your-container-ip:443/register
how about:
curl -X POST http://your-container-ip:443/register --data '{"allowfrom": ["127.0.0.1/32"]}'

<!-- gh-comment-id:328439443 --> @joohoi commented on GitHub (Sep 11, 2017): Unfortunately I'm unavailable to reproduce the problem. Could you post the HTTP request you are sending in? Does this work: `curl -X GET http://your-container-ip:443/register` how about: `curl -X POST http://your-container-ip:443/register --data '{"allowfrom": ["127.0.0.1/32"]}'`
kerem commented 2026-03-13 15:18:54 +03:00
Author
Owner
Copy link

@eknori commented on GitHub (Sep 11, 2017):

I have tried a couple of POST /GET but no success

`root@docker ~]# curl -s -X POST https://eknori.blogsite.org:443/register |python -m json.tool

No JSON object could be decoded

[root@docker ~]# curl -s -X POST https://eknori.blogsite.org/register |python -m json.tool
No JSON object could be decoded

[root@docker ~]# curl -s -X POST https://192.168.178.137/register |python -m json.tool
No JSON object could be decoded

[root@docker ~]# curl -s -X POST https://192.168.178.137:443/register |python -m json.tool
No JSON object could be decoded

[root@docker ~]# curl -s -X POST https://192.168.178.137:443/register --data '{"allowfrom": ["127.0.0.1/32"]}' |python -m json.tool

No JSON object could be decoded
[root@docker ~]# curl -s -X POST https://192.168.178.137:443/register --data '{"allowfrom": ["127.0.0.1/32"]}'

[root@docker ~]# curl -X POST https://192.168.178.137:443/register --data '{"allowfrom": ["127.0.0.1/32"]}'
curl: (35) SSL received a record that exceeded the maximum permissible length.

[root@docker ~]# curl -X GET https://192.168.178.137:443/register --data '{"allowfrom": ["127.0.0.1/32"]}'
curl: (35) SSL received a record that exceeded the maximum permissible length.

[root@docker ~]# curl -X POST https://eknori.blogsite.org/register |python -m json.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 167 100 167 0 0 826 0 --:--:-- --:--:-- --:--:-- 830
No JSON object could be decoded

[root@docker ~]# curl -X GET https://eknori.blogsite.org/register |python -m json.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 159 100 159 0 0 1121 0 --:--:-- --:--:-- --:--:-- 1127
No JSON object could be decoded
[root@docker ~]# `

<!-- gh-comment-id:328535873 --> @eknori commented on GitHub (Sep 11, 2017): I have tried a couple of POST /GET but no success `root@docker ~]# curl -s -X POST https://eknori.blogsite.org:443/register |python -m json.tool No JSON object could be decoded [root@docker ~]# curl -s -X POST https://eknori.blogsite.org/register |python -m json.tool No JSON object could be decoded [root@docker ~]# curl -s -X POST https://192.168.178.137/register |python -m json.tool No JSON object could be decoded [root@docker ~]# curl -s -X POST https://192.168.178.137:443/register |python -m json.tool No JSON object could be decoded [root@docker ~]# curl -s -X POST https://192.168.178.137:443/register --data '{"allowfrom": ["127.0.0.1/32"]}' |python -m json.tool No JSON object could be decoded [root@docker ~]# curl -s -X POST https://192.168.178.137:443/register --data '{"allowfrom": ["127.0.0.1/32"]}' [root@docker ~]# curl -X POST https://192.168.178.137:443/register --data '{"allowfrom": ["127.0.0.1/32"]}' curl: (35) SSL received a record that exceeded the maximum permissible length. [root@docker ~]# curl -X GET https://192.168.178.137:443/register --data '{"allowfrom": ["127.0.0.1/32"]}' curl: (35) SSL received a record that exceeded the maximum permissible length. [root@docker ~]# curl -X POST https://eknori.blogsite.org/register |python -m json.tool % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 167 100 167 0 0 826 0 --:--:-- --:--:-- --:--:-- 830 No JSON object could be decoded [root@docker ~]# curl -X GET https://eknori.blogsite.org/register |python -m json.tool % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 159 100 159 0 0 1121 0 --:--:-- --:--:-- --:--:-- 1127 No JSON object could be decoded [root@docker ~]# `
kerem commented 2026-03-13 15:18:59 +03:00
Author
Owner
Copy link

@joohoi commented on GitHub (Sep 11, 2017):

Ah, I see. The "No JSON object could be decoded" - message is printed by Python, indicating that it recieved anything but a JSON object. To help with debugging, try leaving the |python -m json.tool out, all it does is pretty printing after all.

What comes to the underlying error, I guess curl tries to communicate with acme-dns using HTTPS, but acme-dns configuration value means that it speaks plain HTTP:

 # possible values: "letsencrypt", "cert", "none"
 tls = "none"

I suggest testing it out with:
curl -X POST http://eknori.blogsite.org:443/register
note http substitution in the protocol part of the URL.

