Comments (5)
I assume there are multiple users that encounter this.
As you can see it seems you are alone with this problem (no thumbs up, no other report)
what actions do you see next?
I don't know because based on the code I have no idea of the real root of the problem.
from lego.
Hello,
I think this is an internal change in the SDK.
acme: error presenting token: route53: failed to determine hosted zone ID: operation error Route 53: ListHostedZonesByName, failed to sign request: failed to retrieve credentials: failed to refresh cached credentials, no EC2 IMDS role found, operation error ec2imds: GetMetadata, canceled, context deadline exceeded
The error comes from here.
I'm not a specialist in AWS, and the SDK migration guide is really weak.
I don't know if it's an expected behavior for the new SDK, a bug of the SDK, or something else.
from lego.
I read on the AWS documentation that IMDs v1 and v2 should both work. So I'm kind of puzzled about why we are receiving the error.
Will you do some extra testing on this? Or what actions do you see next? I assume there are multiple users that encounter this.
from lego.
FWIW, I got here by discovering that my Traefik Let's Encrypt configuration, which had been running fine, has apparently picked up this same problem after upgrading to the lastest stableTraefik container tag 2.10.5, from 2.10.4.
The initial error in the logs was that aws region was a required value. I provided the AWS_REGION environment variable through the docker compose file, and now the error I see is:
traefik | time="2023-11-12T00:19:12Z" level=error msg="Error renewing certificate from LE: {redacted.com []}" ACME CA="https://acme-v02.api.letsencrypt.org/directory" error="error: one or more domains had a problem:\n[redacted.com] [redacted.com] acme: error presenting token: route53: failed to determine hosted zone ID: operation error Route 53: ListHostedZonesByName, failed to sign request: failed to retrieve credentials: failed to refresh cached credentials, no EC2 IMDS role found, operation error ec2imds: GetMetadata, canceled, context deadline exceeded\n" providerName=letsencrypt.acme
None of my AWS IAM policies have changed, and this machine has been running untouched for years. The only difference is the bugfix version of the Traefik container being revved, which came with a rev of this lego lib.
from lego.
from lego.
Related Issues (20)
- directadmin plugin HOT 1
- AutoDNS - mandatory credentials listed as additional HOT 2
- ionos: DNS records not removed HOT 12
- IONOS DNS Cleanup does not work HOT 1
- Misleading log output
- Enable option to use single command to create or renew cert HOT 1
- support several DNS providers at once HOT 3
- Support for provider: Abion
- Provider "do.de" not working, API call invalid HOT 3
- TransIP verification fails because of token error HOT 18
- Error during automated certificate renewal wildcard letsencrypt HOT 3
- Support for provider: shellrent HOT 3
- Support for provider: Gravity HOT 2
- pdns: API endpoint not at URL root resulting in incorrect URL queried and thus failing with error code 404 HOT 2
- azure: find zones via serviceDiscovery (or allow multiple values for AZURE_RESOURCE_GROUP) HOT 7
- Scaleway DNS Challenge credentials not correct HOT 1
- ERROR acme: error: 500 :: POST renewing with v4.16.0 --- v4.15.0 is OK HOT 7
- External accound binding fails with error "invalid key size for algorithm" HOT 6
- on armv7I-32 CPU: this CPU has no VFPv3 floating point hardware HOT 3
- renew doesn't take multiple domains HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lego.