root
/
greenlock.js
mirror of https://github.com/therootcompany/greenlock.js.git
2
0
Fork 0
Code Issues 27 Releases Wiki Activity

Fails to notify that Node v10.12.0 or better is needed #8

New Issue
Closed
opened 2019-11-19 05:49:28 +00:00 by Ghost · 4 comments
Ghost commented 2019-11-19 05:49:28 +00:00
Copy Link

It seems GreenLock v3 uses "require('crypto').generateKeyPair()" which only exists starting with NodeJS v10.12.0 as documented here: https://nodejs.org/api/crypto.html#crypto_crypto_generatekeypair_type_options_callback

The code just errors when I called greenlock.renew() with no indication of the problem. I had to trace the GreenLock code to find this out. Would it be possible to add a detection and notification of this so that others don't run into the same problem? - Thanks.

It seems GreenLock v3 uses "require('crypto').generateKeyPair()" which only exists starting with NodeJS v10.12.0 as documented here: https://nodejs.org/api/crypto.html#crypto_crypto_generatekeypair_type_options_callback The code just errors when I called greenlock.renew() with no indication of the problem. I had to trace the GreenLock code to find this out. Would it be possible to add a detection and notification of this so that others don't run into the same problem? - Thanks.
coolaj86 commented 2019-11-19 05:53:32 +00:00
Owner
Copy Link

A few things:

  1. What error did you get?

  2. Yes, it's already supposed to throw an error that says something very similar to "upgrade to node v10.12 or install ursa or node-forge for older node versions"

  3. Did you perhaps supply a notify function and ignore the error events?

A few things: 1. What error did you get? 2. Yes, it's already supposed to throw an error that says something very similar to "upgrade to node v10.12 or install ursa or node-forge for older node versions" 3. Did you perhaps supply a `notify` function and ignore the `error` events?
Ghost commented 2019-11-19 06:05:10 +00:00
Author
Copy Link

Wow, your quick on the response.

  1. The .then() on the renew() got called with no indication of the exception. I think it returned an empty array [] if I remember correctly.
  2. Your probably right. It did not seem to have propagated up.
  3. Yes, I did get "error", arguments = {"length":0}. Nothing else.

I will put guards in my code to check for this, but figured I put this here to help others. Thank you for GreenLock by the way, it's almost core infrastructure. I try to support Node v6 and higher for MeshCentral, but for Let's Encrypt, I will have to bump up the requirements.

Wow, your quick on the response. 1. The .then() on the renew() got called with no indication of the exception. I think it returned an empty array [] if I remember correctly. 2. Your probably right. It did not seem to have propagated up. 3. Yes, I did get "error", arguments = {"length":0}. Nothing else. I will put guards in my code to check for this, but figured I put this here to help others. Thank you for GreenLock by the way, it's almost core infrastructure. I try to support Node v6 and higher for MeshCentral, but for Let's Encrypt, I will have to bump up the requirements.
coolaj86 commented 2019-11-19 06:24:31 +00:00
Owner
Copy Link

You happened to catch me at a good time.

Hmm.... I'll have to look into that.

There was some back and forth about node v6 support and ultimately I decided that continuing to support it wasn't worth it. Everything should be supported in node v8, but I've only been testing v10, v11, and v12 while I iron out a few last issues with the normal use of Greenlock v3.

I know that in v8 you have to install ursa or node-forge and you have to change accountKeyType to RSA-2048 due to the lack of P-256 support.

And, due to community feedback, I'm actually going to publish v4 soon. It's not actually a major change, but I'm going back to configDir instead of configFile, which will require a manual step mv greenlock.json ./path/to/confdir/config.json that I can't reasonably automate.

I plan to release Greenlock Pro soonish, perhaps in January, as well.

You happened to catch me at a good time. Hmm.... I'll have to look into that. There was some back and forth about node v6 support and ultimately I decided that continuing to support it wasn't worth it. Everything _should_ be supported in node v8, but I've only been testing v10, v11, and v12 while I iron out a few last issues with the normal use of Greenlock v3. I know that in v8 you have to install ursa or node-forge and you have to change `accountKeyType` to `RSA-2048` due to the lack of `P-256` support. And, due to community feedback, I'm actually going to publish v4 soon. It's not actually a major change, but I'm going back to `configDir` instead of `configFile`, which will require a manual step `mv greenlock.json ./path/to/confdir/config.json` that I can't reasonably automate. I plan to release Greenlock Pro soonish, perhaps in January, as well.
Ghost commented 2019-11-19 19:46:04 +00:00
Author
Copy Link

Nice. I have no problem requiring a better version of NodeJS if Let's Encrypt is used. Plenty of people use MeshCentral without GreenLock on a Raspberry Pi and so, it will still work on v6 in that case. I dynamically install GreenLock when needed, so it's not part of the MeshCentral dependencies by default.