<!-- gh-comment-id:328542535 --> @joohoi commented on GitHub (Sep 11, 2017): Ah, I see. The "No JSON object could be decoded" - message is printed by Python, indicating that it recieved anything but a JSON object. To help with debugging, try leaving the |python -m json.tool out, all it does is pretty printing after all. What comes to the underlying error, I guess curl tries to communicate with acme-dns using HTTPS, but acme-dns configuration value means that it speaks plain HTTP: ``` # possible values: "letsencrypt", "cert", "none" tls = "none" ``` I suggest testing it out with: `curl -X POST http://eknori.blogsite.org:443/register` note http substitution in the protocol part of the URL.
kerem commented 2026-03-13 15:19:04 +03:00
Author
Owner
Copy link

@eknori commented on GitHub (Sep 11, 2017):

sorry, does not work either. I have also tried with port 80 exposed, but it gives me
curl: (7) Failed connect to 192.168.178.137:80; Connection refused

So, I think, that I'l have to create a self signed cert and retry with that.

what I got from my latest tests is

`[root@docker ~]# curl -X POST https://eknori.blogsite.org/register

<HTML><HEAD></HEAD>

Http Status Code: 404

Reason: Unable to process request, resource not found

</HTML>[root @docker ~]# curl -X POST https://eknori.blogsite.org/register <HTML><HEAD></HEAD>

Http Status Code: 404

Reason: Unable to process request, resource not found

</HTML>[root @docker ~]# curl -X GET https://eknori.blogsite.org/register <HTML><HEAD></HEAD>

Http Status Code: 404

Reason: File not found or unable to read file

</HTML>[root@docker ~]# curl -X POST http://eknori.blogsite.org:443/register curl: (52) Empty reply from server`

Looks like acme-dns is looking for the files in /etc/tls but cannot find any.

<!-- gh-comment-id:328549195 --> @eknori commented on GitHub (Sep 11, 2017): sorry, does not work either. I have also tried with port 80 exposed, but it gives me curl: (7) Failed connect to 192.168.178.137:80; Connection refused So, I think, that I'l have to create a self signed cert and retry with that. what I got from my latest tests is `[root@docker ~]# curl -X POST https://eknori.blogsite.org/register <HTML><HEAD><TITLE>Unable to Process Request</TITLE></HEAD><BODY><P>Http Status Code: 404</P><P>Reason: Unable to process request, resource not found</P></BODY></HTML>[root @docker ~]# curl -X POST https://eknori.blogsite.org/register <HTML><HEAD><TITLE>Unable to Process Request</TITLE></HEAD><BODY><P>Http Status Code: 404</P><P>Reason: Unable to process request, resource not found</P></BODY></HTML>[root @docker ~]# curl -X GET https://eknori.blogsite.org/register <HTML><HEAD><TITLE>Unable to Process Request</TITLE></HEAD><BODY><P>Http Status Code: 404</P><P>Reason: File not found or unable to read file</P></BODY></HTML>[root@docker ~]# curl -X POST http://eknori.blogsite.org:443/register curl: (52) Empty reply from server` Looks like acme-dns is looking for the files in /etc/tls but cannot find any.
kerem commented 2026-03-13 15:19:09 +03:00
Author
Owner
Copy link

@joohoi commented on GitHub (Sep 11, 2017):

Unfortunately this looks like some other service answering the requests, you might be able to get more information from the HTTP headers by adding -v (verbose) parameter to curl command line.

acme-dns doesn't give HTTP answers (

<!-- gh-comment-id:328552386 --> @joohoi commented on GitHub (Sep 11, 2017): Unfortunately this looks like some other service answering the requests, you might be able to get more information from the HTTP headers by adding -v (verbose) parameter to curl command line. acme-dns doesn't give HTTP answers (<TITLE>.... part there), so it must be some other server getting the requests in the endpoint. The connection refused when trying port 80 suggests that there's some kind of firewall in between or port hasn't been exposed from Docker host. Also your config states that you are running the service with TLS disabled from the API, so it doesn't try to look for the files at all.
kerem commented 2026-03-13 15:19:14 +03:00
Author
Owner
Copy link

@eknori commented on GitHub (Sep 11, 2017):

Bummer. Yes. Need to use the IP because blogsite.org is pointing to another server

Now I get

`curl: (35) SSL received a record that exceeded the maximum permissible length.
[root@docker dns]# curl -v -X POST https://192.168.178.137:443/register

  • About to connect() to 192.168.178.137 port 443 (#0)
  • Trying 192.168.178.137...
  • Connected to 192.168.178.137 (192.168.178.137) port 443 (#0)
  • Initializing NSS with certpath: sql:/etc/pki/nssdb
  • CAfile: /etc/pki/tls/certs/ca-bundle.crt
    CApath: none
  • NSS error -12263 (SSL_ERROR_RX_RECORD_TOO_LONG)
  • SSL received a record that exceeded the maximum permissible length.
  • Closing connection 0
    curl: (35) SSL received a record that exceeded the maximum permissible length.`
<!-- gh-comment-id:328555484 --> @eknori commented on GitHub (Sep 11, 2017): Bummer. Yes. Need to use the IP because blogsite.org is pointing to another server Now I get `curl: (35) SSL received a record that exceeded the maximum permissible length. [root@docker dns]# curl -v -X POST https://192.168.178.137:443/register * About to connect() to 192.168.178.137 port 443 (#0) * Trying 192.168.178.137... * Connected to 192.168.178.137 (192.168.178.137) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * NSS error -12263 (SSL_ERROR_RX_RECORD_TOO_LONG) * SSL received a record that exceeded the maximum permissible length. * Closing connection 0 curl: (35) SSL received a record that exceeded the maximum permissible length.`
kerem commented 2026-03-13 15:19:20 +03:00
Author
Owner
Copy link

