revoke : Invalid key file ? + --account-id bug ?

[lolo888]

root@za4:~# getssl -r /etc/getssl/account.key /etc/getssl/exemple.com/bak/exemple.com.key
getssl: ACME server returned error: 400:   "detail": "Unable to parse certificate DER",

root@za4:~# getssl -r /etc/getssl/exemple.com/bak/exemple.com.key /etc/getssl/exemple.com/bak/exemple.com.crt
getssl: Invalid key file


root@za4:~# getssl -w /etc/getssl/ --account-id /etc/getssl/account.key
/etc/getssl/account.key: ACL location not specified for domain /etc/getssl/account.key in /etc/getssl///etc/getssl/account.key/getssl.cfg
/etc/getssl/account.key: DNS lookup failed for /etc/getssl/account.key
getssl: /etc/getssl/account.key: exiting due to config errors
root@za4:~# getssl -w /etc/getssl/ --account-id /etc/getssl/exemple.com/exemple.com.key
/etc/getssl/exemple.com/exemple.com.key: ACL location not specified for domain /etc/getssl/exemple.com/exemple.com.key in /etc/getssl///etc/getssl/exemple.com/exemple.com.key/getssl.cfg
/etc/getssl/exemple.com/exemple.com.key: DNS lookup failed for /etc/getssl/exemple.com/exemple.com.key
getssl: /etc/getssl/exemple.com/exemple.com.key: exiting due to config errors
root@za4:~# getssl --account-id /etc/getssl/exemple.com/exemple.com.key
/etc/getssl/exemple.com/exemple.com.key: ACL location not specified for domain /etc/getssl/exemple.com/exemple.com.key in /etc/getssl//etc/getssl/exemple.com/exemple.com.key/getssl.cfg
/etc/getssl/exemple.com/exemple.com.key: DNS lookup failed for /etc/getssl/exemple.com/exemple.com.key
getssl: /etc/getssl/exemple.com/exemple.com.key: exiting due to config errors
root@za4:~# getssl --account-id /etc/getssl/account.key 
/etc/getssl/account.key: ACL location not specified for domain /etc/getssl/account.key in /etc/getssl//etc/getssl/account.key/getssl.cfg
/etc/getssl/account.key: DNS lookup failed for /etc/getssl/account.key
getssl: /etc/getssl/account.key: exiting due to config errors
root@za4:~# getssl --account-id /etc/getssl/exemple.com
/etc/getssl/exemple.com: ACL location not specified for domain /etc/getssl/exemple.com in /etc/getssl//etc/getssl/exemple.com/getssl.cfg
/etc/getssl/exemple.com: DNS lookup failed for /etc/getssl/exemple.com
getssl: /etc/getssl/exemple.com: exiting due to config errors

getssl v2.48

[timkimber]

Hi @lolo888

The syntax for revoking a certificate is:
--revoke "cert" "key" [CA_server]

So you would need to do:
getssl -w /etc/getssl/ /etc/getssl/exemple.com/bak/exemple.com.crt /etc/getssl/exemple.com/bak/exemple.com.key

I will add a "how to revoke a key" section to the wiki and also improve the error checking around both the revoke function and the --account-id option. Thanks for the great examples of where the output is especially unhelpful.

Note: I currently have very little time to work on getssl due to work commitments

[lolo888]

Hi

So you would need to do: getssl -w /etc/getssl/ /etc/getssl/exemple.com/bak/exemple.com.crt /etc/getssl/exemple.com/bak/exemple.com.key

getssl: invalid command line /etc/getssl/exemple.com/bak/exemple.com.crt - it appears to contain more than one domain

contain only exemple.com and ftp.exemple.com

[lolo888]

Oups !
getssl -w /etc/getssl/ -r /etc/getssl/exemple.com/bak/exemple.com.crt /etc/getssl/exemple.com/bak/exemple.com.key certificate revoked
tks 👍