Comments (5)
Your fix hides the details - essentially (if you want to do something fancy), you'll need access to the Error-Details, which are available via $exception.Response.Content.
I created the neccessary fix and will provide them via the gallery in some days (there are more minor problems I, which should be addressed)
from acme-ps.
IMHO, the default behavior should be what is most helpful. Here's what I see with the "1.1.4" version of "AcmeHttpException":
New-ACMEOrder "C:\Users\admin\Desktop\tmp\AcmeState" -Identifiers $SanList
At C:\Users\admin\Desktop\tmp\ACME-PS\1.1.4\ACME-PS.psm1:1395 char:13
+ throw [AcmeHttpException]::new($respone.ErrorMessage, $re ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], AcmeHttpException
+ FullyQualifiedErrorId :
As you can see, no helpful feedback.
Here's what I see with the version of "AcmeHttpException" I posted above (2/1 comment)
New-ACMEOrder "C:\Users\admin\Desktop\tmp\AcmeState" -Identifiers $SanList
@{type=urn:ietf:params:acme:error:rateLimited; detail=Error creating new order :: too many certificates already issued for exact set of domains: ...: see
https://letsencrypt.org/docs/rate-limits/; status=429}
At C:\Users\admin\Desktop\tmp\ACME-PS\1.1.4\ACME-PS.psm1:523 char:9
+ throw "$($_message)`n$($_response.Content)"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (
@{type=urn:iet...s/; status=429}:String) [], RuntimeException
+ FullyQualifiedErrorId :
@{type=urn:ietf:params:acme:error:rateLimited; detail=Error creating new order :: too many certificates already issued for exact set of domains: ...: see https://le
tsencrypt.org/docs/rate-limits/; status=429}
Here's what a troubleshooter needs to quickly understand and resolve the issue:
error:rateLimited; detail=Error creating new order :: too many certificates already issued
I think the "1.1.4" version is hiding details.
from acme-ps.
I see the problem.
Nevertheless throwing the error without the $response
being attached to the object is good for "interactive", but not for automated environments.
You could for example automatically wait, if you got rateLimited, but that means, you have to access the error-type of the response.
I'm using throw for that, since I want to ensure the pipeline breaking.
So technically I need an Exception, which will stop the pipeline, can be handled with try {} catch {}
AND will print a useful error message.
from acme-ps.
So - NORMALLY - an Exception.Message will be displayed as first line.
But I messed up $response.ErrorMessage
, which simply does not exist - it's more or less a typo.
To conclude: I need to use $response.ErrorMessage
as Message and I will add $response.Content.Details
to the message, if it exists.
That'll make it readable for humans and usable for machines.
from acme-ps.
Fixed it, and will deploy it as 1.1.5 between monday and wednesday (will make us both happy ;))
from acme-ps.
Related Issues (20)
- [Improvement] Allow export Certificates with alternate chain HOT 14
- Revoke-ACMECertificiate - Given Certificate as Input (rather than an order) HOT 43
- Improvement: Throw an exception when attempting to get a HTTP-01 challenge for a wildcard order (Get-ACMEChallenge) HOT 4
- Best way to re-use an account across requests? HOT 2
- Can't create new account - asking for ExternalAccountBinding? HOT 2
- [BUG] Import-AccountKey : Object reference not set to an instance of an object HOT 3
- Order shows that cert expires in 6 days, but cert shows 90 days? HOT 3
- [Improvement] Allow DirectoryUrl to be passed to revocation, to omit the state object
- [Improvement] Add state reference to order
- [BUG]? Full chain export seems to be exporting in the wrong order HOT 4
- [BUG] Chain not included for specific instance.. HOT 1
- [Improvement] Exporting x509 certs/keys as PEM HOT 4
- Exception calling "GetResult" with "0" argument(s): "An error occurred while sending the request." HOT 6
- Certificate not working on older Android after 29.9.2021 HOT 2
- New-AcmePSKey invalid ValidateSet for RSAKeySize HOT 1
- DNS-01 HOT 10
- New Order / Old Account HOT 5
- Are SHA-1 self signatures being used to issue CSRs? HOT 1
- HTTP-01 Challenge File Not Getting Created HOT 3
- Authorizations does not seem to be parsing correctly HOT 12
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from acme-ps.