ACME not using configured http proxy

H

h-k

New Member
Nov 20, 2021
1
0
1
It seems like ACME is not using the globally configured http proxy when doing requests. If I try to add an account in the PVE GUI I get
Code: 
Error: GET to https://acme-v02.api.letsencrypt.org/directory Can't connect to acme-v02.api.letsencrypt.org:443 (Network is unreachable) Network is unreachable at /usr/share/perl5/LWP/Protocol/http.pm line 50. (500)

I can register an account via the CLI if i provide the "https_proxy" environment variable ("http_proxy" does not work) but as this need to work automatically on renewals this is not feasible in the long run.
Code: 
https_proxy="http://proxy.example.com:3128" pvenode acme account register letsencrypt admin@example.com
 
h-k said:
It seems like ACME is not using the globally configured http proxy when doing requests. If I try to add an account in the PVE GUI I get
Code: 
Error: GET to https://acme-v02.api.letsencrypt.org/directory Can't connect to acme-v02.api.letsencrypt.org:443 (Network is unreachable) Network is unreachable at /usr/share/perl5/LWP/Protocol/http.pm line 50. (500)

I can register an account via the CLI if i provide the "https_proxy" environment variable ("http_proxy" does not work) but as this need to work automatically on renewals this is not feasible in the long run.
Code: 
https_proxy="http://proxy.example.com:3128" pvenode acme account register letsencrypt admin@example.com
Click to expand...
I've just discovered this issue now, and this completely breaks the whole reason of having an http proxy to prevent the host having unfettered internet access. This issue is still present in 8.3.4.
 
You must log in or register to reply here.
Top Bottom