Powershell calling certbot in console or ISE script execution causes remoteException seemingly relat

link管理

链接快照平台

输入网页链接，自动生成快照
标签化管理网页链接

相关文章推荐

机灵的炒面 · A970通用款行车记录仪，具备单1080P高 ...· 1 周前 ·

温柔的小蝌蚪 · 长三角铁路4月8日起实施新运行图，增开沪宁杭 ...· 5 月前 ·

讲道义的企鹅 · 01 WPF 入门路径 | Alexzh.NET· 5 月前 ·

暗恋学妹的火柴 · Discover the ...· 5 月前 ·

不羁的打火机 · 什么是ESB？ - 知乎· 6 月前 ·

if i type:

certbot renew

at the PS console prompt (in PS ISE), then the following is written to the console:

certbot : Saving debug log to C:\Certbot\log\letsencrypt.log
At line:1 char:1certbot : Saving debug log to C:\Certbot\log\letsencr
+ certbot renew
+ ~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (Saving debug lo...letsencrypt.log:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError

Processing C:\Certbot\renewal\*****.conf

Certificate not yet due for renewal

The following certificates are not due for renewal yet:

C:\Certbot\live\*******\fullchain.pem expires on 2022-**-** (skipped)

No renewals were attempted.

(Note: I used * character to obfuscate my domain name info.)

It seems like certbot ran the subcommand ok, but there was some issue and a Powershell exception that seems related to the output of the first line output:

certbot : Saving debug log to C:\Certbot\log\letsencrypt.log

From the debug log:

2022-06-05 15:14:37,649:DEBUG:certbot._internal.main:certbot version: 1.24.0
2022-06-05 15:14:37,649:DEBUG:certbot._internal.main:Location of certbot entry point: C:\Program Files (x86)\Certbot\bin\certbot.exe
2022-06-05 15:14:37,649:DEBUG:certbot._internal.main:Arguments: ['--preconfigured-renewal']
2022-06-05 15:14:37,649:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2022-06-05 15:14:37,649:DEBUG:certbot.compat.misc:Failed to set console mode
Traceback (most recent call last):
File "C:\Program Files (x86)\Certbot\pkgs\certbot\compat\misc.py", line 60, in prepare_virtual_console
h.SetConsoleMode(h.GetConsoleMode() | ENABLE_VIRTUAL_TERMINAL_PROCESSING)
pywintypes.error: (6, 'GetConsoleMode', 'The handle is invalid.')
2022-06-05 15:14:37,759:DEBUG:certbot._internal.log:Root logging level set at 30

And comparing this to debug log contents for the execution of the same command except from the Windows CMD console (wherein the output is exactly the same except that there is no PS remote exception):

2022-06-05 15:13:26,430:DEBUG:certbot._internal.main:certbot version: 1.24.0
2022-06-05 15:13:26,430:DEBUG:certbot._internal.main:Location of certbot entry point: C:\Program Files (x86)\Certbot\bin\certbot.exe
2022-06-05 15:13:26,430:DEBUG:certbot._internal.main:Arguments: ['--preconfigured-renewal']
2022-06-05 15:13:26,430:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2022-06-05 15:13:26,524:DEBUG:certbot._internal.log:Root logging level set at 30

It seems the issue may be related to the virtual terminal processing in the misc.py code when certbot is invoked from powershell.

I get similar results when calling certbot from a PS script using the & (Powershell call operator).

When I look at a debug log from execution of the scheduled task add by the earlier "certbot run" with windows command:

Powershell.exe -NoProfile -WindowStyle Hidden -Command "certbot renew"

the first few lines of output are:

2022-06-04 12:00:06,572:DEBUG:certbot._internal.main:certbot version: 1.24.0
2022-06-04 12:00:06,572:DEBUG:certbot._internal.main:Location of certbot entry point: C:\Program Files (x86)\Certbot\bin\certbot.exe
2022-06-04 12:00:06,572:DEBUG:certbot._internal.main:Arguments: ['--preconfigured-renewal']
2022-06-04 12:00:06,572:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2022-06-04 12:00:06,666:DEBUG:certbot._internal.log:Root logging level set at 30

So, past the point of issue when invoked from console or execution of script in ISE.

Any ideas, on why the exception is happening and how this could be avoided?

Welcome @segmentlime

As background, Certbot is developed by EFF. Let's Encrypt is by ISRG.

A nice report and perhaps a developer for Certbot will see it and comment. But, this is mainly a forum to support Let's Encrypt. Of course, we often help people use certbot and other acme clients but in this case the problem seems just with certbot interacting with Powershell and not related much to the LE certs.

Perhaps someone here will be comment but I think you will be best served raising an issue on the Certbot github . Just giving you another option.

segmentlime:

+ CategoryInfo : NotSpecified: (Saving debug lo...letsencrypt.log:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError

I've done a bit of reading and it seems like PowerShell ISE might interpret any process output to standard error (stderr) as an error.

This doesn't really track with how UNIX commands work, where stderr is commonly used and process exit codes, instead, are used to report errors.

If you want, you can try redirecting all output to stdout. Or maybe there are some other idioms in PowerShell to deal with this issue, I'm not sure.