starred/certidude-laurivosandi
1
0
Fork 0
mirror of https://github.com/laurivosandi/certidude.git synced 2026-04-25 16:45:51 +03:00
Code Issues 29 Projects Releases Packages Wiki Activity

[GH-ISSUE #30] Certificate renewal breaks if e-mail can't be delivered #27

New issue
Closed
opened 2026-02-26 03:33:31 +03:00 by kerem · 1 comment
kerem commented 2026-02-26 03:33:31 +03:00
Owner
Copy link

Originally created by @laurivosandi on GitHub (Mar 31, 2017).
Original GitHub issue: https://github.com/laurivosandi/certidude/issues/30

Example stack trace:

Mar 31 06:26:02 ca certidude[16379]: Connecing to ldap://dc1.example.com using Kerberos ticket cache from /run/certidude/krb5cc
Mar 31 06:26:02 ca /usr/bin/python[17271]: python /usr/local/bin/certidude serve -l 0.0.0.0 -p 80: GSSAPI client step 1
Mar 31 06:26:02 ca /usr/bin/python[17271]: python /usr/local/bin/certidude serve -l 0.0.0.0 -p 80: GSSAPI client step 1
Mar 31 06:26:02 ca /usr/bin/python[17271]: python /usr/local/bin/certidude serve -l 0.0.0.0 -p 80: GSSAPI client step 1
Mar 31 06:26:02 ca /usr/bin/python[17271]: python /usr/local/bin/certidude serve -l 0.0.0.0 -p 80: GSSAPI client step 2
Mar 31 06:26:02 ca certidude[16379]: Sending e-mail certificate-renewed.md to Lauri Võsandi <lauri@example.com>
Mar 31 06:26:03 ca certidude[16379]: Traceback (most recent call last):
Mar 31 06:26:03 ca certidude[16379]:   File "/usr/lib/python2.7/wsgiref/handlers.py", line 85, in run
Mar 31 06:26:03 ca certidude[16379]:     self.result = application(self.environ, self.start_response)
Mar 31 06:26:03 ca certidude[16379]:   File "/usr/local/lib/python2.7/dist-packages/falcon/api.py", line 209, in __call__
Mar 31 06:26:03 ca certidude[16379]:     responder(req, resp, **params)
Mar 31 06:26:03 ca certidude[16379]:   File "/root/certidude/certidude/auth.py", line 50, in kerberos_authenticate
Mar 31 06:26:03 ca certidude[16379]:     return func(resource, req, resp, *args, **kwargs)
Mar 31 06:26:03 ca certidude[16379]:   File "/root/certidude/certidude/firewall.py", line 24, in wrapped
Mar 31 06:26:03 ca certidude[16379]:     return func(self, req, resp, *args, **kwargs)
Mar 31 06:26:03 ca certidude[16379]:   File "/root/certidude/certidude/firewall.py", line 33, in wrapped
Mar 31 06:26:03 ca certidude[16379]:     return func(self, req, resp, *args, **kwargs)
Mar 31 06:26:03 ca certidude[16379]:   File "/root/certidude/certidude/api/request.py", line 100, in on_post
Mar 31 06:26:03 ca certidude[16379]:     _, resp.body = authority._sign(csr, body, overwrite=True)
Mar 31 06:26:03 ca certidude[16379]:   File "/root/certidude/certidude/authority.py", line 351, in _sign
Mar 31 06:26:03 ca certidude[16379]:     certificate=cert,
Mar 31 06:26:03 ca certidude[16379]:   File "/root/certidude/certidude/mailer.py", line 96, in send
Mar 31 06:26:03 ca certidude[16379]:     conn.sendmail(config.OUTBOX_MAIL, recipients, msg.as_string())
Mar 31 06:26:03 ca certidude[16379]:   File "/usr/lib/python2.7/smtplib.py", line 747, in sendmail
Mar 31 06:26:03 ca certidude[16379]:     raise SMTPRecipientsRefused(senderrs)
Mar 31 06:26:03 ca certidude[16379]: SMTPRecipientsRefused: {u'Lauri V\xf5sandi <lauri@example.com>': (451, '4.3.5 <lauri@example.com>: Recipient address rejected: Server configuration error')}
Mar 31 06:26:03 ca certidude[16379]: 192.168.12.1 - - [31/Mar/2017 06:26:03] "POST /api/request/?autosign=true&wait=30 HTTP/1.1" 500 59
