Skip to content
This repository has been archived by the owner on Aug 30, 2024. It is now read-only.

Errors in using LTS node js version 12.16.1 #32

Open
sutarsha opened this issue Apr 14, 2020 · 2 comments
Open

Errors in using LTS node js version 12.16.1 #32

sutarsha opened this issue Apr 14, 2020 · 2 comments

Comments

@sutarsha
Copy link

I am using this lambda function to generate letsencrypt certificate and then put them in s3 bucket so later when I bake images it would pick the certificate from s3. I am using below node version on my mac where this fails.

| => node --version
v12.16.1

However, I get below error when I run it locally.

| => npm run local-cert

> [email protected] local-cert /Users/shaileshsutar/company_name/project_name/node-acme-lambda
> node bin/local.js

s3://uat-bucket-name/acme/host.uat.product.company_name.net.json does not exist.
Certificate with key host.uat.product.company_name.net is missing, going to regenerate.
Submitting new order to https://acme-v02.api.letsencrypt.org/acme/new-order for [{"name":"host.uat.product.company_name.net","zoneLevels":3}]
deprecation notice: new signature for signJws(keypair, header, protect, payload)
(node:9847) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead.
Couldn't retrieve hosted zones from Route53 TypeError: Cannot read property 'Id' of undefined
    at /Users/shaileshsutar/company_name/project_name/node-acme-lambda/src/aws/route53/getHostedZoneId.js:12:96
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at async Promise.all (index 0)
    at async Promise.all (index 0)
Couldn't write token digest to DNS record. TypeError: Cannot read property 'Id' of undefined
    at /Users/shaileshsutar/company_name/project_name/node-acme-lambda/src/aws/route53/getHostedZoneId.js:12:96
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at async Promise.all (index 0)
    at async Promise.all (index 0)
Experienced error getting challenges TypeError: Cannot read property 'Id' of undefined
    at /Users/shaileshsutar/company_name/project_name/node-acme-lambda/src/aws/route53/getHostedZoneId.js:12:96
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at async Promise.all (index 0)
    at async Promise.all (index 0)
Results are [{"err":true,"msg":"Updating cert for host.uat.product.company_name.net, received err TypeError: Cannot read property 'Id' of undefined, TypeError: Cannot read property 'Id' of undefined\n    at /Users/shaileshsutar/company_name/project_name/node-acme-lambda/src/aws/route53/getHostedZoneId.js:12:96\n    at processTicksAndRejections (internal/process/task_queues.js:97:5)\n    at async Promise.all (index 0)\n    at async Promise.all (index 0)"}]

From error, I understand that there is function Buffer() which is deprecated. What I don't understand is error can not read property 'Id'. This works fine with lambda nodjs runtime version 10.x however it fails when I run it on nodejs version 12.x

Am I missing something here? The reason I am raising this here again is that we are getting emails from letencrypt which states that we are using the old acme v1 protocol for retrieving certs. However, this is not the case. I have already updated my config.js file with appropriate acme v2 protocol. Below is the config file I am using.

const defaultCertInfo = {
    "host.uat.product.company_name.net": [{"name": "host.uat.product.company_name.net", "zoneLevels": 3}]
      }

module.exports = {
  's3-account-bucket': process.env.S3_ACCOUNT_BUCKET || 'uat-bucket-name',
  's3-cert-bucket': process.env.S3_CERT_BUCKET || 'uat-bucket-name',
  's3-folder': process.env.S3_CERT_FOLDER || 'acme',
  'certificate-info': process.env.S3_CERT_INFO ? JSON.parse(process.env.S3_CERT_INFO) : defaultCertInfo,
  'acme-dns-retry': 30,
  'acme-dns-retry-delay-ms': 2000,
  'acme-account-file': process.env.ACME_ACCOUNT_FILE || 'acme-account',
  'acme-account-email': process.env.ACME_ACCOUNT_EMAIL || 'aws-product-nonprod@company_name.com',
  'acme-account-key-bits': 4096,
  'acme-directory-url': 'https://acme-v02.api.letsencrypt.org',
  'region': process.env.AWS_REGION || 'eu-west-1'
}

It may not be related to nodejs version however I just want to make sure we are not at risk due to this. By the way, I have anonymized the actual value.

Regards,
Shailesh
@larryboymi
Copy link
Contributor

Thanks @sutarsha , will check this out!

@shaileshsutar88
Copy link

shaileshsutar88 commented May 21, 2020
edited
Loading

Any update on this. Were you able to reproduce the issue?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@larryboymi @shaileshsutar88 @sutarsha