group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1837673] Re: Certbot will be unable to create new ACME accounts

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Andreas Hasenack <andreas@xxxxxxxxxxxxx>
Date: Thu, 03 Oct 2019 19:52:19 -0000
Reply-to: Bug 1837673 <1837673@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

> To solve this problem, I recommend backporting the Certbot packages from Cosmic to Bionic
> and Xenial.

Cosmic, which is EOL now, had 0.27.0-1:

python-certbot (0.27.0-1) unstable; urgency=medium

  * New upstream version 0.27.0
  * Refresh patch after upstream migration to codecov
  * Bump python-sphinx requirement defensively; bump S-V with no changes
  * Bump dep on python-acme to 0.26.0~

 -- Harlan Lieberman-Berg <hlieberman@xxxxxxxxxx>  Wed, 05 Sep 2018
20:29:44 -0400

Noted the python-acme >= 0.26.0~ requirement. B and X have
0.22.2-1something, and also as noted, but #1836823 is bumping that to
0.31.0-2.


** Also affects: python-certbot (Ubuntu Disco)
   Importance: Undecided
       Status: New

** Also affects: python-certbot (Ubuntu Eoan)
   Importance: Undecided
     Assignee: James Hebden (ec0)
       Status: New

** Changed in: python-certbot (Ubuntu Disco)
       Status: New => Fix Released

** Changed in: python-certbot (Ubuntu Eoan)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1837673

Title:
  Certbot will be unable to create new ACME accounts

Status in python-certbot package in Ubuntu:
  Fix Released
Status in python-certbot source package in Xenial:
  Triaged
Status in python-certbot source package in Bionic:
  Triaged
Status in python-certbot source package in Disco:
  Fix Released
Status in python-certbot source package in Eoan:
  Fix Released

Bug description:
  This bug affects the python-certbot packages in Xenial and Bionic.
  Cosmic and newer is unaffected.

  To do almost anything in the ACME protocol used by Let's Encrypt and
  Certbot including obtaining and revoking certificates, you need to
  first create an account with the ACME server. Starting in November,
  Certbot will no longer be able to do that with its default
  configuration. This is because as part of pushing people towards the
  standardized version of the protocol, Let's Encrypt is no longer
  letting people create new accounts on their ACMEv1 endpoint. More
  details about this change can be found at
  https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430.

  What this means for Ubuntu users is that new Certbot installations on
  affected systems would need to be given the URL of an alternative ACME
  server in order to work. Existing installations would be unaffected
  for now as long as they don't deactivate their account or delete its
  credentials. They will have additional problems in the future due to
  the additional deprecations described in the link above.

  To solve this problem, I recommend backporting the Certbot packages
  from Cosmic to Bionic and Xenial. There are no breaking changes to the
  public interfaces between versions and I think this results in the
  smallest change to the packages that would resolve this problem while
  sticking to well tested packages.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-certbot/+bug/1837673/+subscriptions