@joohoi commented on GitHub (Sep 11, 2017):

Check my comment https://github.com/joohoi/acme-dns/issues/13#issuecomment-328542535 the issue is that you have configured acme-dns to talk plain HTTP but curl assumes HTTPS, because of https:// - part in the URL. Should work fine with http://yourip:443/register

Naturally either enabling TLS or moving to another port would be a bit less confusing :)

<!-- gh-comment-id:328556670 --> @joohoi commented on GitHub (Sep 11, 2017): Check my comment https://github.com/joohoi/acme-dns/issues/13#issuecomment-328542535 the issue is that you have configured acme-dns to talk plain HTTP but curl assumes HTTPS, because of https:// - part in the URL. Should work fine with **http**://yourip:443/register Naturally either enabling TLS or moving to another port would be a bit less confusing :)
kerem commented 2026-03-13 15:19:25 +03:00
Author
Owner
Copy link

@eknori commented on GitHub (Sep 11, 2017):

AHHHHH. Got it

`curl -v -X POST http://192.168.178.137:443/register

  • About to connect() to 192.168.178.137 port 443 (#0)
  • Trying 192.168.178.137...
  • Connected to 192.168.178.137 (192.168.178.137) port 443 (#0)

POST /register HTTP/1.1
User-Agent: curl/7.29.0
Host: 192.168.178.137:443
Accept: /

< HTTP/1.1 201 Created
< Content-Type: application/json; charset=UTF-8
< Vary: Origin
< Date: Mon, 11 Sep 2017 16:00:32 GMT
< Content-Length: 243
<

  • Connection #0 to host 192.168.178.137 left intact
    {"allowfrom":[],"fulldomain":"935a8902-cf96-4a65-90b6-132076192af0.eknori.blogsite.org","password":"zWEhjPvYHC0rZffY3NFqZYuAugF9DWwpnfMT2_Sh","subdomain":"935a8902-cf96-4a6
    5-90b6-132076192af0","username":"5c50d03f-71c5-49a5-bba5-c48ba5a1a9ad"}[root@docker dns]# `
<!-- gh-comment-id:328557461 --> @eknori commented on GitHub (Sep 11, 2017): AHHHHH. Got it `curl -v -X POST http://192.168.178.137:443/register * About to connect() to 192.168.178.137 port 443 (#0) * Trying 192.168.178.137... * Connected to 192.168.178.137 (192.168.178.137) port 443 (#0) > POST /register HTTP/1.1 > User-Agent: curl/7.29.0 > Host: 192.168.178.137:443 > Accept: */* > < HTTP/1.1 201 Created < Content-Type: application/json; charset=UTF-8 < Vary: Origin < Date: Mon, 11 Sep 2017 16:00:32 GMT < Content-Length: 243 < * Connection #0 to host 192.168.178.137 left intact {"allowfrom":[],"fulldomain":"935a8902-cf96-4a65-90b6-132076192af0.eknori.blogsite.org","password":"zWEhjPvYHC0rZffY3NFqZYuAugF9DWwpnfMT2_Sh","subdomain":"935a8902-cf96-4a6 5-90b6-132076192af0","username":"5c50d03f-71c5-49a5-bba5-c48ba5a1a9ad"}[root@docker dns]# `
kerem commented 2026-03-13 15:19:30 +03:00
Author
Owner
Copy link

@joohoi commented on GitHub (Sep 11, 2017):

Closing the issue as resolved. If you run into other problems while installing, feel free to open new issue!

<!-- gh-comment-id:328559403 --> @joohoi commented on GitHub (Sep 11, 2017): Closing the issue as resolved. If you run into other problems while installing, feel free to open new issue!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
fix_dockerhub
dockerhub
readme2.0
goreleaser_action
refactoring
linter_update_config
update_deps_122
dependabot/go_modules/github.com/valyala/fasthttp-1.34.0
deps_bump
update_goreleaser
update_golint
deps_update
update_dockerfile
v2.0.2
v2.0.1
v2.0
v1.1
v1.0
v0.8
v0.7.2
v0.7.1
v0.7
v0.6
v0.5
v0.4
v0.3.2
v0.3.1
v0.3
v0.2
v0.1
Labels
Clear labels   
Documentation

   
Documentation

   
bug

   
enhancement

   
feature request

   
feature request

   
help wanted

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
security

   
security

   
testing
No labels
Documentation
Documentation
bug
enhancement
feature request
feature request
help wanted
pull-request
question
security
security
testing
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/acme-dns#3
No description provided.