Ubuntu
pyasn1 package

external (letsencrypt) certs failing to parse due to pyasn1

Bug #1785157 reported by William on 2018-08-03

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	pyasn1 (Ubuntu)	New	Undecided	Unassigned

Bug Description

attempting a clean installation of freeipa-server on bionic using letsencrypt certs passed as arguments fails with an error similar to:

<TagSet object at 0x7fcdaff30090 tags 0:32:16> not in asn1Spec: <OctetString schema object at 0x7fcdaff30c50 tagSet <TagSet object at 0x7fcdbda4b7d0 tags 0:0:4> encoding iso-8859-1>
The ipa-server-certinstall command failed

I was able to bypass this by downgrading pyasn1 and pyasn1-modules:

rm -rf /usr/lib/python2.7/dist-packages/pyasn1
rm -rf /usr/lib/python2.7/dist-packages/pyasn1-0.4.2.egg-info/
rm -rf /usr/lib/python2.7/dist-packages/pyasn1_modules
rm -rf /usr/lib/python2.7/dist-packages/pyasn1_modules-0.2.1.egg-info
apt install python-pip
pip install pyasn1==0.2.3
pip install pyasn1-modules==0.0.9

After that, installation is able to proceed with letsencrypt certificates passed in.

Revision history for this message

Timo Aaltonen (tjaalton) wrote on 2018-08-03:

why would that be a freeipa bug? reassigning to pyasn1

affects:

freeipa (Ubuntu) → pyasn1 (Ubuntu)

Revision history for this message

Shawn Weeks (absolutesantaja) wrote on 2020-03-04:

FreeIPA fixed this issue in https://pagure.io/freeipa/issue/7685. Will this be back-ported to 18.04 because FreeIPA doesn't work without it.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntupyasn1 package

external (letsencrypt) certs failing to parse due to pyasn1

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
pyasn1 package