TrueNas Scale : certificat pour https

Michel GONCE

Cadet
Joined
Oct 27, 2021
Messages
7
Bonjour,

Meilleurs vœux à tous pour cette nouvelle année.

J'utilise Truenas Scale depuis maintenant plus de 6 mois sans trop de problème.
J'ai pu installer 2 applications en docker plex serveur et calibre-web.
Je veux installer

Pour cela il me faut installer les certificats pour être en https
J'ai suivi la procédure : https://truecharts.org/manual/Quick-Start Guides/07-adding-letsencrypt/#how-to
Cela à fonctionné sauf à la fin lors de la demande du certificat ou j'ai l'erreur suivante : OsError
avec les infos suivantes :
Erreur: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/middlewared/job.py", line 409, in run await self.future File "/usr/lib/python3/dist-packages/middlewared/job.py", line 445, in __run_body rv = await self.method(*([self] + args)) File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1137, in nf res = await f(*args, **kwargs) File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1269, in nf return await func(*args, **kwargs) File "/usr/lib/python3/dist-packages/middlewared/plugins/crypto.py", line 1532, in do_create data = await self.middleware.run_in_thread( File "/usr/lib/python3/dist-packages/middlewared/utils/run_in_thread.py", line 10, in run_in_thread return await self.loop.run_in_executor(self.run_in_thread_executor, functools.partial(method, *args, **kwargs)) File "/usr/lib/python3.9/concurrent/futures/thread.py", line 52, in run result = self.fn(*self.args, **self.kwargs) File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1273, in nf return func(*args, **kwargs) File "/usr/lib/python3/dist-packages/middlewared/plugins/crypto.py", line 1587, in __create_acme_certificate final_order = self.middleware.call_sync('acme.issue_certificate', job, 25, data, csr_data) File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1351, in call_sync return methodobj(*prepared_call.args) File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol_/issue_cert.py", line 76, in issue_certificate acme_client, key = self.middleware.call_sync( File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1351, in call_sync return methodobj(*prepared_call.args) File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol_/acme_svc.py", line 18, in get_acme_client_and_key data = self.middleware.call_sync( File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1340, in call_sync return self.run_coroutine(methodobj(*prepared_call.args)) File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1380, in run_coroutine return fut.result() File "/usr/lib/python3.9/concurrent/futures/_base.py", line 433, in result return self.__get_result() File "/usr/lib/python3.9/concurrent/futures/_base.py", line 389, in __get_result raise self._exception File "/usr/lib/python3/dist-packages/middlewared/service.py", line 907, in create rv = await self.middleware._call( File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1292, in _call return await self.run_in_executor(prepared_call.executor, methodobj, *prepared_call.args) File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1192, in run_in_executor return await loop.run_in_executor(pool, functools.partial(method, *args, **kwargs)) File "/usr/lib/python3.9/concurrent/futures/thread.py", line 52, in run result = self.fn(*self.args, **self.kwargs) File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1143, in nf res = f(*args, **kwargs) File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1273, in nf return func(*args, **kwargs) File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol.py", line 122, in do_create directory = self.get_directory(data['acme_directory_uri']) File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol.py", line 66, in get_directory response = requests.get(acme_directory_uri).json() File "/usr/lib/python3/dist-packages/requests/api.py", line 76, in get return request('get', url, params=params, **kwargs) File "/usr/lib/python3/dist-packages/requests/api.py", line 61, in request return session.request(method=method, url=url, **kwargs) File "/usr/lib/python3/dist-packages/requests/sessions.py", line 542, in request resp = self.send(prep, **send_kwargs) File "/usr/lib/python3/dist-packages/requests/sessions.py", line 655, in send r = adapter.send(request, **kwargs) File "/usr/lib/python3/dist-packages/requests/adapters.py", line 416, in send self.cert_verify(conn, request.url, verify, cert) File "/usr/lib/python3/dist-packages/requests/adapters.py", line 227, in cert_verify raise IOError("Could not find a suitable TLS CA certificate bundle, " OSError: Could not find a suitable TLS CA certificate bundle, invalid path: /etc/ssl/certs/ca-certificates.crt

Quelqu'un aurait une idée ?
D'avance merci
 

Heracles

Wizard
Joined
Feb 2, 2018
Messages
1,401
Bonjour,

Utilise les tags de code pour poster ce genre de contenu. Ton message est tout simplement illisible tel qu'il est.

Code:
Une fois dans une section de CODE comme celle-ci, on pourra lire correctement ce que tu as à poster. Il faut les braquettes carrées avec le mot CODE pour ouvrir et /CODE pour fermer.
 

Michel GONCE

Cadet
Joined
Oct 27, 2021
Messages
7
Bonjour,

Meilleurs vœux à tous pour cette nouvelle année.