FYI. If you want to see what the last few weeks of MeshCentral/GreenLock looked like:
https://github.com/Ylianst/MeshCentral/issues/658
https://github.com/Ylianst/MeshCentral/issues/629
https://github.com/Ylianst/MeshCentral/issues/662

I am not sure what you would think of my implementation of GreenLock in MeshCentral. I want to avoid placing any configuration file for GreenLock and instead feeding that config at runtime. At some point, I would like to optionally store the LE certs in HashiCorp Vault.

Looking forward to your new releases.

Nice. I have no problem requiring a better version of NodeJS if Let's Encrypt is used. Plenty of people use MeshCentral without GreenLock on a Raspberry Pi and so, it will still work on v6 in that case. I dynamically install GreenLock when needed, so it's not part of the MeshCentral dependencies by default. FYI. If you want to see what the last few weeks of MeshCentral/GreenLock looked like: https://github.com/Ylianst/MeshCentral/issues/658 https://github.com/Ylianst/MeshCentral/issues/629 https://github.com/Ylianst/MeshCentral/issues/662 I am not sure what you would think of my implementation of GreenLock in MeshCentral. I want to avoid placing any configuration file for GreenLock and instead feeding that config at runtime. At some point, I would like to optionally store the LE certs in HashiCorp Vault. Looking forward to your new releases.
Ghost closed this issue 2020-03-02 20:01:45 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
fix-v2-bump-deps
v2
github
next
v4
npm
v3
wip
dns-challenge-regression-fix
v2.4
v2.5
v2.3
v2.2
acmev2
v2.1
greenlock
v1
node-letsencrypt-python
v2.8.9
v4.0.5
v4.0.4
v4.0.3
v4.0.2
v4.0.1
v4.0.0
v3.1.5
v3.1.4
v3.1.3
v3.0.25
v3.0.24
v3.0.23
v3.0.21
v3.0.20
v3.0.19
v3.0.18
v3.0.17
v3.0.16
v3.0.15
v3.0.12
v3.0.11
v3.0.10
v3.0.9
v3.0.7
v3.0.6
v3.0.5
v3.0.4
v3.0.3
v3.0.2
v3.0.1
v2.8.8
v2.8.7
v2.8.6
v2.8.5
v2.8.4
v2.8.3
v2.8.2
v2.8.1
v2.8.0
v2.7.23
v2.7.22
v2.7.21
v2.7.20
v2.7.19
v2.7.18
v2.7.17
v2.7.16
v2.7.15
v2.7.14
v2.7.13
v2.7.12
v2.7.11
v2.7.10
v2.7.9
v2.7.8
v2.7.7
v2.7.6
v2.7.5
v2.7.4
v2.7.3
v2.7.2
v2.7.1
v2.7.0
v2.6.10
v2.6.9
v2.6.8
v2.6.7
v2.6.6
v2.6.5
v2.6.4
v2.6.3
v2.6.2
v2.6.1
v2.6.0
v2.5.0
v2.4.10
v2.4.9
v2.4.8
v2.4.7
v2.4.2
v2.4.1
v2.4.0
v2.3.13
v2.3.12
v2.3.11
v2.3.10
v2.3.9
v2.3.8
v2.3.7
v2.3.6
v2.3.5
v2.3.4
v2.3.3
v2.3.2
v2.3.1
v2.3.0
v2.2.20
v2.2.19
v2.2.17
v2.2.18
v2.2.16
v2.2.15
v2.2.14
v2.2.13
v2.2.12
v2.2.11
v2.2.10
v2.2.8
v2.2.7
v2.2.6
v2.2.5
v2.2.4
v2.2.3
v2.2.2
v2.2.0
v2.1.19
v2.1.18
v2.1.17
v2.1.16
v2.1.15
v2.1.14
v2.1.13
v2.1.12
v2.1.11
v2.1.10
v2.1.9
v2.1.7
v2.1.6
v2.1.5
v2.1.4
v2.1.3
v2.1.2
v2.1.1
v2.1.0
v1.5.8
v2.0.5
v2.0.4
v1.5.7
v1.5.6
v1.5.5
v2.0.3
v2.0.2
v2.0.1
v2.0.0
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.0
v1.2.0
v1.1.0
v1.0.2
v1.0.0
v1.0.1
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: root/greenlock.js#8
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?