Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 30 subscribers
  • Views 2368 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Renew certificate: aborting, failed to acquire an exclusive lock: Resource temporarily unavailable

Fabian Kröger

Hallo zusammen,

der Versuch mit der Sophos UTM ein Lets Encrypt Cert zu erstellen, bricht leider mit folgender Fehlermeldung ab:

2019:05:10-14:05:11 utm letsencrypt[32389]: I Renew certificate: handling CSR REF_CaCsrLeMail05201 for domain set [domain1.domain.de,domain2.domain.de,domain3.domain.de]
2019:05:10-14:05:11 utm letsencrypt[32389]: I Renew certificate: running command: /var/storage/chroot-reverseproxy/usr/dehydrated/bin/dehydrated -x -f /var/storage/chroot-reverseproxy/usr/dehydrated/conf/config -c --accept-terms --domain domain1.domain.de --domain domain2.domain.de --domain domain3.domain.de
2019:05:10-14:06:01 utm letsencrypt[1510]: E Renew certificate: aborting, failed to acquire an exclusive lock: Resource temporarily unavailable
2019:05:10-14:07:01 utm letsencrypt[2418]: E Renew certificate: aborting, failed to acquire an exclusive lock: Resource temporarily unavailable
2019:05:10-14:08:00 utm letsencrypt[32389]: I Renew certificate: command completed with exit code 256
2019:05:10-14:08:00 utm letsencrypt[32389]: E Renew certificate: COMMAND_FAILED: ERROR: Problem connecting to server (get for cert.int-x3.letsencrypt.org/; curl returned with 6)
2019:05:10-14:08:00 utm letsencrypt[32389]: E Renew certificate: COMMAND_FAILED: ERROR: Walking chain has failed, your certificate has been created and can be found at /var/storage/chroot-reverseproxy/var/lib/dehydrated/cert_data/certs/domain domain1.domain.de/cert-1557489912.pem, the corresponding private key at privkey.pem. If you want you can manually continue on creating and linking all necessary files. If this error occurs again you should manually generate the certificate chain and place it under /var/storage/chroot-reverseproxy/var/lib/dehydrated/cert_data/chains/4f06f81d.chain (see cert.int-x3.letsencrypt.org/)
2019:05:10-14:08:00 utm letsencrypt[32389]: I Renew certificate: sending notification WARN-603
2019:05:10-14:08:00 utm letsencrypt[32389]: [WARN-603] Let's Encrypt certificate renewal failed accessing Let's Encrypt service
2019:05:10-14:08:00 utm letsencrypt[32389]: I Renew certificate: execution completed (CSRs renewed: 0, failed: 1)

 

Die UTM hängt hinter einer Fritzbox, Port 80 und 443 sind auf die UTM weitergeleitet.

Firmwareversion: 9.602-3

Hat jemand eine Idee?

Viele Grüße
Fabian



This thread was automatically locked due to age.
  • 0

    Ich hatte wiederholt das Problem, dass country-blocking aktiviert war...

    Die Meldungen sahen ähnlich aus.

     


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • 0 in reply to dirkkotte

    Konnte ich bei mir jetzt nicht feststellen, oder gibt es das noch an einer anderen Stelle als in der Firewall?

  • 0 in reply to Fabian Kröger

    nein, das ist der Punkt


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • 0 in reply to dirkkotte

    Hallo,

    ist das Problem gelöst und wenn ja wie oder bedarfs es noch Unterstützung?

    Regards

    Jason

    Sophos Certified Architect - UTM

  • 0 in reply to Jason Klein

    Hallo,

    nein, das Problem ist leider noch nicht gelöst.

  • 0

    Das selbe Problem bei mir.

    Ich bekomme laufend Einträge dieser Art im system.og:

     

    2019:05:31-12:20:01 gate /usr/sbin/cron[1638]: (root) CMD (/var/mdw/scripts/pmx-blocklist-update)
    2019:05:31-12:20:01 gate /usr/sbin/cron[1640]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl  > /dev/null)
    2019:05:31-12:21:01 gate /usr/sbin/cron[1834]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl  > /dev/null)
    2019:05:31-12:22:01 gate /usr/sbin/cron[1962]: (httpproxy) CMD (/var/chroot-http/usr/bin/virus_feedback_uploader)
    2019:05:31-12:22:01 gate /usr/sbin/cron[1963]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl  > /dev/null)
    2019:05:31-12:23:01 gate /usr/sbin/cron[2085]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl  > /dev/null)
    2019:05:31-12:24:01 gate /usr/sbin/cron[2558]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl  > /dev/null)
    2019:05:31-12:25:01 gate /usr/sbin/cron[2693]: (root) CMD (   /usr/local/bin/reporter/system-reporter.pl)
    2019:05:31-12:25:01 gate /usr/sbin/cron[2694]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl  > /dev/null)
    2019:05:31-12:26:01 gate /usr/sbin/cron[2888]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl  > /dev/null)
    2019:05:31-12:26:01 gate /usr/sbin/cron[2889]: (root) CMD (/sbin/audld.plx --nosys --trigger)
    2019:05:31-12:27:01 gate /usr/sbin/cron[3050]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl  > /dev/null)
    2019:05:31-12:28:01 gate /usr/sbin/cron[3238]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl  > /dev/null)
    2019:05:31-12:29:01 gate /usr/sbin/cron[3392]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl  > /dev/null)
    2019:05:31-12:30:01 gate /usr/sbin/cron[3623]: (root) CMD ( /usr/local/bin/rpmdb_backup )
    2019:05:31-12:30:01 gate /usr/sbin/cron[3625]: (httpproxy) CMD (/var/chroot-http/usr/bin/virus_sample_uploader -p /var/chroot-http)
    2019:05:31-12:30:01 gate /usr/sbin/cron[3628]: (root) CMD (/var/mdw/scripts/pmx-blocklist-update)
    2019:05:31-12:30:01 gate /usr/sbin/cron[3627]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl  > /dev/null)
    2019:05:31-12:30:01 gate /usr/sbin/cron[3629]: (root) CMD (   /usr/local/bin/reporter/system-reporter.pl)
    2019:05:31-12:31:01 gate /usr/sbin/cron[3864]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl  > /dev/null)
    2019:05:31-12:32:01 gate /usr/sbin/cron[4092]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl  > /dev/null)
    2019:05:31-12:32:01 gate /usr/sbin/cron[4093]: (root) CMD (  nice -n19 /usr/local/bin/gen_inline_reporting_data.plx)
    2019:05:31-12:33:01 gate /usr/sbin/cron[4303]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl  > /dev/null)
    2019:05:31-12:34:01 gate /usr/sbin/cron[4455]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl  > /dev/null)

    Natürlich funktioniert während des renew_certificate.pl läuft das WebAdmin Portal nicht mehr, bzw. man wird laufend rausgeschmissen.

    In der Crontab steht die Zeile für das script mit "Renew marked CSRs" beschrieben, ich habe aber keine CSRs offen. Wo kann ich die sehen?

Cookie Information Banner