You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have a Java-based service which is bound to port 80 and so I have written scripts to stop and start the service before and after certificate renewal. I configured DefaultPreExecutionScript/DefaultPostExecutionScript in settings.json based on https://simple-acme.com/reference/plugins/validation/http/selfhosting, and confirmed that the scripts work when I copy the path from settings.json into PowerShell.
I ran the following command: .\wacs.exe --source manual --host this-server.internal.domain --installation none --store pfxfile --pfxpassword "vault://json/pfxkey" --pfxfilepath "C:\Program Files\TheService" --pfxfilename "step-ca-theservice.pfx" --emailaddress user@domain.com --verbose
It's more of a design issue. Pre/post execution scripts run before/after the certificate is being executed (requested/renewed), whereas this error happens during the configuration stage. In other words you'd have to disable the service in some other way during initial configuration. I'll have to think a bit about whether this is solvable in a more elegant way for some future release.
It's more of a design issue. Pre/post execution scripts run before/after the certificate is being executed (requested/renewed), whereas this error happens during the configuration stage. In other words you'd have to disable the service in some other way during initial configuration. I'll have to think a bit about whether this is solvable in a more elegant way for some future release.
I've solved it now by getting the CA's firewall to remap port 80 to another port for this server, but it would be good to see a better solution in future - perhaps an analogous DefaultPreConfigurationScript/DefaultPostConfigurationScript?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
simple-acme
It's more of a design issue. Pre/post execution scripts run before/after the certificate is being executed (requested/renewed), whereas this error happens during the configuration stage. In other words you'd have to disable the service in some other way during initial configuration. I'll have to think a bit about whether this is solvable in a more elegant way for some future release.