Symbiosis/Lets Encrypt: Account creation on ACMEv1 is disabled (certificates fail to be created/renewed)


#1

Hi all,

Today I’ve found that when I go to create a new hosting account on Symbiosis (on Stretch) Lets Encrypt certificates aren’t generating - with the following error:

Failed: Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555. See https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430 for details.

It looks like there’s a new version of the Lets Encrypt API that Symbiosis doesn’t yet include - and with there seemingly have been a slow-down in development for Symbiosis in the run-up to/following the acquisition of Bytemark by ioMart I’m not sure where that leaves things!

Any ideas?

Cheers,
Chris


#2

Looks like we will have to go the route outlined in this thread - The future of Symbiosis


#3

I’m afraid we don’t have any plans for Symbioisis development at all. There is a fork of Symbiosis called Sympl, which is available for Debian 10 at https://sympl.host, and the developer is promising support for ACMEv2.

There is a workaround, if you have a currently working domain. Letsencrypt are not accepting new accounts with ACMEv1 after November 1. Symbiosis creates a new account for every new set of domains, but that’s not strictly necessary.

You can reuse an existing account by copying /srv/DOMAIN/config/ssl/letsencrypt/account_key (eg /srv/example.com/config/ssl/letsencrypt/account_key) into your new domain configuration. If the account_key is present, then that’s the account that will be used.


#4

@OBrienMedia @phill104: I can confirm that Sympl now has support for ACMEv2 in the stable branch, so account creation and so on are fine in Sympl for the foreseeable future.

Anyone experiencing the above issue may want to look into migrating to Sympl which is continuing development, and already supports Debian Buster, as well as improving security over Symbiosis.


#5

Thanks for the workaround.
I’d like to point out that you SHOULD have plans to develop Symbiosis. It was the jewel in the crown of Bytemark.
Migrating an existing Symbiosis server to Sympl is not supposed to be possible, so if people will have to migrate their sites to a new Sympl installation, the easiest way to do that is to move away from Bytemark - and that’s probably the route I shall take if I do need to move to Sympl.


#6

After testing out Sympl, and as Bytemark have no plans for Symbiosis, we’ve decided to switch all of our VM’s (and content DNS) to Amazon Web Services. We’re now running Sympl for 2 VM’s with roughly 50 websites on each and have found that performance on AWS and Sympl to far outstrip Bytemark’s offering. It’s a sad time as weve been a Bytemark client for over 10 years but recent changes have left us with no option- and the cost savings are big (we pay Bytemark hundreds of pounds a month and have halved that with the switchover)


#7

Good information thanks. Was the Sympl package easy to install on AWS ?