Comments (5)
I assume there are multiple users that encounter this.
As you can see it seems you are alone with this problem (no thumbs up, no other report)
what actions do you see next?
I don't know because based on the code I have no idea of the real root of the problem.
from lego.
Hello,
I think this is an internal change in the SDK.
acme: error presenting token: route53: failed to determine hosted zone ID: operation error Route 53: ListHostedZonesByName, failed to sign request: failed to retrieve credentials: failed to refresh cached credentials, no EC2 IMDS role found, operation error ec2imds: GetMetadata, canceled, context deadline exceeded
The error comes from here.
I'm not a specialist in AWS, and the SDK migration guide is really weak.
I don't know if it's an expected behavior for the new SDK, a bug of the SDK, or something else.
from lego.
I read on the AWS documentation that IMDs v1 and v2 should both work. So I'm kind of puzzled about why we are receiving the error.
Will you do some extra testing on this? Or what actions do you see next? I assume there are multiple users that encounter this.
from lego.
FWIW, I got here by discovering that my Traefik Let's Encrypt configuration, which had been running fine, has apparently picked up this same problem after upgrading to the lastest stableTraefik container tag 2.10.5, from 2.10.4.
The initial error in the logs was that aws region was a required value. I provided the AWS_REGION environment variable through the docker compose file, and now the error I see is:
traefik | time="2023-11-12T00:19:12Z" level=error msg="Error renewing certificate from LE: {redacted.com []}" ACME CA="https://acme-v02.api.letsencrypt.org/directory" error="error: one or more domains had a problem:\n[redacted.com] [redacted.com] acme: error presenting token: route53: failed to determine hosted zone ID: operation error Route 53: ListHostedZonesByName, failed to sign request: failed to retrieve credentials: failed to refresh cached credentials, no EC2 IMDS role found, operation error ec2imds: GetMetadata, canceled, context deadline exceeded\n" providerName=letsencrypt.acme
None of my AWS IAM policies have changed, and this machine has been running untouched for years. The only difference is the bugfix version of the Traefik container being revved, which came with a rev of this lego lib.
from lego.
from lego.
Related Issues (20)
- oraclecloud is using only default realm OC1 for all requests HOT 7
- Missing and misleading hook environment variables HOT 4
- Add support for Route53 private zones HOT 1
- '--dns exec' show output in real time? HOT 3
- Add SLSA provenance to your releases
- renew-hook does not support quoted parameters HOT 1
- Add Retry-After header value to get renewal info result HOT 3
- DNS request prefer IPv6 only HOT 1
- exoscale: fails when issuing certificate for "*.domain.example" and "domain.example" HOT 14
- Ability to update email using the CLI
- Support for provider: mittwald HOT 7
- azuredns: CLI authentication doesn't respect tenant setting
- DNS certificates with many names: Faster verification HOT 13
- Support hook arguments HOT 3
- Whether you can support manual custom validation of DNS records in golang dependent mode?
- Leftover deprecated update renewal info call
- Need new release HOT 1
- lego allows using subdomain DNS to obtain Let's Encrypt wildcard certificates HOT 4
- Support for provider: Strato HOT 7
- google domains Error 400: Precondition check failed., failedPrecondition HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lego.