"missing field `keyChange` at line 1 column 390"

mousseman

Member
Dec 1, 2022
2
0
6
Hi everybody,

I tried to request a certificate from the Dogtag PKI that I have set up internally, and with the command line

proxmox-backup-manager acme account register backy_local xxxxx@xxxxx.yyyyy.zz --directory https://ipa-ca.lab.local/acme/directory

I'm getting the error

Attempting to fetch Terms of Service from "https://ipa-ca.lab.local/acme/directory"
Error: missing field `keyChange` at line 1 column 390

Funnily enough, the exactly same procedure worked with Proxmox PVE 7.4.17 (apart from having to use pvenode, of course), which I have and works nicely.

Also, localhost-access.log from the dogtag PKI (as part of posts nothing strange:


127.0.0.1 - - [02/Jan/2025:23:41:03 +0100] "-" 400 -
10.10.1.20 - - [02/Jan/2025:23:41:20 +0100] "GET /acme/rest/directory HTTP/1.1" 200 390
10.10.1.20 - - [02/Jan/2025:23:42:50 +0100] "GET /acme/rest/directory HTTP/1.1" 200 390
10.10.1.20 - - [02/Jan/2025:23:50:02 +0100] "GET /acme/rest/directory HTTP/1.1" 200 390
10.10.1.20 - - [02/Jan/2025:23:50:07 +0100] "GET /acme/rest/directory HTTP/1.1" 200 390
10.10.1.20 - - [02/Jan/2025:23:52:09 +0100] "GET /acme/rest/directory HTTP/1.1" 200 390

10.10.1.20 is my proxmox backup appliance 3.1.2 which works nicely otherwise, but I'd like to have a CA-signed certificate for my backup appliance.

Any ideas?
 
Hello,

I'm getting the same error:

Code:
[root@pbs1.example.com ~]$ proxmox-backup-manager acme account register default admin+acme@example.com --directory https://ca.example.com/acme/directory
Attempting to fetch Terms of Service from "https://ca.example.com/acme/directory"
Error: missing field `keyChange` at line 1 column 430

Code:
$ pveversion
pve-manager/8.3.5/dac3aa88bac3f300 (running kernel: 6.8.12-8-pve)

I can also confirm that on pve, the exact same ACME CA works flawlessly.
 
Hey everyone, i came across this thread because I have the same problem as the OP.

I guess that means the fix hasn't been released yet? How can I fix it myself?
 
Hello everyone,

I am experiencing the same issue with Proxmox Mail Gateway.

Registering new ACME account..
Registration failed: missing field `keyChange` at line 14 column 1
Task Registration failed: missing field `keyChange` at line 14 column 1
 
What's you pmgversion -v? Please check if the issue still persists on the upcoming PMG9 release, see https://forum.proxmox.com/threads/proxmox-mail-gateway-9-0-beta-released.172607/
pmgversion -v

proxmox-mailgateway: 8.2.0 (API: 8.2.5/042f067b5a93, running kernel: 6.8.12-15-pve)
pmg-api: 8.2.5
pmg-gui: 4.2.1
proxmox-kernel-helper: 8.1.4
proxmox-kernel-6.8: 6.8.12-15
proxmox-kernel-6.8.12-15-pve-signed: 6.8.12-15
proxmox-kernel-6.8.12-11-pve-signed: 6.8.12-11
clamav-daemon: 1.0.9+dfsg-1~deb12u1
ifupdown: residual config
ifupdown2: 3.2.0-1+pmx11
libarchive-perl: 3.6.2
libjs-extjs: 7.0.0-5
libjs-framework7: 4.4.7-2
libproxmox-acme-perl: 1.6.0
libproxmox-acme-plugins: 1.6.0
libpve-apiclient-perl: 3.3.2
libpve-common-perl: 8.3.4
libpve-http-server-perl: 5.2.2
libxdgmime-perl: 1.1.0
lvm2: 2.03.16-2
pmg-docs: 8.2.0
pmg-i18n: 3.4.5
pmg-log-tracker: 2.5.0
proxmox-mini-journalreader: 1.5
proxmox-offline-mirror-helper: 0.6.8
proxmox-spamassassin: 4.0.1-2
proxmox-widget-toolkit: 4.3.13
pve-firmware: 3.16-3
pve-xtermjs: 5.5.0-2