J'utilise Truenas Scale depuis maintenant plus de 6 mois sans trop de problème.
J'ai pu installer 2 applications en docker plex serveur et calibre-web.
Je veux installer

Pour cela il me faut installer les certificats pour être en https
J'ai suivi la procédure : https://truecharts.org/manual/Quick-Start Guides/07-adding-letsencrypt/#how-to
Cela à fonctionné sauf à la fin lors de la demande du certificat ou j'ai l'erreur suivante : OsError
avec les infos suivantes :

Quelqu'un aurait une idée ?
D'avance merci
 

Michel GONCE

Cadet
Joined
Oct 27, 2021
Messages
7
Erreur sur le message précédent, mon pool de démarrage et en cours de reconstruction et je mettrais le code comme demandé des que j'ai la main
 

Michel GONCE

Cadet
Joined
Oct 27, 2021
Messages
7
Merci Heracles pour l'info
Voici l'erreur comme il faut :

Code:
Erreur: Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/middlewared/job.py", line 409, in run
    await self.future
  File "/usr/lib/python3/dist-packages/middlewared/job.py", line 445, in __run_body
    rv = await self.method(*([self] + args))
  File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1137, in nf
    res = await f(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1269, in nf
    return await func(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/middlewared/plugins/crypto.py", line 1532, in do_create
    data = await self.middleware.run_in_thread(
  File "/usr/lib/python3/dist-packages/middlewared/utils/run_in_thread.py", line 10, in run_in_thread
    return await self.loop.run_in_executor(self.run_in_thread_executor, functools.partial(method, *args, **kwargs))
  File "/usr/lib/python3.9/concurrent/futures/thread.py", line 52, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1273, in nf
    return func(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/middlewared/plugins/crypto.py", line 1587, in __create_acme_certificate
    final_order = self.middleware.call_sync('acme.issue_certificate', job, 25, data, csr_data)
  File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1351, in call_sync
    return methodobj(*prepared_call.args)
  File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol_/issue_cert.py", line 76, in issue_certificate
    acme_client, key = self.middleware.call_sync(
  File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1351, in call_sync
    return methodobj(*prepared_call.args)
  File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol_/acme_svc.py", line 18, in get_acme_client_and_key
    data = self.middleware.call_sync(
  File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1340, in call_sync
    return self.run_coroutine(methodobj(*prepared_call.args))
  File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1380, in run_coroutine
    return fut.result()
  File "/usr/lib/python3.9/concurrent/futures/_base.py", line 433, in result
    return self.__get_result()
  File "/usr/lib/python3.9/concurrent/futures/_base.py", line 389, in __get_result
    raise self._exception
  File "/usr/lib/python3/dist-packages/middlewared/service.py", line 907, in create
    rv = await self.middleware._call(
  File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1292, in _call
    return await self.run_in_executor(prepared_call.executor, methodobj, *prepared_call.args)
  File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1192, in run_in_executor
    return await loop.run_in_executor(pool, functools.partial(method, *args, **kwargs))
  File "/usr/lib/python3.9/concurrent/futures/thread.py", line 52, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1143, in nf
    res = f(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1273, in nf
    return func(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol.py", line 122, in do_create
    directory = self.get_directory(data['acme_directory_uri'])
  File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol.py", line 66, in get_directory
    response = requests.get(acme_directory_uri).json()
  File "/usr/lib/python3/dist-packages/requests/api.py", line 76, in get
    return request('get', url, params=params, **kwargs)
  File "/usr/lib/python3/dist-packages/requests/api.py", line 61, in request
    return session.request(method=method, url=url, **kwargs)
  File "/usr/lib/python3/dist-packages/requests/sessions.py", line 542, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/lib/python3/dist-packages/requests/sessions.py", line 655, in send
    r = adapter.send(request, **kwargs)
  File "/usr/lib/python3/dist-packages/requests/adapters.py", line 416, in send
    self.cert_verify(conn, request.url, verify, cert)
  File "/usr/lib/python3/dist-packages/requests/adapters.py", line 227, in cert_verify
    raise IOError("Could not find a suitable TLS CA certificate bundle, "
OSError: Could not find a suitable TLS CA certificate bundle, invalid path: /etc/ssl/certs/ca-certificates.crt
 

Heracles

Wizard
Joined
Feb 2, 2018
Messages
1,401
Ok.... Ça ressemble à la CA Lets Encrypt qui expirait l'automne dernier.... Ça parle d'un problème de CA.... Lets Encrypt signait ses certificats avec une première CA au début et c'est elle qui a expiré. Ils utilisent une autre CA depuis longtemps déjà, qui est toujours valide, mais plusieurs outils se mélangent entre les deux et ça semble le cas ici.

Hélas, je n'ai pas Scale et je n'utilise pas ces outils-là. Ainsi, je t'invite à chercher de l'info concernant l'expiration de la CA de Lets Encrypt et comment corriger ce problème. Je sais que @jgreco a posté du matériel à ce sujet mais dans la section anglophone du site...

Bonnes recherches et bonnes chances.
 

Michel GONCE

Cadet
Joined
Oct 27, 2021
Messages
7
Merci pour l'information.
Ce n'est pas mon domaine de compétence, mais si je trouve je poserais la solution, je ne dois pas en être loin ;-)
 
Top