From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dziobek@hlrs.de>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 83FB09300A
 for <pve-user@lists.proxmox.com>; Tue,  3 Jan 2023 13:41:37 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 65309AF1A
 for <pve-user@lists.proxmox.com>; Tue,  3 Jan 2023 13:41:07 +0100 (CET)
Received: from mail.hlrs.de (mail.hlrs.de [141.58.2.50])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS
 for <pve-user@lists.proxmox.com>; Tue,  3 Jan 2023 13:41:03 +0100 (CET)
Received: from localhost (localhost.localdomain [127.0.0.1])
 by mail.hlrs.de (Postfix) with ESMTP id 3946D5EA031A
 for <pve-user@lists.proxmox.com>; Tue,  3 Jan 2023 13:35:13 +0100 (CET)
Received: from mail.hlrs.de ([127.0.0.1])
 by localhost (mail.hlrs.de [127.0.0.1]) (amavisd-new, port 10032)
 with ESMTP id SmFxl7A53B9a for <pve-user@lists.proxmox.com>;
 Tue,  3 Jan 2023 13:35:13 +0100 (CET)
X-Virus-Scanned: amavisd-new at mail.hlrs.de
DKIM-Filter: OpenDKIM Filter v2.10.3 mail.hlrs.de 0F3BE5EA031C
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hlrs.de;
 s=1806FB76-797D-11E5-BCE5-7B280A126CD4; t=1672749313;
 bh=g+dZxKbDRlX0ud6d0q7xlvOh5PaO/sf4W0sHEaBfNAM=;
 h=Date:From:To:Message-ID:MIME-Version;
 b=RlL6SpKbQZlGZc/uOJ2Z7dKOG6Zapn1QrPUv22SNwOJ1c7a3cvxYE9qzLFq7+SzbE
 tflqiw8vzO20aW1nVIrvBlZbkfY88z1gkagsVO2APd7bU+vquBJjbEPJ8F+fsXf/au
 cPM9NsSL4BQbN7QQf4mMwxL3q8fwk29ti+T4BwoY=
Received: from schleppmd.hlrs.de (hpcn-vpnip-141-58-15-240.hlrs.de
 [141.58.15.240])
 by mail.hlrs.de (Postfix) with ESMTPSA id DFFC45EA031A
 for <pve-user@lists.proxmox.com>; Tue,  3 Jan 2023 13:35:12 +0100 (CET)
Date: Tue, 3 Jan 2023 13:34:58 +0100
From: Martin Dziobek <dziobek@hlrs.de>
To: pve-user@lists.proxmox.com
Message-ID: <20230103133458.378a56b3@schleppmd.hlrs.de>
Organization: HLRS Uni Stuttgart
X-Mailer: Claws Mail 3.17.8 (GTK+ 2.24.33; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.253 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DKIM_SIGNED               0.1 Message has a DKIM or DK signature,
 not necessarily valid
 DKIM_VALID -0.1 Message has at least one valid DKIM or DK signature
 DKIM_VALID_AU -0.1 Message has a valid DKIM or DK signature from author's
 domain
 DKIM_VALID_EF -0.1 Message has a valid DKIM or DK signature from envelope-from
 domain
 KAM_NUMSUBJECT 0.5 Subject ends in numbers excluding current years
 RCVD_IN_DNSWL_MED        -2.3 Sender listed at https://www.dnswl.org/,
 medium trust
 RCVD_IN_MSPIKE_H2      -0.001 Average reputation (+2)
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_NONE                0.001 SPF: sender does not publish an SPF Record
 URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
 information. [hlrs.de, acme.sh]
Subject: [PVE-User] Trouble with LetsEncrypt/acme-dns in pve 7.3-4
X-BeenThere: pve-user@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE user list <pve-user.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-user>, 
 <mailto:pve-user-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-user/>
List-Post: <mailto:pve-user@lists.proxmox.com>
List-Help: <mailto:pve-user-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user>, 
 <mailto:pve-user-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Tue, 03 Jan 2023 12:41:37 -0000

Howdy, list members !

The situation:
I have a proxmox host (say ptest) running pve 7.3-3, 
and one (say pprod) running 7.3-4

On ptest, getting Letsencrypt certificates with the acme-dns plugin
and our internal acme-dns server works fine.

Trying the same config on pprod (for the first time with LE) fails with
 "invalid response of acme-dns"

Investigation:
/etc/pve/.version:
ptest shows    "priv/acme/plugins.cfg": 2,
pprod shows  "priv/acme/plugins.cfg": 3,

The handler scripts in
/usr/share/proxmox-acme/dnsapi/dns_acmedns.sh
have lots of differences for that reason.

The GUI dialog at Datacenter->ACME for configuring
Challenge plugins (type acme-dns), however, do show
*exactly the same predefined fields* on pprod and ptest,
namely "ACMEDNS_UPDATE_URL".

Unfortunately,  "ACMEDNS_UPDATE_URL" has been
dropped in the latest versions of acme.sh
(and in the handler scripts v.3)
In v.3 , this is now all based on ACMEDNS_BASE_URL,
but the change has obviously not been reflected to
the GUI dialog.

Would you proxmox guys kindly mind to fix this ?

Best regards,
Martin