Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Letsencrypt CERT_HAS_EXPIRED #42

Open
iamtakingiteasy opened this issue May 23, 2022 · 1 comment
Open

Letsencrypt CERT_HAS_EXPIRED #42

iamtakingiteasy opened this issue May 23, 2022 · 1 comment
Labels
bug Something isn't working

Comments

@iamtakingiteasy
Copy link

Description

Letsencrypt certificates apparently treated as expired by Roma's distriubtion. At the same time there is no such issue in whalebird.

I'm guessing some certificate bundle in electron version used is outdated.

How To Reproduce

  1. Try to add new account
  2. Input instance domain with letsencrypt certificates -> Search
  3. Press Login -> Failed to get authorize url appears
Full error log in console 
15:57:24.713 › System proxy configuration: DIRECT
Error occurred in handler for 'list-accounts': N [Error]: empty
    at /home/user/Downloads/Roma-3.3.3-linux-x64/resources/app.asar/dist/electron/main.js:1:202852
    at newArguments.<computed> (/home/user/Downloads/Roma-3.3.3-linux-x64/resources/app.asar/node_modules/nedb/lib/executor.js:29:17)
    at Cursor.execFn (/home/user/Downloads/Roma-3.3.3-linux-x64/resources/app.asar/node_modules/nedb/lib/datastore.js:484:12)
    at callback (/home/user/Downloads/Roma-3.3.3-linux-x64/resources/app.asar/node_modules/nedb/lib/cursor.js:126:19)
    at /home/user/Downloads/Roma-3.3.3-linux-x64/resources/app.asar/node_modules/nedb/lib/cursor.js:193:12
    at /home/user/Downloads/Roma-3.3.3-linux-x64/resources/app.asar/node_modules/nedb/lib/datastore.js:329:14
    at Object.async.eachSeries (/home/user/Downloads/Roma-3.3.3-linux-x64/resources/app.asar/node_modules/async/lib/async.js:130:20)
    at /home/user/Downloads/Roma-3.3.3-linux-x64/resources/app.asar/node_modules/nedb/lib/datastore.js:323:11
    at fn (/home/user/Downloads/Roma-3.3.3-linux-x64/resources/app.asar/node_modules/async/lib/async.js:582:34)
    at Immediate.<anonymous> (/home/user/Downloads/Roma-3.3.3-linux-x64/resources/app.asar/node_modules/async/lib/async.js:498:34)
Error occurred in handler for 'get-auth-url': Error: certificate has expired
    at TLSSocket.onConnectSecure (_tls_wrap.js:1501:34)
    at TLSSocket.emit (events.js:315:20)
    at TLSSocket._finishInit (_tls_wrap.js:936:8)
    at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:710:12) {
  code: 'CERT_HAS_EXPIRED',
  config: {
    url: 'https://eientei.org/api/v1/apps',
    method: 'post',
    data: '{"client_name":"Roma - desktop","redirect_uris":"urn:ietf:wg:oauth:2.0:oob","scopes":"read write follow","website":"https://pleroma.com"}',
    headers: {
      Accept: 'application/json, text/plain, */*',
      'Content-Type': 'application/json;charset=utf-8',
      'User-Agent': 'axios/0.21.1',
      'Content-Length': 137
    },
    transformRequest: [ [Function: transformRequest] ],
    transformResponse: [ [Function: transformResponse] ],
    timeout: 0,
    adapter: [Function: httpAdapter],
    xsrfCookieName: 'XSRF-TOKEN',
    xsrfHeaderName: 'X-XSRF-TOKEN',
    maxContentLength: -1,
    maxBodyLength: -1,
    cancelToken: CancelToken { promise: [Promise] },
    validateStatus: [Function: validateStatus]
  },
  request: Writable {
    _writableState: WritableState {
      objectMode: false,
      highWaterMark: 16384,
      finalCalled: false,
      needDrain: false,
      ending: false,
      ended: false,
      finished: false,
      destroyed: false,
      decodeStrings: true,
      defaultEncoding: 'utf8',
      length: 0,
      writing: false,
      corked: 0,
      sync: true,
      bufferProcessing: false,
      onwrite: [Function: bound onwrite],
      writecb: null,
      writelen: 0,
      afterWriteTickInfo: null,
      bufferedRequest: null,
      lastBufferedRequest: null,
      pendingcb: 0,
      prefinished: false,
      errorEmitted: false,
      emitClose: true,
      autoDestroy: false,
      bufferedRequestCount: 0,
      corkedRequestsFree: [Object]
    },
    writable: true,
    _events: [Object: null prototype] {
      response: [Function: handleResponse],
      error: [Function: handleRequestError]
    },
    _eventsCount: 2,
    _maxListeners: undefined,
    _options: {
      maxRedirects: 21,
      maxBodyLength: 10485760,
      protocol: 'https:',
      path: '/api/v1/apps',
      method: 'POST',
      headers: [Object],
      agent: undefined,
      agents: [Object],
      auth: undefined,
      hostname: 'eientei.org',
      port: null,
      nativeProtocols: [Object],
      pathname: '/api/v1/apps'
    },
    _ended: false,
    _ending: true,
    _redirectCount: 0,
    _redirects: [],
    _requestBodyLength: 137,
    _requestBodyBuffers: [ [Object] ],
    _onNativeResponse: [Function],
    _currentRequest: ClientRequest {
      _events: [Object: null prototype],
      _eventsCount: 7,
      _maxListeners: undefined,
      outputData: [],
      outputSize: 0,
      writable: true,
      _last: true,
      chunkedEncoding: false,
      shouldKeepAlive: false,
      useChunkedEncodingByDefault: true,
      sendDate: false,
      _removedConnection: false,
      _removedContLen: false,
      _removedTE: false,
      _contentLength: null,
      _hasBody: true,
      _trailer: '',
      finished: false,
      _headerSent: true,
      socket: [TLSSocket],
      connection: [TLSSocket],
      _header: 'POST /api/v1/apps HTTP/1.1\r\n' +
        'Accept: application/json, text/plain, */*\r\n' +
        'Content-Type: application/json;charset=utf-8\r\n' +
        'User-Agent: axios/0.21.1\r\n' +
        'Content-Length: 137\r\n' +
        'Host: eientei.org\r\n' +
        'Connection: close\r\n' +
        '\r\n',
      _onPendingData: [Function: noopPendingOutput],
      agent: [Agent],
      socketPath: undefined,
      method: 'POST',
      insecureHTTPParser: undefined,
      path: '/api/v1/apps',
      _ended: false,
      res: null,
      aborted: false,
      timeoutCb: null,
      upgradeOrConnect: false,
      parser: null,
      maxHeadersCount: null,
      reusedSocket: false,
      _redirectable: [Circular],
      [Symbol(kCapture)]: false,
      [Symbol(kNeedDrain)]: false,
      [Symbol(corked)]: 0,
      [Symbol(kOutHeaders)]: [Object: null prototype]
    },
    _currentUrl: 'https://eientei.org/api/v1/apps',
    [Symbol(kCapture)]: false
  },
  response: undefined,
  isAxiosError: true,
  toJSON: [Function: toJSON]
}

Your Environment

  • OS: any
  • Roma Version: 3.3.3
  • Instance: any with letsencrypt ssl; e.g. freespeechextremist.com, bae.st, eientei.org, etc.
@iamtakingiteasy iamtakingiteasy added the bug Something isn't working label May 23, 2022
@iamtakingiteasy
Copy link
Author

iamtakingiteasy commented May 23, 2022
edited
Loading

With electron 17 (upstream has 11) there is no such issue. Node 14 may be required for building however.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@iamtakingiteasy