Propagation time
sudo-kraken opened this issue · comments
I have this setup with a propagation time of 900 seconds and it still isnt long enough, its creating the txt record but it seems to just timeout waiting for certs after this.
I seem to be seeing this as well....
After cancelling after over 20 minutes (propagation time set to 900 seconds), log read the following:
2023-10-25 09:23:01,561:DEBUG:filelock:Lock 139845047125040 released on /root/.cache/python-tldextract/3.8.10.final__path__c6182e__tldextract-5.0.1/publicsuffix.org-tlds/de84b5ca2167d4c83e38fb162f2e8738.tldextract.json.lock
2023-10-25 09:23:01,562:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/some/path/lib/python3.8/site-packages/tldextract/cache.py", line 210, in run_and_cache
result = cast(T, self.get(namespace=namespace, key=key_args))
File "/some/path/lib/python3.8/site-packages/tldextract/cache.py", line 112, in get
raise KeyError("namespace: " + namespace + " key: " + repr(key))
KeyError: "namespace: publicsuffix.org-tlds key: {'urls': ('https://publicsuffix.org/list/public_suffix_list.dat', 'https://raw.githubusercontent.com/publicsuffix/list/master/public_suffix_list.dat'), 'fallback_to_snapshot': True}"
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/some/path/lib/python3.8/site-packages/tldextract/cache.py", line 210, in run_and_cache
result = cast(T, self.get(namespace=namespace, key=key_args))
File "/some/path/lib/python3.8/site-packages/tldextract/cache.py", line 112, in get
raise KeyError("namespace: " + namespace + " key: " + repr(key))
KeyError: "namespace: urls key: {'url': 'https://publicsuffix.org/list/public_suffix_list.dat'}"
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/some/path/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 88, in handle_authorizations
resps = self.auth.perform(achalls)
File "/some/path/lib/python3.8/site-packages/certbot/plugins/dns_common.py", line 76, in perform
self._perform(domain, validation_domain_name, validation)
File "/some/path/lib/python3.8/site-packages/certbot_dns_godaddy.py", line 54, in _perform
return self.godaddy_client.add_txt_record(domain, validation_name, validation)
File "/some/path/lib/python3.8/site-packages/certbot_dns_godaddy.py", line 85, in add_txt_record
ex = tldextract.extract(domain)
File "/some/path/lib/python3.8/site-packages/tldextract/tldextract.py", line 405, in extract
return TLD_EXTRACTOR(url, include_psl_private_domains=include_psl_private_domains)
File "/some/path/lib/python3.8/site-packages/tldextract/tldextract.py", line 227, in __call__
return self.extract_str(url, include_psl_private_domains)
File "/some/path/lib/python3.8/site-packages/tldextract/tldextract.py", line 242, in extract_str
return self._extract_netloc(lenient_netloc(url), include_psl_private_domains)
File "/some/path/lib/python3.8/site-packages/tldextract/tldextract.py", line 285, in _extract_netloc
suffix_index, is_private = self._get_tld_extractor().suffix_index(
File "/some/path/lib/python3.8/site-packages/tldextract/tldextract.py", line 330, in _get_tld_extractor
public_tlds, private_tlds = get_suffix_lists(
File "/some/path/lib/python3.8/site-packages/tldextract/suffix_list.py", line 70, in get_suffix_lists
return cache.run_and_cache(
File "/some/path/lib/python3.8/site-packages/tldextract/cache.py", line 212, in run_and_cache
result = func(**kwargs)
File "/some/path/lib/python3.8/site-packages/tldextract/suffix_list.py", line 91, in _get_suffix_lists
text = find_first_response(cache, urls, cache_fetch_timeout=cache_fetch_timeout)
File "/some/path/lib/python3.8/site-packages/tldextract/suffix_list.py", line 41, in find_first_response
return cache.cached_fetch_url(
File "/some/path/lib/python3.8/site-packages/tldextract/cache.py", line 221, in cached_fetch_url
return self.run_and_cache(
File "/some/path/lib/python3.8/site-packages/tldextract/cache.py", line 212, in run_and_cache
result = func(**kwargs)
File "/some/path/lib/python3.8/site-packages/tldextract/cache.py", line 230, in _fetch_url
response = session.get(url, timeout=timeout)
File "/some/path/lib/python3.8/site-packages/requests/sessions.py", line 602, in get
return self.request("GET", url, **kwargs)
File "/some/path/lib/python3.8/site-packages/requests/sessions.py", line 589, in request
resp = self.send(prep, **send_kwargs)
File "/some/path/lib/python3.8/site-packages/requests/sessions.py", line 703, in send
r = adapter.send(request, **kwargs)
File "/some/path/lib/python3.8/site-packages/requests/adapters.py", line 486, in send
resp = conn.urlopen(
File "/some/path/lib/python3.8/site-packages/urllib3/connectionpool.py", line 791, in urlopen
response = self._make_request(
File "/some/path/lib/python3.8/site-packages/urllib3/connectionpool.py", line 468, in _make_request
self._validate_conn(conn)
File "/some/path/lib/python3.8/site-packages/urllib3/connectionpool.py", line 1097, in _validate_conn
conn.connect()
File "/some/path/lib/python3.8/site-packages/urllib3/connection.py", line 642, in connect
sock_and_verified = _ssl_wrap_socket_and_match_hostname(
File "/some/path/lib/python3.8/site-packages/urllib3/connection.py", line 783, in _ssl_wrap_socket_and_match_hostname
ssl_sock = ssl_wrap_socket(
File "/some/path/lib/python3.8/site-packages/urllib3/util/ssl_.py", line 471, in ssl_wrap_socket
ssl_sock = _ssl_wrap_socket_impl(sock, context, tls_in_tls, server_hostname)
File "/some/path/lib/python3.8/site-packages/urllib3/util/ssl_.py", line 515, in _ssl_wrap_socket_impl
return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
File "/usr/lib/python3.8/ssl.py", line 500, in wrap_socket
return self.sslsocket_class._create(
File "/usr/lib/python3.8/ssl.py", line 1040, in _create
self.do_handshake()
File "/usr/lib/python3.8/ssl.py", line 1309, in do_handshake
self._sslobj.do_handshake()
Any ideas @miigotu?
After more debugging and such, the one it seems to get stuck on for a while is 2023-10-25 09:24:34,980:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): publicsuffix.org:443
and it doesn't seem to get past this for the entire 20+ minutes.
There is a new version that uses the latest lexicon and certbot, which should fix this issue. If not, feel free to let me know in this issue and I will reopen.
I'm fairly sure that the older lexicon was the issue here, and there may be an issue with the latest release so please let me know if you have further issues with v2. 7.4+