Originally created by @laurivosandi on GitHub (Mar 31, 2017). Original GitHub issue: https://github.com/laurivosandi/certidude/issues/30 Example stack trace: ``` Mar 31 06:26:02 ca certidude[16379]: Connecing to ldap://dc1.example.com using Kerberos ticket cache from /run/certidude/krb5cc Mar 31 06:26:02 ca /usr/bin/python[17271]: python /usr/local/bin/certidude serve -l 0.0.0.0 -p 80: GSSAPI client step 1 Mar 31 06:26:02 ca /usr/bin/python[17271]: python /usr/local/bin/certidude serve -l 0.0.0.0 -p 80: GSSAPI client step 1 Mar 31 06:26:02 ca /usr/bin/python[17271]: python /usr/local/bin/certidude serve -l 0.0.0.0 -p 80: GSSAPI client step 1 Mar 31 06:26:02 ca /usr/bin/python[17271]: python /usr/local/bin/certidude serve -l 0.0.0.0 -p 80: GSSAPI client step 2 Mar 31 06:26:02 ca certidude[16379]: Sending e-mail certificate-renewed.md to Lauri Võsandi <lauri@example.com> Mar 31 06:26:03 ca certidude[16379]: Traceback (most recent call last): Mar 31 06:26:03 ca certidude[16379]: File "/usr/lib/python2.7/wsgiref/handlers.py", line 85, in run Mar 31 06:26:03 ca certidude[16379]: self.result = application(self.environ, self.start_response) Mar 31 06:26:03 ca certidude[16379]: File "/usr/local/lib/python2.7/dist-packages/falcon/api.py", line 209, in __call__ Mar 31 06:26:03 ca certidude[16379]: responder(req, resp, **params) Mar 31 06:26:03 ca certidude[16379]: File "/root/certidude/certidude/auth.py", line 50, in kerberos_authenticate Mar 31 06:26:03 ca certidude[16379]: return func(resource, req, resp, *args, **kwargs) Mar 31 06:26:03 ca certidude[16379]: File "/root/certidude/certidude/firewall.py", line 24, in wrapped Mar 31 06:26:03 ca certidude[16379]: return func(self, req, resp, *args, **kwargs) Mar 31 06:26:03 ca certidude[16379]: File "/root/certidude/certidude/firewall.py", line 33, in wrapped Mar 31 06:26:03 ca certidude[16379]: return func(self, req, resp, *args, **kwargs) Mar 31 06:26:03 ca certidude[16379]: File "/root/certidude/certidude/api/request.py", line 100, in on_post Mar 31 06:26:03 ca certidude[16379]: _, resp.body = authority._sign(csr, body, overwrite=True) Mar 31 06:26:03 ca certidude[16379]: File "/root/certidude/certidude/authority.py", line 351, in _sign Mar 31 06:26:03 ca certidude[16379]: certificate=cert, Mar 31 06:26:03 ca certidude[16379]: File "/root/certidude/certidude/mailer.py", line 96, in send Mar 31 06:26:03 ca certidude[16379]: conn.sendmail(config.OUTBOX_MAIL, recipients, msg.as_string()) Mar 31 06:26:03 ca certidude[16379]: File "/usr/lib/python2.7/smtplib.py", line 747, in sendmail Mar 31 06:26:03 ca certidude[16379]: raise SMTPRecipientsRefused(senderrs) Mar 31 06:26:03 ca certidude[16379]: SMTPRecipientsRefused: {u'Lauri V\xf5sandi <lauri@example.com>': (451, '4.3.5 <lauri@example.com>: Recipient address rejected: Server configuration error')} Mar 31 06:26:03 ca certidude[16379]: 192.168.12.1 - - [31/Mar/2017 06:26:03] "POST /api/request/?autosign=true&wait=30 HTTP/1.1" 500 59 ```
kerem closed this issue 2026-02-26 03:33:31 +03:00
kerem commented 2026-02-26 03:33:31 +03:00
Author
Owner
Copy link

@laurivosandi commented on GitHub (May 7, 2017):

Fixed by submitting to local MTA, Postfix needs to be installed manually

<!-- gh-comment-id:299733437 --> @laurivosandi commented on GitHub (May 7, 2017): Fixed by submitting to local MTA, Postfix needs to be installed manually
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
dev
No results found.
Labels
Clear labels   
pull-request

Mirrored from GitHub Pull Request

No labels
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/certidude-laurivosandi#27
No description provided.